Trojan.Win32.Iyeclore
Trojan.Win32.Iyeclore is a malicious backdoor trojan that runs in the background and enables remote access to the corrupted computer system. Trojan.Win32.Iyeclore may be capable of sending out email messages with the built-in SMTP client engine. Trojan.Win32.Iyeclore provides the creator or attacker with remote-administration of the victim's computer. Trojan.Win32.Iyeclore can be instructed to send, receive, execute and delete files. Trojan.Win32.Iyeclore should be removed immediately after detection with a spyware removal tool.
Aliases
Win-Trojan/Hupigon.1178112.B (AhnLab)Backdoor.Win32.Hupigon (Ikarus)
Trojan:Win32/Iyeclore.A (Microsoft)
Trojan:Win32/Iyeclore.A (Microsoft)
File System Modifications
- The following files were created in the system:
# File Name 1 %ProgramFiles%\peeb\djeol.exe 2 %ProgramFiles%\peeb\euoci\ixoa.ini 3 %ProgramFiles%\peeb\euoci\thawb.dll 4 %ProgramFiles%\peeb\euoci\zuzor.dll 5 %ProgramFiles%\peeb\ixoa.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\casoHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\caso\SecurityHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Service\caso\SecurityHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\caso
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.