Threat Database Worms IM-Worm.Win32.Yahos.hh


By SpideyMan in Worms

IM-Worm.Win32.Yahos.hh is a network-aware worm that tries to copy itself across the existing network(s). IM-Worm.Win32.Yahos.hh could request other files from Internet through some URLs. IM-Worm.Win32.Yahos.hh create its startup registry entry in the system to guarantee it will initiate when the computer system is launched. What's worse, ports were open in the infected system by IM-Worm.Win32.Yahos.hh. The ports were registered with an effort to establish connection with the remote hosts. IM-Worm.Win32.Yahos.hh is a serious threat for the computer system, at the time when it is identified, so the removal should be accomplished.

File System Details

IM-Worm.Win32.Yahos.hh creates the following file(s):
# File Name Detections
1. %Windir%\nvsvc32.exe N/A
2. %Windir%\wibrf.jpg N/A
3. %Windir%\wiybr.png N/A
4. %Windir%\ndl.dl N/A

Registry Details

IM-Worm.Win32.Yahos.hh creates the following registry entry or registry entries:
NVIDIA driver monitor = "%Windir%\nvsvc32.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run]


Most Viewed