Troj/TDSS-DW

Category: Viruses and Spyware Protection available since:29 Jul 2010 23:49:22 (GMT)
Type: Trojan Last Updated:29 Jul 2010 23:49:22 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/TDSS-DW is a Trojan for the Windows platform.

Troj/TDSS-DW includes functionality to start services.

When first run Troj/TDSS-DW copies itself to <Temp>\5.tmp.

The following registry entries are set, affecting internet security:

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
CurrentLevel
0x00000000

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
1601
0x00000000

Registry entries are set as follows:

HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION
svchost.exe
0x000022b8

HKCU\Software\Microsoft\Internet Explorer\international
acceptlanguage
en-gb

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
maxhttpredirects
0x000022b8

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
enablehttp1_1
0x00000001

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy