Generic PWS.y!bhd
Generic PWS.y!bhd is a password stealing Trojan that will put a victim's private data in danger of being stolen and used for malicious activities. Generic PWS.y!bhd usually spreads via infected spam e-mails or browser holes. Generic PWS.y!bhd is known to steal information such as online banking credentials, passwords, usernames and more. Victims are advised to utilize an anti-spyware program to detect and remove Generic PWS.y!bhd.
File System Details
Generic PWS.y!bhd may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %WinDir%\system32\sdra64.exe | |
| 2. | %WinDir%\system32\lowsec\user.ds.lll | |
| 3. | %WinDir%\system32\lowsec\user.ds | |
| 4. | %WinDir%\system32\lowsec\local.ds |
Registry Details
Generic PWS.y!bhd may create the following registry entry or registry entries:
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Current Version\Explorer\{4776C4DC-E894-7C06-2148-5D73CEF5F905}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Current Version\Explorer\{3446AF26-B8D7-199B-4CFC-6FD764CA5C9F}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Current Version\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6}
