Home Education E-BooksTravel Troubleshooting Linux Contact Us About Us
Troubleshooting Tips And Steps
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Step 8
Windows & Hardware Tips
Software Troubleshooting
Information About DOS
Different DOS Commands
Windows Troubleshooting
Hardware Troubleshooting
Information On Viruses
Virus Database
Trojan Removal Techniques
Virus Tools And Softwares
Miscellaneous
Download Free Ebooks
Game Development Company
Submit Your Query

virus file

VIRUS NAME : VBS/VBSWG.aq@MM

VIRUS NAME : VBS/VBSWG.aq@MM

Virus Characteristics

AVERT has yet to receive a field sample of this threat.

This threat is currently detected as New Script with script heuristics enabled. This threat will be detected as VBS/VBSWG.gen@MM with the 4205 dats. This worm arrives in an email message containing the following information:

Subject: Shakira's Pictures
Body: Hi :
i have sent the photos via attachment
have funn...

Attachment: ShakiraPics.jpg.vbs

When the attachment is run, the script mails itself to all addresses found in the Outlook Address Book and the file c:\mirc\script.ini is overwritten with instructions to send itself to IRC users who join the same channel as the infected user. A message box is displayed.

The script copies itself to the WINDOWS directory and attempts to overwrite .VBS and .VBE files. After the virus runs, it creates the following registry key values:

HKEY_CURRENT_USER\Software\ShakiraPics\mailed=1
HKEY_CURRENT_USER\Software\ShakiraPics\Mirqued=1
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ Run\Registry=wscript.exe C:\WINDOWS\ShakiraPics.jpg.vbs %

Symptoms

Presense of the registry keys mentioned above

Method Of Infection

This VBScript worm mass-mails itself to all users in the Microsoft Outlook Address book. It also modifies the mIRC script.ini file to spread via IRC and may also overwrite .VBS and .VBE files.

If you are fed up with any virus and not getting solution of it. mail us on amgroup@skillsheaven.com and please provide all the detail about virus.