Search
Keyword: W2KM_DLOADER.BVFO
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely
{45ea75a0-a269-11d1-b5bf-f1f2f1f2f1f2} DontAsk = "2" Other System Modifications This Trojan adds the following registry keys: HKEY_LOCAL_MACHINE\Software\Microsoft\ Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-f1f2f1f2f1f2
This adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This adware arrives on a system as a
registry entry is 2 .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced\Folder\Hidden\ SHOWALL CheckedValue = "0" (Note: The default value data of the said registry entry is 1
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This spyware arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,
\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = "2" (Note: The default value data of the said registry entry is 2 .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center AntiVirusOverride = "1
the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = "2" (Note: The default value data of the said registry entry is 2 .)
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
characters} DisplayName = {Random string} HKEY_LOCAL_MACHINE\SYSTEM\{Control set}\ services\{Random characters} Start = 2 HKEY_LOCAL_MACHINE\SYSTEM\{Control set}\ services\{Random characters} ImagePath =
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced\Folder\Hidden\ SHOWALL CheckedValue = "2" (Note: The default value data of the said registry entry is 1 .) It deletes
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies Internet Explorer security settings. This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
\ControlSet001\ Services\Tcpip\Parameters SynAckProtect = "2" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Tcpip\Parameters PerformRouterDiscovery = "0" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Tcpip
\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = "2" (Note: The default value data of the said registry entry is 2 .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center AntiVirusOverride = "1
is 7 .) HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = "1" (Note: The default value data of the said registry entry is 2 .) Dropping Routine This backdoor