YAHA family extended to....................

Discussion in 'NOD32 version 2 Forum' started by martindijk, Jun 26, 2003.

Thread Status:
Not open for further replies.
  1. martindijk

    martindijk Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    537
    Location:
    Gorredijk - the Netherlands
    Hi all,

    In my virusalert newletter today i received notification that the YAHA family has exended with W32.Yaha.T@mm.

    W32.Yaha.T@mm:

    Is a worm that is a variant of W32.Yaha.J@mm.
    Terminates some antivirus and firewall processes.
    Uses its own SMTP engine to email itself to all the contacts in the Windows Address Book, MSN Messenger, .NET Messenger, Yahoo Pager, and in all the files whose extensions contain the letters HT.

    The email message has a randomly chosen subject line, message, and attachment name. The attachment will have a .com, .exe, or .scr file extension.

    This threat is written in the Microsoft C++ language and is compressed with FSG.


    Also Known As: I-Worm.Lentis.gen [KAV], W32/Yaha.t@MM [McAfee], W32/Yaha-T [Sophos]
    Type: Worm
    Infection Length: 51,424 bytes
    Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me



    Hope we can expect an virus update soon ;)

    Be ware all,

    rgds,
    Martin
     
  2. jan

    jan Former Eset Moderator

    Joined:
    Oct 25, 2002
    Posts:
    804
    Hi Martin,

    more info needed - sent you an IM.

    Thx., :)

    jan
     
  3. martindijk

    martindijk Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    537
    Location:
    Gorredijk - the Netherlands
    Hi Jan,

    Check out this link for more info:

    http://securityresponse.symantec.com/avcenter/venc/data/w32.yaha.t@mm.html

    rgds,
    Martin
     
Thread Status:
Not open for further replies.