Threat Information for "Trojan.Testie"

Removal Top

StopSign will automatically remove this infection with a paid membership.

Summary Top
  • Name: Trojan.Testie
  • Aliases:
  • Date Discovered: 2006-11-10
  • Protection Added: 2006-11-20
Description Top 
-- Ease of Removal

1: Creates new registry entries with consistent data
2: Consistent file contents
3: Consistently named
4: Runs as a BHO or shell extension
5: Uses running processes

-- Privacy Risks/Security Changes

1: Logs browsing habits and visited websites

-- Damage/Intrusion/Annoyance

1: Highlights keywords on a web page
2: Displays targeted popup advertisements
3: Changes personal browser settings
4: Significantly slows down the computer
5: Creates new files

-- Propagation/Saturation

1: Infects from a link in an email
2: Infects from an email attachment
3: Spreads through Peer-2-Peer software
4: Installed by other infections
Technical Details Top
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\MSIEHelper.dll
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\iefilter.dll
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\Service.exe
  • Added Registry Key:
    Key: HKLM\SYSTEM\CurrentControlSet\Services\Service
  • Added Registry Key:
    Key: HKCR\CLSID\{B9D06F5B-5BF3-4BC5-A58F-D1CD948478CE}
  • Added Registry Value:
    Key: HKLM\%CURRENTVERSIONREG%\ShellServiceObjectDelayLoad Value: IEFilter