Troj/Dloader-YF

Category:	Viruses and Spyware
Type:	Trojan
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Dloader-YF is a Trojan for the Windows platform.

Troj/Dloader-YF includes functionality to access the internet and communicate with a remote server via HTTP.

When first run Troj/Dloader-YF copies itself to &ltSystem&gt\ipwf.exe and creates the file &ltSystem&gt\drivers\winut.dat. Troj/Dloader-YF is a Trojan for the Windows platform.

Troj/Dloader-YF includes functionality to access the internet and communicate with a remote server via HTTP.

When first run Troj/Dloader-YF copies itself to &ltSystem&gt\ipwf.exe and creates the file &ltSystem&gt\drivers\winut.dat.

The following registry entry is created to run ipwf.exe on startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
IPFW
&ltSystem&gt\ipwf.exe

The Trojan makes registry changes in the following location, registering both the original file and the copy as authorized applications:

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\
FirewallPolicy\StandardProfile\AuthorizedApplications\List

Try Sophos products for free
Download now

Troj/Dloader-YF

Free Mac Anti-Virus

Popular topics