pckingsford.com

  • Increase font size
  • Default font size
  • Decrease font size

Troj/Goldun-GF

E-mail Print PDF
Troj/Goldun-GF is a Trojan for the Windows platform.

When Troj/Goldun-GF is installed the following files are created:

<System>\divxps.dll - Mal/HckPk-E
<System>\klite.sys - Troj/Goldun-GF

The following registry entries are created to run code exported by divxps.dll on startup:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\divxps
DllName
divxps.dll0

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\divxps
Startup
divxps

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\divxps
Impersonate
1

See: http://www.sophos.com/security/analyses/viruses-and-spyware/trojgoldungf.html?_log_from=rss
 

Who's Online

We have 1 guest online

Search

avg9_1.jpg