Fortunately, a bug in the malicious code prevents it from working as intended.
A worm posing as an old-fashioned photograph of a girl holding a flower is making the rounds on the Internet. MyLife (w32.mylife@mm) is a 30,720-byte worm written in Visual Basic and compressed using UPX. If executed, the worm will attempt to mail copies of itself to everyone in the user's address book and will attempt to delete critical Windows files. Fortunately, a bug in the current worm code prevents MyLife from deleting any files. Users of Macintosh and Linux machines are not affected. Because MyLife spreads via e-mail and currently does not damage system files, this worm rates a 4 on the ZDNet Virus Meter.
How it works
MyLife arrives as e-mail with a subject line that reads "my life ohhhhhhhhhhhhh." The body of the e-mail message contains the following text:
How are youuuuuuuu? look to the digital picture it's my love vvvery verrrry ffffunny :-) my life = my car my car = my house
The attached file is My Life.scr.
If the user opens the attached file, the worm will display a picture of a young girl sniffing a flower. The active worm will appear as the item My Life in the Windows Task Bar. MyLife copies itself to the Windows System directory and adds itself to the following Registry key:
HKCUSoftwareMicrosoftWindowsCurrentVersionRunstrmgr = C:windowssystemMy Life.scr.
The worm will attempt to delete SYS and COM files from the root directory; COM, SYS, INI, and EXE files from Windows directory; and SYS, VXD, EXE, and DLL files from the Windows System directory. Several antivirus vendors have reported that this worm did not delete any files on their test systems.
News source: ZDNet News
View: The Full Story
View: Virus Info - w32.mylife@mm