VBS/SSIWG is a family of mass mailing worms generated with a virus construction kit.
Based on the settings of your F-Secure security product, it will either move the file to the quarantine where it cannot spread or cause harm, or remove it.
Find the latest advice in our Community Knowledge Base.
See the manual for your F-Secure product on the Help Center.
Submit a file or URL for further analysis.
Variant:SSIWG.A@mm
When VBS/SSIWG.A@mm is executed, it copies itself to the Windows System directory as "Y072QWV.VBS". This file is also set to be executed in each system startup via following registry key:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Next the worm copies itself to the root of each network drive, and sends itself to all recipients in all address books using Outlook. Messages that VBS/SSIWG.A sends have the following characterstics:
Subject: I'am missing U Body: Could u remember me ? Attachment: Y072QWV.VBS
Note: The name of the attachment can be other that "Y072QWV.VBS".The worm uses a counter in the registry, so the mass mailing will happen only every 20th run.
Date Created: -
Date Last Modified: -