Threat Information for "Trojan.Proxy.879"
| Summary | Top |
- Name: Trojan.Proxy.879
- Aliases:TR/Proxy.Horst.BB, W32/Horst.M, Win32:Trojano-3436, Generic.TNZ, Trojan.Downloader.Small.ADH, DNAScan
- Date Discovered: 2006-07-28
- Protection Added: 2006-08-15
| Description | Top |
-- Ease of Removal 1: Uses running processes 2: Consistent file contents 3: Consistently named 4: Creates new registry entries with consistent data -- Privacy Risks/Security Changes 1: Transmits personal data to remote computers -- Propagation/Saturation 1: Spreads through Internet Relay Chat (IRC) [VIRUS ONLY] 2: Significantly slows down the computer 3: Mimics legitimate file names 4: Creates new files 5: Displays error messages due to buggy code 6: Displays fake error messages 7: Spreads from a link in an email 8: Spreads through Peer-2-Peer software [VIRUS ONLY]
| Technical Details | Top |
- Added Directory/File:
FilePath: %SYSTEMDIR%\services - Added Directory/File:
FilePath: %SYSTEMDIR%\services\explorer.exe - Added Registry Data:
Key: HKCU\%CURRENTVERSIONREG%\Policies\Explorer\Run Value: [RANDOM VALUE] Data: services\explorer.exe - Added Registry Data:
Key: HKU\S-*\%CURRENTVERSIONREG%\Policies\Explorer\Run Value: [RANDOM VALUE] Data: services\explorer.exe
