When executed, the virus uses Microsoft Outlook to send email to the authors of the virus. The email contains the IP address of the infected computer. The virus also emails a humorous message to a known antivirus researcher.
The virus attempts to append itself to all .vbs files in the current path, \Windows\Desktop, \StartUp, \MyDocuments, and all root folders. The virus creates a copy of itself in the \Windows folder as Avm.vbs and it adds the value
1.Click Start, and click Run. The Run dialog box appears.
2.Type regedit and then click OK. The Registry Editor opens.
3.Navigate to the following subkey:
这是……
VBS.Avm is a VBScript virus that attempts to copy itself to .vbs files on the infected computer. The virus also uses Microsoft Outlook to send email to an anonymous email address and to an antivirus researcher.