Trojan.Win32.StartPage.dh

tag:Trojans

Once launched, the Trojan creates the following record in the system registry:

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]

Delete the original Trojan file (the location varies depending on how the Trojan originally penetrated the victim machine).
Delete the following file: %Windir%\secure.html
Delete the following registry key value: [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]

This Trojan program changes the user's Internet Explorer home page, without the user's knowledge or consent.

The Trojan itself is a Windows PE EXE file 3072 bytes in size.
Payload

previous:Trojan.Win32.StartPage.bh
previous:Trojan.Win32.StartPage.dz

New articles

TROJ_FAKEAV.WKAThis Trojan may be downloaded from the following remote sites: http://{BLOCKED}ogle.info/tre/lena.exe/{random characters} This Trojan adds the foll...TROJ_RANSOM.QOWAThis Trojan may be unknowingly downloaded by a user while visiting malicious websites. This Trojan drops the following copies of itself into the affected sys...TapSnake.ATapSnake.A is a Trojan that affects mobile phones with an Android operating system. Once installed in the phone, it carries out the following actions: ...Trojan.Win32.FraudPack.bkheOnce launched, the program will display a message stating that the computer has been infected by malicious programs: The message is displayed even if there a...Trojan-Dropper.Win32.Agent.cxdOnce activated, the Trojan copies its body and saves it to the Windows system directory as "fvfj.sxo": %System%fvfj.sxo In order to ensure that th...

Hot Articles

Trojan.Win32.StartPage.dh

Computer Virus Clounds