Technical details:
Categories: Spyware
WinWhatWhere Folders:
[%APPDATA%]\tam
WinWhatWhere Files:
[%SYSTEM%]\ImgX4.dll
[%DESKTOP%]\investigator reports.lnk
[%DESKTOP%]\investigator setup.lnk
[%DESKTOP%]\tamsetup.exe
[%DESKTOP%]\trueactive setup.lnk
[%PROFILE%]\recent\tamsetup.lnk
[%PROGRAM_FILES%]\tam\tamrpt.exe
[%PROGRAM_FILES%]\tam\tamset.exe
[%SYSTEM%]\olbe\msdfcng.exe
[%SYSTEM%]\olbe\updsem.exe
[%SYSTEM%]\olbe\windsdoc8.sys
[%SYSTEM%]\olbe\winsdoc16.sys
[%SYSTEM%]\olbe\winsdoc32.sys
[%SYSTEM%]\olbe\winsutl.sys
[%WINDOWS%]\fonts\afbloc.dat
[%SYSTEM%]\ImgX4.dll
[%DESKTOP%]\investigator reports.lnk
[%DESKTOP%]\investigator setup.lnk
[%DESKTOP%]\tamsetup.exe
[%DESKTOP%]\trueactive setup.lnk
[%PROFILE%]\recent\tamsetup.lnk
[%PROGRAM_FILES%]\tam\tamrpt.exe
[%PROGRAM_FILES%]\tam\tamset.exe
[%SYSTEM%]\olbe\msdfcng.exe
[%SYSTEM%]\olbe\updsem.exe
[%SYSTEM%]\olbe\windsdoc8.sys
[%SYSTEM%]\olbe\winsdoc16.sys
[%SYSTEM%]\olbe\winsdoc32.sys
[%SYSTEM%]\olbe\winsutl.sys
[%WINDOWS%]\fonts\afbloc.dat
WinWhatWhere Registry Keys:
HKEY_CLASSES_ROOT\.sem
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\msdfcng.exe
WinWhatWhere indications of infection
This symptoms of WinWhatWhere detection are the files, registry, and network communication referenced in the technical details section.Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.
Also Be Aware of the Following Threats:
Remove Small.cs Downloader
Posts
No comments:
Post a Comment