Search
Keyword: ad
This worm checks if Mozilla Thunderbird is installed in the affected system. It checks for the SMTP server used by this application by checking the file prefs.js and use it to send email messages
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF file to automatically execute the
This description is based is a compiled analysis of several variants of WORM_PROLACO. Note that specific data such as file names and registry values may vary for each variant. This worm arrives as
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely
This Trojan may be downloaded from remote sites by other malware. It displays fake alerts that warn users of infection. It also displays fake scanning results of the affected system. It then asks for
This worm arrives as attachment to mass-mailed email messages. It may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It steals certain information from the system and/or the
This Trojan also has rootkit capabilities, which enables it to hide its processes and files from the user. Arrival Details This Trojan may arrive via network shares. Installation This Trojan drops
The dropped AUTORUN.INF is detected by Trend Micro as Mal_Otorun1. This worm arrives as attachment to mass-mailed email messages. It arrives via removable drives. It drops an AUTORUN.INF file to
Cookies may also be used by malware to gather information related to site preferences, sessions or other computer activities. For example, WORM_KOOBFACE makes use of cookies related to social
This Trojan connects to a website to send and receive information. It displays fake alerts that warn users of infection. It also displays fake scanning results of the affected system. It then asks
This malware checks for specific running processes in the affected system. It connects to specific URLs in order to download malicious files. This Trojan may be downloaded by other
It enumerates the entries in specific registry keys. It then overwrites the files referenced in these registries with copies of itself. The legitimate files are saved as {filename}{space}.exe .
This Trojan may be dropped by other malware. It may be injected into processes running in memory. Arrival Details This Trojan may be dropped by other malware. Installation This Trojan adds the
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops copies of itself
This Trojan may be hosted on a website and run when a user accesses the said website. However, as of this writing, the said sites are inaccessible. This is the Trend Micro detection for Web pages
Installation This adware adds the following folders: C:\Documents and Settings\All Users\Application Data\Doraibuhogo C:\Documents and Settings\All Users\Application Data\SalesMon C:\Documents and
This hacking tool may be manually installed by a user. Arrival Details This hacking tool may be manually installed by a user. Other Details Based on analysis of the codes, it has the following
It may be unknowingly downloaded by a user while visiting malicious websites. It may be dropped by other malware. It executes the downloaded files. As a result, malicious routines of the downloaded
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be downloaded from remote sites by other