Technical details:
Categories: Trojan,Backdoor,Downloader,DoS
[Eset]Horse.1576 virus,Horse.1610 virus,Horse.1158 virus,Horse.1776 virus,Horse.1160 virus;
[McAfee]Hort.1576,Hort.1610,Hort,Hort.1776;
[Panda]Horse 5,Horse 3,Horse 2 B,Horse 4,Horse B Family;
[Computer Associates]Horse 5,Horse 3,Horse 1,Horse 4
Hort Files:
[%DESKTOP%]\ebay.url
[%FAVORITES%]\amazon.com.url
[%FAVORITES%]\amazon.url
[%FAVORITES%]\ebay.url
[%FAVORITES%]\expedia.com.url
[%FAVORITES%]\links\ebay.url
[%SYSTEM%]\msrev23.dll
[%SYSTEM%]\msrev43.dll
[%DESKTOP%]\ebay.url
[%FAVORITES%]\amazon.com.url
[%FAVORITES%]\amazon.url
[%FAVORITES%]\ebay.url
[%FAVORITES%]\expedia.com.url
[%FAVORITES%]\links\ebay.url
[%SYSTEM%]\msrev23.dll
[%SYSTEM%]\msrev43.dll
Hort Registry Keys:
HKEY_CLASSES_ROOT\clsid\{2cab0356-88e3-4902-a85d-379689c625e1}
HKEY_CLASSES_ROOT\clsid\{746455fe-d059-47e7-af0e-140e03f5a447}
HKEY_CLASSES_ROOT\clsid\{8940e505-72c6-44de-be85-1d746780efbf}
HKEY_CLASSES_ROOT\crypt.core
HKEY_CLASSES_ROOT\crypt.core.1
HKEY_CLASSES_ROOT\interface\{370f6327-41c4-4fa6-a2df-1ba57ee0fbb9}
HKEY_CLASSES_ROOT\interface\{6e0ed53c-9908-49ed-b055-7cb31b162577}
HKEY_CLASSES_ROOT\interface\{7edc96e1-5dd3-11d4-b185-0050dab79376}
HKEY_CLASSES_ROOT\interface\{830d3aed-2fa9-454f-b266-d931862bbf34}
HKEY_CLASSES_ROOT\interface\{8c53bd8e-b12d-4c8f-ad0e-c9ddc39d1273}
HKEY_CLASSES_ROOT\interface\{8ebb1743-9a2f-11d4-8a7e-0050da2ee1be}
HKEY_CLASSES_ROOT\interface\{9bcdd51b-4a7b-446c-8452-d32d38004582}
HKEY_CLASSES_ROOT\interface\{a986f4db-792e-4571-8974-0bb6e024766f}
HKEY_CLASSES_ROOT\interface\{bccab53d-0895-40c3-a942-a03538ce227a}
HKEY_CLASSES_ROOT\interface\{c03351a3-6755-11d4-8a73-0050da2ee1be}
HKEY_CLASSES_ROOT\interface\{c0f88e9e-dceb-4655-968a-ae508a677c39}
HKEY_CLASSES_ROOT\interface\{c4fee4a6-4b8b-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\interface\{d7eac2d8-2d52-4010-a4ad-dfdf60c1706c}
HKEY_CLASSES_ROOT\interface\{ef0372dc-f552-11d3-8528-0050dab79376}
HKEY_CLASSES_ROOT\interface\{ef0372de-f552-11d3-8528-0050dab79376}
HKEY_CLASSES_ROOT\typelib\{5e594162-60a9-487d-84b8-dbdd716cb862}
HKEY_CLASSES_ROOT\typelib\{baf13496-8f72-47a1-9cee-09238efc75f0}
HKEY_CLASSES_ROOT\typelib\{fdb10602-aa12-4e76-aae2-2b328a3e950a}
HKEY_LOCAL_MACHINE\software\classes\typelib\{8a044396-5da2-11d4-b185-0050dab79376}
HKEY_LOCAL_MACHINE\software\microsoft\direct2d
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{746455fe-d059-47e7-af0e-140e03f5a447}
Hort Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\fileexts\.ldb\openwithlist
Hort indications of infection
This symptoms of Hort detection are the files, registry, and network communication referenced in the technical details section.Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.
Also Be Aware of the Following Threats:
Billboard Trojan Symptoms
Removing Henbang Trojan
Removing Agent.fd Trojan
AIMaster Trojan Information
No comments:
Post a Comment