Suspicious.Graybird.1
Suspicious.Graybird.1 is a malicious Trojan horse that may represent security risk for the compromised system or its network environment. Once it has gained entry, Suspicious.Graybird.1 will start it's mischief by creating a start-up registry entry. Hereafter, the symptoms include the infected system producing unusual amounts of outbound traffic. Suspicious.Graybird.1 should not be given a chance to give other viruses entry to your computer. Do away with it immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 %DesktopDir%\����֮��.url 2 %Favorites%\����֮��.url 3 %Programs%\Internet Explorer.lnk 4 %System%\7ds2.exe 5 %System%\9dd1.dll 6 %System%\febb.dll 7 %System%\hwqrgizey.dll 8 %System%\jedovbmt.dat 9 %Temp%\cml2A.tmp 10 %Temp%\yjifh.htm 11 %Temp%\yvyfh.htm 12 %Windir%\79e7.bmp 13 %Windir%\92b7.flv 14 %Windir%\e7df.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main][HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden]HKEY..\..\..\..{RegistryKeys}[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating\.Current][HKEY_CURRENT_USER\Keyboard Layout\Preload][HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceCurrent]
When I am installing spy hunter downloader. It is showing that \'\'connecting to server\'\' Time: awaiting connection..
Nothinh happened.
Regards
Manjit