WORM_AUTORUN.BSG
Sunday, May 4th, 2008WORM_AUTORUN.BSG is a new malware infection being spread around online from computer to computer. We rate this critical due to its high amount of reported infections and increased damage and distribution potential.
Profile
Malware type: Worm
Encrypted: No
Platforms: Windows 98, Windows ME, Windows NT, Windows 2000, Windows XP, and Windows Server 2003
Installation
The worm infects the following locations:
* %System Root%\MSDOS.BAT
* %Windows%\Tasks\0×01xx8p.exe
and places a registry key:
* HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\zzz
* ImagePath = “\??\%systemroot%\zzz.sys”
How it works
The worm will connect out to a site http://(removed).cn and downloads certain files. These files are then executed locally and your PC is infected.
Threat Level: 
