Keyword: mal_otorun1
55879 Total Search   |   Showing Results : 1 - 20
   Next  
This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware: WORM_AUTORUN OTORUN Since these files commonly arrive and
Mal_Otorun1 %System Root%\{all folders found}\autorun.inf - detected by Trend Micro as Mal_Otorun1 %System Root%\Microsoft.lnk %System Root%\Aplikasi.lnk %System Root%\{all folders found}\Microsoft.lnk %System
detects the dropped AUTORUN.INF as MAL_OTORUN1 . Propagates via removable drives Drops files
and Server 2003.) NOTES: The dropped AUTORUN.INF is detected by Trend Micro as Mal_Otorun1 Propagates via removable drives Drops files
on Windows XP and Server 2003.) It drops the following component file(s): %System%\autorun.inf - detected as Mal_Otorun1 (Note: %System% is the Windows system folder, which is usually C:\Windows\System
default value data of the said registry entry is 1 .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced\Folder\SuperHidden UncheckedValue = 0 (Note: The default value data of
\CurrentVersion\Explorer\ Advanced ShowSuperHidden = "0" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Policies\ NetWork NoNetSetup = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion
This Worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Worm arrives on a system as a file
routine: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced ShowSuperHidden = "0" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced HideFileExt = "1
\ Windows\CurrentVersion\Explorer\ Advanced HideFileExt = "1" Propagation This Worm drops copies of itself in all removable drives. Backdoor Routine This Worm does not have any backdoor routine. Rootkit
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center UACDisableNotify = 1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\policies\ system EnableLUA = 1 Propagation This worm creates the following
\ Windows\CurrentVersion\Explorer drv6 = {day of execution} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center UACDisableNotify = 1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\policies
This worm drops its component files in all removable drives. The dropped AUTORUN.INF is detected by Trend Micro as Mal_Otorun1. This worm drops an AUTORUN.INF file to automatically execute the copies
AtTaskMaxHours = 0 It modifies the following registry entries: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\Schedule NextAtJobId = 2 (Note: The default value data of the said registry entry is 1 .) It
This worm arrives by connecting affected removable drives to a system. It arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It automatically executes files when a user opens a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file