It carries out plenty of modifications in the Windows Registry, which prevent the computer from working properly. It disables several functions of the Start menu, such as Search, and applications such as the Task Manager. It can modify Windows protected files, which could cause problems with the operating system. It spreads via the shared and mapped drives.

Windows 2003/XP/2000/NT/ME/98/95

Ganensar.A is a worm that carries out plenty of modifications in the Windows Registry, which prevent the user from working with the computer as usual.

These modifications prevents the user from carrying out the following actions, among others:

• Doing searches in a fast and straight way, as it disables the option Search from the Start menu.
• Viewing the processes that are being run through the Task Manager.
• Modifying the configuration of the features of the folders.
• Turning off the computer and logging off, as it disables both options of the Start menu.
• Displaying the context menu, that is, the one that appears when right clicking the mouse.

On the other, it disables Windows File Protection (WFP) and the checking of these files when Windows is started. This implies that the Windows protected files can be modified, which could cause problems with the operating system and the installed programs.

Ganensar.A spreads via shared and mapped drives.

Ganensar.A is easy to recognize, as it displays the following symptoms:

• It reaches the computer in a file with the name MIYABI-NEW EPISODE(NO SENSOR).EXE and the icon of Windows Media Player:
  
  
• Whenever the Enter button is pressed, the following message is displayed: