Threat Information for "Trojan.Proxy.590"
| Summary | Top |
- Name: Trojan.Proxy.590
- Aliases:
- Date Discovered: 2007-02-08
- Protection Added: 2007-02-12
| Description | Top |
-- Ease of Removal 1: Creates new unique registry entries 2: Consistent file contents 3: Runs as a service 4: Runs as a BHO or shell extension 5: Uses running processes -- Privacy Risks/Security Changes 1: Changes internet security settings -- Damage/Intrusion/Annoyance 1: Modifies non-critical registry entries 2: Changes browser search settings 3: Significantly slows down the computer 4: Creates new files -- Propagation/Saturation 1: Infects from a link in an email 2: Infects from an email attachment 3: Installed by other infections
| Technical Details | Top |
- Added Directory/File:
FilePath: %COMMONSTARTUP%\*.exe MD5: 7a10365c5a51f63bd6f07172c4ac0bf1 - Added Directory/File:
FilePath: %SYSTEMDIR%\*.* MD5: 7a10365c5a51f63bd6f07172c4ac0bf1 - Added Directory/File:
FilePath: %USERSTARTUP%\*.exe MD5: 7a10365c5a51f63bd6f07172c4ac0bf1 - Added Registry Value:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: winsync - Added Registry Data:
Key: HKCU\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: .exe reg_run - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: .exe reg_run
