Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
[Kaspersky]Backdoor.Win32.ShBot.a,Backdoor.Win32.ShBot.b;
[McAfee]BackDoor-CYL;
[Other]Win32/Cobfinn.I,Backdoor.Shellbot,BackDoor-CYL,Win32/Cobfinn.HVisible Symptoms:
Files in system folders:
[%WINDOWS%]\system\svchctrl.dll
[%WINDOWS%]\system\svchctrl.exe
[%WINDOWS%]\system\svchostw.dll
[%WINDOWS%]\system\svchostw.exe
[%WINDOWS%]\system\svchctrl.dll
[%WINDOWS%]\system\svchctrl.exe
[%WINDOWS%]\system\svchostw.dll
[%WINDOWS%]\system\svchostw.exe How to detect Cobfinn:
Files:
[%WINDOWS%]\system\svchctrl.dll
[%WINDOWS%]\system\svchctrl.exe
[%WINDOWS%]\system\svchostw.dll
[%WINDOWS%]\system\svchostw.exe
[%WINDOWS%]\system\svchctrl.dll
[%WINDOWS%]\system\svchctrl.exe
[%WINDOWS%]\system\svchostw.dll
[%WINDOWS%]\system\svchostw.exe
Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellbotr
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellbot
Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Removing Cobfinn:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
Pigeon.AVEC Trojan Symptoms
Paszczus Trojan Information
SillyDl.COF Trojan Symptoms
No comments:
Post a Comment