W32.Imaut
W32.Imaut is a Windows platform worm that propagates via communication services such as Yahoo! Instant Messenger and Microsoft Windows Live Messenger. When inside a system, W32.Imaut may attempt to communicate with a remote server, and download harmful files onto the compromised PC. W32.Imaut is also able to disturb or prevent certain security-related processes from running.
Table of Contents
Aliases
1 security vendors flagged this file as malicious.
| Anti-Virus Software | Detection |
|---|---|
| - | not-a-virus:Monitor.Win32.Ardamax.ae |
File System Details
W32.Imaut may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %Windir%\regsvr.exe | |
| 2. | %System%\svchost .exe | |
| 3. | %System%\28463\svchost.exe | |
| 4. | %System%\regsvr.exe | |
| 5. | %System%\setup.ini | |
| 6. | %Windir%\Tasks\At1.job | |
| 7. | %System%\28463\svchost.001 | |
| 8. | %Windir%\Tasks\At2.job | |
| 9. | %System%\setting.ini |
Registry Details
W32.Imaut may create the following registry entry or registry entries:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
