Push Trojan
Push description:
Push Category:Trojan,BHO,Backdoor,Toolbar,Downloader,DoS
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.
Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.
Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:
- Launching/ deleting files
- Sending/ receiving files
- Deleting data
- Displaying notification
- Rebooting the machine
- Executing files
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.
Trojans-downloaders downloads and installs new malware or adware on the computer.
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.
Detection Push :
Push Files:
[%SYSTEM%]\searchv2.dll
[%WINDOWS%]\system\searchv2.dll
[%SYSTEM%]\searchv2.dll
[%WINDOWS%]\system\searchv2.dll
Push Registry Keys:
HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-a0e8-f76fa694bf2e}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{4e7bd74f-2b8d-469e-a0e8-f76fa694bf2e}
HKEY_LOCAL_MACHINE\software\classes\clsid\{4e7bd74f-2b8d-469e-a0e8-f76fa694bf2e}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4e7bd74f-2b8d-469e-a0e8-f76fa694bf2e}
Removing Push:
you can run trial version of ExterminateIt, or remove Push manually.To completely manually remove Push malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Push.
Also Be Aware of the Following Threats:
Downloader.BCF Trojan Symptoms
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home