Mal/Behav-262

Category:	Viruses and Spyware	Protection available since:	30 Jun 2008 11:01:21 (GMT)
Type:	Malicious behavior	Last Updated:	01 Jul 2008 14:47:03 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mal/Behav-262 include:

Example 1

Runtime Analysis

Copies Itself To

C:\WINDOWS\system32\wininet.exe

Dropped Files

C:\WINDOWS\system32\svshost.dll

Registry Keys Created

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
SysRun
{D7FFD784-5276-42D1-887B-00267870A4C7}
HKCR\CLSID\{D7FFD784-5276-42D1-887B-00267870A4C7}\InProcServer32
(Default)
C:\WINDOWS\system32\svshost.dll

Example 2

Runtime Analysis

Copies Itself To

C:\WINDOWS\system32\wininet.exe

Dropped Files

C:\WINDOWS\system32\svshost.dll

Registry Keys Created

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
SysRun
{D7FFD784-5276-42D1-887B-00267870A4C7}
HKCR\CLSID\{D7FFD784-5276-42D1-887B-00267870A4C7}\InProcServer32
(Default)
C:\WINDOWS\system32\svshost.dll

Try Sophos products for free
Download now