Technical details:
Categories: Trojan,Hacker Tool
[Kaspersky]Trojan-Spy.Win32.Banker.anc;
[McAfee]PWS-Banker.gen.b;
[F-Prot]W32/Banker.AF;
[Other]Win32/Bancos.GXV,Infostealer.Banpaes,TrojanSpy:Win32/Banker.UL,W32/Banker.RK,Troj/Banker-EG,Trojan-Spy.Win32.Banker.eg
Bancos.GXV Files:
[%SYSTEM%]\dlh9jkd1q2.exe
[%SYSTEM%]\dlh9jkd1q8.exe
[%SYSTEM%]\ma.exe.exe
[%SYSTEM%]\runtime.sys
[%SYSTEM%]\dlh9jkd1q2.exe
[%SYSTEM%]\dlh9jkd1q8.exe
[%SYSTEM%]\ma.exe.exe
[%SYSTEM%]\runtime.sys
Bancos.GXV Registry Keys:
HKEY_CURRENT_USER\software\adwaredisablekey4
HKEY_LOCAL_MACHINE\software\adwaredisablekey4
Bancos.GXV Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\activedesktop
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\activedesktop
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\activedesktop
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\activedesktop
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\activedesktop
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\activedesktop
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\activedesktop
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\desktop\general
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\desktop\general
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\desktop\general
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\desktop\general
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\desktop\general
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\desktop\general
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\desktop\general
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000\control
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000\control
Bancos.GXV indications of infection
This symptoms of Bancos.GXV detection are the files, registry, and network communication referenced in the technical details section.Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.
Also Be Aware of the Following Threats:
RegFreeze.net::RegFreeze Adware Symptoms
No comments:
Post a Comment