Search
Keyword: TROJ_PSYME
Other Details This Trojan does the following: This Trojan is a malicious file that contains prepended codes in its malware body, thus, the file is unable to execute properly. When prepended codes
Related malware is TROJ_DLOADR.SMVE This Trojan deletes itself after execution. Installation This Trojan drops the following files: %System%\thxr.wgo - detected as TROJ_DLOADR.SMVE (Note: %System% is
Installation This Trojan drops the following files: %System Root%\Documents and Settings\All Users\Application Data\mIbMkFp00000\mIbMkFp00000 %System Root%\Documents and Settings\All Users
This Trojan has received attention from independent media sources and/or other security firms. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown
This Trojan injects itself into Internet Explorer when executed. It also connects to a website in an attempt to possibly download files that may be malicious onto the infected system. Installation
This Trojan has increased potential for damage, propagation, or both, that it possesses. Specifically, it is related to an attack that involves blackhat SEO poisoning of Google Image search results.
Other System Modifications This Trojan adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Winlogon EnableConcurrentSessions = 1 HKEY_LOCAL_MACHINE
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. It modifies the affected system's HOSTS files. This prevents users from accessing certain websites. It deletes
This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. It executes the dropped file(s). As a result, malicious routines of the dropped
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the downloaded files. As a result, malicious routines of the
It accesses a website to download files. This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. However, as of this writing, the
Trend Micro has received multiple samples of this malware from a malicious domain source that have infected many clients. These indicate that this malware poses a high risk to users due to the
This is a component of another malware that exports functions that may be used to perform its malicious routines. This Trojan arrives as a component bundled with malware/grayware packages. It may be
This Trojan bears the file icons of certain applications to avoid easy detection and consequent removal. It deletes itself after execution. Installation This Trojan bears the file icons of the
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. However, as of this writing, the said sites are inaccessible. It connects to certain
The LizaMoon SQL injection attack inserted malicious .PHP scripts into several legitimate websites. As of this writing, the said attack leads to the download of one of two malware. TROJ_FAKEAV.BBK, a
This Trojan executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. Installation This Trojan drops the following files: %System%
This Trojan may be downloaded from remote sites by other malware. It displays fake alerts. It displays fake alerts that warn users of infection. It also displays fake scanning results of the affected
This Trojanl uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. Specifically, it uses Trend