Trojans

Malware which Spybot couldn't detect and/or fix.

Category: Trojan

Code:

:: Trojans
// Revision 2
// {Cat:Trojan}{Cnt:1}
// {Det:Matt,2009-05-01}

// Die beiden folgenden Einträge sehen für mich nach Virtumonde aus:
// Choose the BrowserHelperEx variant to flag the file as well, unless name is "(no name)".
//BrowserHelperEx:"{39666021-19b5-db88-b164-6ad16f081fe0}","flagfile=1"
RegyKey:"<$REG_BHO>",HKEY_LOCAL_MACHINE,"\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\","{0ef180f6-1da6-461b-88bd-5b9112066693}"
RegyKey:"<$REG_CLASSID>",HKEY_LOCAL_MACHINE,"\SOFTWARE\Classes\CLSID\","{0ef180f6-1da6-461b-88bd-5b9112066693}"
// Choose the BrowserHelperEx variant to flag the file as well, unless name is "(no name)".
//BrowserHelperEx:"(no name)","flagfile=1"
RegyKey:"<$REG_BHO>",HKEY_LOCAL_MACHINE,"\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\","{A2C9354B-38FC-47FF-99BB-638F62D02A71}"
RegyKey:"<$REG_CLASSID>",HKEY_LOCAL_MACHINE,"\SOFTWARE\Classes\CLSID\","{A2C9354B-38FC-47FF-99BB-638F62D02A71}"

// RegyValue is faster; IELinks would cover future location changes.
// Dieser Eintrag sollte gefixed werden
IELinks:"http://127.0.0.1:4664/

Downloads: 1	Rating: 0 (rated by 0 users)

Thread: Trojans

Thread Tools

Display

Threaded View

Trojans

Posting Permissions