This is email worm spreading by affecting MS Outlook. The worm itself is
When the worm file is run (double click on attached EXE file) it displays “miss World” pictures, for example:
and then runs spreading and two trojan routines.
To spread the worm uses a standard way. It connects to MS Outlook, gets up
The attached file has the name of original EXE file that was activated. The
Next the worm appends to the end of C:AUTOEXEC.BAT file DOS batch commands
and then format all local fixed drives.
The worm then tries to delete the system registry files and their backups:
Because .DAT these files are usually locked by system, the worm fails to
The worm then exits.