Search
Keyword: W2KM_DLOADER.BVFO
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
\ Internet Account Manager\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft
Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\WhoWhere LDAP Server ID = "3" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager Server ID = "4
This spyware arrives as an attachment to email messages spammed by other malware/grayware or malicious users. As of this writing, the said sites are inaccessible. It deletes itself after execution.
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
This worm arrives via peer-to-peer (P2P) shares. Arrival Details This worm arrives via peer-to-peer (P2P) shares. Installation This worm adds the following folders: {malware path}\Up It drops the
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses certain lists of user names and passwords to
This spyware may be downloaded by other malware/grayware from remote sites. It uses certain lists of user names and passwords to access password-protected shared files. It connects to certain
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be dropped by other malware. It connects to
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. As of this writing, the said sites are inaccessible. It
the following registry entries: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\Windows Defender ( if running as Admin ) Start = "2" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\Windows
the following registry entries: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\Windows Defender ( if running as Admin ) Start = "2" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\Windows
the following registry entries: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\Windows Defender ( if running as Admin ) Start = "2" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\Windows
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does not
Modifications This file infector modifies the following registry entries: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\wuauserv Start = "4" (Note: The default value data of the said registry entry is 2 .
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
"272" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\pcAnywhere Start = "2" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\pcAnywhere ErrorControl = "1" HKEY_LOCAL_MACHINE\SYSTEM