Search
Keyword: default5.asp
Userinit = %System%\userinit.exe, %System%\sdra64.exe, (Note: The default value data of the said registry entry is %System%\userinit.exe, .) It drops the following files: %System%\lowsec\local.ds - copy of
This spyware attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
\is-3TE8N.tmp\_isetup %User Profile%\Application Data\ASP %User Temp%\is-82OVD.tmp (Note: %User Temp% is the user's temporary folder, where it usually is C:\Documents and Settings\{user name}\Local Settings\Temp
This spyware attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
\01\shell\ runas HKEY_CURRENT_USER\01\shell\ runas\command HKEY_CURRENT_USER\ASP HKEY_CURRENT_USER\ASP\DefaultIcon HKEY_CURRENT_USER\ASP\shell HKEY_CURRENT_USER\ASP\shell\ open HKEY_CURRENT_USER\i40
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Arrival Details This spyware may be unknowingly
Files%\ASP\AdvancedSystemProtector.exe %Program Files%\ASP\AdvancedSystemProtector.exe.config %Program Files%\ASP\AppResource.dll %Program Files%\ASP\asp.ico %Program Files%\ASP\AspManager.exe %Program
{random}.tmp\isxdl.dll %User Temp%\is-{random}.tmp\sasnative32.exe %Program Files%\ASP\AdvancedSystemProtector.exe %Program Files%\ASP\AdvancedSystemProtector.exe.config %Program Files%\ASP\AppResource.dll
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Arrival Details This spyware may be downloaded from
This spyware may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It creates folders where it drops its files. It modifies the Internet
startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Winlogon Userinit = %System%\userinit.exe, %System%\sdra64.exe, (Note: The default value data of the said registry entry is %System%
system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Winlogon Userinit = "%System%\userinit.exe, %System%\sdra64.exe," (Note: The default value data of the said registry entry
\ Windows NT\CurrentVersion\Winlogon Userinit = "%System%\userinit.exe, %System%\sdra64.exe," (Note: The default value data of the said registry entry is "%System%\userinit.exe," .) Other System Modifications
%Program Files%\ASP (Note: %User Temp% is the user's temporary folder, where it usually is C:\Documents and Settings\{user name}\Local Settings\Temp on Windows 2000, Windows Server 2003, and Windows XP (32-
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses the Windows Task Scheduler to add a
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Arrival Details This spyware may be downloaded from
This spyware attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Eventlog\Application Sources = "{random characters}" (Note: The default value data of the said registry entry is {random values} .) HKEY_LOCAL_MACHINE\SOFTWARE
Routine This spyware drops the following files: %Program Files%\Internet Explorer\ComRes.dll (Note: %Program Files% is the default Program Files folder, usually C:\Program Files.) Other Details This spyware
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are