Fuzfle CL
Fuzfle CL - dubbed Generic Dropper.av by McAfee, Trojan-Dropper.Win32.Agent.fun by Kaspersky, and Infostealer by Symantec - is a Trojan that uses rootkit techniques to get nice and cozy in your system and stay hidden from you or any anti-spyware programs you run. What is Fuzfle CL up to? Secretly gaining control of your PC and stealing your login and password information.
Aliases
Generic Dropper.av [McAfee]
Trojan-Dropper.Win32.Agent.fun [Kaspersky]
Infostealer [Symantec]VirTool:Win32/DelfInject.gen!AA [MS OneCare]
Mal/EncPk-CK [Sophos]
Win32/Fuzfle.CL [CA AV]
W32/Dropper.NHL (exact, dropper) [F-Prot]
W32/Agent.ETXR [NORMAN]
Trojan-Dropper.Win32.Agent.fun [Kaspersky]
Infostealer [Symantec]VirTool:Win32/DelfInject.gen!AA [MS OneCare]
Mal/EncPk-CK [Sophos]
Win32/Fuzfle.CL [CA AV]
W32/Dropper.NHL (exact, dropper) [F-Prot]
W32/Agent.ETXR [NORMAN]
File System Modifications
- The following files were created in the system:
# File Name 1 %profile%\local settings\temp\build.exe 2 %profile%\local settings\temp\id7254.exe 3 %system%\drivers\xdx35.sys 4 resume.exe 5 xdx35.sys
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_xdx35HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_xdx35\0000HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_xdx35\0000 capabilitiestHKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_xdx35\0000 classHKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_xdx35\0000 classguidHKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_xdx35\0000 configflagsHKEY_LOCAL_MACHINE\system\currentcontrolset\services\xdx35HKEY_LOCAL_MACHINE\system\currentcontrolset\services\xdx35\enumHKEY_LOCAL_MACHINE\system\currentcontrolset\services\xdx35\enum 0HKEY_LOCAL_MACHINE\system\currentcontrolset\services\xdx35\enum coun
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.