Threat Information for "Trojan.Proxy.929"
| Summary | Top |
- Name: Trojan.Proxy.929
- Aliases:TR/Proxy.Ranky.Gen.31, W32/Proxy.gen1, Win32:Ranky-EV, Proxy.CKI, GenPack:Trojan.Proxy.Ranky.Gen, TrojanProxy.Ranky.gen
- Date Discovered: 2006-08-17
- Protection Added: 2006-08-24
| Description | Top |
-- Ease of Removal 1: Uses running processes 2: Consistent file contents 3: Consistently named 4: Creates new registry entries with consistent data -- Privacy Risks/Security Changes 1: Harvests nonspecific personal data 2: Logs keystrokes -- Damage/Intrusion/Annoyance 1: Autoruns at startup without an option to be disabled -- Propagation/Saturation 1: Creates new files 2: Mimics legitimate file names 3: Significantly slows down the computer 4: Displays error messages due to buggy code
| Technical Details | Top |
- Added Directory/File:
FilePath: %SYSTEMDIR%\win32bootcfg.exe - Added Directory/File:
FilePath: %ROOTDRIVE%iexplorer.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: win32bootcfg
