Welcome to the Computer Security Wiki! You can help us by expanding stubs, create new articles and improve current articles.
You can also help us by logging-in or creating an account!

All public logs

Jump to: navigation, search

Combined display of all available logs of Malware Wiki. You can narrow down the view by selecting a log type, the username (case-sensitive), or the affected page (also case-sensitive).

Logs
(newest | oldest) View (newer 50 | ) (20 | 50 | 100 | 250 | 500)
  • 14:39, 13 June 2021 PhilTheWanderer talk contribs deleted page Malicious Chrome extension (Unnecessary: content was: "#REDIRECT Malicious browser extension")
  • 14:23, 13 June 2021 PhilTheWanderer talk contribs moved page Malicious Browser extension to Malicious browser extension (Fixed weird capitalization)
  • 12:34, 12 June 2021 PhilTheWanderer talk contribs uploaded File:Ha1 payload.png
  • 15:30, 6 June 2021 PhilTheWanderer talk contribs moved page Com64/BHP to BHP (Adapted to standard)
  • 13:28, 4 June 2021 PhilTheWanderer talk contribs deleted page Trojan.KillAV (5) (Unnecessary: content was: "{{Stub}}{{MalwareInfobox|name = Trojan.KillAV (5)|type = Trojan|creator = |date = September 4th, 2002|platform = Microsoft Windows|family = KillAV family}}'''Trojan.KillAV (5)''' is a Trojan horse that tries to terminate or remove any antivirus or firewall software that is running on the computer. ==Payload== Trojan.KillAV (5) is a variant of [http://securityresponse.symantec.com/avcenter/venc/data/trojan.killav.html Trojan.KillAV] ...)
  • 13:20, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.gen!A (Unnecessary: content was: "{{Stub}}{{MalwareInfobox|name = KillAV.gen!A|type = Trojan|date = 2008|platform = Microsoft Windows|aka = Trojan.Pdpinch.O (BitDefender) Trojan-PSW.Win32.PdPinch.gen (Kaspersky)|family = KillAV}}Killav.gen!A is a generic detection for a trojan that attempts to terminate processes. ==Payload== When Trojan:Win32/Killav.gen!A is run, it terminates processes...", and the only contributor was "[[Special:Contributions/>Vegasfest56|>Vegasfest56]]" ([[User talk:>Vegasfe...)
  • 13:19, 4 June 2021 PhilTheWanderer talk contribs deleted page Category:KillAV family (Unnecessary: content was: " This family contains Trojans [most of them written in either Batch or C++] from the KillAV family. This family does what it says on the metaphorical tin, and kills known Anti-Virus, Anti-Malware and Anti-Trojan software. Category:Win32 Category:Win32 trojan Category:Trojan Category:Microsoft Windows", and the only contributor was "[[Special:Contributions/>Vegasfest56|>Vegasfest56]]" ([[User talk:>Vegasfest56|talk]]))
  • 13:17, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.s (Unnecessary: content was: "{{Stub}} {{MalwareInfobox |name = KillAV.s |type = Trojan |date = Circa 2002 |pl = C++ |platform = Microsoft Windows |filetype = Win32 PE executable (.EXE) |aka = Trojan.Win32.KillAV.s |family = KillAV Family |size = 32,768 bytes|creator = |origin = }} '''Trojan.Win32.KillAV.s''' or '''KillAV.s''' is a trojan on Microsoft Windows that is part of a large family called KillAV. This one, unlike the other trojans in the KillAV family, does not actually kil...)
  • 13:16, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.r (Unnecessary: content was: "{{Stub}}{{MalwareInfobox |name = KillAV.r |type = Trojan |date = 2002 |pl = C++ |platform = Microsoft Windows |filetype = Win32 PE executable (.EXE) |aka = {{aliases |kaspersky=Trojan.Win32.KillFiles.p |mcafee=App: Piorio |sophos=Troj/Killav-R |clamav=Trojan.Killav-12 |fprot=W32/Trojan!354c |microsoft=Trojan:Win32/Killav.R |drweb=Trojan.AVKill.59392 |eset=Win32/KillAV.R trojan |bitdefender=Trojan.Generic.535123 |avast=Win32:Trojan-gen |ikarus=Trojan.Win32.Piorio |...)
