|Mass mailing worm W32.Kobot.
It spreads through open network shares, telnet, dameware, realserv, VNC, and niprint. This worm also uses three remotely exploitable Windows vulnerabilities to propagate.
Adds the value:
"desktop" = "%System%\desktop.exe"
to Windows startup registry keys.
Disables proxy settings and change some security parameters to enforce system protection.