//start foreach
English
//start foreach
Deutsch
//start foreach
Français
//start foreach
Español
//start foreach
Italiano
//start foreach
Русский
//start foreach
日本語
//start foreach
Português
Home
Virus Info
TR/Monder.ZM
Search
Home
Support
Solutions
Products
Downloads
Virus Info
Statistics
Phishing Worldmap
VDF History
Virus Science
Submit Sample
Security News
Viruses In the Wild
Company
Press
Partners
Newsletter
TechBlog
TR/Monder.ZM - Trojan
In alte limbi
Scurta descriere
Descriere completa
Statistici
How would you rate this information?
Worthless
Excellent
Nume:
TR/Monder.ZM
Descoperit pe data de:
24/06/2008
Tip:
Troian
ITW:
Nu
Numar infectii raportate:
Scazut
Potential de raspandire:
Scazut
Potential de distrugere:
Scazut spre mediu
Fisier static:
Da
Marime:
105.984 Bytes
MD5:
49b9275622be885b6f52403ef65f7f30
Versiune IVDF:
7.00.05.03
General
Metoda de raspandire:
• Nu are rutina proprie de raspandire
Alias:
• Symantec: Trojan.Vundo
• Mcafee: Vundo trojan
• Kaspersky: Trojan.Win32.Monder.zm
• TrendMicro: TROJ_VUNDO.CKE
• F-Secure: Trojan.Win32.Monder.zm
• Sophos: Troj/Virtum-Gen
• Panda: Spyware/Virtumonde
• Grisoft: Vundo.U
• Eset: Win32/Adware.Virtumonde application
• Bitdefender: Trojan.Vundo.EWS
Sistem de operare:
• Windows 95
• Windows 98
• Windows 98 SE
• Windows NT
• Windows ME
• Windows 2000
• Windows XP
• Windows 2003
Efecte secundare:
• Modificari in registri
Registrii sistemului
Urmatoarea cheie este adaugata in registri pentru a rula procesul la repornirea sistemului:
– [HKCR\CLSID\{10d22ad6-5876-43e6-8e02-b59521ff11ea}\InprocServer32]
• @="
%directorul de activare malware%
\
%dll malware%
"
• "ThreadingModel"="free"
Inregistreaza un browser helper object (BHO) prin adaugarea urmatoarei chei in registri:
– [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
Browser Helper Objects\{10d22ad6-5876-43e6-8e02-b59521ff11ea}]
• @="{ae11ff12-595b-20e8-6e34-67856da22d01}"
Urmatoarea cheie din registri este modificata:
– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
Vechea valoare:
• "AppInit_DLLs"=""
Noua valoare:
• "AppInit_DLLs"="
%dll malware%
"
Detaliile fisierului
Limbaj de programare:
Limbaj de programare folosit: C (compilat cu Microsoft Visual C++).
Compresia fisierului:
Pentru a ingreuna detectia si a reduce marimea fisierului, este folosit un program de compresie runtime.
Pentru o descriere scurta click
aici
.
Descriere introdusa de Thomas Wegele la Tue, 29 Jul 2008 07:45 (GMT+1)
Descriere actualizata de Thomas Wegele la Tue, 29 Jul 2008 08:23 (GMT+1)
»
About Malware
»
About Phishing
»
Viruses In the Wild
« back
Print this page
HEUR/HTML.Malware
HTML/Infected.WebPage.Gen
HTML/Crypted.Gen
TR/Rootkit.Gen
W32/Sality.Y
Worm/Sohaned.BP
TR/Drop.Muha.462027
TR/Silentbanker.BA
TR/Dldr.Zitan.A
EXP/Pidief.axa
Get comfortable up to the minute info from Avira as
Detects and removes distinct malware and its variants.
Download here
Click
here
to get the panel...
© 2010 Avira GmbH
Copyright
|
Privacy
|
Sitemap
|
Feedback
|
Imprint
|
FAQ
|
Contact
Virus Info TR/Monder.ZM
Print this page
.gif)
