Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||San.B-m, VBS/San.B-m, San Valentín, Happy San Valentín|
It modifies names of directories, deletes files in the root directory of the hard disk, sends messages to mobile phones chosen at random and changes the Internet Explorer homepage. It spreads via e-mail.
|Detection updated on:||Dec. 26, 2003|
San.B is a worm that changes the browser Internet Explorer homepage.
San.B modifies the name of directories by adding the text string happysanvalentin at the end. It also deletes files in the root directory of the hard disk and sends messages to mobile phones chosen at random.
In addition, San.B spreads via e-mail, hidden in the HTML code of the AutoSignature of messages sent from the affected computer.
It is very easy to become affected by San.B, as it is automatically activated when the message is viewed through Outlook Preview Pane. It does this by exploiting a vulnerability in Internet Explorer (versions 5.01 and 5.5), which allows files attached to e-mail messages to be automatically run.
San.B is easy to recognize, as it displays the following MS-DOS window on screen once it has been executed: