Trojan.Siggen2.20546

Техническая информация

Для обеспечения автозапуска и распространения:

Модифицирует следующие ключи реестра:

[<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'KeyLoger' = '<Полный путь к вирусу>'

Изменения в файловой системе:

Создает следующие файлы:

%WINDIR%\System.txt

Другое:

Ищет следующие окна:

ClassName: '' WindowName: 'Login (W12) - Mozilla Firefox'
ClassName: '' WindowName: 'TD Waterhouse webBanking Default0.0 - Mozilla Firefox'
ClassName: '' WindowName: 'Welcome to ePassporte - Opera'
ClassName: '' WindowName: 'Sing In - Opera'
ClassName: '' WindowName: 'UNFCU Home - Opera'
ClassName: '' WindowName: 'Raiffeisen on-line - Mozilla Firefox'
ClassName: '' WindowName: 'https://myonlineaccounts2.abbeynational.co.uk - Abbey - Log on - Mozilla Firefox'
ClassName: '' WindowName: 'ASB BANK Master Trust Internet Service: Sign On - Mozilla Firefox'
ClassName: '' WindowName: 'Online Banking Services from Washington Mutual - Mozilla Firefox'
ClassName: '' WindowName: 'NETELLER - Sign In To Your Acoount - Mozilla Firefox'
ClassName: '' WindowName: 'USAA | Welcome to USAA - Mozilla Firefox'
ClassName: '' WindowName: 'ING DIRECT - Login - Opera'
ClassName: '' WindowName: 'PayPal - Welcome - Opera'
ClassName: '' WindowName: 'Bank of America | Home | Personal - Opera'
ClassName: '' WindowName: 'Chase OnlineSM - Logon - Opera'
ClassName: '' WindowName: '@MAIL.RU: ?????, ???????, ??????, ????????, ???????????. ????? @MAIL.RU - ?????????? ????? #1 - Opera'
ClassName: '' WindowName: 'Bank One - online banking, home equity & mortgage loans, checking accounts, loan calculators - Opera'
ClassName: '' WindowName: 'TD Waterhouse webBanking Default0.0 - Opera'
ClassName: '' WindowName: 'We serve where you serve. - Opera'
ClassName: '' WindowName: 'Navy Federal - Opera'
ClassName: '' WindowName: 'Capital One Online Account Services - Login - Opera'
ClassName: '' WindowName: 'e-gold Account Access - Opera'
ClassName: '' WindowName: 'Retail Services Online Customer Care - Jump Page - Opera'
ClassName: '' WindowName: 'ASB Securities : Sign On - Mozilla Firefox'
ClassName: '' WindowName: '?????.??. ???????? ???????? - Mozilla Firefox'
ClassName: '' WindowName: 'RUpay - ???? ? ??????? - Mozilla Firefox'
ClassName: '' WindowName: 'Transfer Online, Inc - A Stock Transfer Agent - Mozilla Firefox'
ClassName: '' WindowName: 'Online Share Trading : TD Waterhouse Investing & Share Dealing - Mozilla Firefox'
ClassName: '' WindowName: 'a-n The Artists Information Company - Mozilla Firefox'
ClassName: '' WindowName: '?????? Skype WebMoney | Rublik.com - Mozilla Firefox'
ClassName: '' WindowName: 'FNB homepage - Mozilla Firefox'
ClassName: '' WindowName: 'Home | American State Bank - Mozilla Firefox'
ClassName: '' WindowName: '?????????? ???? - Mozilla Firefox'
ClassName: '' WindowName: '??????.?????? - Mozilla Firefox'
ClassName: '' WindowName: '?????? - ???? ? ????????? ??????? Rapida - Mozilla Firefox'
ClassName: '' WindowName: 'Alliance & Leicester BillPay - Mozilla Firefox'
ClassName: '' WindowName: 'Sign in to Yahoo! - Mozilla Firefox'
ClassName: '' WindowName: 'E*TRADE FINANCIAL - Home - Mozilla Firefox'
ClassName: '' WindowName: 'Abbey - Upgrade Browser - Mozilla Firefox'
ClassName: '' WindowName: 'ASB BANK FastNet : Sign On - Mozilla Firefox'
ClassName: '' WindowName: 'CISCO - THE CYPRUS INVESTMENT AND SECURITIES CORPORATION LTD - Mozilla Firefox'
ClassName: '' WindowName: 'https://www3.netbank.commbank.com.au - Logon - Mozilla Firefox'
ClassName: '' WindowName: 'The Media Talent Bank - Mozilla Firefox'
ClassName: '' WindowName: 'Internet Banking - Mozilla Firefox'
ClassName: '' WindowName: 'The Co-operative Bank p.l.c. - Mozilla Firefox'
ClassName: '' WindowName: 'Sign In - Mozilla Firefox'
ClassName: '' WindowName: 'http://www.theworkbank.co.uk/ - Mozilla Firefox'
ClassName: '' WindowName: 'Sign In - Opera'
ClassName: '' WindowName: 'http://www.theworkbank.co.uk/ - Opera'
ClassName: '' WindowName: 'Sign in to Yahoo! - Opera'
ClassName: '' WindowName: 'Abbey - Upgrade Browser - Opera'
ClassName: '' WindowName: 'E*TRADE FINANCIAL - Home - Opera'
ClassName: '' WindowName: 'The Co-operative Bank p.l.c. - Opera'
ClassName: '' WindowName: 'Online Share Trading : TD Waterhouse Investing & Share Dealing - Opera'
ClassName: '' WindowName: 'a-n The Artists Information Company - Opera'
ClassName: '' WindowName: 'Alliance & Leicester BillPay - Opera'
ClassName: '' WindowName: 'The Media Talent Bank - Opera'
ClassName: '' WindowName: 'Internet Banking - Opera'
ClassName: '' WindowName: 'CISCO - THE CYPRUS INVESTMENT AND SECURITIES CORPORATION LTD - Opera'
ClassName: '' WindowName: 'Raiffeisen on-line - Opera'
ClassName: '' WindowName: 'NETELLER - Sign In To Your Acoount - Opera'
ClassName: '' WindowName: 'Commonwealth Securities Ltd. - Opera'
ClassName: '' WindowName: 'https://www3.netbank.commbank.com.au - Logon - Opera'
ClassName: '' WindowName: 'Bank of Maharashtra - Login - Opera'
ClassName: '' WindowName: 'USAA | Welcome to USAA - Opera'
ClassName: '' WindowName: 'ASB Securities : Sign On - Opera'
ClassName: '' WindowName: 'ASB BANK FastNet : Sign On - Opera'
ClassName: '' WindowName: 'ASB BANK Master Trust Internet Service: Sign On - Opera'
ClassName: '' WindowName: 'Online Banking Services from Washington Mutual - Opera'
ClassName: '' WindowName: 'https://myonlineaccounts2.abbeynational.co.uk - Abbey - Log on - Opera'
ClassName: '' WindowName: 'Transfer Online, Inc - A Stock Transfer Agent - Opera'
ClassName: '' WindowName: 'Barclays IBank - Opera'
ClassName: '' WindowName: 'The Motley Fool UK: Login - Opera'
ClassName: '' WindowName: '"la Caixa" - Linea Abierta - Opera'
ClassName: '' WindowName: 'Laipni lugti BankWorld sistema. - Opera'
ClassName: '' WindowName: 'Login - Banking Forums.co.uk - Opera'
ClassName: '' WindowName: 'Login (W12) - Opera'
ClassName: '' WindowName: 'Bank One - Home - Opera'
ClassName: '' WindowName: '????? ??????? - Opera'
ClassName: '' WindowName: 'Key Bank - Online Banking - Opera'
ClassName: '' WindowName: 'SunTrust Online Banking - Opera'
ClassName: '' WindowName: 'Citibank Online - Sign On - Opera'
ClassName: '' WindowName: 'Egg Security Login - Opera'
ClassName: '' WindowName: '?????? Skype WebMoney | Rublik.com - Opera'
ClassName: '' WindowName: '?????? - ???? ? ????????? ??????? Rapida - Opera'
ClassName: '' WindowName: '??????.?????? - Opera'
ClassName: '' WindowName: '?????.??. ???????? ???????? - Opera'
ClassName: '' WindowName: 'RUpay - ???? ? ??????? - Opera'
ClassName: '' WindowName: '?????????? ???? - Opera'
ClassName: '' WindowName: 'Garanti Internet Banking - Opera'
ClassName: '' WindowName: 'Internet Banking: log, on, secure, online, free: HSBC Bank UK - Opera'
ClassName: '' WindowName: 'Home | American State Bank - Opera'
ClassName: '' WindowName: 'FNB homepage - Opera'
ClassName: '' WindowName: 'Rambler: ?????????????-????????? ??????? - Opera'
ClassName: '' WindowName: 'Garanti Internet Banking - Mozilla Firefox'
ClassName: '' WindowName: 'Home | American State Bank - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Garanti Internet Banking - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Rambler: ?????????????-????????? ??????? - Microsoft Internet Explorer'
ClassName: '' WindowName: '?????????? ???? - Microsoft Internet Explorer'
ClassName: '' WindowName: 'FNB homepage - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Internet Banking: log, on, secure, online, free: HSBC Bank UK'
