Download >>> https://tinurli.com/25qqg5
A new Trojan horse has been detected very recently. It's called Start-KMSmicro-WO-EN.vbs and it's using KMS activation to infect Windows computers with malware. This new infection is evolving constantly, but for now it might install the following malicious programs: • CyberGhost VPN • FreeConferenceCall.com • GetRight Pro 2 • Google Earth Pro 5.2. 1.6186 • Google Earth Pro 5.2.1.6186 • Internet Download Manager 5.6.4 • Internet Download Manager 6 • Kaspersky Antivirus 2012 • Kaspersky Antivirus 2013 • Kaspersky Anti-Virus 2015 • Leech Blocker Premium 4.5 • Microcell SafePlus Security v3O4O7 • MSN Video Encoder & Media Sharing Server 2.1 • NetSetMan 1.13 for Windows 8 and 8 RTM (64bit) • NetSetMan 1.13 for Windows 8 and 8 RTM (32bit) Plus all other versions up to 1. 13.2 • NetSetMan 1.13 for Windows NT • NetSetMan 1.13 for Windows 2000 • NetSetMan 1.13 for Windows 2003 • NetSetMan 1.13 for Windows 2008 • NetSetMan 1.3 for Windows XP • Panda Antivirus 3.0 Build 9097 + all latest updates, latest version of Panda is available here . You can download Panda directly from the BitDefender website here . • PC Tools Security 9.0.0.466 • PC Tools Firewall Plus 1.8.522 • PC Tools Internet Security 7 - 7.4., 9 + all latest updates, latest version of PC Tools are available here . You can download PC Tools directly from the Symantec website here or you can download it from the AVG website here . • Webroot SecureAnywhere Antivirus 2013 v7.1 + all latest updates, latest version of Webroot are available here . You can download Webroot directly from the Trend Micro website here or you can download it from the Avast website here . • WinZip Pro 18.0 Build 8291 + all latest updates, latest version of WinZip are available here . The Trojan is using the following exploit: Windows Management Interface (WMI) to install and run its malicious modules. If you want to read more about this exploit, you can visit the Metasploit Blog and read the following article: "Actor-driven Exploitation: Malware Using Windows Management Instrumentation (WMI)." This malware is obviously trying to mimic a legitimate activation server from Kaspersky called Download-KMS.ru. eccc085e13
Comments