Return To Home Page Search Fire Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info Prognet Privacy Statement

Click here to view product details, fire framework, screen shots, Y2K statement, etc.Download fire evaluation copy, updates, upgrades, user manual, free utils and lot more.Customers can enjoy technical support, security tips, FAQ, free virus alert mail, etc. Online ordering, renewal form and upgrade details.Resellers, dealers and distributors can enter here.Click here to view latest virus alerts, virus information center, virus calendar, etc.Latest news and other press releases.About Prognet Technologies Pvt. Ltd, technical team, clients, events and lot more.

 

VBS/NEWLOVE WITH DEADLY PAYLOAD

                     VBS/NewLove is a modified variant of VBS/Love Letter worm uses Microsoft outlook to spread. It contains a very dangerous payload and it will overwrite all files (including windows system files) with virus code in a fly. The damaged files cannot be recovered.

                     The email message subject will be Fw:< File Name.EXT> ( Example: Abc.TXT ) and the attachment will be < File Name.EXT.VBS > ( Example: Abc.TXT.VBS ). The VBS extension will not appear if Windows Scripting Host is installed. When opening the e-mail attachment, the worm opens Microsoft Outlook Address book and sends email to all the email ids stored. The attached file name is taken from the recently opened list.

                     Then the worm searches for all local, remote drives and overwrites all files with the script and adds the extension .VBS. For example "notepad.exe" will be overwritten as "notepad.exe.vbs". The worm also adds comments in virus code to defy anti-virus scanners. The noticeable property of the worm is that the attachment name and size will vary from machine to machine.

How can I protect my system?

                     Fire has incorporated VBS/NEWLOVE worm into its virus signature file, with the aim of helping users affected by this Worm attack to detect and eliminate it from their systems. Fire anti-virus users can update this signature file from our web site.

                     To protect your system against infection, disable Windows Scripting Host by following these steps: Click the Start button, Settings, Control Panel, then select Add/Remove Programs, then select the Windows Setup tab, then double-click Accessories, scroll down to Windows Scripting Host, and uncheck the box. Save changes and close the window.

VBS/LoveLetter scanner is able to detect VBS/NewLove worm. You can download this free utility at Download Center.

Go to top of the page
.