 7/23: Dluca-CQ an Adware Application |
 |
|
|
|
|
|
7/23: Dluca-CQ an Adware Application
July 23, 2004
Troj/Dluca-CQ is an adware application, according to Sophos.
The Trojan copies itself to the location:
C:\Program Files\Internet Optimizer\optimize.exe
and creates the following registry entry in order to be run on startup:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Internet Optimizer
= \"C:\Program Files\Internet Optimizer\optimize.exe\"
The Trojan also creates registry entries in the following locations:
HKCU\Software\Avenue Media\
HKCU\Software\Policies\Avenue Media\
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DyFuCA\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Optimizer\
HKLM\SOFTWARE\Policies\Avenue Media\
The Trojan may execute files downloaded without the user's consent.
|
|
|
|
|
2/10: Mydoom-AS a Mass-Mailing Worm
Critical Flaws Flagged in Mozilla, Thunderbird
7/30: Tompai-A Has Backdoor Functionality
Exploring Windows 2003 Security: IP Security
A Jump on Security Advisories (For a Fee)
Virus Alert Activity Intensifies
11/29: QLowZones-2 Modifies IE Settings
3/30: Anicmoo-C Trojan Arrives in Package
Windows Server 2003: Hardware-Based Security
'Land' Bug Back to Bedevil Microsoft Servers
Fighting to Keep Smut-Spam in a Brown Wrapper
Computer security background information
 |
