June 13th, 2002, 08:12 AM
Frethem.f : not dangerous but....
...this virus can be a pain in the a** for some mailservers.
According to Trend Micro is this virus a medium threat.
According to McAfee Avert is this virus a low threat.
Source: Trend Micro
This non-destructive, memory-resident variant of WORM_FRETHEM.A propagates via Microsoft Outlook by sending email to all addresses listed in the infected user's Windows Address Book, and in .DBX files where Microsoft Outlook Express archives emails. It arrives as an attachment to an email message with the following:
Source: McAfee Avert
The worm exploits the Incorrect MIME Header Can Cause IE to Execute E-mail Attachment vulnerability in Microsoft Internet Explorer (ver 5.01 or 5.5 without SP2), to automatically execute the virus on vulnerable systems. The exe file copies itself to \Start Menu\Programs\Startup\setup.exe so that it runs each time Windows is loaded. The default SMTP Sevrer, SMTP Email Address, and SMTP Display Name are gathered from the Internet Account Manager: