Trojan-Clicker.Win32.Delf.cl

tag:Trojan Clickers

0 0

This primitive Trojan will cause Internet Explorer to open http://www.g*****ikme.com/random.php without the users knowledge or consent.

The Trojan itself is a Windows PE EXE file written in Delphi and approximately 10240 bytes in size.

Once launched, the Trojan copies itself to the Windows root directory as svchost.exe:

%Windir%\svchost.exe

It then registers this file in the system registry, ensuring that the Trojan will be launched each time Windows is rebooted on the victim machine.

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"Generic Host Process" = "%Windir%\svchost.exe"

The Trojan is designed to falsify data about the number of times http://www.g*****ikme.com is visited. This is why it causes infected machines to contact the site.

previous:Trojan-Clicker.Win32.Bitdefener
previous:Trojan-Clicker.Win32.Delf.r

Virus Source from:

New articles

Trojan-Clicker.Win32.Glocker.a This Trojan opens a range of URLs without the knowledge or consent of the user.It is a Windows PE EXE file.The file is 28,672 bytes in size. It is written in V...Trojan-Clicker.Win32.GreatPage This Trojan will periodically load a designated web page in the Internet browser. It is a Windows PE EXE file.The executable file is 36 864 bytes in size. It i...Trojan-Clicker.Win32.Mobs This Trojan opens a range of URLs without the knowledge or consent of the user.It is a Windows PE EXE file.The file is 26,624 bytes in size. It is written in V...Trojan-Clicker.Win32.NetBuie.b NetBuie is a trojan horse that carries out periodic "clicks" or "hits" on banners held by the person or persons who created this virus; the purpose rating (val...Trojan-Clicker.Win32.Getfound This is a primitive Win32 Trojan.It is written in Microsoft Visual C . The file is 22,016 bytes in size. It is not packed in any way. Payload...

Hot Articles

Trojan-Clicker.Win32.Delf.cl

Computer Virus Clounds