Systweak Spyware Library
Systweak Spyware Library text
More than 21875 spyware signatures and growing
Microsoft Gold Certified Partner
Search in:
Comparison Details for VirtuMonde
Description: Virtumonde is a Trojan horse that is known to cause popups and advertising for rogue antispyware programs, and sporadically other misbehavior including performance degradation and denial of service with some websites including Google.

#

SPYWARE

Advanced System Protector
Counter Spy
Spy Doctor
Spy Sweeper
Trend Micro

S.NO

File Path

Detected |Cleaned

Detected |Cleaned

Detected |Cleaned

Detected |Cleaned

Detected |Cleaned

1

Main exe (malware.exe)

2

C:\WINDOWS\system32\ws_3s32.dll

Registry Comparison Results

1

HKEY_CLASSES_ROOT\IEpl.IEpl()

2

HKEY_CLASSES_ROOT\IEpl.IEpl(Default)

3

HKEY_CLASSES_ROOT\IEpl.IEpl\CLSID()

4

HKEY_CLASSES_ROOT\IEpl.IEpl\CLSID(Default)

5

HKEY_CLASSES_ROOT\IEpl.IEpl\CurVer()

6

HKEY_CLASSES_ROOT\IEpl.IEpl\CurVer(Default)

7

HKEY_CLASSES_ROOT\IEpl.IEPl.1()

8

HKEY_CLASSES_ROOT\IEpl.IEPl.1(Default)

9

HKEY_CLASSES_ROOT\IEpl.IEPl.1\CLSID()

10

HKEY_CLASSES_ROOT\IEpl.IEPl.1\CLSID(Default)

11

HKEY_CLASSES_ROOT\CLSID\{CA21E6FA-41D9-4
F05-9650-8B3FBE72124D}()

12

HKEY_CLASSES_ROOT\CLSID\{CA21E6FA-41D9-4
F05-9650-8B3FBE72124D}(Default)

13

HKEY_CLASSES_ROOT\CLSID\{CA21E6FA-41D9-4
F05-9650-8B3FBE72124D}(AppID)

14

HKEY_CLASSES_ROOT\CLSID\{CA21E6FA-41D9-4
F05-9650-8B3FBE72124D}\InprocServer32()

15

HKEY_CLASSES_ROOT\CLSID\{CA21E6FA-41D9-4
F05-9650-8B3FBE72124D}\InprocServer32(Default)

16

HKEY_CLASSES_ROOT\CLSID\{CA21E6FA-41D9-4
F05-9650-8B3FBE72124D}\InprocServer32(ThreadingModel)

17

HKEY_CLASSES_ROOT\CLSID\{CA21E6FA-41D9-4
F05-9650-8B3FBE72124D}\ProgID()

18

HKEY_CLASSES_ROOT\CLSID\{CA21E6FA-41D9-4
F05-9650-8B3FBE72124D}\ProgID(Default)

19

HKEY_CLASSES_ROOT\CLSID\{CA21E6FA-41D9-4
F05-9650-8B3FBE72124D}\Programmable()

20

HKEY_CLASSES_ROOT\CLSID\{CA21E6FA-41D9-4
F05-9650-8B3FBE72124D}\TypeLib()

21

HKEY_CLASSES_ROOT\CLSID\{CA21E6FA-41D9-4
F05-9650-8B3FBE72124D}\TypeLib(Default)

22

HKEY_CLASSES_ROOT\CLSID\{CA21E6FA-41D9-4
F05-9650-8B3FBE72124D}\VersionIndepe
ndentProgID()

23

HKEY_CLASSES_ROOT\CLSID\{CA21E6FA-41D9-4
F05-9650-8B3FBE72124D}\VersionIndepe
ndentProgID(Default)

24

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEpl
.IEpl()

25

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEpl
.IEpl(Default)

26

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEpl
.IEpl\CLSID()

27

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEpl
.IEpl\CLSID(Default)

28

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEpl
.IEpl\CurVer()

29

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEpl
.IEpl\CurVer(Default)

30

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEpl
.IEPl.1()

31

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEpl
.IEPl.1(Default)

32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEpl
.IEPl.1\CLSID()

33

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEpl
.IEPl.1\CLSID(Default)

34

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSI
D\{CA21E6FA-41D9-4F05-9650-8B3FBE721
24D}()

35

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSI
D\{CA21E6FA-41D9-4F05-9650-8B3FBE721
24D}(Default)

36

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSI
D\{CA21E6FA-41D9-4F05-9650-8B3FBE721
24D}(AppID)

37

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSI
D\{CA21E6FA-41D9-4F05-9650-8B3FBE721
24D}\InprocServer32()

38

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSI
D\{CA21E6FA-41D9-4F05-9650-8B3FBE721
24D}\InprocServer32(Default)

39

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSI
D\{CA21E6FA-41D9-4F05-9650-8B3FBE721
24D}\InprocServer32(ThreadingModel)

40

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSI
D\{CA21E6FA-41D9-4F05-9650-8B3FBE721
24D}\ProgID()

41

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSI
D\{CA21E6FA-41D9-4F05-9650-8B3FBE721
24D}\ProgID(Default)

42

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSI
D\{CA21E6FA-41D9-4F05-9650-8B3FBE721
24D}\Programmable()

43

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSI
D\{CA21E6FA-41D9-4F05-9650-8B3FBE721
24D}\TypeLib()

44

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSI
D\{CA21E6FA-41D9-4F05-9650-8B3FBE721
24D}\TypeLib(Default)

45

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSI
D\{CA21E6FA-41D9-4F05-9650-8B3FBE721
24D}\VersionIndependentProgID()

46

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSI
D\{CA21E6FA-41D9-4F05-9650-8B3FBE721
24D}\VersionIndependentProgID(Default)

47

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wi
ndows\CurrentVersion\Explorer\Browse
r Helper Objects\{CA21E6FA-41D9-4F05
-9650-8B3FBE72124D}()

48

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wi
ndows NT\CurrentVersion\Winlogon\Not
ify\ws_3s32()

49

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wi
ndows NT\CurrentVersion\Winlogon\Not
ify\ws_3s32(Asynchronous)

50

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wi
ndows NT\CurrentVersion\Winlogon\Not
ify\ws_3s32(DllName)

51

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wi
ndows NT\CurrentVersion\Winlogon\Not
ify\ws_3s32(Impersonate)

52

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wi
ndows NT\CurrentVersion\Winlogon\Not
ify\ws_3s32(Startup)

53

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wi
ndows NT\CurrentVersion\Winlogon\Not
ify\ws_3s32(Logoff)

Microsoft Gold Certified Partner

© Systweak Inc., 1999-2018 All rights reserved.