ユーザー向け情報

閉じる

マイライブラリ
マイライブラリ

+ マイライブラリに追加

検索
検索

電話
テクニカルサポート利用方法

問い合わせ

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

フォーラム(英語)

お問い合わせ履歴

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

Profile

JP

RU CN DE EN ES FR IT JP KZ UZ PL BY
閉じる
サービス
スキャナー
Dr.Web vxCube
トライアル
ウイルスライブラリ
ナレッジベース

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

ニュース

Trojan.Siggen2.20546

Added to the Dr.Web virus database: 2012-02-03

Virus description added:

Technical Information

To ensure autorun and distribution:
Modifies the following registry keys:
  • [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'KeyLoger' = '<Full path to virus>'
Modifies file system :
Creates the following files:
  • %WINDIR%\System.txt
Miscellaneous:
Searches for the following windows:
  • ClassName: '' WindowName: 'Login (W12) - Mozilla Firefox'
  • ClassName: '' WindowName: 'TD Waterhouse webBanking Default0.0 - Mozilla Firefox'
  • ClassName: '' WindowName: 'Welcome to ePassporte - Opera'
  • ClassName: '' WindowName: 'Sing In - Opera'
  • ClassName: '' WindowName: 'UNFCU Home - Opera'
  • ClassName: '' WindowName: 'Raiffeisen on-line - Mozilla Firefox'
  • ClassName: '' WindowName: 'https://myonlineaccounts2.abbeynational.co.uk - Abbey - Log on - Mozilla Firefox'
  • ClassName: '' WindowName: 'ASB BANK Master Trust Internet Service: Sign On - Mozilla Firefox'
  • ClassName: '' WindowName: 'Online Banking Services from Washington Mutual - Mozilla Firefox'
  • ClassName: '' WindowName: 'NETELLER - Sign In To Your Acoount - Mozilla Firefox'
  • ClassName: '' WindowName: 'USAA | Welcome to USAA - Mozilla Firefox'
  • ClassName: '' WindowName: 'ING DIRECT - Login - Opera'
  • ClassName: '' WindowName: 'PayPal - Welcome - Opera'
  • ClassName: '' WindowName: 'Bank of America | Home | Personal - Opera'
  • ClassName: '' WindowName: 'Chase OnlineSM - Logon - Opera'
  • ClassName: '' WindowName: '@MAIL.RU: ?????, ???????, ??????, ????????, ???????????. ????? @MAIL.RU - ?????????? ????? #1 - Opera'
  • ClassName: '' WindowName: 'Bank One - online banking, home equity & mortgage loans, checking accounts, loan calculators - Opera'
  • ClassName: '' WindowName: 'TD Waterhouse webBanking Default0.0 - Opera'
  • ClassName: '' WindowName: 'We serve where you serve. - Opera'
  • ClassName: '' WindowName: 'Navy Federal - Opera'
  • ClassName: '' WindowName: 'Capital One Online Account Services - Login - Opera'
  • ClassName: '' WindowName: 'e-gold Account Access - Opera'
  • ClassName: '' WindowName: 'Retail Services Online Customer Care - Jump Page - Opera'
  • ClassName: '' WindowName: 'ASB Securities : Sign On - Mozilla Firefox'
  • ClassName: '' WindowName: '?????.??. ???????? ???????? - Mozilla Firefox'
  • ClassName: '' WindowName: 'RUpay - ???? ? ??????? - Mozilla Firefox'
  • ClassName: '' WindowName: 'Transfer Online, Inc - A Stock Transfer Agent - Mozilla Firefox'
  • ClassName: '' WindowName: 'Online Share Trading : TD Waterhouse Investing & Share Dealing - Mozilla Firefox'
  • ClassName: '' WindowName: 'a-n The Artists Information Company - Mozilla Firefox'
  • ClassName: '' WindowName: '?????? Skype WebMoney | Rublik.com - Mozilla Firefox'
  • ClassName: '' WindowName: 'FNB homepage - Mozilla Firefox'
  • ClassName: '' WindowName: 'Home | American State Bank - Mozilla Firefox'
  • ClassName: '' WindowName: '?????????? ???? - Mozilla Firefox'
  • ClassName: '' WindowName: '??????.?????? - Mozilla Firefox'
  • ClassName: '' WindowName: '?????? - ???? ? ????????? ??????? Rapida - Mozilla Firefox'
  • ClassName: '' WindowName: 'Alliance & Leicester BillPay - Mozilla Firefox'
  • ClassName: '' WindowName: 'Sign in to Yahoo! - Mozilla Firefox'
  • ClassName: '' WindowName: 'E*TRADE FINANCIAL - Home - Mozilla Firefox'
  • ClassName: '' WindowName: 'Abbey - Upgrade Browser - Mozilla Firefox'
  • ClassName: '' WindowName: 'ASB BANK FastNet : Sign On - Mozilla Firefox'
  • ClassName: '' WindowName: 'CISCO - THE CYPRUS INVESTMENT AND SECURITIES CORPORATION LTD - Mozilla Firefox'
