Discussion in 'malware problems & news' started by Bowserman, Jun 20, 2003.

Thread Status:
Not open for further replies.
  1. Bowserman

    Bowserman Infrequent Poster

    Apr 15, 2003
    South Australia
    From Symantec: http://www.symantec.com/avcenter/

    "VBS.Pet_Tick.N is a Visual Basic Script (VBS) virus that infects HTML files. It creates the file, %Windir%\mylover.exe, and then modifies the registry so that this file executes upon start up. This file is detected as W95.Pet_Tick.gen.

    VBS.Pet_Tick.N appends itself to any HTML files in the \Windows, \My Documents, and \Internet Temporary Folder directories.

    With default security settings in Internet Explorer, acknowledge a security warning dialog box before the virus executes.

    Also Known As: VBS.Dilna-B, VBS.Dilan
    Type: Virus
    Infection Length: 14,866 bytes
    Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me
    Systems Not Affected: Macintosh, OS/2, UNIX, Linux

    When VBS.Pet_Tick.N is executed, it performs the following actions:

    Creates the file, %Windir%\Mylover.exe. This file is detected as W95.Pet_Tick.gen.

    Adds the value:


    to the registry key:


    so that VBS.Pet_Tick.N runs when you start Windows.

    Iterates through the %Windir%, %System%, Temporary, My Documents, and Desktop Folders, searching
    for the files with the .HTM and .HMTL extensions. The virus also appends itself to these files.

    Due to a bug in the code, the virus will re-infect the files that have already been infected."

    Regards, Jade :).
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.