Information from NAI and initial warning from Trend Micro..

Summary
Virus Name: W32/Myparty@MM
Risk Assessment: Medium

Virus Information
Discovery Date: 01/27/2002
Origin: Unknown
Length: 29,696 bytes
Type: Virus
SubType: E-mail
Minimum Dat: 4184
Minimum Engine: 4.0.70
DAT Release Date: 01/30/2002
Description Added: 01/27/2002
Description Updated: 01/27/2002 11:43 PM (PT)

Virus Characteristics
Due to the number of samples AVERT received Sunday night, an EXTRA.DAT has been posted. AVERT continues to monitor the prevalence of this threat. This mass-mailing worm arrives in an email message containing the following information:

Subject: new photos from my party!
Body: Hello!

My party... It was absolutely amazing!
I have attached my web page with new photos!
If you can please make color prints of my photos. Thanks!

Attachment: www.myparty.yahoo.com (29,696 byte PE file)

Running the attachment infects the local machine. The virus copies itself to c:\Recycled\regctrl.exe and executes that file. The users default SMTP server is retrieved from the registry. HKEY_CURRENT_USER\Software\Microsoft\Internet Account Manager\Accounts\00000001 The virus uses this SMTP server to send itself out to all addresses found in the Windows Address Book and addresses found within .DBX files.