Suspicious#themida.4 is a Trojan. A Trojan is a program that pretends to have a valid use, but in fact modifies the user's computer in malicious way. Trojans do not replicate or spread to other computers.
Process Related Changes
It creates the following mutex(es):
- "SmartScreen_UrsCacheMutex_2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2High_S-1-5-21-239287854-1939494589-2009181562-1001"
- "SmartScreen_ClientId_Mutex"
- "DBWinMutex"
- "ConnHashTable<3520>_HashTable_Mutex"
- "CB35EF5D-4591-41d9-BBA2-0363342F3783"
It creates the following process(es): - C:\Windows\system32\rundll32.exe
- c:\Program Files\Internet Explorer\iexplore.exe [ \c:\Program Files\Internet Explorer\iexplore.exe SCODEF:3520 CREDAT:14337 ]
- c:\Program Files\Internet Explorer\iexplore.exe [ \c:\Program Files\Internet Explorer\iexplore.exe http://www.ultrareach.com/search.htm ]
Network Activity
It attempts to connect to the following remote servers: |
