Trojan.Win32.LogonInvader.a
Trojan.Win32.LogonInvader.a is a malicious Trojan which modifies system settings and may have a negative impact on system security. Trojan.Win32.LogonInvader.a essentially lowers security settings and drops files on the compromised computer. Trojan.Win32.LogonInvader.a is designed to open a large security loophole through which hundreds of malicious adware and spyware can be piped to your machine. In addition, Trojan.Win32.LogonInvader.a steals username and password information and sends the stolen data to devious hackers for malicious purposes. Trojan.Win32.LogonInvader.a poses a severe security risk to any PC and should be removed immediately once detected.
Aliases
Trojan.Win32.LogonInvader (Ikarus)
Dropper/Malware.335184 (AhnLab)
Dropper/Malware.335184 (AhnLab)
File System Modifications
- The following files were created in the system:
# File Name 1 %ProgramFiles%\Images\%UserName%\07-03-2010\23-10-58 2 %ProgramFiles%\server.exe 3 %System%\winfiles.exe 4 %Windir%\GessM.exe 5 %Windir%\winfiles.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{F689FD98-DD67-4D13-9259-6644329F9041}][HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore][HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.