TROJ_ROVNIX.YPOK
Trojan.Rovnix (Malwarebytes); TrojanDownloader:Win32/Rovnix.A (Microsoft); Trojan-Spy.Win32.Carberp.aqaw (Kaspersky); Win32/Rovnix.AF (ESET-NOD32)
Windows
Type de grayware:
Trojan
Destructif:
Non
Chiffrement:
In the wild::
Oui
Overview
Détails techniques
Andere Systemänderungen
Fügt die folgenden Registrierungsschlüssel hinzu:
HKEY_CURRENT_USER\Software\Microsoft\
Installer\Products\B{Volume Serial Number}
HKEY_CURRENT_USER\Software\Microsoft\
Installer\Products\B{Volume Serial Number}\
PLUGIN
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Installer\Products\B{Volume Serial Number}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Installer\Products\B{Volume Serial Number}\
PLUGIN
Fügt die folgenden Registrierungseinträge hinzu:
HKEY_CURRENT_USER\Software\Microsoft\
Installer\Products\B{Volume Serial Number}
SH1 = "{hex values"}
HKEY_CURRENT_USER\Software\Microsoft\
Installer\Products\B{Volume Serial Number}
SH2 = "{hex values"}
HKEY_CURRENT_USER\Software\Microsoft\
Installer\Products\B{Volume Serial Number}
SH3 = "{hex values"}
HKEY_CURRENT_USER\Software\Microsoft\
Installer\Products\B{Volume Serial Number}
RR = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Installer\Products\B{Volume Serial Number}\
PLUGIN
{random} = "{hex values"}