Malware which Spybot couldn't detect and/or fix.
Revision History |
Category: Trojan
Code:
:: Trojans // Revision 2 // {Cat:Trojan}{Cnt:1} // {Det:Matt,2009-05-01} // Die beiden folgenden Einträge sehen für mich nach Virtumonde aus: // Choose the BrowserHelperEx variant to flag the file as well, unless name is "(no name)". //BrowserHelperEx:"{39666021-19b5-db88-b164-6ad16f081fe0}","flagfile=1" RegyKey:"<$REG_BHO>",HKEY_LOCAL_MACHINE,"\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\","{0ef180f6-1da6-461b-88bd-5b9112066693}" RegyKey:"<$REG_CLASSID>",HKEY_LOCAL_MACHINE,"\SOFTWARE\Classes\CLSID\","{0ef180f6-1da6-461b-88bd-5b9112066693}" // Choose the BrowserHelperEx variant to flag the file as well, unless name is "(no name)". //BrowserHelperEx:"(no name)","flagfile=1" RegyKey:"<$REG_BHO>",HKEY_LOCAL_MACHINE,"\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\","{A2C9354B-38FC-47FF-99BB-638F62D02A71}" RegyKey:"<$REG_CLASSID>",HKEY_LOCAL_MACHINE,"\SOFTWARE\Classes\CLSID\","{A2C9354B-38FC-47FF-99BB-638F62D02A71}" // RegyValue is faster; IELinks would cover future location changes. // Dieser Eintrag sollte gefixed werden IELinks:"http://127.0.0.1:4664/
Downloads: 1 | Rating: 0 (rated by 0 users) | ||