I was sent the virus and opened it through yahoo mail, so I dont think I sent it on to anyone else, but it was downloaded to my desktop, and I am unable to delete it, when I try it will appear to be deleted, but then pop back up, mocking me. i would appreciate any help anyone could offer as to removing this file from my desktop, also I ran a antivirus program(an updated one) and it didnt find anything, how can I tell if there are any left over files........thanks
got kournikova'd need help
- Thread starter smmorrison
- Start date
*cough* pervert *cough* 
Sorry, couldn't help it.... I dont know a answer to your question... but I hope somebody else does
Sorry, couldn't help it.... I dont know a answer to your question... but I hope somebody else does
- Mar 4, 2000
- 27,370
- 240
- 106
Virus Characteristics:
First discovered in August of 2000.
This script was created by a worm generating tool. As such, the particulars of its actions may vary. The most common variant functions as follows.
When run, the encrypted script copies itself to the WINDOWS directory as "AnnaKournikova.jpg.vbs". It attempts to mail a separate email message, using MAPI messaging, to all recipients in the Windows Address Book using the following information:
Subject: Here you have, ;o)
Body:
Hi:
Check This!
Attachment: AnnaKournikova.jpg.vbs
It also creates a registry key and key values. The script refers to these values to check if the mailing routine has already taken place:
HKEY_USERS\.DEFAULT\Software\OnTheFly
HKEY_USERS\.DEFAULT\Software\OnTheFly\mailed=(1 for yes)
On January 26th, the script attempts to connect to the web site http://www.dynabyte.nl
Both Network Associates and McAfee.com refer to the virus commonly known as the "Anna Kournikova Virus" and/or the "Anna Virus" in order to identify a specific public virus threat.
Indications Of Infection:
- Presence of the file "c:\WINDOWS\AnnaKournikova.jpg.vbs"
- Presence of the registry key: HKEY_USERS\.DEFAULT\Software\OnTheFly
- Users complaining that you've sent them a virus.
Method Of Infection:
This script arrives as an email attachment which. Opening this attachment infects your machine. Once infected, the script attempts to mail itself to all recipients found in the Windows Address Book.
Removal Instructions:
Use your AV engine and DAT files for detection and removal. Delete any file which contains this detection.
Aliases
Anna Kournikova, AnnaKournikova, VBS.VBSWG.J (CA), VBS/Anna, VBS/OnTheFly, VBS/SST, VBS/SST-A (Sophos), VBS/SST.A (Panda), VBS/VBSWG.J (F-Prot), VBS_Kalamar.a
First discovered in August of 2000.
This script was created by a worm generating tool. As such, the particulars of its actions may vary. The most common variant functions as follows.
When run, the encrypted script copies itself to the WINDOWS directory as "AnnaKournikova.jpg.vbs". It attempts to mail a separate email message, using MAPI messaging, to all recipients in the Windows Address Book using the following information:
Subject: Here you have, ;o)
Body:
Hi:
Check This!
Attachment: AnnaKournikova.jpg.vbs
It also creates a registry key and key values. The script refers to these values to check if the mailing routine has already taken place:
HKEY_USERS\.DEFAULT\Software\OnTheFly
HKEY_USERS\.DEFAULT\Software\OnTheFly\mailed=(1 for yes)
On January 26th, the script attempts to connect to the web site http://www.dynabyte.nl
Both Network Associates and McAfee.com refer to the virus commonly known as the "Anna Kournikova Virus" and/or the "Anna Virus" in order to identify a specific public virus threat.
Indications Of Infection:
- Presence of the file "c:\WINDOWS\AnnaKournikova.jpg.vbs"
- Presence of the registry key: HKEY_USERS\.DEFAULT\Software\OnTheFly
- Users complaining that you've sent them a virus.
Method Of Infection:
This script arrives as an email attachment which. Opening this attachment infects your machine. Once infected, the script attempts to mail itself to all recipients found in the Windows Address Book.
Removal Instructions:
Use your AV engine and DAT files for detection and removal. Delete any file which contains this detection.
Aliases
Anna Kournikova, AnnaKournikova, VBS.VBSWG.J (CA), VBS/Anna, VBS/OnTheFly, VBS/SST, VBS/SST-A (Sophos), VBS/SST.A (Panda), VBS/VBSWG.J (F-Prot), VBS_Kalamar.a
Delete these registry keys (start > run > Type regedit
HKEY_USERS\.DEFAULT\Software\OnTheFly
HKEY_USERS\.DEFAULT\Software\OnTheFly\mailed
Also delete AnnaKournikova.jpg.vbs from your windows folder
Run an virus scan on your whole system, A good free Antivirus scanner is InoculateIT Click Here
HKEY_USERS\.DEFAULT\Software\OnTheFly
HKEY_USERS\.DEFAULT\Software\OnTheFly\mailed
Also delete AnnaKournikova.jpg.vbs from your windows folder
Run an virus scan on your whole system, A good free Antivirus scanner is InoculateIT Click Here
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 22K
-
News NVIDIA and Intel to Develop AI Infrastructure and Personal Computing Products- Started by poke01
- Replies: 384
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
Facebook
Twitter