Trojan.Downloader.Exchanger.Gen.1

tag:Trojan Downloader

The malware spreads through links in unsolicited/spam e-mail messages, where the user is tricked that he will see explicit videos with celebrities like Angelina Jolie. When clicking the link, the malware will be downloaded and run on the computer.
Once executed, the file copies itself to the system directory (usually c:\windows\system32) as CbEvtSvc.exe and registers itself as a service with the same name that will be automatically started at every system reboot.
In addition, it will connect to a specific server in order to download and execute some other malicious files.
Please let BitDefender delete your infected files.

The presence of:
- the file CbEvtSvc.exe in the system directory (usually C:\Windows\System32)
- a service with the name Cbevtsvc.

previous:Trojan.Downloader.JS.JH
previous:Trojan.Downloader.WMA.Wimad.N

Virus Source from:

New articles

Trojan.Win32.Oficla.dvThis Trojan downloads files from the Internet and launches them without the user’s knowledge or consent. It is a Windows PE EXE file. It is 35840 byte...Conficker.CIt exploits the vulnerability MS08-067 in the Windows Server Service in order to spread itself. It also spreads through shared and removable drives. It reduces ...Downloader.MDW It reduces the security level of the computer: it notifies the attacker that the computer has been compromised and is ready to be used maliciously; it chan...Trojan.Downloader.WMA.Wimad.ZThis is another copy of the Trojan.Downloader.Wimad.A . It behaves in a similar way and even downloads from the same webpage ( hxxp://missing-codecs.net ) which...Trojan.Downloader.WMA.Wimad.SThis is another copy of the Trojan.Downloader.Wimad.A . It behaves in a similar way and even downloads from the same webpage ( www.fastmp3player.com ) which mea...

Hot Articles

Trojan.Downloader.Exchanger.Gen.1

Computer Virus Clounds