Search
Keyword: pe_nimda.a
This file infector cenerates pseudorandom alpha characters using a randomizing function, which is computed from the current UTC system date and time. File Infection This is the Trend Micro detection
This file infector infects by appending its code to target host files. Installation This file infector drops the following files: %Windows%\gemini.exe - detected as PE_GEMI.A (Note: %Windows% is the
running. It infects by appending its code to target host files. It drops copies of itself in all removable drives. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user
This file infector drops copies of itself in all removable and physical drives found in the system. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the
This Trojan may be dropped by other malware. Arrival Details This Trojan may be dropped by the following malware: PE_SALITY This malware arrives via the following means: This is executed by a
These are .SYS files modified by TDSS malware to aid its routines. The patched codes are responsible for executing the malware during startup and inject its component files into running processes. It
This file infector drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. Installation This file infector drops the following
This file infector drops copies of itself in all removable and physical drives found in the system. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the
This File infector executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. Installation This File infector drops the following files:
This file infector infects certain file types by inserting code in the said files. Other System Modifications This file infector deletes the following files: %Windows%\Hanta %Windows%\010101.dat
Arrival Details This malware arrives via the following means: modified by other malware NOTES: This is Trend Micro's detection for a legitimate SYS file that has been modified by another malware to
This file infector drops copies of itself in removable drives. These dropped copies use the names of the folders located on the said drives for their file names. Installation This file infector drops
This Trojan is used to load and execute a file. Arrival Details This malware arrives via the following means: patched by other malware Other Details This Trojan requires the existence of the
W32/Expiro.O (Authentium), Win32.Expiro.W (Bitdefender), W32.Expiro-15 (Clamav), W32/Expiro.W (Fortinet), W32/Expiro.O (Fprot), Virus.Win32.Expiro (Ikarus), a variant of Win32/Expiro.T virus (NOD32),
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and
This Adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Adware arrives on a system as a