1. Symantec/
  2. Security Response/
  3. VBS.Sorry.B


Risk Level 1: Very Low

December 1, 2000
February 13, 2007 11:49:17 AM
Also Known As:
Mcon, TTFLoader, VBS.Fonts.B

VBS.Sorry.B is a variant of VBS.Sorry.A. It is a Visual Basic Script worm that copies itself to several folders on a computer hard drive and on network drives. The worm also drops an mIRC configuration file that searches for computers infected with the SubSeven Trojan. It then copies itself and executes on computers that it finds are infected with the SubSeven Trojan.

This worm was previously named VBS.Fonts.B.

Configure Windows for maximum protection
Because this virus spreads by using shared folders on networked computers, to ensure that the virus does not reinfect the computer after it has been removed, Symantec suggests sharing with read-only access or using password protection. For instructions on how to do this, see your Windows documentation or the document How to configure shared Windows folders for maximum network protection.

Antivirus Protection Dates

  • Initial Rapid Release version December 8, 2000
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version December 8, 2000
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date pending
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Brian Ewell

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube