Home Malware Programs Trojans JS Crypted ID.gen

JS Crypted ID.gen

Posted: September 15, 2011

Threat Metric

Threat Level: 9/10
Infected PCs: 7
First Seen: September 15, 2011
Last Seen: October 28, 2020
OS(es) Affected: Windows

JS Crypted ID.gen is considered to be a Trojan infection which usually comes bundled with rogue security applications to harm the affected PC. JS Crypted ID.gen may be integrated into some social networking websites like Twitter or Facebook so that it could rapidly propagate over the Internet. JS Crypted ID.gen also spreads via malicious links or pop-up ads. JS Crypted ID.gen can enable web attackers to remotely control your computer, and it also helps fake software programs to infect your machine. JS Crypted ID.gen can slow down your PC and lead to computer freeze. It is strongly advised to uninstall JS Crypted ID.gen as quickly as possible.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%Desktop%\.lnk File name: %Desktop%\.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%TempDir%\[RANDOM CHARACTERS].exe File name: %TempDir%\[RANDOM CHARACTERS].exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\[RANDOM CHARACTERS]HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = '1'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'yes'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '.exe'
Loading...