This worm may be downloaded unknowingly by a user when visiting malicious Web sites.
This worm drops copies of itself. It also drops component files which Trend Micro detects as MAL_OTORUN2.
This worm creates registry entries to enable its automatic execution at every system startup. It also uses Windows
Task Scheduler to create a scheduled task that it uses to executes a dropped copy.
This worm sends messages to target recipients using instant messaging applications. This worm drops copies of itself in all removable drives. It drops an
AUTORUN.INF file to automatically execute dropped copies when the drives are accessed.
This worm accesses Web sites to download files which Trend Micro detects as the following malware:
- WORM_YAHLOVER.BH
- TROJ_AGENT.ADZE
- BKDR_POISON.DS
This worm terminates a certain process, if found running in memory.
More...
