Troj/Nebule-B

Category: Viruses and Spyware Protection available since:30 May 2009 10:45:17 (GMT)
Type: Trojan Last Updated:30 May 2009 10:45:17 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Nebule-B is a Trojan for the Windows platform.

Troj/Nebule-B drops a malicious dll into the System folder when executed, for example:

<System>\winxyl32.dll (also detected as Troj/Nebule-B)

The following Registry entries are set to subsequently load the malicious code in this dll into other processes.

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winxyl32
Dllname
<System>\winxyl32.dll

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winxyl32
Startup
<exported_functionname_within_dll>


HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winxyl32
Shutdown
<exported_functionname_within_dll>

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy