VBS.Pleh.A@mm

Risk Level 2: Low

Printer Friendly Page

Discovered: March 27, 2001

Updated: February 13, 2007 11:54:07 AM

Also Known As: I-Worm.Pleh [Kaspersky], VBS_PLEH.A [Trend], VBS/Pleh [Sophos], VBS.Pleh [Computer Associates]

Type: Worm

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP

VBS.Pleh.A@mm sends itself to email addresses in the Microsoft Outlook address book. It overwrites files on local and remote drives, including files with the extensions .mp3, .pwd, .exe, .mp2, .doc, .avi, .mpeg, or .htm. The contents of these files are replaced with the source code of the worm, destroying the original contents.

Protection

Initial Rapid Release version March 27, 2001
Latest Rapid Release version March 3, 2008 revision 035
Initial Daily Certified version March 27, 2001
Latest Daily Certified version June 17, 2008 revision 017
Initial Weekly Certified release date March 27, 2001

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

Wild Level: Low
Number of Infections: 0 - 49
Number of Sites: 0 - 2
Geographical Distribution: Low
Threat Containment: Easy
Removal: Difficult

Damage

Damage Level: High

Distribution

Distribution Level: High

Writeup By: Douglas Knowles

Technical Details

Search Threats

Search by name

_{Example: W32.Beagle.AG@mm}

Learn more about Zero-Day / Operation Aurora / Hydraq