|
Description:
This destructive, memory-resident worm, a member of the OPASERV family of worms, propagates via shared network drives. Its destructive payloads are executed when the system date is between December 24 to 31 or when the year is greater than 2002.
This worm deletes files, overwrites the boot sector and destroys the CMOS, a critical system element which holds hardware configuration and initialization settings. These payloads leave infected systems practically unusable.
It also modifies the registry and the configuration file, WIN.INI, so that it automatically executes every Windows startup. It utilizes a known exploit that enables malicious users to access shared drives, as discussed in a security bulletin from Microsoft.
For additional information about this threat, see:
Solution
Technical Details
Description created: Apr. 30, 2003 7:27:29 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
