does it propecia work does propecia really work

for all who clicked that link

When Trojan.Zlob is executed, it performs the following actions:

Copies itself as one of the following files:


%System%\msmsgs.exe
%System%\ld100.tmp
%System%\regperf.exe

Note: %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).


Adds the following value:

"Shell" = "Explorer.exe, msmsgs.exe"

to the registry subkey:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

so that the Trojan runs every time Windows starts.


Creates the following value:

"MSN Messenger" = "%System%\msmsgs.exe"

to the registry subkey:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

so that the Trojan runs every time Windows starts.


Adds the following value:

"uuid" = "86c29b2f-3389-418b-9b47-c2b09b6abc07"

to the registry subkey:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion


Adds one of the following values:

"wininet.dll" = "regperf.exe"
"notepad.exe" = "msmsgs.exe"

to the registry key

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

so that the Trojan runs when Windows starts or the user logs on.


Injects itself into the explorer.exe process.


Attempts to make HTTP connections to the following domains using different URLs, which allow the Trojan to ping, report it's status, and execute remote files:


vnp7s.net
zxserv0.com
dumpserv.com

Normally I would have just deleted the reply with the spampost but this should be kept in the surftips section.
_________________
[URL=http://www.casimages.com][/URL]