WORM_WALLON.A

“…This mass-mailing worm exploits the MHTML vulnerability found on Outlook Express to download files without the userís knowledge. This worm sends out an HTML-based email message containing a hyperlink. This link redirects the user to a Web site that downloads some of this worm’s components into the system. It gathers its recipients from the local machine’s Windows Address Book (WAB), then uses the currently logged on user’s email account details for its spammed email….This worm may attempt to download an adware program, open multiple Internet connections to an adult Web site, and attempt to contact a specific email address. It displays the following message box upon initial execution:…It runs on Windows 95, 98, NT, ME, 2000, and XP.”