high
Summary
Summary
Action- More Information
| Protection available since | 7 July 2006 08:10:50 (GMT) |
|---|---|
| Last updated | 31 December 2008 06:59:32 (GMT) |
| Detected by | All Sophos products |
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
Action
- Summary
- Action
- More Information
Please follow the instructions for removing Trojans.
The name Troj/Cimuz-Gen is used where a file belongs to a particular family of Trojans, but the variant is not separately identified. Sophos's proactive protection technology will identify such files as a -Gen variant.
- Ensure that you are using the most recent IDE files, as more precise detection could now be available. If necessary
- update with the latest IDE files and
- repeat the scan.
- Please send us a sample to assist in improving our technology.
- Use the instructions for removing generically detected files to delete the file from your computer.
- If you require further assistance with disinfection, contact support.
More Information
Troj/Cimuz-Gen is a family of Trojans for the Windows platform.
Troj/Cimuz-Gen is typically installed to the Windows system folder and a new value is created under the following registry entry to run Troj/Cimuz-Gen on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Troj/Cimuz-Gen Trojans typically install a dll to the Windows system folder and register this dll as a COM object and Browser Helper Object (BHO) for Microsoft Internet Explorer.
At the time of writing the dll name is usually of the form ipv<number>mons.dll, but the name has been known to change in some variants.
Troj/Cimuz-Gen Trojans typically alter registry entries under the following, affecting internet security:
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters \FirewallPolicy\StandardProfile\AuthorizedApplications\List
The following registry entry also may be set:
HKCU\Software\Microsoft\Internet Explorer\Main
Enable Browser Extensions
yes
|
