Keyword: W2KM_DLOADER.BVFO
47533 Total Search   |   Showing Results : 5321 - 5340
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF file to automatically execute the
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
Manager\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\WhoWhere LDAP Server ID = "3" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager Server ID =
This ransomware, seemingly similar to JIGSAW ransomware, threatens to delete one file six hours after non-payment. It threatens to delete all encrypted files after 96 hours of non-payment. To get a
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files
This new ransomware variant is known for the unique graphic designs of its ransom notes. Similar to other ransomware variants, it encrypts files and arrives via email. To get a one-glance
\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\ c1 iEnd = "2" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Security\ cASPKI\cASPKI\cCustomCertPrefs\ c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
the following registry entries: HKEY_CURRENT_USER\Control Panel\Desktop WallpaperStyle = 2 HKEY_CURRENT_USER\Control Panel\Desktop TileWallpaper = 0 HKEY_CURRENT_USER\Control Panel\Desktop Wallpaper = "
Microsoft Winsock Control 6.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ TypeLib\{248DD890-BB45-11CF-9ABC-0080C7E7B78D}\1.0\ FLAGS "" = 2 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ TypeLib\
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan Spy arrives on a system
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It steals email account information. It retrieves
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. It avoids encrypting
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan moves the files from the folder %User Profile%\Application Data\Microsoft\Internet Explorer\Quick Launch to the created folder %User Temp%\smtmp\2 . It modifies the attributes of files
operating system is located.) It creates the following folders: %User Temp%\smtmp %User Temp%\smtmp\1 %User Temp%\smtmp\2 %User Temp%\smtmp\3 %User Temp%\smtmp\4 (Note: %User Temp% is the current user's Temp
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It downloads a file from a certain URL then renames it
\Microsoft\ Windows\CurrentVersion\Internet Settings\ Zones\2 1609 = "0" (Note: The default value data of the said registry entry is 1 .) HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Internet