Home / Spyware Encyclopedia / Exploit.IMG-WMF << Back

Recommendation to Automatically remove Exploit.IMG-WMF


Our products can remove Exploit.IMG-WMF and thousands of other Virus and Spyware automatically and instantly.

Exploit.IMG-WMF Details


  • Category Exploit
  • Discovered 1/8/2009 11:06:53 AM
  • Modified 9/3/2024 10:52:32 AM
  • Threat Level High
  • Category Description
    Exploits use vulnerabilities in operating systems and applications to achieve the same result. Or in other words, this is a type of malware containing a piece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software. This frequently includes such things as gaining control of a computer system or allowing privilege escalation or a denial of service attack.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
4dffb179.exe 21236microsoft corporation5.1.2600.2180fe09b8df35c65711984b8f99cfcf952b 
54b2cea7.dll 46080  f5f7245c93bb3b58b02d88760074fc15 
371ECA05.EXE 9728  f2262fbe8b255a1fd4a9fc8c6cb94195 
DC993F98.DLL 51712  f0cc13e113f3a6b747073ee593d87f60 
DE8DFE8E.DLL 46080  e9a6c0913775b15457fed5dd8d3e139e 
d8831712.exe 9728  e6a0aa91b2df11885396b4a6cf369b31 
7F85E86E.EXE 9728  e4fcfd28e9770853682083be1f94d8a2 
521E03EA.EXE 106542  e1fb1f52c59f360aa45d8d7d019550a7 
F7DF8883.EXE 9728  d9c435e7b3e8cf6803154eda811f89cc 
e00cef95.exe 9728  d518f172fed81b3f9215b0da45e2da46 

The following Registry Entries were created:
..\Software\Microsoft\Windows NT\CurrentVersion\image file execution options\processsafe.exe\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\image file execution options\arswp.exe\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\image file execution options\ravstub.exe\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DrvAnti.exe\(Default)
..\Software\Microsoft\\"WinId"\"{A2C3051D-ED7F-428C-A391-A28BDECC668D}"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"Windows Workstation Disc"\"%WIN.SYS32%\xx.exe"
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RawCopy.exe\(Default)
..\Software\Microsoft\\"WinId"\"{D07D0198-48B3-42AB-AA6F-75EE0EA0CE1F}"
..\Software\Microsoft\\"WinId"\"{FF90D3C3-8411-4E74-A855-D12C15D7FED7}"
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqdoctormain.exe\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.