This worm may be downloaded from remote sites by other malware. It may be dropped by other malware. It may be downloaded from certain remote sites. It may be installed manually by a user.
It creates folders.It drops files/components.
It creates registry entries to enable its automatic execution at every system startup. It modifies registry entries to hide files with both System and Read-only attributes. It creates registry key(s)/entry(ies) as part of its installation routine.
It drops copies of itself in all physical drives and in all removable drives. It drops an
AUTORUN.INF file to automatically execute dropped copies when the drives are accessed.
It accesses Web sites to download file(s). As a result, malicious routines of the downloaded files are exhibited on the affected system.
More...