Troj/Stinx-R

Kategorie: Viren und Spyware Schutz verfügbar seit:30 Jan 2006 00:00:00 (GMT)
Typ: Trojan Zuletzt aktualisiert:30 Jan 2006 00:00:00 (GMT)
Verbreitung:

Download Kostenloses Virus Removal Tool downloaden – Finden Sie Bedrohungen, die Ihre Virenschutzsoftware übersehen hat

Troj/Stinx-R is a backdoor Trojan for the Windows platform.

The Trojan connects to an IRC server and joins a predetermined channel. The Trojan then accepts commands from remote attackers. Troj/Stinx-R is a backdoor Trojan for the Windows platform.

When first run Troj/Stinx-R copies itself to <System>\csrnvrt.exe and creates two randomly named BAT files in the Temp folder. One of these files is used to attempt to bypass the Windows firewall. The other is used to delete the original copy of the Trojan.

The following registry entries are created to run csrnvrt.exe on startup:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
DriverModule
csrnvrt.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
DriverModule
csrnvrt.exe

The Trojan connects to an IRC server and joins a predetermined channel. The Trojan then accepts commands from remote attackers.

The Trojan may also download further malicious code.

Troj/Stinx-R attempts to terminate a number of processes, including some belonging to anti-virus applications.

Download Sophos Produkte kostenlos testen
Jetzt downloaden

© 1997 - 2012 Sophos Ltd. Alle Rechte vorbehalten. Rechtliche Hinweise Datenschutzrichtlinie Impressum