Infostealer.Mailfast

By SpideyMan in Stealers

Infostealer.Mailfast is a seditious Trojan infection which is downloaded and installed automatically via social network exploits in the background. Infostealer.Mailfast circulates quickly without a user's knowledge. Once Infostealer.Mailfast is injected into the computer system, it will delete some essential files. Infostealer.Mailfast downloads and executes malicious files by connecting to a remote server secretly. Infostealer.Mailfast steals and forwards personal information to remote attackers. Infostealer.Mailfast is able to change certain important system files. You should delete Infostealer.Mailfast from your PC system instantly.

File System Details

Infostealer.Mailfast creates the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%Temp%\wxrun.exe	N/A
Name: %Temp%\wxrun.exe Type: Executable File

Registry Details

Infostealer.Mailfast creates the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\"forceguest" = "0"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\"ServiceDll" = "%SystemDrive%\System32\w32time.dll"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\"DisableNotifications" = "1"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security

Center\Monitoring\SophosAntiVirus\"DisableMonitoring" = "1"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\"DisableMonitoring" = "1"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\"LastClockRate" = "100144"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\"UpdatesDisableNotify" = "0"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\"DisableMonitoring" = "1"

Center\Monitoring\PandaFirewall\"DisableMonitoring" = "1"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\"DisableMonitoring" = "1"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTPFilter\"Start" = "2"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\"ClearPageFileAtShutdown" = "1"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\"DoNotAllowExceptions" = "0"

Center\Monitoring\McAfeeAntiVirus\"DisableMonitoring" = "1"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\"DisableMonitoring" = "1"

EnigmaSoft Releases NEW SpyHunter Pro to Fight Malware, Enhance Privacy Protection, & Optimize PCs

Search

Change Region

Infostealer.Mailfast

File System Details

Registry Details

Submit Comment

Trending

GmailHackerPro.pj!.1a

Snip & Sketch not Working on Windows 10

'Amazon Loyalty Program' Pop-Up Scam

Most Viewed

AntiMalware

DNS Unlocker

Antivirus Security Pro