high
Summary
Summary
Action- More Information
| Affected operating systems | Windows |
|---|---|
| Characteristics |
|
| Protection available since | 23 February 2006 23:12:13 (GMT) |
| Last updated | 24 May 2006 17:58:56 (GMT) |
| Detected by | All Sophos products |
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
Action
- Summary
- Action
- More Information
Please follow the instructions for removing Trojans.
More Information
Troj/FeebDl-G is an HTML file which acts as a downloader Trojan for the Windows Platform.
Troj/FeebDl-G attempts to download one of several encoded executable files, and to decode and execute it. Troj/FeebDl-G is an HTML file which acts as a downloader Trojan for the Windows Platform.
Troj/FeebDl-G attempts to download one of several encoded executable files and decode it to <Recycled>\userinit.exe. At the time of writing this file is detected by Sophos as W32/Feebs-Gen.
Troj/FeebDl-G attempts to set the following registry entry:
HKCU\Software\Microsoft\Internet Explorer
mal
<email address>
Troj/FeebDl-G attempts to delete the following registry entries:
HKLM\SYSTEM\CurrentControlSet\Services\KmxFile
HKLM\SYSTEM\CurrentControlSet\Services\pcipim
HKLM\SYSTEM\CurrentControlSet\Services\pcIPPsC
HKLM\SYSTEM\CurrentControlSet\Services\RapDrv
HKLM\SYSTEM\CurrentControlSet\Services\FirePM
Troj/FeebDl-G attempts to set the following registry entry in order to automatically start the file it has downloaded on system start:
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\
{CD5AC91B-AE7B-E83A-0C4C-E616075972F3}
Stubpath
C:\recycled\userinit.exe
|
