Troj/Small-ELY

Category: Viruses and Spyware Protection available since:18 Aug 2008 05:02:07 (GMT)
Type: Trojan Last Updated:18 Aug 2008 05:02:07 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Small-ELY is a proxy Trojan for the Windows platform.

When run Troj/Small-ELY copies itself to <Windows>\services.exe and sets the following registry entries:

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess
Start
4

HKLM\SOFTWARE\Microsoft\Security Center
FirewallDisableNotify
1

HKLM\SOFTWARE\Microsoft\Security Center
FirewallOverride
1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
services
<Windows>\services.exe

HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
EnableFirewall
0

HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile
EnableFirewall
0

HKLM\SYSTEM\CurrentControlSet\Services\wscsvc
Start
4

Registry entries may also be created under:

HKCU\Software\Microsoft\Internet Explorer\Desktop

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy