Search
Keyword: W2KM_DLOADER.BVFO
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting malicious websites. It opens a random port to allow a
\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\ c1 iEnd = "2" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Security\ cASPKI\cASPKI\cCustomCertPrefs\ c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\ c1 iEnd = "2" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Security\ cASPKI\cASPKI\cCustomCertPrefs\ c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does not
This Worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF file to automatically execute the
registry entries: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ services\{string1}{string2} Type = "16" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ services\{string1}{string2} Start = "2" HKEY_LOCAL_MACHINE\SYSTEM
System Modifications This Trojan adds the following registry keys: HKEY_CURRENT_USER\Software\{UID} It adds the following registry entries: HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{RSA
\ services\Updater.Mail.Ru Type = 16 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\Updater.Mail.Ru Start = 2 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\Updater.Mail.Ru ErrorControl = 0
{random 2 characters} = "{RSA PUBLIC KEY} " HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{contents of HELP_DECRYPT.TXT}" HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{contents of
\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\WhoWhere LDAP Server ID = "3" HKEY_CURRENT_USER
" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2
This potentially unwanted application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
This Trojan may be downloaded by other malware/grayware from remote sites. It connects to certain websites to send and receive information. Arrival Details This Trojan may be downloaded by the
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It saves downloaded files into the said created
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This