Main Menu
Home
Bookmark
Contact Us

Categories
  Adware
  Adware Bundler
  AOL Exploit
  Backdoor
  Browser Hijacker
  Browser Plug-in
  Commercial Key Logger
  Commercial Remote Control
  Cookie
  Dialer
  E-Mail Flooder
  Hostile ActiveX Control
  ICQ Exploit
  Joke Program
  Key Logger
  Loader
  Low Risk Adware
  Misc
  Nuker
  P2P
  Password Hijacker
  Potential Privacy Risk
  Potentially Dangerous Tools
  RAT
  Search Hijacker
  Security Disabler
  Spyware
  Stealth Notifier
  Surveillance
  Toolbar
  Trojan
  Trojan Downloader
  Trojan FTP
  Trojan Telnet
  Viruses
  Worm
 


 
Trojan.Abwiz Trojan Information

Name: Trojan.Abwiz
Category: Trojan
Advice: Remove
Risk: Severe Risk Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine.
Description: Trojan.Abwiz is a backdoor Trojan that allows the remote attacker to perform various malicious actions on the compromised computer.

Trojan.Abwiz copies itself as %System%wisvccz.exe.

Drops the file %System%zlbw.dll, which is a harmless compression library.

Adds the following value:
"wupdate" = "%System%wisvccz.exe"
to the registry key
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun
so that the Trojan runs every time Windows starts.

Sends information to the about the system via HTTP to the following host:
65.75.151.192

Downloads and executes updates from the following host:
65.75.151.191
Signatures: process: wi32.exe: MD5 Hash: 87a109fecc8592638e0... process: wisvccz.exe: MD5 Hash: 079c7fe1d668531a92e... process: win32.exe: MD5 Hash: EAFDAEC6EA8295D1D1A... process: latest.exe: MD5 Hash: 594CADAA45C7AD46998... process: ~update.exe: MD5 Hash: EAFDAEC6EA8295D1D1A... process: sys2210.exe: MD5 Hash: DA3C2ED2D1396255245... process: symcsvc.exe: MD5 Hash: 8c1779b65d42c926934... process: symcsvc.exe: MD5 Hash: 208adffb3483e3127a8..
Type: Trojan - A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy.



Top Trojan Visited Pages:
Tro.Downloader.loadadv - 410 visits
Enable Regedit - 192 visits
Java.ClassLoader.Dummy.d - 184 visits
Trojan.BankerSpy - 178 visits
RBot.steam - 86 visits
Startup.NameShifter.Xgtray - 77 visits
Tro.Bagle.SP - 59 visits
LRPatch Trojan - 57 visits
Trojan.BHO.NameShifter.EZ - 55 visits
Tro.YourStartingPage - 54 visits

Random Trojan Pages:
Tro.Downloader.Docent
DrSort trojan - Alias: DrSort, Trojan.DrSort
Unclassified.Trojan.Startup.D
Gremlin.1460.Batch
Trojan.Ranky.msvc32 - Alias: TrojanProxy:Win32/Ranky.CD
Picture Trojan - Alias: Trojan.PSW.Note.a, URLSnoop
Portfuck - Alias: Nuke-Portfu, Nuker.Portfu
Armoury Trojan - Alias: Timebomb.dr, Trojan.Armoury
Trojan.Startup.NameShifter.CN
Startup.NameShifter.JZ


 

© 2006-2008 spyware32.com - Privacy Policy