Search
Keyword: w2kmpassproe
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
{2781761E-28E0-4109-99FE-B9D127C57AFE} {56FFCC30-D398-11D0-B2AE-00A0C908FA49} 0xFFFF = {Hex Values} HKEY_CURRENT_USER\Software\Microsoft\ Office\12.0\Common QMSessionCount = 2 Other Details This Trojan adds the following registry keys:
{2781761E-28E0-4109-99FE-B9D127C57AFE} {56FFCC30-D398-11D0-B2AE-00A0C908FA49} 0xFFFF = {Hex Values} HKEY_CURRENT_USER\Software\Microsoft\ Office\12.0\Common QMSessionCount = 2 Other Details This Trojan adds the following registry keys:
\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\WhoWhere LDAP Server ID = "3" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager Server ID =
\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software
\SYSTEM\ControlSet001\ Services\Avt-Net Start = "2" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Avt-Net Type = "1" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Avt-Net FailureAction = "{random
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
\Afqteuv W3_0 = "136a29" HKEY_CURRENT_USER\Software\Afqteuv W4_0 = "0" It modifies the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = "2
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
Other System Modifications This Trojan creates the following registry entry(ies) to bypass Windows Firewall: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\SharedAccess\Parameters
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
This Trojan arrives as attachment to mass-mailed email messages. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. Arrival Details This Trojan arrives as an attachment to email messages spammed by other
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a