English
Log in
Search
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

HomeDescriptionsTrojan-Proxy.Win32.Fireby.b

Trojan-Proxy.Win32.Fireby.b

Detected May 10 2005 21:16 GMT
Released May 10 2005 21:16 GMT

This is a description which has been automatically generated following analysis of this program on a test machine. This description may contain incomplete or inaccurate information.

Summary


Technical details

File size of 143872 bytes.


Installation

Ensures Using the system registry, system services or special system files, the program can launch itself or launch the creation of its files every time the Windows OS is subsequently booted autorun of the following installed files:

by adding values to autorun keys in the system registry:

[ System registry hive HKEY_LOCAL_MACHINEHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ] "Anti-Virus Update Scheduler V1.39.12R" = "<­path to source program­><­file of source program ­>"


Malicious activity

Adds the following programs This method allows the program to access the internet, evading some protection measuresto the list of trusted applications:

  • <­path to source program­><­file of source program ­>


Other activities

Modifies the system registry keys:

[ System registry hive HKEY_LOCAL_MACHINEHKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ] "<­path to source program­><­file of source program ­>" = "<­path to source program­><­file of source program ­>:*:Enabled:Server"



Print
Bookmark and Share
Share
Trojans
Trojan-Proxy

Trojan-Proxy programs are designed to give malicious users access to a variety of Internet resources via victim computers.

These malicious programs are typically used to send out mass spam mailings.


Aliases

Trojan-Proxy.Win32.Fireby.b (Kaspersky Lab) is also known as:

  • Trojan: Proxy-Fireby (McAfee)
  • Troj/Fireby-B (Sophos)
  • Trojan.Fireby-1 (ClamAV)
  • Trj/Fireby.B (Panda)
  • W32/Trojan.DXG (FPROT)
  • TrojanProxy:Win32/Fireby.A (MS(OneCare))
  • Trojan.Proxy.447 (DrWeb)
  • Win32/TrojanProxy.Fireby.B trojan (Nod32)
  • Trojan.Proxy.Fireby.B (BitDef7)
  • Trojan.PR.Fireby.C (VirusBuster)
  • Win32:Fireby [Trj] (AVAST)
  • Trojan-Proxy.Win32.Fireby.b (Ikarus)
  • BackDoor.Small.40.B (AVG)
  • TR/Spy.Gen (AVIRA)
  • Backdoor.Staprew.B (NAV)
  • W32/Malware.FSOV (Norman)
  • Trojan.Proxy.Fireby.c (Rising)
  • Trojan-Proxy.Win32.Fireby.b [AVP] (FSecure)
  • BehavesLike.Win32.Malware (v) (Sunbelt)
  • Trojan.PR.Fireby.C (VirusBusterBeta)

© 1997-2010 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.

kaspersky.com

Products

eStore

Threats

Downloads

Support

Partners

About Us

Search

securelist.com

Threats

Analysis

Blog

Descriptions

Glossary

RSS feeds

Contacts

Search