HOME / CONTACT
 
  Home > Malware Cyclopedia > Malware Info.
 Malware Info.
FAQ
Download

 Trojan@W32.FraudPa...
 Trojan@W32.Obfusca...
 Trojan@W32.Zbot.34
 Virus@W32.Sality
 Trojan@W32.Zbot.26
Malware Info. Malware Cyclopedia
Trojan@W32.Obfuscated.4
Obfuscated.4 will close firewall and open backdoor.

Obfuscated.4 will close the Windows firewall, and the third party's firewall. It also connects the random IP Addresses to open backdoor
Aliases : Trojan.Win32.Obfuscated.agxu [Kaspersky Lab]
Type : Trojan
Date Discovered : 2010/02/24
System Affected : Windows 95/98/ME, Windows NT/2000/XP/2003/Vista
 Risk Assessment
Distribution : Medium
Damage : High
 Character

None

  Description

  ●Close the windows firewall.

  ●Open 137 Port.

  ●Close another firewall.

  ●Add the following files:
   C:\Documents
   C:\lsass.exe

  ●Add following value to the registry, then virus will run while you start Windows.
   HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\
   4063= "C:\Documents"

  ●Modify the following registry file, and firewall service will be clesed:
   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\
   FirewallPolicy\StandardProfile\EnableFirewall: 0x00000001
   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\
   FirewallPolicy\StandardProfile\EnableFirewall: 0x00000000
 solution None
<Back
Copyright ©2009 SumWinTek Corp., Powered by GGreat.
Tel:886-3-5820616 Fax:886-3-5820617 E-mail: support@sumwintek.com 		  
Visitor:136484