Search
Keyword: troj_wmighost.a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses Windows Task Scheduler to create a scheduled
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan modifies registry entries to disable various system services. This action prevents most of the system functions to be used. It connects to certain websites to send and receive
arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies Internet Explorer security settings. This puts the affected
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Once a malware successfully exploits the said
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It deletes itself after execution. Installation This Trojan
It accesses websites to download files detected as TROJ_PIKER.AC and TROJ_VB.MAN. This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious
This Trojan executes then deletes itself afterward. Installation This Trojan drops the following file(s)/component(s): %User Temp%\AUTMGR32.EXE - detected as TROJ_FAKEAV.SMEV %User Temp%
package. The decrypted data is an executable data which will then be written to a file named setup.exe , detected as TROJ_GORIADU.DRP. This Trojan may be dropped by other malware. It may be dropped by other
Routine This Trojan connects to the following website(s) to download and execute a malicious file: http://{BLOCKED}upplystore.mooo.com/ads/QueryRecord200586_f2ahx.html http://{BLOCKED
C:\Users\{user name}\AppData\Local\Temp on Windows Vista and 7.) Download Routine This Trojan connects to the following website(s) to download and execute a malicious file: http://www.{BLOCKED
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the dropped file(s). As a result, malicious routines of the
This malware takes advantage of a vulnerability in Microsoft Word with the way it handles specially crafted email messages in RTF format. To get a one-glance comprehensive view of the behavior of
This Trojan takes advantage of the RTF Stack Buffer Overflow Vulnerability in order to drop malicious files into an affected system. Once it exploits the said vulnerability, it drops a file, which is
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the downloaded files. As a result, malicious routines of the
This Trojan uses common file icons to trick a user into thinking that the files are legitimate. It executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the downloaded files. As a result, malicious routines of the
It executes the .DLL file, wintyes.dll , also detected as TROJ_TALERET.D, which is located in the %Temp% folder using RUNDLL32.EXE. This Trojan may arrive bundled with malware packages as a malware
In order for the Trojan to be removed/unblocked, it asks for a paid SMS. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below. This Trojan may