  • 13:16, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.KV (Unnecessary: content was: "{{Stub}}{{MalwareInfobox|name = KillAV.KV|type = Trojan|date = June 4th, 2009|platform = Microsoft Windows|family = KillAV}}'''Killav.KV''' is a trojan that terminates antivirus processes, replaces the Windows beep driver with its own code, and installs other malware. It is a member of the KillAV family. ==Payloads== When the trojan runs, it drops a DLL component, detected as [http://www.microsoft.com/security/portal/Threat/Encyclop...)
  • 13:14, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.ks (Unnecessary: content was: "{{Underlinked|date=July 2014}} {{MalwareInfobox |name = KillAV.ks |type = Trojan |date = Circa 2007 |pl = Batch |platform = Microsoft Windows |filetype = .BAT |aka = Trojan.Win32.KillAV.ks |family = KillAV Family |size = 2,507 bytes|creator = |origin = }}'''Trojan.Win32.KillAV.ks''' is a batch trojan that deletes critical system keys and files. ==Payload== Once run, it searches for the following files and will terminate them. nod32kui.exe nod32krn.exe...)
  • 13:12, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.kp (Unnecessary: content was: "{{Stub}}{{MalwareInfobox|name = KillAV.kp|type = Trojan|platform = Microsoft Windows|family = KillAV}} '''KillAV.kp '''is a trojan that belongs to the KillAV family. ==Details== KillAV.KP is a trojan designed to prevent the user from accessing websites belonging to antivirus companies and to support forums.This way, the user is unable to access information related with security issues or download updates.KillAV.KP does not spread automatically using its own me...)
  • 13:10, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.k (Unnecessary: content was: "{{Stub}}{{MalwareInfobox |name = KillAV.k |type = Trojan |date = Circa 2002 |pl = C++ |platform = PE EXE |filetype = .EXE |aka = {{aliases |mcafee=Trojan: ProcKill-O |sophos=Mal/Generic-A |microsoft=Trojan:Win32/Killav.K |drweb=Trojan.AVKill.24576 |eset=Win32/KillAV.K trojan |bitdefender=Generic.Malware.PVPk.8599594A |virusbuster=Trojan.KillAV.CJR |avast=Win32:Malware-gen |ikarus=Trojan.Win32.KillAV.k |avg=Generic.KEK |avira=TR/Killav.K.1 |nav=Trojan.KillAV |norman...)
  • 13:08, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.id (Unnecessary: content was: "{{Underlinked|date=July 2014}}{{Stub}}{{MalwareInfobox |name = KillAV.id |type = Trojan |date = Circa 2006 |pl = C++ |platform = Microsoft Windows |filetype = Win32 PE executable (.EXE) |aka = Trojan.Win32.KillAV.id |family = KillAV Family |size = 3,104 bytes}} '''Trojan.Win32.KillAV.id''' or '''KillAV.id''' is a trojan which kills certain Anti-Malware and Anti-Virus processes. ==Payload== This trojan terminates the following processe...)
  • 13:06, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.hl (Unnecessary: content was: "{{MalwareInfobox |name = KillAV.hl |type = Trojan |date = Circa 2006 |platform = Microsoft Windows |filetype = Win32 PE executable (.EXE) |aka = {{aliases |sophos=Mal/Generic-A |clamav=Trojan.Spy.Banker-5850 |fprot=W32/TrojanX.UZX |microsoft=Trojan:Win32/Killav.gen!A |drweb=BACKDOOR.Trojan |eset=Win32/KillAV.HL |virusbuster=Trojan.KillAV.DQ |avast=Win32:Trojan-gen {Other} |ikarus=Trojan.Win32.Agent |avg=Generic.SCO |avira=TR/KillAV.HL |nav=Trojan.KillAV |rising=Tr...)
  • 13:06, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.gj (Unnecessary: content was: "{{MalwareInfobox |name = KillAV.gj |type = Trojan |date = Circa 2005 |pl = Visual C++ |platform = Microsoft Windows |filetype = Win32 PE executable (.EXE) |aka = {{aliases |mcafee=Trojan: ProcKill-AK |sophos=Troj/KillAV-GJ |fprot=W32/KillAV.EW |microsoft=Trojan:Win32/Tropid!rts |drweb=Trojan.AVKill.133 |eset=Win32/KillAV.GJ trojan |bitdefender=Generic.Malware.SP!Tk.E8828A1D |avast=Win32:Trojan-gen |ikarus=Trojan.Win32.KillAV |avg=Generic.LBX |avira=TR/Killav.GJ |n...)
  • 13:04, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.gcg (Unnecessary: content was: "{{MalwareInfobox |name = KillAV.gcg |type = Trojan |pl = C++ |platform = Win32 |filetype = .DLL |aka = Trojan.Win32.KillAV.gcg |family = KillAV family |size = 9,728 bytes|creator = |date = |origin = |md5 = EF9425F0CBCBCD95B3400B46CB7B70E3 |sha1 = F5EBAE2C4112DBA1106995D7679ECC71E3CA6985 }} '''Trojan.Win32.KillAV.gcg''' or '''KillAV.gcg''' is the most common variant in the KillAV family. It terminates most known Antivirus solutions, making it diff...)
  • 13:02, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.EL (Unnecessary: content was: "{{Stub}} {{MalwareInfobox|name = KillAV.EL|type = Trojan|date = 2010|platform = Microsoft Windows|filetype = EL|family = KillAV}} '''Killav.EL''' is a trojan that disables certain online banking security software components. This trojan may be downloaded by variants of [http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Win32%2fZbot Win32/Zbot]. from the IP address "193.105.207.120". In the wild, this trojan has been observed hoste...)
  • 12:58, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.EA (Unnecessary: content was: "{{Stub}}{{MalwareInfobox|name = KillAV.EA|type = Trojan|date = 2009|pl = Delphi|platform = Microsoft Windows|aka = Win32/Bancos!generic (CA) Trojan-Downloader.Win32.Banload.ow (Kaspersky) Trojan-GameThief.Win32.OnLineGames.tkxv (Kaspersky) W32/Banload.ALKB (Norman) Mal/DelpDldr-D (Sophos) Trojan.PWS.OnLineGames.UKL (VirusBuster) Trojan.Downloader.Delf.RX (BitDef...", and the only contributor was "[[Special:Contributions/>Vegasfest56|>Vegasfest56]]" ([[User talk:>Veg...)
  • 12:55, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.DR (Unnecessary: content was: "{{Stub}} {{MalwareInfobox|name = KillAV.DR|type = Trojan|date = May 5th, 2009|platform = Microsoft Windows|family = KillAV|filetype = Win32 PE executable (.EXE)|fsize = 1020 KB (1,044,480 bytes)|md5 = f5cc892fa6eb24584f555b0261e0c767|sha1 = ad36866e6a8cb383cfcd2d231e453ed1463111a9|sha256 = 1da46de69a15ece5d1c222845e01e9f9d311e61100471a1d4e8ddb86d3bd550e|imp = a9042500c45caf1e96695e809a07a5db|ssdeep = 24576:LpUNr6YkVRFkgbeqeo68FhqSRfMMMMM2MMMMM:LFlXZbVRfMMMMM2MMMMM|...)
  • 12:53, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.D (Unnecessary: content was: "{{Stub}}{{MalwareInfobox|name = KillAV.D|type = Trojan|date = March 20th, 2004|platform = Microsoft Windows|family = KillAV}}'''KillAV.D''' is a trojan on Microsoft Windows that terminates the processes of antivirus and security software. It is a member of the KillAV family. ==Payload== When the trojan is executed, it creates the following copy of itself:  *%Windir%\<Trojan file name>  *Where <Trojan file name>, is a configu...)
  • 12:51, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.C (Unnecessary: content was: "{{MalwareInfobox|name = KillAV.C|type = Trojan|date = November 9th, 2003|platform = Microsoft Windows|aka = Trojan.Win32.Killav.bf [Kaspersky]|family = KillAV}}'''KillAV.C''' is a trojan horse that disables antivirus and firewall applications. It is most likely used in conjunction with other threats such as a Backdoor Trojan. ==Payload== When Trojan.KillAV.C runs, it performs the following actions. Registers itself as a process. ...)
  • 12:50, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.bx (Unnecessary: content was: "{{Underlinked|date=July 2014}} {{MalwareInfobox |name = KillAV.bx |type = Trojan |date = Circa 2004 |platform = Microsoft Windows |filetype = Win32 PE executable (.EXE) |aka = Trojan.Win32.KillAV.bx |family = KillAV Family |fsize = 7,168 bytes|creator = |origin = |pl = }} '''Trojan.Win32.KillAV.bx''' is a common variant trojan in the KillAV Family on Microsoft Windows (Win32). It simply terminates most AV solution. ==Installation== Once launc...)
  • 12:47, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.br (Unnecessary: content was: "{{Underlinked|date=July 2014}} {{MalwareInfobox |name = KillAV.br |type = Trojan |date = Circa Late 2003/Early 2004 |platform = Microsoft Windows |filetype = Win32 PE executable (.EXE) |aka = {{aliases|kaspersky=Trojan.Win32.KillAV.br}} |family = KillAV Family |size = 4608 bytes}} '''Trojan.Win32.KillAV.br''' or '''KillAV.br''' is a Windows trojan which attempts to terminate known antivirus programs on the victim machine. ==Payload==...)
  • 12:45, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.bl (Unnecessary: content was: "{{MalwareInfobox |name = KillAV.bl |type = Trojan |date = Circa 2003 |platform = Microsoft Windows (Win32) |filetype = Win32 PE executable (.EXE) |aka = {{aliases |sophos=Troj/Killav-A |panda=Trojan Horse |fprot=W32/KillAV.BS |microsoft=Trojan:Win32/Killav.BL |drweb=Trojan.AVKill.155 |eset=Win32/KillAV.BL |bitdefender=Generic.Malware.P!VPk!.ABFDFAF6 |avast=Win32:Trojan-gen |ikarus=Trojan.Win32.KillAV.bl |avg=Generic.IAQ |avira=TR/KillAV.BL.1 |nav=Trojan.KillAV |pc...)
  • 12:42, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.bk (Unnecessary: content was: "{{MalwareInfobox |name = KillAV.bk |type = Trojan |date = Circa 2003 |pl = C |platform = Win32 |filetype = Win32 PE executable (.EXE) |aka = {{aliases |mcafee=Trojan: ProcKill-BO |sophos=Troj/Killav-A |clamav=Trojan.Killav-22 |panda=Trojan Horse |fprot=W32/KillAV.H |microsoft=Trojan:Win32/Killav.BK |drweb=Trojan.KillAV |eset=Win32/KillAV.BK trojan |bitdefender=Generic.Malware.P!VPk!.76E59317 |virusbuster=Trojan.KillAV!2wY/1SbE174 |avast=Win32:Trojan-gen |ikarus=...)
