Search
Keyword: usoj_tdss.karul
It monitors the browsing habits of the user and sends the information to certain URLs when certain strings are found in the Web address. It can also modify the search results returned by search
following registry keys: HKEY_LOCAL_MACHINE\software\TDSS HKEY_LOCAL_MACHINE\software\microsoft\ windows nt\currentversion\tdssdata It adds the following registry entries: HKEY_LOCAL_MACHINE\software\TDSS
following registry keys: HKEY_LOCAL_MACHINE\software\TDSS HKEY_LOCAL_MACHINE\software\microsoft\ windows nt\currentversion\tdssdata It adds the following registry entries: HKEY_LOCAL_MACHINE\software\TDSS
This Trojan may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This is the Trend Micro detection for damaged variants of the TDSS malware family. Files detected as TROJ_TDSS.DAM are not capable of executing and cannot perform any malicious routines. NOTES:
It is a component file of other BKDR_TDSS malware to hide its processes and files from the user. It is also responsible for ensuring that the Master Boot Record of the system is infected. This Trojan
These are .SYS files modified by TDSS malware to aid its routines. The patched codes are responsible for executing the malware during startup and inject its component files into running processes. It
This Trojan may arrive as a file dropped by TROJ_TDSS.WIN. Its primary function is to log the Internet browsing activities of the user by keeping a record of keywords entered in search engines. It
This Trojan may be dropped by other malware. It arrives as a component bundled with malware/grayware packages. It is a component of other malware. Arrival Details This Trojan may be dropped by other
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan may arrive bundled with malware packages as a malware component. Its rootkit functionalities are used by other malware/grayware. It hides files, processes, and/or registry entries. It
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
%User Temp% is the current user's Temp folder, which is usually C:\Documents and Settings\{user name}\Local Settings\Temp on Windows 2000, XP, and Server 2003.) Dissecting the Autostart Technique of TDSS
This backdoor deletes itself after execution. Installation This backdoor drops the following component file(s): %System%\spool\prtprocs\w32x86\{Random File Name}.dll - also detected as BKDR_TDSS.SMD
This backdoor may be dropped by other malware. Arrival Details This backdoor may be dropped by the following malware: TROJ_TDSS.WIN NOTES: It may connect to the following servers where it receives
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. Arrival Details This Trojan may be unknowingly downloaded by a user while visiting malicious websites. Backdoor
Trend Micro has flagged this malware as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, this TDSS/alurion variant works in 64-bit systems.
This Trojan has received attention from independent media sources and/or other security firms. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown