|
|
Trojan.Win32.Glieder.ge Viruses Information
| Name: |
Trojan.Win32.Glieder.ge |
| Category: |
Viruses |
| Description:
|
Details
Trojan.Win32.Glieder.gen
This Trojan is designed to secretly download and launch other malicious programs on victim machines. It has two components (files); the first file, when launched, copies itself to the Windows system directory and creates an entry in the system registry:
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun]
[HKCUSOFTWAREMicrosoftWindowsCurrentVersionRun]
This ensures that the program will be run each time the system is started.
The Trojan then saves the second component to the Windows system directory and injects it into the explorer.exe process. All actions then appear to be conducted by the explorer.exe process.
The Trojan:
disables Windows Firewall
prevents antivirus databases of a range of antivirus software from being updated
downloads malicious programs from a large number of sites (a list of sites is coded into the body of the Trojan) and then launches them on the victim machine. |
Top Viruses Visited Pages:
Invader. - 239 visits
not-a-virus:RiskWare.Tool.RegPatch. - 72 visits
Worm.P2P.Harex. - 66 visits
not-a-virus:RemoteAdmin.Win32.RAdmin.2 - 60 visits
Small.58. - 56 visits
Coito.64 - 54 visits
I-Worm.Mapson. - 48 visits
Win16.Klon.1177 - 42 visits
Win32.Hidra - 42 visits
Marine.500 - 35 visits
Random Viruses Pages:
Microb.43
Mango Famil
TVED.Trurl.78
BlackFlash.81
I-Worm.Bagle.
Gift.55
I-Worm.Bagle.
Mobius.23
Kranty.25
UVR.391
|
|
