Search
Keyword: TROJ_PSYME
This Trojan may arrive as a file that exports functions used by other malware. It arrives as a component bundled with malware/grayware packages. However, as of this writing, the said sites are
Arrival Details This Trojan may be downloaded from the following remote site(s): http://{BLOCKED}int.us/log.exe Autostart Technique This Trojan adds the following registry entries to enable its
However, as of this writing, the said sites are inaccessible. It is a component of other malware. It connects to certain URLs. It may do this to remotely inform a malicious user of its installation.
It adds strings to the Windows HOSTS file. This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. However, as of this writing, the
This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the downloaded files. As a
Changes the TCP Port of Internet Information Services (IIS) of the affected system to a new random number. The new port number is saved by the malware in a specific registry. This Trojan may be
This Trojan deletes itself after execution. Installation This Trojan drops the following files: %System%\ismserv.dll - non-malicious file (Note: %System% is the Windows system folder, which is
This Trojan may be downloaded by other malware/grayware from remote sites. It executes the files it drops, prompting the affected system to exhibit the malicious routines they contain. It deletes
This Trojan may arrive as a file that exports functions used by other malware. It opens a hidden Internet Explorer window. It requires its main component to successfully perform its intended routine.
It is a fake system diagnostic tool that tricks users into thinking that it is a legitimate program capable of searching for errors and issues on the affected system. Upon execution, it displays a
This Trojan is an installer of a rogue antivirus program called Spyware Cleaner 2010 V4.05. It asks the user to purchase the full version of the software. It then connects to a certaijn website where
This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting malicious websites. It installs a fake
Trend Micro has flagged this Trojan as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, it uses new FakeAV SEO Poisoning technique that
This malware randomly chooses its name randomly as well as uses the Operating System of the affected system in its name. It displays rogue antivitus alerts, and redirects users to different websites.
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies certain registry entries to disable Security
This Trojan displays fake alerts that warn users of infection. It also displays fake scanning results of the affected system. It then asks for users to purchase it once scanning is completed. If
This Trojan uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. Specifically, it makes use of
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. Arrival Details This Trojan arrives as an attachment to email messages spammed by other
This Trojan arrives as attachment to mass-mailed email messages. However, as of this writing, the said sites are inaccessible. It executes then deletes itself afterward. It executes the downloaded
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. It displays fake