Sign in to follow this  
dwp

Possible F/P with SE1R138 11.12.2006

Recommended Posts

Win32.TrojanDownloader.Small Object Recognized!

Type : Regkey

Data :

TAC Rating : 7

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{2e4bb6be-a75f-4dc0-9500-68203655a2c4}

 

 

 

Export of interface\{2e4bb6be-a75f-4dc0-9500-68203655a2c4}:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[HKEY_LOCAL_MACHINE\Software\CLASSES\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]

@="IFlashBroker"

 

[HKEY_LOCAL_MACHINE\Software\CLASSES\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

 

[HKEY_LOCAL_MACHINE\Software\CLASSES\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Not sure, but this may be the Type Library of the FlashBroker COM server for the Macromedia Flash 9 control.

Share this post


Link to post
Share on other sites

Thanks Team!

 

Additional Info:

 

Uninstalled Adobe Flash Player 9 ActiveX via Add/Remove and the uninstall removed the questioned finding from the registry.

Share this post


Link to post
Share on other sites

The problem is fixed.

 

Just download the latest definition file SE1R138 11.12.2006 ( internal build nr: 174 ) and run a scan again.

 

Thank You!

 

Albin Bodahl

 

Lavasoft Research Team

Share this post


Link to post
Share on other sites
The problem is fixed.

 

Just download the latest definition file SE1R138 11.12.2006 ( internal build nr: 174 ) and run a scan again.

 

Thank You!

 

Albin Bodahl

 

Lavasoft Research Team

Thanks for the quick turnaround ;) Scan all clean :P

Share this post


Link to post
Share on other sites
Sign in to follow this