Troj/StartPa-BL

Kategorie: Viren und Spyware
Typ: Trojan
Verbreitung:

Download Kostenloses Virus Removal Tool downloaden – Finden Sie Bedrohungen, die Ihre Virenschutzsoftware übersehen hat

Troj/StartPa-BL is a Trojan which modifies several registry entries related to
Microsoft Internet Explorer.

This Trojan may copy itself into the Windows System32 folder using the
filename OLEHELP.EXE and set the following registry entry to ensure that it is
executed automatically upon system restart:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
olehelp = C:\<Windows System32>\OLEHELP.EXE

This registry entry will be created:

HKCU\Software\Microsoft\Internet Explorer\Main\
Search Bar = http://find4u.net/index.htm

These will be changed to hold the following values:

HKCU\Software\Microsoft\Internet Explorer\Main\
Search Page = http://find4u.net/index.htm
Start Page = http://find4u.net/index.htm

HKCU\Software\Microsoft\Internet Explorer\SearchUrl\
"" = http://find4u.net/index.htmprovider = gogl

HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\
SearchAssistant = http://find4u.net/index.htm

Troj/StartPa-BL also creates URL shortcuts in the Favourites folder called:

FREE HIDDEN CAMS WORLD
FREE SPY CAM
FREE WEB CAMS CHATS
GET THIS 4 FREE

These sites contain adult content.

Download Sophos Produkte kostenlos testen
Jetzt downloaden

© 1997 - 2012 Sophos Ltd. Alle Rechte vorbehalten. Rechtliche Hinweise Datenschutzrichtlinie Impressum