Search
Keyword: W2KM_DLOADER.BVFO
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. Arrival Details This Trojan arrives as an attachment to email messages spammed by other
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be downloaded from remote sites by other malware.
entry is "2" .) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\SharedAccess\Parameters\ FirewallPolicy\StandardProfile EnableFirewall = "0" (Note: The default value data of the said registry entry
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "0" It modifies the following registry entries: HKEY_CURRENT_USER\Software
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files with specific file extensions. It
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Hacking Tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Hacking Tool arrives on a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
Start = "2" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\mssecsvc2.1 ErrorControl = "1" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\mssecsvc2.1 ImagePath = "{initial malware file path}
This worm uses Remote Desktop Protocol (RDP) for its propagation routines. This worm registers ntshrui.dll (copy of clb.dll) as a service by creating the a certain registry. It then adds this service
If a process named AVP.EXE exists, this malware drops a system driver component as %User Temp%\atapi.sys . The said system file is used by the malware to avoid detection and be able to load into
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file