English 
Deutsch
Español
Français
Portuguese
Generic PWS.y!bhd Generic PWS.y!bhd
By
ZulaZuza in 
Loading ...
Generic PWS.y!bhd Description
Generic PWS.y!bhd is a password stealing Trojan that will put a victim’s private data in danger of being stolen and used for malicious activities. Generic PWS.y!bhd usually spreads via infected spam e-mails or browser holes. Generic PWS.y!bhd is known to steal information such as online banking credentials, passwords, usernames and more. Victims are advised to utilize an anti-spyware program to detect and remove Generic PWS.y!bhd.
Type: Trojans
How Can You Detect Generic PWS.y!bhd?
Generic PWS.y!bhd has typically the following processes in memory:
- %WinDir%\system32\sdra64.exe
Generic PWS.y!bhd creates the following registry entries:
- HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Current Version\Explorer\{4776C4DC-E894-7C06-2148-5D73CEF5F905}
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\
- HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Current Version\Explorer\{3446AF26-B8D7-199B-4CFC-6FD764CA5C9F}
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\
- HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Current Version\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6}
Important Article Disclaimer
This entry was posted on 12/15/09 and is filed under Trojans.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
