Troj/VbInject-R

Category:	Viruses and Spyware	Protection available since:	07 Nov 2009 00:18:51 (GMT)
Type:	Trojan	Last Updated:	07 Nov 2009 00:18:51 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Summary
More information

Troj/VbInject-R includes functionality to run automatically.

When Troj/VbInject-R copies itself to <Windows>\conmsyrtl.exe.

The following registry entries are created to run conmsyrtl.exe on startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sistema de Comm
conmsyrtl.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run
Sistema de Comm
conmsyrtl.exe

The following registry entry is set, affecting internet security:

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\
<Root>\sample.exe:*:Enabled:Sistema de Comm

Try Sophos products for free
Download now

Troj/VbInject-R

Free Mac Anti-Virus

Popular topics