Troj/Dobspy-A

Category: Viruses and Spyware Protection available since:27 Mar 2013 22:33:25 (GMT)
Type: Trojan Last Updated:27 Mar 2013 22:33:25 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Dobspy-A exhibits the following characteristics:

File Information

File type
Windows executable

Runtime Analysis

Dropped Files
  • C:\WINDOWS\ACTIVE.ini
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{A0XC6A98-A14C-J35H-46UD-F5AR862J2AH5}
    StubPath
    c:\test_item.exe
  • HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
    c:\test_item.exe
    c:\test_item.exe:*:Enabled:Windows Updater
Processes Created
  • c:\windows\system32\cmd.exe
  • c:\windows\system32\reg.exe
DNS Requests
  • googleupdate2011.dyndns.org

download Try Sophos products for free
Download now