-
Discovered:
- March 8, 2001
-
Updated:
- February 13, 2007 11:57:13 AM
-
Type:
- Trojan Horse, Worm, Virus
This virus is a polymorphic Visual Basic Script (VBS), which is stored in HTML files or as a separate VBS file. It is both an email worm and a Trojan horse. When executed, the worm emails itself to everyone in your Microsoft Outlook address book. It infects files in the \Windows, \Windows\System, and \Temp folders that have .html, .htm, .shtml, or .asp extensions
It also replicates itself to \Temp folders of mapped network drives. The virus changes Internet Explorer security settings, and changes the default start page to the infected HTML page. It opens WordPad and enters text on the opened document. The script is also designed to block the keyboard and the mouse.
Antivirus Protection Dates
-
Initial Rapid Release version March 9, 2001
-
Latest Rapid Release version September 28, 2010 revision 054
-
Initial Daily Certified version March 9, 2001
-
Latest Daily Certified version September 28, 2010 revision 036
-
Initial Weekly Certified release date pending
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 0 - 2
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Easy
Writeup By: Serghei Sevcenco
