Search
Keyword: JS_INJECT
}2.co.in {BLOCKED}3.in Other Details This Trojan does the following: It may also access the following websites: .hotbar.com search.msn.com urs.microsoft.com It avoids to inject itself in the following
This Trojan may be downloaded by other malware/grayware from remote sites. However, as of this writing, the said sites are inaccessible. Arrival Details This Trojan may be downloaded by the following
This worm drops copies of itself in all removable drives. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. Installation
is found that a malicious server tries to inject sites with a .PHP script that is housed in a site called LizaMoon. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF
to the said servers to get encrypted data, which when decrypted, contains HTML inject codes and target URLs which are mostly bank-related websites: cgi-bin/options.cgi?user_id=3397599756&version_id
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the dropped file(s). As a result, malicious
alias__qbotinj.exe=olgaiderl.exe -> invokes explorer.exe to inject alias__qbot.dll to IEXPLORE.EXE thus, creating a hidden instance of IEXPLORE.EXE alias__qbot.dll=olgaiderl.dll -> main component
This Trojan executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. Dropping Routine This Trojan drops the following files: %User Temp
remove itself Download and execute files Perform HTTP and FTP operations to download and execute files Inject code into the file, TCPIP.SYS Perform IRC commands Other Details This Trojan does the
This backdoor arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It may be dropped by other malware. It may be unknowingly downloaded by a user while
Installation This Trojan drops the following files: %system root%\Documents and Settings\All Users\Application Data\winsvcfs.DLL - detected as TROJ_INJECT.UUU %User Temp%\{malware name}.doc -
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This spyware arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This