Troj/Proxy-DD

Category: Viruses and Spyware Protection available since:31 May 2006 00:00:00 (GMT)
Type: Trojan Last Updated:31 May 2006 00:00:00 (GMT)
Prevalence: No Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Proxy-DD is a Trojan for the Windows platform.

The Trojan allows remote attackers the ability to route HTTP traffic through the infected computer.

Troj/Proxy-DD sets the following registry entries:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer
NoFolderOptions
dword:00000001

HKLM\SOFTWARE\Tmp
Path
"<Path to Trojan EXE>"

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Hidden
dword:00000000

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HideFileExt
dword:00000001

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
ShowSuperHidden
dword:00000000

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Microsoft (R) Windows TCP/IP Socket Driver
"<Path to Trojan EXE>"

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
SFCDisable
dword:00000004

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy