Multi-Device Licenses (Volume Discounts)

Change Region

English
Threat Database Trojans Trojan.Win32.Pakes.oxy

Trojan.Win32.Pakes.oxy

By SpideyMan in Trojans

Trojan.Win32.Pakes.oxy is a damaging Trojan that makes modifications to security settings and installs additional malware threats onto the targeted computer. Trojan.Win32.Pakes.oxy hides system files and renames its executable files with the same names of some system files and hides the original files. Once active, Trojan.Win32.Pakes.oxy can change desktop background and enable the attacker gain unauthorized remote access to the corrupted computer. Trojan.Win32.Pakes.oxy can also infect system files and invade its victim's privacy. Trojan.Win32.Pakes.oxy should be uninstalled as quickly as possible upon detection to keep your PC protected.

File System Details

Trojan.Win32.Pakes.oxy may create the following file(s):
Expand All | Collapse All
# File Name Detections
1. %Windir%\pchealth\helpctr\binaries\notiflag.exe
2. %Windir%\NOTEPAD.EXE
3. %Windir%\Cache\Adobe Reader 6.0.1\ENUBIG\setup.exe
4. %ProgramFiles%\Windows NT\Accessories\wordpad.exe
5. %ProgramFiles%\Outlook Express\wab.exe
6. %ProgramFiles%\Outlook Express\oemig50.exe
7. %ProgramFiles%\Windows Media Player\setup_wm.exe
8. %ProgramFiles%\NetMeeting\conf.exe
9. %ProgramFiles%\MSN\MSNIA\prestp.exe
10. %ProgramFiles%\Internet Explorer\iedw.exe
11. %ProgramFiles%\Internet Explorer\Connection Wizard\icwconn2.exe
12. %ProgramFiles%\Internet Explorer\Connection Wizard\isignup.exe
13. %Windir%\pchealth\helpctr\binaries\HscUpd.exe
14. %Windir%\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe
15. %Windir%\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
16. %Windir%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
17. %Windir%\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
18. %Windir%\Microsoft.NET\Framework\v2.0.50727\jsc.exe
19. %System%\auditusr.exe
20. %System%\asr_pfu.exe
21. %System%\ahui.exe
22. %System%\asr_ldm.exe
23. %System%\bootok.exe
24. %System%\compact.exe
25. %System%\cacls.exe
26. %System%\chkdsk.exe
27. %System%\conime.exe
28. %System%\dcomcnfg.exe
29. %System%\Com\comrereg.exe
30. %System%\cipher.exe
31. %System%\cleanmgr.exe
32. %System%\clipbrd.exe
33. %Windir%\pchealth\helpctr\binaries\HelpCtr.exe
34. %ProgramFiles%\Windows Media Player\mplayer2.exe
35. %Windir%\mui\muisetup.exe
36. %ProgramFiles%\Windows NT\hypertrm.exe
37. %ProgramFiles%\Web Publish\WPWIZ.EXE
38. %ProgramFiles%\Outlook Express\setup50.exe
39. %ProgramFiles%\Outlook Express\msimn.exe
40. %ProgramFiles%\MSN\MsnInstaller\msninst.exe
41. %ProgramFiles%\NetMeeting\wb32.exe
42. %ProgramFiles%\MSN\MSNIA\msniasvc.exe
43. %ProgramFiles%\Internet Explorer\Connection Wizard\icwrmind.exe
44. %ProgramFiles%\Internet Explorer\Connection Wizard\inetwiz.exe
45. %Windir%\pchealth\helpctr\binaries\HelpSvc.exe
46. %Windir%\inf\unregmp2.exe
47. %Windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
48. %Windir%\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
49. %Windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
50. %Windir%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
51. %System%\attrib.exe
52. %System%\actmovie.exe
53. %System%\atmadm.exe
54. %System%\asr_fmt.exe
55. %System%\bootcfg.exe
56. %System%\comp.exe
57. %System%\convert.exe
58. %System%\charmap.exe
59. %System%\cmmon32.exe
60. %System%\ctfmon.exe
61. %System%\Com\comrepl.exe
62. %System%\cidaemon.exe
63. %System%\ckcnv.exe
64. %System%\cliconfg.exe
65. %System%\cmd.exe
66. %Windir%\pchealth\helpctr\binaries\msconfig.exe
67. %Windir%\pchealth\UploadLB\Binaries\UploadM.exe
68. %Windir%\msagent\agentsvr.exe
69. %ProgramFiles%\Windows NT\Pinball\PINBALL.EXE
70. %ProgramFiles%\Windows NT\dialer.exe
71. %ProgramFiles%\Outlook Express\wabmig.exe
72. %ProgramFiles%\Windows Media Player\wmplayer.exe
73. %ProgramFiles%\Windows Media Player\migrate.exe
74. %ProgramFiles%\NetMeeting\cb32.exe
75. %ProgramFiles%\Internet Explorer\IEXPLORE.EXE
76. %ProgramFiles%\Internet Explorer\Connection Wizard\icwtutor.exe
77. %ProgramFiles%\Internet Explorer\Connection Wizard\icwconn1.exe
78. %Windir%\pchealth\helpctr\binaries\HelpHost.exe
79. %Windir%\hh.exe
80. %Windir%\Microsoft.NET\Framework\NETFXSBS10.exe
81. %Windir%\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
82. %Windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
83. %Windir%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
84. %Windir%\regedit.exe
85. %System%\accwiz.exe
86. %System%\at.exe
87. %System%\arp.exe
88. %System%\blastcln.exe
89. %System%\bootvrfy.exe
90. %System%\control.exe
91. %System%\calc.exe
92. %System%\cmdl32.exe
93. %System%\cscript.exe
94. %System%\cmstp.exe
95. %System%\chkntfs.exe
96. %System%\cisvc.exe
97. %System%\clean_all.exe
98. %System%\clipsrv.exe

Registry Details

Trojan.Win32.Pakes.oxy may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaResources\msvideo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9D71D88C-C598-4935-C5D1-43AA4DB90836} stubpath = "%ProgramFiles%\Bifrost\lol.exe s"
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings ProxyEnable = 0x00000000
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MediaResources\msvideo
HKEY_CURRENT_USER\Software\Bifrost
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer UpdateHost = 00 50 5E 3F 95 96
HKEY_LOCAL_MACHINE\SOFTWARE\Bifrost
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9D71D88C-C598-4935-C5D1-43AA4DB90836}
HKEY_LOCAL_MACHINE\SOFTWARE\Bifrost nck = ED 1B E6 27 B9 28 D6 32 74 C3 CD 74 FA 93 5B 67
HKEY_CURRENT_USER\Software\Bifrost klg = 00

Trending

Most Viewed

Loading...