pátek 24. února 2012

Trojan:Win32/Startpage.RH


Encyclopedia entry
Updated: Apr 17, 2011  |  Published: Dec 08, 2010

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.121.175.0
Released: Feb 22, 2012
Detection initially created:
Definition: 1.87.789.0
Released: Jul 28, 2010


 

Summary

Trojan:Win32/Startpage.RH is a trojan that may change the user's Internet Explorer home page.


 

Symptoms

There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptoms.


 

Technical Information (Analysis)

Trojan:Win32/Startpage.RH is a trojan that may change the user's Internet Explorer home page.
 
Trojan:Win32/Startpage.RH arrives as a WinRAR SFX (a self-extracting archive). Upon execution, it may modify the registry to change the user's start page, add search links and hijack the search provider.
 
The trojan may add shortcuts to sites on the following domains:
 
  • go4321.com
  • 74443.com
  • meinvly.com
  • 1feel.net
 
The trojan may contact sites on the following domains:
 
  • 41119.cn
  • wz4321.com
  • 38522.com
 
The trojan may change the start page to sites on the dh4321.com domain.
 
Analysis by Matt McCormack

Žádné komentáře:

Okomentovat

Poznámka: Komentáře mohou přidávat pouze členové tohoto blogu.