Home Malware Programs Trojans Trojan.Win32.Bzud.b

Trojan.Win32.Bzud.b

Posted: March 30, 2011

Trojan.Win32.Bzud.b is a vicious Trojan horse that may download harmful files from the internet. Trojan.Win32.Bzud.b may also put an infected system at risk of a remote hacker connecting to it. Through Trojan.Win32.Bzud.b, a hacker could steal data stored on the hard drive. To completely eliminate the threat of Trojan.Win32.Bzud.b, it may be necessary to use a good anti-spyware program to safely remove Trojan.Win32.Bzud.b and any related malware files.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %ProgramFiles%\VMware\VMware Tools\VMwareUser.exe
    2 %Temp%\clljdd0u.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\AuthRootHKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\AuthRoot\CRLsHKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\AuthRoot\CTLsHKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\AuthRoot\CertificatesHKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\TrustedPeopleHKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\TrustedPeople\CRLsHKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\TrustedPeople\CTLsHKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\TrustedPeople\CertificatesHKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\UserDSHKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\AuthRootHKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\AuthRoot\CRLsHKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\AuthRoot\CTLsHKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\AuthRoot\CertificatesHKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\TrustedPeopleHKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLsHKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLsHKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CertificatesHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\AuthRootHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\AuthRoot\CRLsHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\AuthRoot\CTLsHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\AuthRoot\CertificatesHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\TrustedPeopleHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\TrustedPeople\CRLsHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\TrustedPeople\CTLsHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\TrustedPeople\CertificatesHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\TrustedPeopleHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CRLsHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CTLsHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CertificatesHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRootHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot\CRLsHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot\CTLsHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot\CertificatesHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeopleHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLsHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLsHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates
Loading...