high
Summary
Summary
Action- More Information
| How it spreads |
|
|---|---|
| Affected operating systems | Windows |
| Included in our products from | April 2005 (3.92) |
| Protection available since | 10 January 2005 22:16:50 (GMT) |
| Last updated | 28 February 2005 18:55:49 (GMT) |
| Detected by | All Sophos products |
Action
- Summary
- Action
- More Information
Please follow the instructions for removing worms.
More Information
W32/Geven-B is a Visual Basic script worm.
W32/Geven-B attempts to copy itself to the Desktop with the following filename:
Tsunami - A must read - God's total avenge.txt.vbs
W32/Geven-B attempts to copy itself to the Desktop's parent folder with the following filename:
PleaseReady1st.txt.vbs
W32/Geven-B attempts to copy itself to the root folder of all available drives with both filenames. W32/Geven-B also attempts to create the file autorun.inf on all available drives so as automatically to run the copied file PleaseRead1st.txt.vbs.
W32/Geven-B attempts to use the utility WinZip if it finds it on the infected computer to add itself to all files it finds with ZIP extensions.
W32/Geven-B drops a file to the Desktop's parent folder called tsunami.txt and then tries to open it. The file has the following content:
It is God's total avenge!
To those people who did bad on earth...
God has promised, that He will give lesson,
and this is a promise that the End of Day
is just not too far ahead!
Pray, do good and may God bless you!
Tell and share this message with everyone who has faith in God.
|
