W32/Agent.AMP, 2008 W32/Agent.ARFE, 2008 W32/Antinny.worm.q, Worm/Generic.MR
Category: Computer Worm
Active & Spreading
Asia, North and South America, and some parts of Europe and Australia
06 Jul 2006
The W32/Yawmo program is a worm that spreads via Share file-sharing networks and Winny and can transmit sensitive information through these programs. The worm affects windows operating system such as Windows 2000, Windows 98, Windows 95, Windows Me, Windows Server 2003, Windows NT, and Windows XP.
W32.Yawmo Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean W32.Yawmo from your computer.
More details about W32.Yawmo
W32/Yawmo is a worm that spreads via Share file-sharing networks and Winny and can transmit sensitive information through these programs. When W32/Yawmo is executed on your system, it drops a copy of W32.HLLW.Antinny and [email protected]
which is used to download a copy of W32.Yawmo. it as well drops explorer.exe file (copy of Backdoor.Nodelm), in either C:\Recycled or C:\Recycler. After this process, it adds values to the registry sub key so that the dropped file will run when Windows starts. It will the search the “Winny” and “Share upload” folders and downloads a file to these uploaded folders.
The W32.Yawmo application can receive instructions from a remote server. It can be made to manipulate the files in the system without the user’s consent. Computer activities can also be recorded. Keystrokes and mouse clicks can also be monitored and compiled. These may be sent to a remote user. This can cause the user’s confidential information to be compromised.
The infected computer can be used to launch targeted attacks against remote servers. This can involve sending large amounts of repeated and malformed data. This can cause the target computer to crash in a Denial of Service (DoS) attack.