Worm_yahlover.az - Malware Advisories (RSS)

iBot · #1 07-17-2008

This worm may be downloaded unknowingly by a user when visiting malicious Web sites.

This worm drops copies of itself. It also drops component files which Trend Micro detects as MAL_OTORUN2.

This worm creates registry entries to enable its automatic execution at every system startup. It also uses Windows Task Scheduler to create a scheduled task that it uses to executes a dropped copy.

This worm sends messages to target recipients using instant messaging applications. This worm drops copies of itself in all removable drives. It drops an AUTORUN.INF file to automatically execute dropped copies when the drives are accessed.

This worm accesses Web sites to download files which Trend Micro detects as the following malware:

WORM_YAHLOVER.BH
TROJ_AGENT.ADZE
BKDR_POISON.DS

This worm terminates a certain process, if found running in memory.

More...

More UNIX and Linux Forum Topics You Might Find Helpful
Thread	Thread Starter	Forum	Replies	Last Post
Worm_yahlover.al	iBot	Malware Advisories (RSS)	0	01-14-2008 03:30 AM

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode