undefined

antivirus tools

AdClicker-FK Trojan

Posted in AdClicker-FK Trojan
Virus Characteristics
Upon execution, this trojan installs itself as a system service to launch everytime the computer boots.

HKEY_LOCAL_MACHINE\System\ControlSet\Services\DomainService "ImagePath"
Data: Path to the malware executable file /service Adds itself to the built-in firewall's list of trusted applications.

HKEY_LOCAL_MACHINE\System\ControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\AuthorizedApplications\List "Path to the malware executable file"It also creates the following registry entries as part of its installation routine.

HKEY_LOCAL_MACHINE\Software\Microsoft\DomainService
HKEY_LOCAL_MACHINE\Software\Microsoft\DomainService\db_number
HKEY_LOCAL_MACHINE\Software\Microsoft\DomainService\domains_list
HKEY_LOCAL_MACHINE\Software\Microsoft\DomainService\installation_id
HKEY_LOCAL_MACHINE\Software\Microsoft\DomainService\internal_affiliate_id
HKEY_LOCAL_MACHINE\Software\Microsoft\DomainService\next_url_post_time
HKEY_LOCAL_MACHINE\Software\Microsoft\DomainService\user_id

Disables "Windows File Protection" by modifying the following key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "SFCDisable"Data: 04This trojan creates files with random file names in the %Windows%/Temp folder.

It sends information about the infected system to a remote web server - http://24.244.141.185[removed]

This trojan injects multplie threads into other system processes, to re-launch itself if the trojan process is killed.

Static analysis of this file reveals that it may attempt to download a file named "aupddc.exe" into the %Temp% folder, but at the time of writing this description the file was not downloaded.

Indications of Infection

Presence of the registry keys mentioned.
Presence of a process running as a System service with description as "DDC"

Method of Infection

Trojans do not self-replicate. They often arrive as a desirable or intriguing file and conceal their true nature. Common ways to receive a trojan are through newsgroup postings, IRC, peer-to-peer networks, spam, etc.

Removal Instructions

AVERT recommends to always use latest DATs and engine. This threat will be cleaned if you have this combination.

Aliases

Troj/Bckdr-QJL (Sophos), Trojan.Win32.Agent.bck (Kaspersky), TSPY_AGENT.AAYO (Trend Micro), Win32/Agent.BCK (ESET NOD32) CO.CC:Free Domain
Post A Comment! :: Send to a Friend!

• การใช้โปรแกรม Scan Virus AVG Anti-virus Free Edition
• วิธีดูแลเครื่องคอมพ์
• โปรแกรม Anti Virus อันดับหนึ่งอัพใหม่
• จัดอันดับ Antivirus ที่ได้รับความนิยมมากที่สุด
• วิธีกำจัดไวรัส Hacked By MooZilla
• วิธีกำจัดไวรัส Win32/MyGril Worm
• วิธีกำจัดไวรัส Toy
• What to Do If Your Computer Is Infected
• วิธีแก้ ไวรัส กับ MSN
• History of Computer Virus
• Antivirus updating - why it's more important than ever before
• วิธีแก้ไวรัส images.zip และ pic.zip ทาง msn
• วิธีแก้ ไวรัส Freshy
• วิธีแก้ไวรัส Hacked by Godzilla
• Malicious Programs Descriptions

<%ArchiveInfo%>


combat spam
SVCHOST
virus attack
preventive
Worm.Win32.Autorun.cpe removal
WORM_WOOTBOT.HO
WORM_ONLINEG.DSO
WORM_NUWAR.BK
WORM_IRCBOT.AUN Removal
WORM_AUTORUN.BT removal
Virus.Win32.VB.dl Removal
Virus writers: four general types
Virus list
Virus Updating
Virus Alert
Unsolicited
# Trojan.Win32.StartPage.jo Removal Instruction
Malware
Virus
Trojan
AdClicker-FK Trojan
Adware
Anti-virus software
Avoid Spam
BKDR_IRCBOT.RB
BKDR_SINOWAL.BE removal
Backdoor
Black List
Bot networks
Classic Viruses
CodeRed
Computer
Computer Is Infected
Credit card fraud
Criteria
Cyber extortion
Detection
Dialler
Hacked by Godzilla
DoS attack
ไวรัส Flashy
Email-Worm.BAT.Alcobul.b
Email-Worm.Win32.Warezov.nf
ไวรัส Toy
ไวรัส Win32
ไวรัส MooZilla

About Me


มีปัญหา เรื่องคอมติดไวรัส Malware Hacked Freshy, Malware , Virus , Trojan ,AdClicker-FK Trojan , Adware , Anti-virus software , Avoid Spam , BKDR_IRCBOT.RB , BKDR_SINOWAL.BE removal , Backdoor , Black List ,Bot networks , Classic Viruses , ไฟลน์หาย ต้องการวิธีการ กู้ข้อมูล

«  October 2008  »
MonTueWedThuFriSatSun
 12345
6789101112
13141516171819
20212223242526
2728293031 

Recent Posts

• การใช้โปรแกรม Scan Virus AVG Anti-virus Free Edition
• วิธีดูแลเครื่องคอมพ์
• โปรแกรม Anti Virus อันดับหนึ่งอัพใหม่
• จัดอันดับ Antivirus ที่ได้รับความนิยมมากที่สุด
• วิธีกำจัดไวรัส Hacked By MooZilla
• วิธีกำจัดไวรัส Win32/MyGril Worm
• วิธีกำจัดไวรัส Toy
• What to Do If Your Computer Is Infected
• วิธีแก้ ไวรัส กับ MSN
• History of Computer Virus
• Antivirus updating - why it's more important than ever before
• วิธีแก้ไวรัส images.zip และ pic.zip ทาง msn
• วิธีแก้ ไวรัส Freshy
• วิธีแก้ไวรัส Hacked by Godzilla
• Malicious Programs Descriptions

Links

• Home
• View my profile
• Archives
• Friends
• Email Me
• My Blog's RSS

Friends Blogger

  • Mesothelioma Blog
  • Phuket Blog
  • Pattaya Blog
  • Chiangmai Blog
  • 2008 summer olympics
  • 2009 seagames
  • Beijing Blog
  • BEIJING CHAINA
  • beijing olympics
  • Beijing Paralympics
  • Beijing Property
  • Beijing Sport
  • Beijingcity
  • Brunei News
  • China Feed
  • China Yuwie
  • Drilling Machine
  • Equestrian 2008
  • Italy Datting
  • khonkaen property
  • Make billo bucks
  • Milling Machine
  • Nations Cup
  • Paralympics
  • PATTAYA DATTING
  • Pattaya People Blog
  • Pay Per Click
  • Sea Games 2009
  • Tokyo 2016
  • Vancuver 2010
  • Vientiane 2009
  • workmails
  • YuwieJapan

Used Toyotas Los Angeles

usedtoyotaprices.com


like what you've read, click here to give this author a higher rating at blogskinny.com

Create blog

Entry 23 of 28
Last Page | Next Page