Worm:Win32/Dorpiex.A

Worm:Win32/Dorpiex.A is a computer worm that is being spread via social networking sites Facebook. This worm sends messages that have a link pointing to the location of a malware. Clicking the links may open web browser and executes the code…

VBS:Malware-Gen

VBS:Malware-Gen is a computer worm that will spread on local and network shared drives. This worm is typically made as a Visual Basic Script file that will function based on the configuration of the code. There are certain reasons why…

W32.Imsolk.B@mm

W32.Imsolk.B@mm is a worm discovered to utilized victims computer to mass-mail itself and spread quickly from this technique. Normally, the worm sends the copy of the code via spam email messages with subjects ‘Here you have’ or ‘Just for you’.…

W32/Autorun.worm!ju

W32/Autorun.worm!ju may also perform the following payloads: It will modify Windows Registry and add the following entries: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\] “Explorador” = “%WINDIR%\Hyden.dll.exe” [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\] “matriz” = “explorer.exe Twain32.dll.exe” [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\KnownDLLs\] “Hyden” = “Hyden.dll.exe” [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs\] “Hyden” = “Hyden.dll.exe”[%WinDir% = \WINDOWS (Windows…

W32.Spybot.AVEO

W32.Spybot.AVEO also performs the following payloads: It will modify Windows Registry and add the following entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\”Windows Firewall Updater” = “windowsupdate.exe” HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\”Windows Firewall Updater” = “windowsupdate.exe” HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\”EnableRemoteConnect” = “N” HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT1.0\Server\”Enabled” = “0″ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\”AutoShareWks” = “0″ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\”AutoShareServer” = “0″ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\system32\”windowsupdate.exe” =…


Please support Im-Infected.com
By clicking any of these buttons you help our site to get better