high
Summary
Summary
Action- More Information
| Included in our products from | January 2007 (4.13) |
|---|---|
| Protection available since | 7 July 2006 08:10:50 (GMT) |
| Last updated | 23 November 2006 01:29:02 (GMT) |
| Detected by | All Sophos products |
Action
- Summary
- Action
- More Information
The name Troj/Cimuz-Gen is used where a file belongs to a particular family of Trojans, but the variant is not separately identified. Sophos's proactive protection technology will identify such files as a -Gen variant.
- Ensure that you are using the most recent IDE files, as more precise detection could now be available. If necessary
- update with the latest IDE files and
- repeat the scan.
- Please send us a sample to assist in improving our technology.
- Use the instructions for removing generically detected files to delete the file from your computer.
- If you require further assistance with disinfection, contact support.
More Information
Troj/Cimuz-Gen is a family of Trojans for the Windows platform.
Troj/Cimuz-Gen Trojans typically install a dll to the <System> folder, and register this dll as a COM object and Browser Helper Object (BHO) for Microsoft Internet Explorer.
At the time of writing the dll name is usually of the form ipv<number>mons.dll, but the name has been known to change in some variants.
Troj/Cimuz-Gen Trojans typically alter registry entries under the following, affecting internet security:
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters \FirewallPolicy\StandardProfile\AuthorizedApplications\List
The following registry entry also may be set:
HKCU\Software\Microsoft\Internet Explorer\Main
Enable Browser Extensions
yes
|
