Description:
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Malware Overview
This worm propagates via instant messaging applications. It sends an instant message to all contacts of an affected user. The said message contains a link that when accessed, downloads and executes a copy of this worm.
It creates related registry entries to disable Registry Editor and Task Manager. By disabling both applications, this worm avoids easy detection and removal. It also modifies the settings of Yahoo! Messenger.
It changes the Internet Explorer (IE) title bar by modifying related registry entry. It also prevents manual modification of the IE home page by creating a related registry entry.
This worm also downloads a copy of itself from certain URLs. As a result, its copy is always present on the affected system.
For additional information about this threat, see:
Solution
Technical Details
Statistics
Description created: Nov. 1, 2006 4:43:33 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
