Home Malware Programs Trojans Trojan.Win32.Patched.mf

Trojan.Win32.Patched.mf

Posted: August 11, 2011

Trojan.Win32.Patched.mf is a mischievous Trojan that is often found in spam emails, fake video codecs, and malicious links in popular social networking sites. Trojan.Win32.Patched.mf spreads quickly without your knowledge. Once Trojan.Win32.Patched.mf is installed on a targeted PC, it comes bundled with numerous additional malware infections. Trojan.Win32.Patched.mf also downloads and executes malicious files by connecting to a remote server secretly. When activated, Trojan.Win32.Patched.mf can open up an entry to allow remote attackers gain access so that they are able to steal and forward personal information to a remote server. Trojan.Win32.Patched.mf is able to change certain important system files or entries to slow down your computer and work weirdly. You should uninstall Trojan.Win32.Patched.mf instantly upon detection to secure your machine.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%PROGRAM_FILES%\Trojan.Win32.Patched.mf \Trojan.Win32.Patched.mf File name: %PROGRAM_FILES%\Trojan.Win32.Patched.mf \Trojan.Win32.Patched.mf
Mime Type: unknown/mf

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exe" -a "%Program Files%\Mozilla Firefox\firefox.exe" -safe-moHKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exe" -a "%Program Files%\Mozilla Firefox\firefox.exe"'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\random.exe"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = '1'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = '1'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exee" -a "%Program Files%\Internet Explorer\iexplore.exe"'
Loading...