Threat Database Trojans Trojan.Nedsym


By GoldSparrow in Trojans

Threat Scorecard

Threat Level: 80 % (High)
Infected Computers: 2,758
First Seen: January 26, 2012
Last Seen: August 9, 2020
OS(es) Affected: Windows

Trojan.Nedsym is a harnful Trojan that propagates via spam emails. Trojan.Nedsym is a serious threat to your PC system and personal security. Trojan.Nedsym can also collect data about your computer system and forward it to a remote server that is responsible for configuring Trojan.Nedsym. Trojan.Nedsym modifies the registry during the installation so that it could run automatically each time you turn on your computer. Then Trojan.Nedsym checks whether there's another version of a Trojan installed in the machine, and if not, it starts performing its damaging actions. At first, Trojan.Nedsym enters the registry key that belongs to Internet Explorer and steals all the user names and passwords collected in there. Thus, Trojan.Nedsym can obtain an access to the frequently visited web pages. Trojan.Nedsym also targets other web browser that include Mozilla Firefox and others. Trojan.Nedsym connects to a remote server without your consent and receives configuration data about what type of spam messages it has to send. Trojan.Nedsym can create a random domain name, and then it might use one of several names to forward and access information from its external server. Find a genuine malware removal program to completely remove Trojan.Nedsym.

SpyHunter Detects & Remove Trojan.Nedsym

File System Details

Trojan.Nedsym may create the following file(s):
# File Name MD5 Detections
1. WMPRWISE.EXE 5d550016cffc92b1a6b425a89c005e52 138
2. WMPRWISE.EXE 3a0f6670bc3ec84041a95efbe08028e3 138
3. WMPRWISE.EXE 59358ac3338f97ec65675dbf9e386d8f 130
4. WMPRWISE.EXE ea001cd03e37bbbf916d88122bf21047 122
5. WMPRWISE.EXE f0f8d22cb5714bfa1160d25188a7639a 104
6. WMPRWISE.EXE d2505f3201ae659d9626c3060a443d66 73
7. WMPRWISE.EXE d7f0098691ba70cfb4be3144df2c6ca9 68
8. WMPRWISE.EXE d60fa017c93fd102f7d4bbf16667ad99 63
9. WMPRWISE.EXE 047c95b56f1972b0653a4f3ad48b2fff 47
10. WMPRWISE.EXE 89b495dcac6b04896f1c7d3a77d43e02 46
11. wmprwise.exe 61f3ffdd29fc13a9356efeef96ad048a 42
12. wmprwise.exe ff2c908692dab3c715d1ee338a89ccb5 37
13. WMPRWISE.EXE 060d2dc37fceb19032836909999df7ca 35
14. WMPRWISE.EXE af7466d408331583f7313bf92c34675c 33
15. WMPRWISE.EXE 4228dbad7fb2451f214c2d2ca8b3eec4 25
16. WMPRWISE.EXE 5504c93122d86f5a31ea9082acdbead7 23
17. WMPRWISE.EXE 2d697cf8ae4f3ff57895055c5393964b 21
18. WMPRWISE.EXE bb0cac401b4d6dd31bea8f410d41ef4d 20
19. WMPRWISE.EXE 4e9c5aadaa6f89e7af7ad44e05dab926 18
20. wmprwise.exe 950c638b7da81aaefdc09c4e70dc3557 16
21. WMPRWISE.EXE 776fb555c823272cecdb729cbe9c1169 14
22. WMPRWISE.EXE 99a9cab2a91d5d307710aac99fa31390 14
23. wmprwise.exe 9438a1dcea700922a9a3641c0c41bfa8 14
24. WMPRWISE.EXE c7c9aebe3d778a89c50091acaef7e8c8 14
25. WMPRWISE.EXE 91bfc67bede3bcd0379e2baa72a204e2 13
26. WMPRWISE.EXE e4b23b0b8502cc916c855aad4b0de3a4 13
27. cf.dll
28. jan.dll
29. RegalRO.exe
30. upd_debug.exe
31. windows update.exe
32. credman.dll
33. svcnost.exe
34. kbdcr32.dll
35. svcserv.exe
36. AdobeUpdate.exe
38. itlnfw32.dll
39. FW-267279124.exe
40. atl(4)32.dll
41. GoogleDownload.exe
42. api-ms-win-core-memory-l1-1-032.dll
43. svchost.exe
44. qtplugin.exe
45. pf10373.dll
46. ucrtupd.exe
More files

Registry Details

Trojan.Nedsym may create the following registry entry or registry entries:
Regexp file mask

Related Posts


Most Viewed