Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Diskussionsforum (https://www.trojaner-board.de/diskussionsforum/)
-   -   Spionage-Trojaner: Regin-Infektionen erkennen (https://www.trojaner-board.de/161251-spionage-trojaner-regin-infektionen-erkennen.html)

AdminBot 26.11.2014 17:55
Spionage-Trojaner: Regin-Infektionen erkennen
 
Spionage-Trojaner: Regin-Infektionen erkennen und entfernen

Das US-Cert hat Informationen dazu:
https://www.us-cert.gov/ncas/alerts/TA14-329A

Betroffene Systeme:
Microsoft Windows NT, 2000, XP, Vista, and 7


IPs die kontaktiert werden:
61.67.114.73
202.71.144.113
203.199.89.80
194.183.237.145


Windows Registry-Einträge:
\REGISTRY\Machine\System\CurrentControlSet\Control\RestoreList
\REGISTRY\Machine\System\CurrentControlSet\Control\Class\{39399744-44FC-AD65-474B-E4DDF-8C7FB97}
\REGISTRY\Machine\System\CurrentControlSet\Control\Class\{3F90B1B4-58E2-251E-6FFE-4D38C5631A04}
\REGISTRY\Machine\System\CurrentControlSet\Control\Class\{4F20E605-9452-4787-B793-D0204917CA58}
\REGISTRY\Machine\System\CurrentControlSet\Control\Class\{9B9A8ADB-8864-4BC4-8AD5-B17DFDBB9F58}


2014-11-27 01:04:26
https://www.virustotal.com/file/b12c...is/1417050266/
MD5: ffb0b9b5b610191051a7bdf0806e1e47
SHA1: 75a9af1e34dc0bb2f7fcde9d56b2503072ac35dd
Detect: 45 / 55

Trojan.Generic.5794011 (MicroWorld-eScan)
Trojan.Generic.5794011 (nProtect)
Trojan.Regin.r4 (CAT-QuickHeal)
Regin!sys (McAfee)
Backdoor.Agent.RE (Malwarebytes)
Trojan.Win32.Generic!BT (VIPRE)
Riskware ( 0015e4f01 ) (K7AntiVirus)
Riskware ( 0015e4f01 ) (K7GW)
Trojan.Win32.Agent.vohdv (NANO-Antivirus)
W32/Regin.A.gen!Eldorado (F-Prot)
Backdoor.Regin (Symantec)
Suspicious_Gen2.MYPYI (Norman)
Win32/ProRat.SG (TotalDefense)
TROJ_REGIN.A (TrendMicro-HouseCall)
Win32:Regin-A [Rtk] (Avast)
HEUR:Trojan.Win32.Regin.gen (Kaspersky)
Trojan.Generic.5794011 (BitDefender)
Trojan.Agent!j/SokBmzvPs (Agnitum)
Trojan.Win32.Regin.12608 (ViRobot)
Win32.Trojan.Agent.Eibg (Tencent)
Trojan.Generic.5794011 (Ad-Aware)
Troj/Regin-Fam (Sophos)
UnclassifiedMalware (Comodo)
Rootkit:W32/Regin.A (F-Secure)
Trojan.Regin (DrWeb)
TROJ_REGIN.A (TrendMicro)
Regin!sys (McAfee-GW-Edition)
Trojan.Generic.5794011 (B) (Emsisoft)
W32/Trojan.YYPC-4729 (Cyren)
Rootkit.Regin.a (Jiangmin)
TR/Agent.12608.1 (Avira)
Trojan/Win32.SGeneric (Antiy-AVL)
Trojan:WinNT/Regin.A (Microsoft)
Trojan/Win32.Regin (AhnLab-V3)
Trojan.Generic.5794011 (GData)
Trojan.Regin (VBA32)
Trojan.Win32.Generic!BT (AVware)
Bck/Regin.A (Panda)
a variant of Win32/Regin.A (ESET-NOD32)
PE:Trojan.Regin!1.9FF9 (Rising)
Backdoor.Regin (Ikarus)
W32/Regin!tr (Fortinet)
Generic24.AAIO (AVG)
Trojan.WinNT.Regin.cA (Baidu-International)
Trojan.Generic (Qihoo-360)

Da GuRu 27.11.2014 13:54
Hinweis: http://www.trojaner-board.de/161248-...fektionen.html


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:34 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131