Home>Trojan Programs> Backdoors>

Backdoor.Poisonivy.CV

Alert Level :	medium
Discovered:	2008Apr21
Tag:	computer virus
Discoverer and Source:	http://www.bitdefender.com/

Malware Behavior and Technical Description

- The presence of a file named systio.exe in %SYSDIR% and the following registry key:
HKLM\Software\Microsoft\ActiveSetup\Installed Components\{2E811653-4F55-1574-0104-010302040505}\StubPath
value -> %SYSDIR%\systio.exe...
- An instance of Firefox running in background even after Firefox is closed

When first run, this malware will make a copy of itself in %SYSDIR%, named systio.exe and then deletes the original file. It will also create a file named systio, where it will save information about user

Removal Backdoor.Poisonivy.CV instructions:

Reboot your computer in Safe Mode, run regedit and find the registry subkey that contains the entry named StubPath (this must point to an executable file in %SYSDIR% - in this version of malware: systio.exe). Modify its value so that it won

Need help? Live computer support via remote at SupportSpace.Help with printer problems, windows, hardware, software, spyware removal and more. - Go Now!

Great Anti-Virus Software : Kaspersky Internet Security 2009 Save 35% Buy Panda Global Protection 2009 and Panda Antiviru Download PandaLabs Reports Free AVG virus removel tools Hunting Down Spyware and Adware Adware and spyware, knowing the basics Adware Spyware Remover from CBAdvance Keeping Your Computer in Good Condition Using Free Spyware A Beware of Covert Online Spies Why the Need to Remove Adware and Spyware