Search
Keyword: W2KM_MONALIS
HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = "0" (Note: The default value data of the said registry entry is 2 .) Dropping Routine This worm drops the following files:
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan adds certain registry entries to disable the Task Manager. This action prevents users from terminating the malware process, which can usually be done via the Task Manager. Installation
It terminates itself if any of the specific condition is met. This routine is done by the malware to avoid analysis tools, sandboxes, virtual machines, and security applications. It also creates
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does not
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\WhoWhere LDAP Server ID = "3" HKEY_CURRENT_USER\Software
Trend Micro has received multiple samples of this worm from multiple, independent sources, including customer reports and internal sources. These indicate that this worm poses a high risk to users
This malware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It gathers certain information on the affected
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
\Software\Classes\ .dc9b HKEY_CURRENT_USER\Software\Classes\ .dc9b\E HKEY_CURRENT_USER\Software\Classes\ .dc9b\Q HKEY_CURRENT_USER\Software\Classes\ .dc9b\W It adds the following registry entries:
CVE-2010-4069 Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x through 7.31, 9.x through 9.40, 10.00 before 10.00.xC10, 11.10 before 11.10.xC3, and 11.50 before 11.50.xC3 allows
/d "%ApplicationData%\des1.jpg" /f ; reg delete "HKCU\Software\Microsoft\Internet Explorer\Desktop\General" /v WallpaperStyle /f; reg add "HKCU\control panel\desktop" /v WallpaperStyle /t REG_SZ /d 2
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Backdoor arrives on a system as a
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
of the said registry entry is 2 .) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\helpsvc Start = "4" (Note: The default value data of the said registry entry is 2 .) HKEY_LOCAL_MACHINE\SYSTEM