Mal/Bredo-Q

Have you recently found spam emails from Royal Mail or USPS? Then there is a great chance that Mal/Bredo-Q is running inside your computer! It has been found out that these British and American mail service providers’ names have been employed by cyber criminals, who attack clueless PC with malicious spam emails, hiding infected attachments with the highly hazardous Mal/Bredo-Q application. Once inside your system, this Trojan can remove your administrative Windows privileges, slow down your computer and download malicious programs, which would be able to cause you financial detriment! So, if you notice files with randomly generated names, like g9zDdAmZAoyENB.exe, or see DHl-Express-Delivery-Tracking-Report-102011.exe running, be sure – your system is infected and you should hurry to remove Mal/Bredo-Q.

Mal/Bredo-Q is made of various infectious files, but keygen.exe is definitely the most vicious and latent. With the help of Post_Label.exe, which implements rootkit method and hides any malignant Mal/Bredo-Q processes from removal, keygen.exe can easily add and delete products in your registry. This executable is also responsible for releasing hundreds of fake security notifications, in case a fake antispyware is employed to bring profit. Keygen.exe can disable safe mode feature, copy your mouse movements and record keyboard input to gather such sensate data as your login information. This Mal/Bredo-Q executable is also responsible for tampering with your Windows system’s security components like Antivirus and Firewall, disabling them from disclaiming any kind of security warnings about Mal/Bredo-Q and its treacherous processes. Keygen.exe is also known to remove your access to Registry Editor and Task Manager tools, which are required, in order to have Mal/Bredo-Q removed from the system!

The most treacherous thing about keygen.exe is that this file is actually a copy of an original Windows-compatible file, enabled to record your data’s inputs. The authentic file is found under C:\Program Files, and the malignant Mal/Bredo-Q component’s location is C:\Documents and Settings\User\My Documents\Software\Adobe Acrobat7.0\KEYGEN\keygen.exe. The original file is sized from 32,768 to 1,727,654 bytes and Mal/Bredo-Q’s file is known to come in such sizes:

• 59,904 bytes
• 142,336 bytes
• 158,208 bytes
• 190,976 bytes
• 283,648 bytes
• 790,528 bytes
• 840,192 bytes

So, if you have noticed any Windows dysfunctions and you have a suspicion that Mal/Bredo-Q Trojan could be lurking in your system, do not think you are paranoid and install antimalware application immediately! Be sure, that only such software will be able to remove Mal/Bredo-Q, as some of the Trojan’s files are polymorphic and can change their own structures, which could aggravate the manual removal task gravely. Also, note that various spam emails from Royal Mail or USPS could be actually sent by schemers, so do not open and delete them immediately!