Welcome to the Virus Encyclopedia of Panda Security.
It hides the extensions of the files and prevents the tooltip from being viewed in the files. It does not spread by its own means.
|First detected on:||March 3, 2007|
|Detection updated on:||April 22, 2007|
|Yes, using TruPrevent Technologies
Yabarasu.A is a Trojan that hides the extensions of the files and prevents the tooltip from being viewed in the files. A tooltip is a tool that is activated when the cursor is over a file and that gives information about the characteristics of that file.
Additionally, it hides all the subfolders of the root directory of the C: drive and creates a copy of the Trojan for each subfolder with the same icons as the original ones and with a hidden EXE extension. This way, whenever the user runs any of these subfolders, not only the original subfolder is run, but also Yabarasu.A.
Yabarasu.A does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.
Yabarasu.A is easy to recognize once it has affected the computer, as when the system is restarted, the following message is displayed:>