Proland Software  Download Antivirus software now!

Home
Antivirus products
Download Antivirus Software
Order On-line
Support
Email
Protector Plus Antivirus Software for
Antivirus Software for Windows XP and 2000
Antivirus Software for Windows Vista
Antivirus Software for Windows Me and 98
Antivirus Software for Exchange
Antivirus Software for NetWare
Protector Plus Console
Buy Antivirus software now!


SpamChoke Antispam
Software

Subscribe to Virus Alert
Mailing List

Enter your Email
 (Ex : john@company.com)






Download Anti virus software

VBS.Plan

Blueball Information about the VBS.Plan:

VBS.Plan is a rapidly spreading email worm, similar to the Lovetter. This worm spreads through MS-Outlook. The infected mail would have a randomly generated subject, body and attachment as shown below:

Subject: US PRESIDENT AND FBI SECRETS =PLEASE VISIT => (http://WWW.2600.COM)<=.

Body:    VERY JOKE..! SEE PRESIDENT AND FBI TOP SECRET PICTURES.. .

Attachments : *.gif.vbs
                     *.bmp.vbs
                     *.jpg.vbs

The attachments can have any alphabet picked from the character set A, E, I, O, U as the file name. Opening any of the above attachment launches the worm copying itself in the following folders

WINDOWS\reload.vbs
WINDOWS\SYSTEM\<a random file name is given>
WINDOWS\SYSTEM\LINUX32.vbs

Registry modifications are done at the following locations :

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\

This worm checks for the existence of WINFAT32.EXE file, if found it changes the settings of the Internet Explorer to download the following files

macromedia32.zip
linux321.zip or linux322.zip.

This worm would automatically connect to the internet to send MAPI emails to the recipients found in the address book. The mail contains a randomly picked subject, body and an infected attachment. The worm
overwrites the files found with the following extentions and adds .VBS to them

.Vbs
.Vbe
.js
.jse
.css
.wsh
.sct
.hta
.jpg
.jpeg
MP2
MP3

Mp2 and Mp3 file attributes are modifyed to hidden by this worm.

The worm displays the following message on September 17 :

Dedicated to my best brother=>Christiam Julian(C.J.G.S.) Att. (M.H.M. TEAM)

Later this worm disconnects all the mapped network drives in the network.

VBS.Plan first appeared in June 2000.

Blueball Other names of  VBS.Plan:

This virus is also known as Plan

Blueball Removing VBS.Plan from your computer:

You can remove this worm from your computer by using Protector Plus antivirus software.

Download Now

Download the FREE Evaluation copy of Protector Plus antivirus software


Blueball About Protector Plus Antivirus Software Packages:

Proland Software is the developer of Protector Plus range of antivirus software packages. Protector Plus is available for Windows Vista, Windows 95/98/Me, Windows XP, Windows NT/2000/2003 servers and workstations, MS-Exchange 2000/2003, MS-DOS and NetWare servers.

SpamChoke Antispam Software

New:
SpamChoke Antispam Software
Download Now!

Protector Plus range of antivirus products offer on-line virus detection and removal. All the packages have the ability to detect and isolate all types of viruses, trojans, worms and other types of malware. Protector Plus antivirus software can detect and remove VBS.Plan reliably.

These products are updated on a continuous basis and the latest upgrades for all the platforms are made available for downloading from this site.

Click here to order
Protector Plus Antivirus software 

 Download Anti virus software now!


You can download the 30 day evaluation copy of the
antivirus software free of cost for these platforms:
Antivirus Software for Windows XP and 2000 Antivirus Software for Windows Me and 98 Antivirus Software for Exchange Antivirus Software for NetWare


HomeAntivirus productsDownload Antivirus SoftwareOrder On-lineEmail

Copyright © 2007 Proland Sofrware. All rights reserved.


Download Anti virus software