x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

Gigger

 
Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:Gigger
Technical name:JS/Gigger.A@mm
Threat level:Low
Alias:
Type:Virus
Effects:   It carries out damaging actions on the affected computer. It does not spread automatically using its own means.
Affected platforms:

MS-DOS

Detection updated on:Jan. 16, 2002
StatisticsNo

Brief Description 

    

JS/Gigger.A@mm is a worm written in JavaScript that propagates by e-mail and IRC. The most destructive action that this worm carries out consists of attempting to format the C: drive. In additon, it modifies files with INI and HTML extensions.

 

 

Visible Symptoms 

    
 

The first symptom of the presence of this worm on the computer -please note that this does not necessarily mean infection has occurred- is an e-mail message whose characteristics may vary depending on the following:

This worm has been designed to spread by e-mail mainly. In order to spread to other computers it can use Microsoft Outlook, Outlook Express or MAPI.

 

In the case of Microsoft Outlook, the characteristics of the message will be the following: 


Subject:     Outlook Express Update
Message Body:   MSNSoftware Co.
Attachment:   MMSN_OFFLINE.HTM


In the case of Microsoft Outlook Express, the worm modifies the properties of the message in such a way that all the outbound messages will have HTML format from that point.  In this way, the virus code will be embedded in the HTML body. To carry out this action the virus modifies the following entry in the Windows registry:

 

   HKEY_CURRENT_USER\Identities\ID\Software\Microsoft\Outlook Express\5.0\Mail

 

When it comes to propagation through MAPI, it will not be necessary for affected computers to have an e-mail client installed. In this case, two types of messages will be sent. The first of them is similar to the one sent through Microsoft Outlook, but on this occasion the recipients will be obtained from the Windows Address Book.

 

The recipients of the second type of message that can be sent will be obtained from Microsoft Outlook's Address Book. In this case the message will have the following characteristics:


Subject:     recipient's address
Message Body:   Microsoft Outlokk 98
Attachment:   MMSN_OFFLINE.HTM