Search
Keyword: W2KM_DLOADER.BVFO
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This file infector arrives on a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
Hidden = "2" (Note: The default value data of the said registry entry is 2 .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center AntiVirusOverride = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security
This worm checks if Mozilla Thunderbird is installed in the affected system. It checks for the SMTP server used by this application by checking the file prefs.js and use it to send email messages
\ Explorer\DisallowRun 1 = "ntbackup.exe" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Policies\ Explorer\DisallowRun 2 = "Regedit.exe" HKEY_CURRENT_USER\Software\Microsoft\ Windows
\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\WhoWhere LDAP Server ID = "3" HKEY_CURRENT_USER
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It avoids encrypting files with the following file
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
\ControlSet001\ Services\Tcpip\Parameters SynAckProtect = "2" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Tcpip\Parameters PerformRouterDiscovery = "0" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Tcpip
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
\ControlSet001\ Services\JeepImage Start = "2" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\JeepImage Type = "1" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\JeepImage ErrorControl = "0
\CurrentControlSet\ Services\wscsvc Start = "4" (Note: The default value data of the said registry entry is 2 .) It modifies the following registry entries to hide files with System and Read-only attributes:
\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER
\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "0" It modifies the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Windows
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
This adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This adware arrives on a system as a
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This spyware arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a