ClassName: '' WindowName: 'Login - Banking Forums.co.uk - Microsoft Internet Explorer'
ClassName: '' WindowName: 'The Motley Fool UK: Login - Microsoft Internet Explorer'
ClassName: '' WindowName: '"la Caixa" - Linea Abierta - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Egg Security Login - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Laipni lugti BankWorld sistema. - Microsoft Internet Explorer'
ClassName: '' WindowName: '?????? - ???? ? ????????? ??????? Rapida - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Alliance & Leicester BillPay - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Online Share Trading : TD Waterhouse Investing & Share Dealing - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Internet Banking - Microsoft Internet Explorer'
ClassName: '' WindowName: 'The Co-operative Bank p.l.c. - Microsoft Internet Explorer'
ClassName: '' WindowName: 'The Media Talent Bank - Microsoft Internet Explorer'
ClassName: '' WindowName: 'a-n The Artists Information Company - Microsoft Internet Explorer'
ClassName: '' WindowName: '?????? Skype WebMoney | Rublik.com - Microsoft Internet Explorer'
ClassName: '' WindowName: '??????.?????? - Microsoft Internet Explorer'
ClassName: '' WindowName: 'RUpay - ???? ? ??????? - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Transfer Online, Inc - A Stock Transfer Agent - Microsoft Internet Explorer'
ClassName: '' WindowName: '?????.??. ???????? ???????? - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Barclays IBank - Microsoft Internet Explorer'
ClassName: '' WindowName: 'ING DIRECT - Login - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Sing In - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Navy Federal - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Capital One Online Account Services - Login - Microsoft Internet Explorer'
ClassName: '' WindowName: 'We serve where you serve. - Microsoft Internet Explorer'
ClassName: '' WindowName: 'UNFCU Home - Microsoft Internet Explorer'
ClassName: '' WindowName: 'BPS - SCRIGNO Internet Banking - Microsoft Internet Explorer'
ClassName: '' WindowName: '?????????? - ???????'
ClassName: '' WindowName: 'BPS - SCRIGNO Internet Banking - Mozilla Firefox'
ClassName: '' WindowName: 'Welcome to ePassporte - Microsoft Internet Explorer'
ClassName: '' WindowName: 'BPS - SCRIGNO Internet Banking - Opera'
ClassName: '' WindowName: 'Retail Services Online Customer Care - Jump Page - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Bank One - Home - Microsoft Internet Explorer'
ClassName: '' WindowName: '????? ??????? - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Key Bank - Online Banking - Microsoft Internet Explorer'
ClassName: '' WindowName: 'SunTrust Online Banking - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Citibank Online - Sign On - Microsoft Internet Explorer'
ClassName: '' WindowName: '@MAIL.RU: ?????, ???????, ??????, ????????, ???????????. ????? @MAIL.RU - ?????????? ????? #1 - Microsoft Internet Explorer'
ClassName: '' WindowName: 'PayPal - Welcome - Microsoft Internet Explorer'
ClassName: '' WindowName: 'e-gold Account Access - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Bank of America | Home | Personal - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Bank One - online banking, home equity & mortgage loans, checking accounts, loan calculators - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Chase OnlineSM - Logon - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Commonwealth Securities Ltd. - Mozilla Firefox'
ClassName: '' WindowName: 'Chase OnlineSM - Logon - Mozilla Firefox'
ClassName: '' WindowName: 'Bank of Maharashtra - Login - Mozilla Firefox'
ClassName: '' WindowName: '@MAIL.RU: ?????, ???????, ??????, ????????, ???????????. ????? @MAIL.RU - ?????????? ????? #1 - Mozilla Firefox'
ClassName: '' WindowName: 'Bank One - online banking, home equity & mortgage loans, checking accounts, loan calculators - Mozilla Firefox'
ClassName: '' WindowName: 'Bank of America | Home | Personal - Mozilla Firefox'
ClassName: '' WindowName: 'Capital One Online Account Services - Login - Mozilla Firefox'
ClassName: '' WindowName: 'We serve where you serve. - Mozilla Firefox'
ClassName: '' WindowName: 'Retail Services Online Customer Care - Jump Page - Mozilla Firefox'
ClassName: '' WindowName: 'PayPal - Welcome - Mozilla Firefox'
ClassName: '' WindowName: 'e-gold Account Access - Mozilla Firefox'
ClassName: '' WindowName: '????? ??????? - Mozilla Firefox'
ClassName: '' WindowName: '"la Caixa" - Linea Abierta - Mozilla Firefox'
ClassName: '' WindowName: 'Login - Banking Forums.co.uk - Mozilla Firefox'
ClassName: '' WindowName: 'Laipni lugti BankWorld sistema. - Mozilla Firefox'
ClassName: '' WindowName: 'Internet Banking: log, on, secure, online, free: HSBC Bank UK - Mozilla Firefox'
ClassName: '' WindowName: 'Egg Security Login - Mozilla Firefox'
ClassName: '' WindowName: 'The Motley Fool UK: Login - Mozilla Firefox'
ClassName: '' WindowName: 'Citibank Online - Sign On - Mozilla Firefox'
ClassName: '' WindowName: 'Bank One - Home - Mozilla Firefox'
ClassName: '' WindowName: 'SunTrust Online Banking - Mozilla Firefox'
ClassName: '' WindowName: 'Barclays IBank - Mozilla Firefox'
ClassName: '' WindowName: 'Key Bank - Online Banking - Mozilla Firefox'
ClassName: '' WindowName: 'Navy Federal - Mozilla Firefox'
ClassName: '' WindowName: 'ASB BANK FastNet : Sign On - Microsoft Internet Explorer'
ClassName: '' WindowName: 'CISCO - THE CYPRUS INVESTMENT AND SECURITIES CORPORATION LTD - Microsoft Internet Explorer'
ClassName: '' WindowName: 'ASB Securities : Sign On - Microsoft Internet Explorer'
ClassName: '' WindowName: 'https://myonlineaccounts2.abbeynational.co.uk - Abbey - Log on - Microsoft Internet Explorer'
ClassName: '' WindowName: 'ASB BANK Master Trust Internet Service: Sign On - Microsoft Internet Explorer'
ClassName: '' WindowName: 'E*TRADE FINANCIAL - Home - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Sign In - Microsoft Internet Explorer'
ClassName: '' WindowName: 'http://www.theworkbank.co.uk/ - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Sign in to Yahoo! - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Abbey - Upgrade Browser - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Welcome to ePassporte - Mozilla Firefox'
ClassName: '' WindowName: 'Online Banking Services from Washington Mutual - Microsoft Internet Explorer'
ClassName: '' WindowName: 'https://www3.netbank.commbank.com.au - Logon - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Bank of Maharashtra - Login - Microsoft Internet Explorer'
ClassName: '' WindowName: 'UNFCU Home - Mozilla Firefox'
ClassName: '' WindowName: 'ING DIRECT - Login - Mozilla Firefox'
ClassName: '' WindowName: 'Sing In - Mozilla Firefox'
ClassName: '' WindowName: 'Commonwealth Securities Ltd. - Microsoft Internet Explorer'
ClassName: '' WindowName: 'NETELLER - Sign In To Your Acoount - Microsoft Internet Explorer'
ClassName: '' WindowName: 'USAA | Welcome to USAA - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Raiffeisen on-line - Microsoft Internet Explorer'
ClassName: '' WindowName: 'Login (W12) - Microsoft Internet Explorer'
ClassName: '' WindowName: 'TD Waterhouse webBanking Default0.0 - Microsoft Internet Explorer'

Технології

Терміни

Навчання

Міфи

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней