Yahoo Messenger worm seems to send a picture from a friend sent a link to the spread of the worm is sent through an automated message, the message content contains the "image", "photo" Such words and a smiley face icon, the link is and a Facebook or MySpace this link to a similar photo sharing websites. If users are using Apple's system, then click on the link, the worm will not automatically run, click on will be canceled. However, if users are using Windows, then after the user clicks on the link to download an executable file, and run automatically, the user's computer will be infected with malicious information sources, and automatically to Yahoo Messenger contacts in the spread. "Once run, the worm will copy itself to the '% WinDir% infocard.exe', and will add to its own Windows Firewall filter white list. It will modify the registry, and stop the Windows Automatic Updates service.
If you see this message, please do not click on "Run (Run)" BitDefender was the first discovered the virus last week. The virus is named Worm.P2P.Palevo.DP. BitDefender anti-virus laboratory according to the latest monitoring data, Palevo has produced a new variant, the latest variant will be a large number of automatically sending a lot of the spam to other Yahoo users. When the user receives a message, if not careful to click with the smiley face, the face will link the user to a picture gallery on the site, to lure users to click on view image, the user would have got up after clicking. In fact, not open pictures, appears to be JPG format, in fact it is a virus - Worm.P2P.Palevo.DP. When the virus is activated, the virus will be in C: Windows folder, create multiple hidden files, such as mds.sys, mdt.sys, winbrd.jpg and infocard.exe, and the key will be to modify the system registry key to undermine the security of the operating system line of defense. As with other similar, Palevo.DP with backdoor that allows unauthorized remote attacker to obtain complete control of a computer, and then do whatever they want. Such as installing malicious software, modify system account passwords stolen information, and even turned into a "zombie" computers controlled the virus completely. Palevo variants can also penetrate into Mozilla Firefox and Microsoft Internet Explorer browser to steal account information, online banking or online shopping services, users face great danger. Palevo variants within the network will be infected through the LAN to other computers infected removable disk, etc., and then spread to the wider network. Similar Conflicker worm, Palevo worm also uses a P2P network communication, for example, Ares, BearShare, iMesh, Shareza, Kazaa, DC + +, eMule, and LimeWire, and many other P2P networks. The virus will automatically add the code to the shared document, when the remote P2P client to download the document to be infected after, Palevo worm infected more than one computer will. BitDefender Senior Fellow Catalin Cosoi said, "We recommend that users maintain a high degree of caution. Check the website prior to the sender, do not click on any instant messaging software client links sent by unknown sources. "" Palevo highly aggressive attack. The initial outbreak, we have witnessed Palevo infection rate, it can easily Romania, Mongolia, Indonesia and other countries, or over 500% growth per hour spread. "At present, countries with the highest infection rates were: Romania, Mongolia, Vietnam, Indonesia, Australia, Malaysia, Thailand, France, the United States, Kuwait.
