TROJ_MATSNU.WXU
Trojan:Win32/Skeeyah.A!rfn (Microsoft); RDN/Generic Downloader.x (McAfee); Trojan.Gen.2 (Symantec); Trojan.Win32.Nymaim.adxp (Kaspersky); Troj/Nymaim-DN (Sophos); Trojan.Win32.Generic!BT (Sunbelt); Trojan horse Downloader.Generic14.BODG (AVG)
Windows
Threat Type:
Trojan
Destructiveness:
No
Encrypted:
In the wild::
Yes
OVERVIEW
TECHNICAL DETAILS
Otras modificaciones del sistema
Elimina las siguientes claves de registro:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.15
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\#2004
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.25
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\#2008
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.20
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\#2009
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.28
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\#2005
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.30
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\#2130
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\#2003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.10
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\#2000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.26
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\#2001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.27
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\#2002
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.11
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\#2006
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\1.3.6.1.4.1.311.12.2.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\#2221
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\1.3.6.1.4.1.311.12.2.2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\#2222
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.12
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllEncodeObject\#2007
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.15
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\#2004
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.25
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\#2008
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.20
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\#2009
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.28
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\#2005
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.30
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\#2130
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\#2003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.10
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\#2000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.26
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\#2001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.27
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\#2002
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.11
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\#2006
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\1.3.6.1.4.1.311.12.2.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\#2221
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\1.3.6.1.4.1.311.12.2.2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\#2222
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.12
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 1\
CryptDllDecodeObject\#2007
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Initialization\{64B9D180-8DA2-11CF-8736-00AA00A485EB}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Message\{64B9D180-8DA2-11CF-8736-00AA00A485EB}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Signature\{64B9D180-8DA2-11CF-8736-00AA00A485EB}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Certificate\{64B9D180-8DA2-11CF-8736-00AA00A485EB}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
CertCheck\{64B9D180-8DA2-11CF-8736-00AA00A485EB}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
FinalPolicy\{64B9D180-8DA2-11CF-8736-00AA00A485EB}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
DiagnosticPolicy\{64B9D180-8DA2-11CF-8736-00AA00A485EB}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Cleanup\{64B9D180-8DA2-11CF-8736-00AA00A485EB}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Initialization\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Message\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Signature\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Certificate\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
CertCheck\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
FinalPolicy\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
DiagnosticPolicy\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Cleanup\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Initialization\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Message\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Signature\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Certificate\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
CertCheck\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
DiagnosticPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Initialization\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Message\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Signature\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Certificate\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
CertCheck\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
FinalPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
DiagnosticPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Cleanup\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Initialization\{189A3842-3041-11D1-85E1-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Message\{189A3842-3041-11D1-85E1-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Signature\{189A3842-3041-11D1-85E1-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Certificate\{189A3842-3041-11D1-85E1-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
CertCheck\{189A3842-3041-11D1-85E1-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
FinalPolicy\{189A3842-3041-11D1-85E1-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
DiagnosticPolicy\{189A3842-3041-11D1-85E1-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Cleanup\{189A3842-3041-11D1-85E1-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Signature\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
DiagnosticPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Cleanup\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Initialization\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Message\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Signature\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Certificate\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
CertCheck\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
FinalPolicy\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
DiagnosticPolicy\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Cleanup\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Initialization\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Message\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Signature\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Certificate\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
CertCheck\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
FinalPolicy\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
DiagnosticPolicy\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Cryptography\Providers\Trust\
Cleanup\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllPutSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllGetSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllRemoveSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllCreateIndirectData\{DE351A42-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllVerifyIndirectData\{DE351A42-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllIsMyFileType2\{DE351A42-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllPutSignedDataMsg\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllGetSignedDataMsg\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllRemoveSignedDataMsg\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllCreateIndirectData\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllVerifyIndirectData\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllIsMyFileType2\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllPutSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllGetSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllRemoveSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllCreateIndirectData\{C689AABA-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllVerifyIndirectData\{C689AABA-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllIsMyFileType2\{C689AABA-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllPutSignedDataMsg\{C689AAB9-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllGetSignedDataMsg\{C689AAB9-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllRemoveSignedDataMsg\{C689AAB9-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllCreateIndirectData\{C689AAB9-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllVerifyIndirectData\{C689AAB9-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllIsMyFileType2\{C689AAB9-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllPutSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllGetSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllRemoveSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllCreateIndirectData\{DE351A43-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllVerifyIndirectData\{DE351A43-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllIsMyFileType2\{DE351A43-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllPutSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllGetSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllRemoveSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllCreateIndirectData\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllVerifyIndirectData\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllIsMyFileType2\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllPutSignedDataMsg\{941C2937-1292-11D1-85BE-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllGetSignedDataMsg\{941C2937-1292-11D1-85BE-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllRemoveSignedDataMsg\{941C2937-1292-11D1-85BE-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllCreateIndirectData\{941C2937-1292-11D1-85BE-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllVerifyIndirectData\{941C2937-1292-11D1-85BE-00C04FC295EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Cryptography\OID\EncodingType 0\
CryptSIPDllIsMyFileType2\{941C2937-1292-11D1-85BE-00C04FC295EE}
SOLUTION
Step 1
Los usuarios de Windows ME y XP, antes de llevar a cabo cualquier exploración, deben comprobar que tienen desactivada la opción Restaurar sistema para permitir la exploración completa del equipo.
Step 2
Explorar el equipo con su producto de Trend Micro para eliminar los archivos detectados como TROJ_MATSNU.WXU En caso de que el producto de Trend Micro ya haya limpiado, eliminado o puesto en cuarentena los archivos detectados, no serán necesarios más pasos. Puede optar simplemente por eliminar los archivos en cuarentena. Consulte esta página de Base de conocimientos para obtener más información.
Did this description help? Tell us how we did.