Search

Keyword: usoj_poweliks.b2

49377 Total Search | Showing Results : 1 - 20

This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder

TROJ_POWELIKS.B

This malware employs a new autostart mechanism and removes users' privileges in viewing the registry’s content. As such, users won’t be able to suspect that their systems are already infected. To get

TROJ_POWELIKS.SHS

following anti-virtual machine programs: VBOX VMWARE VirtualPC Checks for the following analysis tools if installed: Wireshark Fiddler Fiddler 2 HTTP Analyzer Checks the following AV if installed: Trend Micro

TROJ_POWELIKS.A

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious

TROJ_POWELIKS.C

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a

TROJ_POWELIKS.F

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a

TROJ_POWELIKS.SHJ

BAE23946ECE4D7038 = "BAE23946ECE4D7038" HKEY_LOCAL_MACHINE\SOFTWARE\E2098D48668A69F6F 3B459C40D536AC1D2B = "3B459C40D536AC1D2B" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "2

TROJ_POWELIKS.SHF

\SOFTWARE D8C9CE5D053E21408 = "D8C9CE5D053E21408" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup

TROJ_POWELIKS.X

Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\WhoWhere LDAP

TROJ_KOVTER.AUSIO

"F367930B6F17E3B2E5" HKEY_LOCAL_MACHINE\SOFTWARE\5DFAD47D3556F8EEDC B067898B15B669F8 = "B067898B15B669F8" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE

TROJ_KOVTER.AUSKKB

\ Windows\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "0" It modifies the following registry entries: HKEY_CURRENT_USER\Software

TROJ_KOVTER.EH

\ Windows\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "0" It modifies the following registry entries: HKEY_CURRENT_USER\Software

TROJ_DLOADR.PBN

" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "0" It modifies the following registry entries:

TROJ_KOVTER.AUSKIO

= "855828415F048F26F14" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "0" It

TSPY_KOVTER.XXP

\ Windows\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "0" It modifies the following registry entries: HKEY_CURRENT_USER\Software

TROJ_KOVTER.AUSKJM

CEC99EE8014CEE3676 = "CEC99EE8014CEE3676" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "0" It

TROJ_KOVTER.AUSKKF

\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "0" It modifies the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Windows

TROJ_KOVTER.AUSIN

\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "0" It modifies the following registry entries: HKEY_CURRENT_USER\Software

TROJ_KOVTER.AUSKJD

"C96DE2354CB26C945552" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "0" It modifies the following

TROJ_KOVTER.AUSKKD

" HKEY_LOCAL_MACHINE\SOFTWARE\351B76B552EDDAB9 F18785C0E71649AA = "F18785C0E71649AA" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows

Search

Resources

Support

About Trend

Country Headquarters

Search

Resources

Support

About Trend

Country Headquarters

The Americas

Middle East & Africa

Europe

Asia & Pacific