Search
Keyword: troj_vundo
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It downloads a file from a certain URL then renames it
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the dropped file(s). As a result, malicious routines of the dropped files are
This malware uses complex routines to hide in the infected system's master boot record (MBR) in order to evade detection. To get a one-glance comprehensive view of the behavior of this Trojan, refer
TROJ_SASFIS.HS terminates and modifies the Access Control List (ACL) of processes that attempt to access it. When users attempt to execute forensic tools such as Process Explorer , it may display a
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It does not have any propagation routine. It does not have any backdoor routine. It takes
This Trojan arrives as a file that exports the functions of other malware/grayware. It may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by
This Trojan may be downloaded by other malware/grayware from remote sites. Arrival Details This Trojan may be downloaded by the following malware/grayware from remote sites: JAVA_EXPLOIT.KRZ It may
This Trojan may be dropped by other malware. It connects to certain websites to send and receive information. Arrival Details This Trojan may be dropped by the following malware: TROJ_DROPR.AE
This malware has received attention from independent media sources and/or other security firms. It exploits CVE-2009-3129 to drop another malware that then drops a backdoor application. The backdoor
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
NOTES: This is a Trend Micro detection for files with incomplete infection of PE_ZMIST.Ax. Because of the complexity of PE_ZMIST.Ax infection process, some hosts files are left with garbage
This Trojan executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. It deletes itself after execution. Dropping Routine This Trojan
This Trojan may be downloaded from remote sites by other malware. It displays fake alerts that warn users of infection. It also displays fake scanning results of the affected system. It then asks for
This Trojan deletes itself after execution. Installation This Trojan drops the following files: %System Root%\Documents and Settings%\All Users\Application Data\iChGbNa24901\iChGbNa24901.exe -
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies files, disabling programs and applications
This Trojan has coding errors that prevent it from running its malicious routines. NOTES: Based on analysis of the codes, it has the following capabilities: This is the detection of Trend Micro for
This Trojan executes the files it drops, prompting the affected system to exhibit the malicious routines they contain. Dropping Routine This Trojan drops the following files: %User Profile%
Installation This Trojan drops the following files: %User Profile%\Application Data\Adobe\AdobeUpdate .exe - non malicious %current folder%\err.log{random numbers} - detected by Trend Micro as
This Trojan may be dropped by other malware. Arrival Details This Trojan may be dropped by the following malware: TROJ_PIDIEF.OB Installation This Trojan drops and executes the following files: %Temp
This Trojan deletes itself after execution. Installation This Trojan drops the following files: {malware path}\{malware file name} %System Root%\Documents and Settings\All Users\Application Data