  • ClassName: '' WindowName: 'https://www3.netbank.commbank.com.au - Logon - Mozilla Firefox'
  • ClassName: '' WindowName: 'The Media Talent Bank - Mozilla Firefox'
  • ClassName: '' WindowName: 'Internet Banking - Mozilla Firefox'
  • ClassName: '' WindowName: 'The Co-operative Bank p.l.c. - Mozilla Firefox'
  • ClassName: '' WindowName: 'Sign In - Mozilla Firefox'
  • ClassName: '' WindowName: 'http://www.theworkbank.co.uk/ - Mozilla Firefox'
  • ClassName: '' WindowName: 'Sign In - Opera'
  • ClassName: '' WindowName: 'http://www.theworkbank.co.uk/ - Opera'
  • ClassName: '' WindowName: 'Sign in to Yahoo! - Opera'
  • ClassName: '' WindowName: 'Abbey - Upgrade Browser - Opera'
  • ClassName: '' WindowName: 'E*TRADE FINANCIAL - Home - Opera'
  • ClassName: '' WindowName: 'The Co-operative Bank p.l.c. - Opera'
  • ClassName: '' WindowName: 'Online Share Trading : TD Waterhouse Investing & Share Dealing - Opera'
  • ClassName: '' WindowName: 'a-n The Artists Information Company - Opera'
  • ClassName: '' WindowName: 'Alliance & Leicester BillPay - Opera'
  • ClassName: '' WindowName: 'The Media Talent Bank - Opera'
  • ClassName: '' WindowName: 'Internet Banking - Opera'
  • ClassName: '' WindowName: 'CISCO - THE CYPRUS INVESTMENT AND SECURITIES CORPORATION LTD - Opera'
  • ClassName: '' WindowName: 'Raiffeisen on-line - Opera'
  • ClassName: '' WindowName: 'NETELLER - Sign In To Your Acoount - Opera'
  • ClassName: '' WindowName: 'Commonwealth Securities Ltd. - Opera'
  • ClassName: '' WindowName: 'https://www3.netbank.commbank.com.au - Logon - Opera'
  • ClassName: '' WindowName: 'Bank of Maharashtra - Login - Opera'
  • ClassName: '' WindowName: 'USAA | Welcome to USAA - Opera'
  • ClassName: '' WindowName: 'ASB Securities : Sign On - Opera'
  • ClassName: '' WindowName: 'ASB BANK FastNet : Sign On - Opera'
  • ClassName: '' WindowName: 'ASB BANK Master Trust Internet Service: Sign On - Opera'
  • ClassName: '' WindowName: 'Online Banking Services from Washington Mutual - Opera'
  • ClassName: '' WindowName: 'https://myonlineaccounts2.abbeynational.co.uk - Abbey - Log on - Opera'
  • ClassName: '' WindowName: 'Transfer Online, Inc - A Stock Transfer Agent - Opera'
  • ClassName: '' WindowName: 'Barclays IBank - Opera'
  • ClassName: '' WindowName: 'The Motley Fool UK: Login - Opera'
  • ClassName: '' WindowName: '"la Caixa" - Linea Abierta - Opera'
  • ClassName: '' WindowName: 'Laipni lugti BankWorld sistema. - Opera'
  • ClassName: '' WindowName: 'Login - Banking Forums.co.uk - Opera'
  • ClassName: '' WindowName: 'Login (W12) - Opera'
  • ClassName: '' WindowName: 'Bank One - Home - Opera'
  • ClassName: '' WindowName: '????? ??????? - Opera'
  • ClassName: '' WindowName: 'Key Bank - Online Banking - Opera'
  • ClassName: '' WindowName: 'SunTrust Online Banking - Opera'
  • ClassName: '' WindowName: 'Citibank Online - Sign On - Opera'
  • ClassName: '' WindowName: 'Egg Security Login - Opera'
  • ClassName: '' WindowName: '?????? Skype WebMoney | Rublik.com - Opera'
  • ClassName: '' WindowName: '?????? - ???? ? ????????? ??????? Rapida - Opera'
  • ClassName: '' WindowName: '??????.?????? - Opera'
  • ClassName: '' WindowName: '?????.??. ???????? ???????? - Opera'
  • ClassName: '' WindowName: 'RUpay - ???? ? ??????? - Opera'
  • ClassName: '' WindowName: '?????????? ???? - Opera'
  • ClassName: '' WindowName: 'Garanti Internet Banking - Opera'
  • ClassName: '' WindowName: 'Internet Banking: log, on, secure, online, free: HSBC Bank UK - Opera'
  • ClassName: '' WindowName: 'Home | American State Bank - Opera'
  • ClassName: '' WindowName: 'FNB homepage - Opera'
  • ClassName: '' WindowName: 'Rambler: ?????????????-????????? ??????? - Opera'
  • ClassName: '' WindowName: 'Garanti Internet Banking - Mozilla Firefox'
  • ClassName: '' WindowName: 'Home | American State Bank - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Garanti Internet Banking - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Rambler: ?????????????-????????? ??????? - Microsoft Internet Explorer'
