Troj/Bckdr-RBN

Category: Viruses and Spyware Protection available since:18 Mar 2010 22:01:53 (GMT)
Type: Trojan Last Updated:18 Mar 2010 22:01:53 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Bckdr-RBN is a Trojan for the Windows platform.

Troj/Bckdr-RBN includes functionality to:

- run automatically
- modify personal firewall settings
- access the internet and communicate with a remote server via HTTP

Troj/Bckdr-RBN communicates via HTTP with the following locations:

cupda . in
modsm . com

The following registry entry is set, affecting internet security:

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
\StandardProfile\AuthorizedApplications\List
<path to file>\pdfupd.exe:*:Enabled:ldrsoft

Registry entries are created under:

HKCU\Software\Microsoft\idl
<random digits and letters>

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\start 1
<path to file>\pdfupd.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\start 2
<path to file>\pdfupd.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\start 3
<path to file>\pdfupd.exe

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy