Is this dangerous?

Is this dangerous?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Is this dangerous? Damien 07-29-2006
`--> Re: Is this dangerous? Roger Abell [MV...07-30-2006
Posted by Damien on July 29, 2006, 6:24 am
If you were  Registered and logged in, you could reply and use other advanced thread options
I updated Spyware Doctor. When I perform quick scan it says that the
following registry entries are connected with trojan named
Trojan.Downloader.Banload.FM:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG]
"EnableFileTracing"
"EnableConsoleTracing"
ojan"FileTracingMask"
"ConsoleTracingMask"
"MaxFileSize"
"FileDirectory"

I'm not sure it is true. What are those registry entries about?

After SD found this Trojan I had tested my computer with the following
software:
- Windows Defender Beta 2
- Evido anti-spyware
- AD Aware SE
- AVG Free edition.

All with most current updates. All say my OS I clear.

My OS is Windows XP SP2.

--
Thanks in advance for any help
Damien



Posted by Karl Levinson on July 29, 2006, 11:23 am
If you were  Registered and logged in, you could reply and use other advanced thread options

>I updated Spyware Doctor. When I perform quick scan it says that the
> following registry entries are connected with trojan named
> Trojan.Downloader.Banload.FM:
>
> [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG]
> "EnableFileTracing"
> "EnableConsoleTracing"
> ojan"FileTracingMask"
> "ConsoleTracingMask"
> "MaxFileSize"
> "FileDirectory"
>
> I'm not sure it is true. What are those registry entries about?

It is possible that antivirus previously removed a virus from your computer,
but left registry settings that disable logging of certain events to a file.
It could also be that those values just happen to exist on your computer for
some reason. Those registry values by themselves do not appear dangerous
per se. Searching Google for those registry value names gives an
explanation of what they do:

www.google.com/search?q=enablefiletracing+enableconsoletracing+consoletracingmask+maxfilesize+filedirectory+site%3Amicrosoft.com






Posted by Roger Abell [MVP] on July 30, 2006, 2:39 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
That appears to be normal part of a trace provider registration,
well, except for the ojan part of ojan"FileTracingMask"

>I updated Spyware Doctor. When I perform quick scan it says that the
> following registry entries are connected with trojan named
> Trojan.Downloader.Banload.FM:
>
> [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG]
> "EnableFileTracing"
> "EnableConsoleTracing"
> ojan"FileTracingMask"
> "ConsoleTracingMask"
> "MaxFileSize"
> "FileDirectory"
>
> I'm not sure it is true. What are those registry entries about?
>
> After SD found this Trojan I had tested my computer with the following
> software:
> - Windows Defender Beta 2
> - Evido anti-spyware
> - AD Aware SE
> - AVG Free edition.
>
> All with most current updates. All say my OS I clear.
>
> My OS is Windows XP SP2.
>
> --
> Thanks in advance for any help
> Damien
>
>



Similar ThreadsPosted
SMB Shares Dangerous? April 26, 2007, 9:09 am
!?!?! HTA files are EXTREMELY DANGEROUS ?!?! January 5, 2006, 6:21 pm
Destructive, dangerous Autochk.exe June 26, 2006, 8:47 am
Vulnerable, Outdated, Dangerous DLLS May 8, 2008, 4:12 pm
Is Viewpoint dangerous (Windows Media Player) October 29, 2005, 2:11 pm
How is dangerous connect to server over internet with remote deskt July 21, 2006, 8:05 am

The site map in XML format XML site map

Contact Us | Privacy Policy