TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
VBS_RESULOWS.A
Overview
Solution

Malware type: VBScript

Aliases: Worm.VBS.Solow.b (Kaspersky), VBS/IE-Title (McAfee), Trojan Horse (Symantec), VBS/IETitle.B (Avira), VBS/Solow-A (Sophos),

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 Low

Distribution potential:

 Medium

Infection Channel 1 : Propagates via removable drives

Description: 

This Visual Basic (VB) Script may be dropped onto a system by another malware, or may be downloaded from the Internet by an unsuspecting user when visiting a malicious Web site.

Upon execution, it drops a copy of itself using the file name MS32DLL.DLL.VBS in the Windows folder. It then creates a certain registry entry so that it automatically executes at every system startup.

It attempts to drop copies of itself as MS32DLL.DLL.VBS in all available removal drives every 200 seconds. Furthermore, it attempts to create and execute the file AUTORUN.INF in the same drives.

For additional information about this threat, see:
Solution
Technical Details

Description created: Nov. 25, 2006 9:51:27 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.