Aliases
Win32.Vesser.A, W32.HLLW.Deadhat, Vesser, W32/Vesser.worm.a
Type
Win32 worm
Description
W32/Deadhat-A is a worm that spreads via the Soulseek file sharing network and computers infected with W32/MyDoom-A worm.
If the worm detects that it is being debugged it does not spread but attempts to delete the following files:
C:\boot.ini
C:\autoexec.bat
C:\config.sys
C:\Windows\win.ini
C:\Windows\system.ini
C:\Windows\wininit.ini
C:\Winnt\win.ini
C:\Winnt\system.ini
C:\Winnt\wininit.ini.
In order to run automatically when Windows starts up the worm copies
itself to the file sms.exe in the Windows system folder and adds the registry entry
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\KernelFaultChk
pointing to the worm binary.
MORE: http://www.sophos.com/virusinfo/analyses/w32deadhata.html

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic