VIRUS NAME: W32/Shrew@MM
|VIRUS NAME: W32/Shrew@MM
Internet Worm Characteristics
This mass-mailing worm is also a utility (dubbed 'Active Mouse' by its author), designed to simulate activity on the host machine. However, once running, it also mails itself to recipients listed in the Outlook Address Book.
The email messages contain the following information:
Subject: Try this, pretty cool
Attachments: ActiveM.exe (and list.txt if this list exists)
The worm is hardcoded with the filename 'ACTIVEM.EXE' and so if it is renamed and executed, the only file attached to the email messages is LIST.TXT (if this exists). The renamed copy of the worm was not attached during testing.
Any additions made to LIST.TXT by successive victims will get propagated with this worm, so the length of this text file is unpredictable.
Existence of the 'Active Mouse' application on the machine, the application consisting of a single Visual Basic 6 binary 61,440 bytes in length
Method Of Infection
The worm spreads via email as an attachment, which must be executed in order to further propagate from the victim machine.
If you are fed up with any virus and not getting solution of it. mail us on firstname.lastname@example.org and please provide all the detail about virus.