Search
Keyword: troj_crypctb
This Trojan adds certain registry entries to disable the Task Manager. This action prevents users from terminating the malware process, which can usually be done via the Task Manager. It displays
Trend Micro has flagged this Trojan as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, it uses new FakeAV SEO Poisoning technique that
Installation This Trojan drops the following files: %Current%\defender.drv It drops the following copies of itself into the affected system: C:\Defender\defender.exe It creates the following folders:
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the user's Internet Explorer home page into
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. It displays fake alerts. It installs a fake antivirus/antispyware software. It displays fake alerts that warn
This Trojan displays fake alerts that warn users of infection. It also displays fake scanning results of the affected system. It then asks for users to purchase it once scanning is completed. If
Installation This Trojan drops the following copies of itself into the affected system: %User Startup%\syscron.exe (Note: %User Startup% is the current user's Startup folder, which is usually C:
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
This Trojan may be dropped by other malware. It executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. Arrival Details This
Installation This Trojan drops the following copies of itself into the affected system: %System%\kavo.exe (Note: %System% is the Windows system folder, which is usually C:\Windows\System on Windows
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It resolves a Domain Naming System (DNS) host name or Internet Protocol (IP) address.
This Trojan executes then deletes itself afterward. It executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. Installation This
This Trojan may arrive bundled with malware packages as a malware component. It may be dropped by other malware. Arrival Details This Trojan may arrive bundled with malware packages as a malware
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the dropped file(s). As a result, malicious
Installation This Trojan adds the following folders: %Application Data%\SystemProc %Program Files%\Mozilla Firefox %Program Files%\Mozilla Firefox\extensions %Program Files%\Mozilla Firefox
Trend Micro has flagged this Trojan as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, Specifically, it is a component file of
This Trojan may be downloaded from remote sites by other malware. It uses common file icons to trick a user into thinking that the files are legitimate. It connects to a website to send and receive
This Trojan arrives as attachment to mass-mailed email messages. However, as of this writing, the said sites are inaccessible. It executes then deletes itself afterward. It executes the downloaded
This is a modified Windows Task Manager from www.{BLOCKED}x.com , a well-known hacking site. It is designed for the Chinese version of Windows XP. This Trojan arrives on a system as a file dropped by
Installation This Trojan drops the following copies of itself into the affected system: %system%\csrcs.exe Autostart Technique This Trojan adds the following registry entries to enable its automatic