  • 12:37, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.bf (Unnecessary: content was: "{{Stub}} {{MalwareInfobox |name = KillAV.bf |type = Trojan |date = Circa 2003 |pl = C++ |platform = Microsoft Windows |filetype = .exe |aka = {{aliases |mcafee=Trojan: ProcKill-BC |sophos=Troj/Killav-BF |clamav=Trojan.Killav.BF |panda=Trojan Horse |fprot=W32/KillAV.F |microsoft=Trojan:Win32/Killav.BF |drweb=Trojan.AVKill.9216 |eset=Win32/KillAV.BF trojan |bitdefender=Trojan.Killav.BF |virusbuster=Packed/FSG |avast=Win32:Trojan-gen |ikarus=Trojan.Win32.KillAV |avg=G...)
  • 12:34, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.B (Unnecessary: content was: "{{Stub}}{{MalwareInfobox|name = KillAV.B|type = Trojan |date = September 7th, 2003|platform = Microsoft Windows|family = KillAV}}KillAV.B is a trojan program that terminates the processes of antivirus and security software. It also disables access to the Registry Editor and Task Manager.  ==Payloads== KillAV.B is a trojan that terminates the processes of Norton Antivirus Autoprotect and Norton Internet Security. When the trojan is executed,...)
  • 12:31, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.an (Unnecessary: content was: "{{Multiple issues}} {{MalwareInfobox |name = KillAV.an |type = Trojan |pl = C++ |platform = Microsoft Windows |filetype = Win32 PE executable (.EXE) |aka = {{Aliases|mcafee=W32/BackZat.worm.gen|sophos=Troj/KillAV-BE|clamav=Trojan.Killav-19|fprot=W32/KillAV.C|microsoft=Trojan:Win32/Killav.AN|drweb=Trojan.Siggen.13216|eset=Win32/KillAV.AN trojan|bitdefender=Generic.Malware.SVWk!.83B80AA4|virusbuster=Trojan.Killav.AII|avast=Win32:Trojan-gen|ikarus=Trojan.Win32.KillAV|a...)
  • 12:31, 4 June 2021 PhilTheWanderer talk contribs deleted page KillAV.be (Unnecessary: content was: " {{MalwareInfobox |name = KillAV.be |type = Trojan |date = Circa 2003 |platform = Win32 |filetype = .EXE |aka = Trojan.Win32.KillAV.be |family = KillAV Family |size = 5,632 bytes|creator = |origin = }} '''Trojan.Win32.KillAV.be''' is a trojan program used by other malicious programs to kill known AV processes. It comes in PE EXE format. ==Payload== The trojan searches for, and terminates, the following processes. *outpost.exe *VetTray.exe *AutoDown.exe *...)
  • 12:23, 4 June 2021 PhilTheWanderer talk contribs deleted page Antiviruses (Unnecessary: content was: "#REDIRECT Antivirus Software", and the only contributor was "SkyBlueCat" (talk))
  • 15:40, 2 June 2021 PhilTheWanderer talk contribs deleted page Category:Freeware Software (Unnecessary: content was: "Self-explanatory. This category contains a list of Freeware software [only legitimate applications will be added, adware is excluded]", and the only contributor was "[[Special:Contributions/>ARM123|>ARM123]]" ([[User talk:>ARM123|talk]]))
  • 15:39, 2 June 2021 PhilTheWanderer talk contribs created page Category:Freeware (Created page with "This category contains pages related about free software. Only legitimate applications should be in this category. Category:Applications")
  • 15:32, 2 June 2021 PhilTheWanderer talk contribs deleted page Category:Obsolete Software (Unnecessary: content was: "This category is for obsolete and/or discontinued software. :(", and the only contributor was "[[Special:Contributions/>Napolengo5000|>Napolengo5000]]" ([[User talk:>Napolengo5000|talk]]))
  • 15:29, 2 June 2021 PhilTheWanderer talk contribs created page Category:Obsolete software (Created page with "This category contains pages about software that is no longer supported. Category:Applications")
  • 20:31, 31 May 2021 PhilTheWanderer talk contribs deleted page Kongata.com (Unnecessary: content was: "{{Stub}} {{MalwareInfobox|name = Kongata.com|type = Phishing website|origin = Australia|pl = JavaScript, HTML|date = October 8th, 2016|filetype = HyperText Markup Language (.html,.htm)}} '''Kongata.com''' is a fraudulent website that appears to copy Kongregrate in order to fool users into being redirected to other websites, like OkeyShare, which clones content from Deviant Art.   ==Payload== Upon being entered, the website redirects the user to other websites....)
