Description:
This worm may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites. It may also arrive via removable drives.
It creates folders. It creates registry entries to enable its automatic execution at every system startup. It modifies registry entries to enable its automatic execution at every system startup. It also creates the following registry to bypass the Windows Firewall
This worm drops copies of itself in all removable drives. It drops an AUTORUN.INF file to automatically execute dropped copies when the drives are accessed.It creates a folder in all removable drives then creates another folder in it. It then drops a copy of itself in another folder.
It drops files detected by Trend Micro as POSSIBLE_MOVLY-1. It then executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system.
For additional information about this threat, see:
Solution
Technical Details
Description created: Sep. 25, 2008 10:06:01 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
