Search
Keyword: troj_wmighost.a
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
deleted. It may install itself on the infected system as a rogue antivirus using certain file names. When users click "Fix Errors" in the fake scan results, this Trojan displays fake message boxes. When the
This Trojan opens a certain registry key. It then queries the data under a specific value for the subkeys under a certain key. For the paths that it finds, it will append a certain line. It will then
This malware uses complex routines to hide in the infected system's master boot record (MBR) in order to evade detection. To get a one-glance comprehensive view of the behavior of this Trojan, refer
This is the Trend Micro detection for specially-crafted Microsoft PowerPoint files that takes advantage of a known vulnerability in Microsoft PowerPoint. Once a malware successfully exploits the said
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
This Trojan may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This ransomware uses Windows PowerShell to encrypt files. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below. This Trojan arrives on a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It requires being executed with a specific
This malware is involved in the Master Boot Record (MBR) wiper outbreak that targeted users in South Korea during March of 2013. It drops and executes malware on affected systems, including a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
This Trojan may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This ransomware specifically targets Turkish users. It arrives as a spammed message informing users about a billing invoice update. Once users clicked the links, it leads to the download of a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
This malware is the final payload of a USTEAL variant that was reported on late April 2014. It encrypts certain files detected on the affected system and demands the user pay the ransom to have them
This DLL file acts as a notify object DLL used by TROJ_GORIADU.SMM (NDIS Intermediate driver), which contains specific parameters and configuration information. This Trojan may be dropped by other
It drops component files that Trend Micro also detects as TROJ_FAKEAV.CAC. This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a
Trend Micro has flagged this Trojan as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, it poses as a rogue antivirus software. To get a
It connects to websites to download and execute a malicious file detected as TROJ_LETHIC.SMC. It then executes the downloaded files. As a result, malicious routines of the downloaded files are
the following registry keys to install itself as a Browser Helper Object (BHO): HKEY_CLASSES_ROOT\CLSID\{random CLSID} HKEY_CLASSES_ROOT\PROTOCOLS\Filter\ text/html It registers itself as a BHO to