  • 20:29, 31 May 2021 PhilTheWanderer talk contribs created page Ad switchboards (Created page with "{{Stub}} '''Ad switchboards''' are fraudulent websites that redirect visitors to scam advertisements, tech support scams, phishing websi...")
  • 20:28, 31 May 2021 PhilTheWanderer talk contribs deleted page Wikipedia (Unnecessary: content was: "#REDIRECT Enwikipedia", and the only contributor was "[[Special:Contributions/>Saygın1974|>Saygın1974]]" ([[User talk:>Saygın1974|talk]]))
  • 20:26, 31 May 2021 PhilTheWanderer talk contribs deleted page Yotube.com (Unnecessary: content was: "#REDIRECT YoTube.com", and the only contributor was "[[Special:Contributions/>ZiadElwan61|>ZiadElwan61]]" ([[User talk:>ZiadElwan61|talk]]))
  • 20:26, 31 May 2021 PhilTheWanderer talk contribs deleted page YoTube.com (Unnecessary: content was: "{{Stub}} {{Infobox website |name= YoTube.com |logo= |image= |caption= |url= |type= Malicious Website |owner= |author= |launchdate=August 14th, 2005 |slogan= |registration= |language= English |status= Online }} '''YoTube.com''' is a scam website that lures off of typosquatting. It had a global traffic rank of #305,421 in the world. ==Behavior== The website redirects the user to fake versions of legitimate websites such as Facebook. There is a small chance t...)
  • 20:24, 31 May 2021 PhilTheWanderer talk contribs deleted page Twitterr (Unnecessary: content was: "{{NotResponsible}} {{Stub}} {{Infobox website |name= Twitterr |logo= |image= |caption= |url= |type= Fake website/browser hijacker |owner= |author= |launchdate= |slogan= |registration= |language= English |status= Online}} '''Twitterr''' is a fake website/browser hijacker website that lures off of typosquatting. ==Payload== It locked the window to prevent the user from closing the page. <sup>''(how?)''</sup>...)
  • 20:24, 31 May 2021 PhilTheWanderer talk contribs deleted page Twitter (Unnecessary: content was: "#redirect Twitterr", and the only contributor was "[[Special:Contributions/>Tulgar10|>Tulgar10]]" ([[User talk:>Tulgar10|talk]]))
  • 11:35, 26 May 2021 PhilTheWanderer talk contribs moved page Trojan.OSX.Boonana to Boonana (Adapted to standard)
  • 14:18, 25 May 2021 PhilTheWanderer talk contribs moved page Wench.2537 to Wench (Adapted to standard)
  • 13:46, 25 May 2021 PhilTheWanderer talk contribs moved page Trojan.PSPBrick to PSPBrick (Adapted to standard)
  • 16:41, 24 May 2021 PhilTheWanderer talk contribs moved page Lord-933 to Lord (Adapted to standard)
  • 16:32, 24 May 2021 PhilTheWanderer talk contribs moved page Lahyani.1381 to Lahyani (Adapted to standard)
  • 16:32, 24 May 2021 PhilTheWanderer talk contribs moved page Belgium-320 to Belgium (Adapted to standard)
  • 16:25, 24 May 2021 PhilTheWanderer talk contribs moved page Formas.1146 to Formas (Adapted to standard)
  • 16:22, 24 May 2021 PhilTheWanderer talk contribs moved page Gdynia.680 to Gdynia (Adapted to standard)
(newest | oldest) View (newer 50 | ) (20 | 50 | 100 | 250 | 500)