Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Diskussionsforum (https://www.trojaner-board.de/diskussionsforum/)
-   -   Spionage-Trojaner: Regin-Infektionen erkennen (https://www.trojaner-board.de/161251-spionage-trojaner-regin-infektionen-erkennen.html)

AdminBot 26.11.2014 17:55
Spionage-Trojaner: Regin-Infektionen erkennen
 
Spionage-Trojaner: Regin-Infektionen erkennen und entfernen

Das US-Cert hat Informationen dazu:
https://www.us-cert.gov/ncas/alerts/TA14-329A

Betroffene Systeme:
Microsoft Windows NT, 2000, XP, Vista, and 7


IPs die kontaktiert werden:
61.67.114.73
202.71.144.113
203.199.89.80
194.183.237.145


Windows Registry-Einträge:
\REGISTRY\Machine\System\CurrentControlSet\Control\RestoreList
\REGISTRY\Machine\System\CurrentControlSet\Control\Class\{39399744-44FC-AD65-474B-E4DDF-8C7FB97}
\REGISTRY\Machine\System\CurrentControlSet\Control\Class\{3F90B1B4-58E2-251E-6FFE-4D38C5631A04}
\REGISTRY\Machine\System\CurrentControlSet\Control\Class\{4F20E605-9452-4787-B793-D0204917CA58}
\REGISTRY\Machine\System\CurrentControlSet\Control\Class\{9B9A8ADB-8864-4BC4-8AD5-B17DFDBB9F58}


2014-11-27 01:04:26
https://www.virustotal.com/file/b12c...is/1417050266/
MD5: ffb0b9b5b610191051a7bdf0806e1e47
SHA1: 75a9af1e34dc0bb2f7fcde9d56b2503072ac35dd
Detect: 45 / 55

Trojan.Generic.5794011 (MicroWorld-eScan)
Trojan.Generic.5794011 (nProtect)
Trojan.Regin.r4 (CAT-QuickHeal)
Regin!sys (McAfee)
Backdoor.Agent.RE (Malwarebytes)
Trojan.Win32.Generic!BT (VIPRE)
Riskware ( 0015e4f01 ) (K7AntiVirus)
Riskware ( 0015e4f01 ) (K7GW)
Trojan.Win32.Agent.vohdv (NANO-Antivirus)
W32/Regin.A.gen!Eldorado (F-Prot)
Backdoor.Regin (Symantec)
Suspicious_Gen2.MYPYI (Norman)
Win32/ProRat.SG (TotalDefense)
TROJ_REGIN.A (TrendMicro-HouseCall)
Win32:Regin-A [Rtk] (Avast)
HEUR:Trojan.Win32.Regin.gen (Kaspersky)
Trojan.Generic.5794011 (BitDefender)
Trojan.Agent!j/SokBmzvPs (Agnitum)
Trojan.Win32.Regin.12608 (ViRobot)
Win32.Trojan.Agent.Eibg (Tencent)
Trojan.Generic.5794011 (Ad-Aware)
Troj/Regin-Fam (Sophos)
UnclassifiedMalware (Comodo)
Rootkit:W32/Regin.A (F-Secure)
Trojan.Regin (DrWeb)
TROJ_REGIN.A (TrendMicro)
Regin!sys (McAfee-GW-Edition)
Trojan.Generic.5794011 (B) (Emsisoft)
W32/Trojan.YYPC-4729 (Cyren)
Rootkit.Regin.a (Jiangmin)
TR/Agent.12608.1 (Avira)
Trojan/Win32.SGeneric (Antiy-AVL)
Trojan:WinNT/Regin.A (Microsoft)
Trojan/Win32.Regin (AhnLab-V3)
Trojan.Generic.5794011 (GData)
Trojan.Regin (VBA32)
Trojan.Win32.Generic!BT (AVware)
Bck/Regin.A (Panda)
a variant of Win32/Regin.A (ESET-NOD32)
PE:Trojan.Regin!1.9FF9 (Rising)
Backdoor.Regin (Ikarus)
W32/Regin!tr (Fortinet)
Generic24.AAIO (AVG)
Trojan.WinNT.Regin.cA (Baidu-International)
Trojan.Generic (Qihoo-360)

Da GuRu 27.11.2014 13:54
Hinweis: http://www.trojaner-board.de/161248-...fektionen.html


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:38 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19