Maniccum is a worm that spreads through AIM and MSN Messenger programs. Once executed, it opens a back door providing the attacker with unauthorized remote access to the compromised computer. The intruder can manage the file system, execute commands, launch Denial of Service (DoS) attacks and run a hidden web server. He can also initiate the worm's spreading routine, update or uninstall the parasite. Maniccum terminates some running antiviruses, firewalls, system tools and other security-related software. It can also disable the Windows Firewall and prevent popular antivirus programs from loading on system startup.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunmxb2HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServicesmxb2HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewallDomainProfileEnableFirewall=0HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileEnableFirewall=0