high
Summary
Summary
Action- More Information
| Affected operating systems | Windows |
|---|---|
| Characteristics |
|
| Included in our products from | September 2006 (4.09) |
| Protection available since | 25 July 2006 21:25:41 (GMT) |
| Detected by | All Sophos products |
Action
- Summary
- Action
- More Information
Please follow the instructions for removing Trojans.
More Information
Troj/AdClick-CR is a Trojan for the Windows platform.
Troj/AdClick-CR runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer.
Troj/AdClick-CR includes functionality to access the internet and communicate with a remote server via HTTP. Troj/AdClick-CR is a Trojan for the Windows platform.
Troj/AdClick-CR runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer.
Troj/AdClick-CR includes functionality to access the internet and communicate with a remote server via HTTP.
When Troj/AdClick-CR is installed the following files are created:
<Desktop>\Click to Remove Spyware.lnk
<Desktop>\Remove Spyware Now!.lnk
Registry entries are set as follows:
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB74C951-ACA1-4e33-A94C-A9261EB2CCB7}
ButtonText
Your PC is infected with Spyware - click here to fix your PC
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB74C951-ACA1-4e33-A94C-A9261EB2CCB7}
clsid
{1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB74C951-ACA1-4e33-A94C-A9261EB2CCB7}
Default Visible
Yes
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB74C951-ACA1-4e33-A94C-A9261EB2CCB7}
Exec
https://www.spydeleter.com/order2.php?KBID=1062
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB74C951-ACA1-4e33-A94C-A9261EB2CCB7}
HotIcon
<Windows folder>\sd.ico
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB74C951-ACA1-4e33-A94C-A9261EB2CCB7}
Icon
<Windows folder>\sd.ico
|
