What Is Trojan Adware?
This virus is a Trojan horse. After the virus runs, it releases files in the system directory, and then modifies the registry file and adds startup items so that it runs automatically after booting. Try http: //**.***.***.***/official/index.jsp to download the sogoutb_setup.exe file and run it locally. The virus is harmful to users.
Trojan.Win32.Agent.se
- This entry lacks an overview map . Supplementing related content makes the entry more complete and can be upgraded quickly. Come on!
- This virus is a Trojan horse. After the virus runs, it releases files in the system directory and then modifies it.
- Virus name: Trojan.Win32.
- Virus type: Trojan
- Hazard Level: Medium
- File length: 64,818
- 1. Release the following files in the system directory:
- % \ WINDOWS% \% system32% \ supdate2.dll Size: 35,840 bytes.
- 2. Add the registry key:
- HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RFC1156Agent \
- HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RFC1156Agent
- \ CurrentVersion \
- HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RFC1156Agent
- \ CurrentVersion \ Parameters \
- HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RFC1156Agent
- \ CurrentVersion \ Parameters \ TrapPollTimeMilliSecs
- Value: DWORD: 15000 (0x3a98)
- HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion
- \ Run \ supdate2.dll
- Value: String: "RUNDLL32.EXE C: \ WINDOWS \ system32 \ supdate2.dll, Run"
- HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion
- \ RunOnce \ supdate2.dll
- Value: String: "REGSVR32.EXE / s C: \ WINDOWS \ system32 \ supdate2.dll"
- 3. After the virus runs, it will automatically use the local port above 1111 to randomly connect to the following IP:
- 61. *** 1.203: 80
- 61. *** 1.206: 80
- 61. *** 1.200: 80
- 61. *** 1.202: 80
- 61. *** 1.200: 80
- Download a file named sogoutb_setup.exe, MD5: acc3f7156ba67e49cb9832c53d263de3
- -------------------------------------------------- ------------------------------
- Trojan Defense Line 2005+:
- Trojan Defense Line 2005+ is a personal information security product produced by Antiy Labs. It is a new and upgraded version of Trojan Defense Line 2005. It has functions such as efficient Trojan killing, system security management, and real-time network protection.
- Efficient Trojan Kill
- Using high-speed intelligent detection engine (SVE), it can completely kill and kill more than 60,000 popular Trojans, backdoors, worms, spyware, adware, hacking tools, pornographic dialing programs, etc., especially at home and abroad. High detection rate.
- System security management
- Provides a wealth of security management tools, which can repair IE and registry settings, manage tasks, processes, services, shared resources, and self-starting items in the system, and monitor network connection status and open ports.
- Real-time network protection
- The new Antiy Firewall is more powerful. It can monitor your system and network in real time, find suspicious programs such as active Trojans at any time, and can block designated IP addresses and ports, effectively blocking various types of "shock waves" and "shock waves". Scanning for attacks.
- About Antiy:
- Antiy Information Technology Co., Ltd. (China Antiy Labs) is a comprehensive information technology R & D enterprise focusing on network information security. The company actively explores in frontier areas such as anti-virus and information watermarking, and continues to research and develop, with its own core technologies and products.
- Antiy actively promotes the transformation of core technologies to key products. Antiy is currently the largest independent supplier of embedded anti-virus engine and content filtering system in China. In the field of network virus monitoring equipment, anti-trojan and host protection, Antiy's related products also lead the market demand and technology trend.