Search
Keyword: HTML_FPSYME
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
following file extensions: asp htm html It then appends an iframe to these files that redirects users to http://{BLOCKED}g08.com/down/htmmm/mm.Htm . Infected files are detected as HTML_IFRAME.QT. It also
FindFirstFileW FindNextFileW RegEnumValueA RegEnumValueW It hooks the following API calls to search for network traffic for a predetermined HTML elements: InternetCloseHandle InternetQueryDataAvailable
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Installation This Trojan creates the following folders: %User Profile%\Microsoft\HTML Help (Note:
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan may arrive bundled with malware packages as a malware component. Arrival Details This Trojan may arrive bundled with malware packages as a malware component. Dropping Routine This Trojan
\RÊCYCLÊR %User Profile%\Microsoft\HTML Help (Note: %System Root% is the root folder, which is usually C:\. It is also where the operating system is located.. %User Profile% is the current user's profile
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Arrival Details This spyware may be unknowingly
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Installation This spyware creates the following folders: %User Profile%\Microsoft\HTML Help
dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Installation This worm creates the following folders: %User Profile%\Microsoft\HTML Help (Note: %User
and Settings\Wilbert %User Profile%\Application Data\tazebama %User Profile%\Microsoft\HTML Help (Note: %System Root% is the root folder, which is usually C:\. It is also where the operating system is
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
also detected as TROJ_FAKEAV.SMDJ %System%\us?rinit.exe - also detected as TROJ_FAKEAV.SMDJ %System%\ms{6 random characters}.dll - encrypted file that contains HTML codes for its GUI (Graphical User
\HTML Help %User Profile%\CryptnetUrlCache\MetaData %User Profile%\Microsoft\CryptnetUrlCache %User Profile%\CryptnetUrlCache\Content (Note: %User Profile% is the current user's profile folder, which is
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Installation This Trojan creates the following folders: %User Profile%\Microsoft\HTML Help