Search
Keyword: W2KM_DLOADER.BVFO
\CurrentControlSet\ Services\W808bjf32 Type = "10" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\W808bjf32 Start = "2" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\W808bjf32 ErrorControl = "0
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It creates folders where it drops its files. The
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It opens a hidden Internet Explorer window. However, as
Both malware are related to the modified Enfal variants, which were reported to have infected 874 systems in 33 countries. To get a one-glance comprehensive view of the behavior of this Backdoor,
\CurrentVersion\Explorer\ Advanced ShowSuperHidden = "0" It modifies the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = "2" (Note: The default
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This file infector arrives on a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
This worm and its variant CODERED.B pose minimal risk to most PCs. It uses a remote buffer overflow vulnerability in Internet Information Service (IIS) Web Servers that can give system-level
HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = "2" (Note: The default value data of the said registry entry is 2 .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows
" It modifies the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = "2" (Note: The default value data of the said registry entry is 2 .)
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF file to automatically execute the
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It infects certain file types by inserting code
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
Hidden = 2 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced\Folder\Hidden\ SHOWALL CheckedValue = 1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ DRM\amty fix1 = "1" Dropping
csrcs.exe" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = 2 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced\Folder\Hidden\ SHOWALL
\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = "2" (Note: The default value data of the said registry entry is 2 .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a