1. Symantec/
  2. Security Response/
  3. VBS.Valentin@mm


Risk Level 2: Low

February 13, 2001
February 13, 2007 11:49:37 AM
Also Known As:
VBS.San [Computer Associates], VBS/Valentin@MM [McAfee], VBS/San-A [Sophos], VBS_VALENTIN.A [Trend Micro]
Systems Affected:

VBS.Valentin@mm uses the built-in Encoding function of Visual Basic files. When executed, this virus sends itself to all recipients in the Microsoft Outlook address book. It also spreads using mIRC and by copying itself to shared network drives. The payload overwrites files and adds the .txt extension to them. The payload is executed if the day of the month is the 8th, 14th, 23rd, or the 29th.

Currently Symantec has not received any submissions of this worm.

Antivirus Protection Dates

  • Initial Rapid Release version February 13, 2001
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version February 13, 2001
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date February 13, 2001
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Douglas Knowles

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube