Home / Spyware Encyclopedia / Exploit.IMG-WMF << Back

Recommendation to Automatically remove Exploit.IMG-WMF


Our products can remove Exploit.IMG-WMF and thousands of other Virus and Spyware automatically and instantly.

Exploit.IMG-WMF Details


  • Category Exploit
  • Discovered 2/2/2009 11:36:40 AM
  • Modified 1/2/2024 10:34:44 AM
  • Threat Level High
  • Category Description
    Exploits use vulnerabilities in operating systems and applications to achieve the same result. Or in other words, this is a type of malware containing a piece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software. This frequently includes such things as gaining control of a computer system or allowing privilege escalation or a denial of service attack.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
8a7bf533.exe 9728  fb4707e25675aa8716df0be59c140f52 
54b2cea7.dll 46080  f5f7245c93bb3b58b02d88760074fc15 
A83138C5.EXE 15700  ed265544b24a4750c560170083ae848d 
804F322B.EXE 23552  eafcec274aca6af1b66b891a4f0f3201 
25b5b30f.exe 9728  e321ec84421b5bd44e6d913554436ab6 
5FC118DA.EXE 9728  d78889a36a1fe0b65ba651631d04d8ea 
e00cef95.exe 9728  d518f172fed81b3f9215b0da45e2da46 
B67BC0DE.EXE 1743164  c19e8e3849accd23d3e11ad6191e8dd1 
ECFA18FD.EXE 106603  bdc0b7c5c14a14518f0ccfb92f56eb68 
20B4271E.EXE 15700  a2d390dbb9e1dca11a6327f18b213001 

The following Registry Entries were created:
..\Software\Microsoft\Windows NT\CurrentVersion\image file execution options\processsafe.exe\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\image file execution options\arswp.exe\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\image file execution options\ravstub.exe\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DrvAnti.exe\(Default)
..\Software\Microsoft\\"WinId"\"{A2C3051D-ED7F-428C-A391-A28BDECC668D}"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"Windows Workstation Disc"\"%WIN.SYS32%\xx.exe"
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RawCopy.exe\(Default)
..\Software\Microsoft\\"WinId"\"{D07D0198-48B3-42AB-AA6F-75EE0EA0CE1F}"
..\Software\Microsoft\\"WinId"\"{FF90D3C3-8411-4E74-A855-D12C15D7FED7}"
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqdoctormain.exe\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.