Hotmatom is an Internet worm that spreads by e-mail through messages containing malicious links. Clicking on such link secretly downloads the worm and installs it to the system. Then the parasite runs its payload. It deletes all the files (except for hidden and read-only) from the root of the main hard disk and floppy drive and creates infected executables using the deleted file names. It also disables the Task Manager. Hotmatom spreads through the MSN Hotmail mail service. It monitors the web browser's windows and adds a certain text containing malicious links to the end of every letter that the user is sending. The parasite also attempts to spread in the local network by sending malicious messages to all computers in it.
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunatomixHKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystemDisableTaskMgr=1HKEY_CURRENT_USERSoftwareVB and VBA Program Settingsworm