Threat Information for "Win32.FunLove.4608"

Removal

Summary

Description

Technical Details

Removal

Top

StopSign will automatically remove this infection with a paid membership.

Summary

Top

Name: Win32.FunLove.4608
Aliases:
Date Discovered: 2007-05-08
Protection Added: 2007-05-16

Description

Top

-- Ease of Removal

1: Consistently named
2: Consistent file contents
3: Creates new registry entries with consistent data
4: Uses running processes

-- Privacy Risks/Security Changes

1: Mimics legitimate file names

-- Damage/Intrusion/Annoyance

1: Creates new files
2: Downloads other threats

-- Propagation/Saturation

1: Infects with other exploitation method

Technical Details

Top

Added Directory/File:
FilePath: %SYSTEMDIR%\MSWINSCK.OCX
Added Directory/File:
FilePath: %SYSTEMDIR%\mswinsck.ocx*
Added Directory/File:
FilePath: %WINDIR%\rundll16.exe*
Added Directory/File:
FilePath: %SYSTEMDIR%\Winzip.exe
Added Directory/File:
FilePath: %SYSTEMDIR%\scanregw.exe
Added Directory/File:
FilePath: %WINDIR%\rundll16.exe
Added Directory/File:
FilePath: %SYSTEMDIR%\?.zip*
Added Directory/File:
FilePath: %SYSTEMDIR%\Update.exe
Added Registry Key:
Key: HKCR\Licenses\6FB38640-6AC7-11cf-8ADB-00AA00C00905
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\MSWinsock.Winsock.1
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\B1EFCCF0-6AC1-11cf-8ADB-00AA00C00905
Added Registry Key:
Key: HKCR\Licenses\BC96F860-9928-11cf-8AFA-00AA00C00905
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\556C75F1-EFBC-11CF-B9F3-00A0247033C4
Added Registry Key:
Key: HKCR\Interface\{248DD892-BB45-11CF-9ABC-0080C7E7B78D}
Added Registry Key:
Key: HKCR\Licenses\57CBF9E0-6AA7-11cf-8ADB-00AA00C00905
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Interface\{248DD892-BB45-11CF-9ABC-0080C7E7B78D}
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\899B3E80-6AC6-11cf-8ADB-00AA00C00905
Added Registry Key:
Key: HKCR\Licenses\9E799BF1-8817-11cf-958F-0020AFC28C3B
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\4250E830-6AC2-11cf-8ADB-00AA00C00905
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\TypeLib\{248DD890-BB45-11CF-9ABC-0080C7E7B78D}
Added Registry Key:
Key: HKCR\MSWinsock.Winsock.1
Added Registry Key:
Key: HKCR\Licenses\4D553650-6ABE-11cf-8ADB-00AA00C00905
Added Registry Key:
Key: HKCU\Control Panel\BMale
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\78E1BDD1-9941-11cf-9756-00AA00C00908
Added Registry Key:
Key: HKCR\Licenses\7C35CA30-D112-11cf-8E72-00A0C90F26F8
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\190B7910-992A-11cf-8AFA-00AA00C00905
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\E32E2733-1BC5-11d0-B8C3-00A0C90DCA10
Added Registry Key:
Key: HKCR\Licenses\2c49f800-c2dd-11cf-9ad6-0080c7e7b78d
Added Registry Key:
Key: HKCR\Licenses\F4FC596D-DFFE-11CF-9551-00AA00A3DC45
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\6FB38640-6AC7-11cf-8ADB-00AA00C00905
Added Registry Key:
Key: HKCR\Licenses\72E67120-5959-11cf-91F6-C2863C385E30
Added Registry Key:
Key: HKCU\Control Panel\MExchange
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\BC96F860-9928-11cf-8AFA-00AA00C00905
Added Registry Key:
Key: HKCR\Licenses\DC4D7920-6AC8-11cf-8ADB-00AA00C00905
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\57CBF9E0-6AA7-11cf-8ADB-00AA00C00905
Added Registry Key:
Key: HKCR\Licenses\096EFC40-6ABF-11cf-850C-08002B30345D
Added Registry Key:
Key: HKCR\Licenses\5f54e750-ce26-11cf-8e43-00a0c911005a
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\MSWinsock.Winsock
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\9E799BF1-8817-11cf-958F-0020AFC28C3B
Added Registry Key:
Key: HKCR\Licenses\B1EFCCF0-6AC1-11cf-8ADB-00AA00C00905
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\4D553650-6ABE-11cf-8ADB-00AA00C00905
Added Registry Key:
Key: HKCR\CLSID\{248DD896-BB45-11CF-9ABC-0080C7E7B78D}
Added Registry Key:
Key: HKCR\Licenses\556C75F1-EFBC-11CF-B9F3-00A0247033C4
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\CLSID\{248DD896-BB45-11CF-9ABC-0080C7E7B78D}
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\7C35CA30-D112-11cf-8E72-00A0C90F26F8
Added Registry Key:
Key: HKCR\Licenses\899B3E80-6AC6-11cf-8ADB-00AA00C00905
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\2c49f800-c2dd-11cf-9ad6-0080c7e7b78d
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\F4FC596D-DFFE-11CF-9551-00AA00A3DC45
Added Registry Key:
Key: HKCR\MSWinsock.Winsock
Added Registry Key:
Key: HKCR\Licenses\4250E830-6AC2-11cf-8ADB-00AA00C00905
Added Registry Key:
Key: HKCR\TypeLib\{248DD890-BB45-11CF-9ABC-0080C7E7B78D}
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\72E67120-5959-11cf-91F6-C2863C385E30
Added Registry Key:
Key: HKCR\Licenses\78E1BDD1-9941-11cf-9756-00AA00C00908
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\096EFC40-6ABF-11cf-850C-08002B30345D
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\DC4D7920-6AC8-11cf-8ADB-00AA00C00905
Added Registry Key:
Key: HKCR\Licenses\E32E2733-1BC5-11d0-B8C3-00A0C90DCA10
Added Registry Key:
Key: HKLM\SOFTWARE\Classes\Licenses\5f54e750-ce26-11cf-8e43-00a0c911005a
Added Registry Key:
Key: HKCR\Licenses\190B7910-992A-11cf-8AFA-00AA00C00905
Added Registry Value:
Key: HKCU\%CURRENTVERSIONREG%\Explorer\Advanced Value: ShowSuperHidden
Added Registry Value:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: ScanRegistry
Added Registry Value:
Key: HKCU\%CURRENTVERSIONREG%\Explorer\Advanced Value: WebView

Membership
Products
- StopSign
- System Requirements
Downloads
Support
- FAQ
- Getting Started
- Helpfiles
- Library
Company
- Press
  - Software Requests
- Investors
- Careers
  - Listings
- Partners
  - Computer Repair Shop
- Trademarks
- Privacy
- Legal
  - EULA
  - T4C Terms
- Terms Of Use
Contact
- Survey
Research
- Search
- Glossary
- Whitepapers
  - Antivirus
  - Firewall
  - Phishing
  - Spyware
- Submit Sample
Sitemap