Trojan Horses Definitions(p) - Paduaism

Paduaism

Category: Trojan

Risk: High Risk

* High risk threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction. May open up communication ports, use polymorphic tactics, stealth installations, and/or anti-spy counter measures. May use a security flaw in the operating system to gain access to your computer.

Description: Paduaism installs files in the Windows directories with random file names that are set to load on Windows startup. Add a startup entry in the registry matching the random file name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Alias: None

Signatures:
process: random.exe: MD5 Hash: 2ead5dd45d391868876
process: ieso.exe: MD5 Hash: 7bf2f9f63408a6fd375
process: netup.exe: MD5 Hash: 5d8d96d268b5a93340f..

Updated: 02/17/2006
Copyright @2006 THR Computer Solutions: Paduaism