Threat Information for "Trojan.DownLoader.885"
| Summary | Top |
- Name: Trojan.DownLoader.885
- Aliases:
- Date Discovered: 2006-11-16
- Protection Added: 2006-11-30
| Description | Top |
-- Ease of Removal 1: Consistently named 2: Consistent file contents 3: Uses running processes 4: Creates new registry entries with consistent data -- Privacy Risks/Security Changes 1: Mimics legitimate file names -- Damage/Intrusion/Annoyance 1: Significantly slows down the computer 2: Creates new files 3: Downloads other threats -- Propagation/Saturation 1: Infects from a link in an email 2: Infects from an email attachment 3: Installed by other infections
| Technical Details | Top |
- Added Directory/File:
FilePath: %ROOTDRIVE%sysfwb\data\menu.txt - Added Directory/File:
FilePath: %ROOTDRIVE%sysfwb\data\buttons.txt - Added Directory/File:
FilePath: %PROGRAMFILESDIR%\FwBarTemp - Added Directory/File:
FilePath: %PROGRAMFILESDIR%\FwBarTemp\cohelper.exe - Added Directory/File:
FilePath: %ROOTDRIVE%sysfwb\data - Added Directory/File:
FilePath: %ROOTDRIVE%sysfwb\data\h.txt - Added Directory/File:
FilePath: %ROOTDRIVE%sysfwb\iefwbar.dll - Added Directory/File:
FilePath: %PROGRAMFILESDIR%\FwBarTemp\searchbar.exe - Added Directory/File:
FilePath: %ROOTDRIVE%sysfwb - Added Registry Key:
Key: HKLM\SOFTWARE\fwbar2 - Added Registry Key:
Key: HKLM\%BHOREG%\{9056A11F-5EA6-4A67-BDE9-8D3C7C453DAC}
