Threat Information for "Trojan.Proxy.884"
| Summary | Top |
- Name: Trojan.Proxy.884
- Aliases:
- Date Discovered: 2007-01-25
- Protection Added: 2007-02-07
| Description | Top |
-- Ease of Removal 1: Consistent file contents 2: Consistently named 3: Runs as a service 4: Uses running processes 5: Creates new registry entries with consistent data -- Privacy Risks/Security Changes 1: Changes internet security settings -- Damage/Intrusion/Annoyance 1: Changes browser search settings 2: Significantly slows down the computer 3: Creates new files -- Propagation/Saturation 1: Infects from a link in an email 2: Infects from an email attachment 3: Installed by other infections
| Technical Details | Top |
- Added Directory/File:
FilePath: %COMMONDESKTOP%\termcaps.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\termcaps.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\??????. MD5: d41d8cd98f00b204e9800998ecf8427e - Added Directory/File:
FilePath: %SYSTEMDIR%\Ima??r.* - Added Directory/File:
FilePath: %USERDESKTOP%\termcaps.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\ImaS3r.* - Added Directory/File:
FilePath: %SYSTEMDIR%\*.* MD5: 925953ccf0799101634ae8698098b5e9 - Added Registry Key:
Key: HKU\S-*\%CURRENTVERSIONREG%\RunServices - Added Registry Key:
Key: HKLM\%CURRENTVERSIONREG%\Run - Added Registry Key:
Key: HKCU\%CURRENTVERSIONREG%\Run - Added Registry Key:
Key: HKU\S-*\%CURRENTVERSIONREG%\Run - Added Registry Key:
Key: HKLM\%CURRENTVERSIONREG%\RunServices
