Technical details:
Categories: Trojan,Spyware,BHO,Downloader
[Kaspersky]TrojanSpy.Win32.Briss.a,TrojanSpy.Win32.Briss.b,TrojanSpy.Win32.Briss.g,TrojanSpy.Win32.Briss.h,TrojanSpy.Win32.Briss.i;
[Eset]Win32/Spy.Briss.A trojan,Win32/Spy.Briss.G trojan,Win32/Spy.Briss.H trojan,Win32/TrojanDownloader.Bridge.A trojan;
[Panda]Spyware/Bridge,Trojan Horse Bridge Files:
[%SYSTEM%]\a.exe
[%SYSTEM%]\bridge.dll
[%SYSTEM%]\jao.dll
[%WINDOWS%]\downloaded program files\bridge.inf
[%WINDOWS%]\downloaded program files\jao.dll
[%WINDOWS%]\downloaded program files\conflict.1\bridge.dll
[%WINDOWS%]\system\bridge.dll
[%SYSTEM%]\a.exe
[%SYSTEM%]\bridge.dll
[%SYSTEM%]\jao.dll
[%WINDOWS%]\downloaded program files\bridge.inf
[%WINDOWS%]\downloaded program files\jao.dll
[%WINDOWS%]\downloaded program files\conflict.1\bridge.dll
[%WINDOWS%]\system\bridge.dll
Bridge Registry Keys:
HKEY_CLASSES_ROOT\bridge.brdg
HKEY_CLASSES_ROOT\bridge.brdg.1
HKEY_CLASSES_ROOT\CLSID\{80bb7465-a638-43b5-9827-8e8fe38dfcc1}
HKEY_CLASSES_ROOT\clsid\{9c691a33-7dda-4c2f-be4c-c176083f35cf}
HKEY_CLASSES_ROOT\interface\{4fdbdbad-fefe-4c4c-9cc1-1181052afb12}
HKEY_CLASSES_ROOT\interface\{b88a3af1-4f1b-4400-8ffb-3fcb108ce115}
HKEY_CLASSES_ROOT\jao.jao
HKEY_CLASSES_ROOT\jao.jao.1
HKEY_CLASSES_ROOT\typelib\{c094876d-1b0e-46fa-b6a6-7ffc0f970c27}
HKEY_CLASSES_ROOT\typelib\{ddaf2479-6f00-4599-998a-3ed75686c6d0}
HKEY_LOCAL_MACHINE\software\classes\clsid\{9c691a33-7dda-4c2f-be4c-c176083f35cf}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bridge
HKEY_CLASSES_ROOT\clsid\{445b2bf1-445b2bf1-445b2bf1-445b2bf1-445b2bf1}
HKEY_CLASSES_ROOT\clsid\{50f2ff7f-50f2ff7f-50f2ff7f-50f2ff7f-50f2ff7f}
HKEY_CLASSES_ROOT\clsid\{80bb7465-a638-43b5-9827-8e8fe38dfcc1}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{9c691a33-7dda-4c2f-be4c-c176083f35cf}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bridge
Bridge Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Bridge indications of infection
This symptoms of Bridge detection are the files, registry, and network communication referenced in the technical details section.Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.
Also Be Aware of the Following Threats:
ValueAd Tracking Cookie Information
Wingate.Spoofing.On.IRC DoS Information
Remove Win32.LMR Trojan
PolygoneZeichen Trojan Symptoms
Playboy Trojan Symptoms
Posts
No comments:
Post a Comment