  • ClassName: '' WindowName: '?????????? ???? - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'FNB homepage - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Internet Banking: log, on, secure, online, free: HSBC Bank UK'
  • ClassName: '' WindowName: 'Login - Banking Forums.co.uk - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'The Motley Fool UK: Login - Microsoft Internet Explorer'
  • ClassName: '' WindowName: '"la Caixa" - Linea Abierta - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Egg Security Login - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Laipni lugti BankWorld sistema. - Microsoft Internet Explorer'
  • ClassName: '' WindowName: '?????? - ???? ? ????????? ??????? Rapida - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Alliance & Leicester BillPay - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Online Share Trading : TD Waterhouse Investing & Share Dealing - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Internet Banking - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'The Co-operative Bank p.l.c. - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'The Media Talent Bank - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'a-n The Artists Information Company - Microsoft Internet Explorer'
  • ClassName: '' WindowName: '?????? Skype WebMoney | Rublik.com - Microsoft Internet Explorer'
  • ClassName: '' WindowName: '??????.?????? - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'RUpay - ???? ? ??????? - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Transfer Online, Inc - A Stock Transfer Agent - Microsoft Internet Explorer'
  • ClassName: '' WindowName: '?????.??. ???????? ???????? - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Barclays IBank - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'ING DIRECT - Login - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Sing In - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Navy Federal - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Capital One Online Account Services - Login - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'We serve where you serve. - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'UNFCU Home - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'BPS - SCRIGNO Internet Banking - Microsoft Internet Explorer'
  • ClassName: '' WindowName: '?????????? - ???????'
  • ClassName: '' WindowName: 'BPS - SCRIGNO Internet Banking - Mozilla Firefox'
  • ClassName: '' WindowName: 'Welcome to ePassporte - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'BPS - SCRIGNO Internet Banking - Opera'
  • ClassName: '' WindowName: 'Retail Services Online Customer Care - Jump Page - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Bank One - Home - Microsoft Internet Explorer'
  • ClassName: '' WindowName: '????? ??????? - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Key Bank - Online Banking - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'SunTrust Online Banking - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Citibank Online - Sign On - Microsoft Internet Explorer'
  • ClassName: '' WindowName: '@MAIL.RU: ?????, ???????, ??????, ????????, ???????????. ????? @MAIL.RU - ?????????? ????? #1 - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'PayPal - Welcome - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'e-gold Account Access - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Bank of America | Home | Personal - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Bank One - online banking, home equity & mortgage loans, checking accounts, loan calculators - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Chase OnlineSM - Logon - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Commonwealth Securities Ltd. - Mozilla Firefox'
  • ClassName: '' WindowName: 'Chase OnlineSM - Logon - Mozilla Firefox'
  • ClassName: '' WindowName: 'Bank of Maharashtra - Login - Mozilla Firefox'
  • ClassName: '' WindowName: '@MAIL.RU: ?????, ???????, ??????, ????????, ???????????. ????? @MAIL.RU - ?????????? ????? #1 - Mozilla Firefox'
  • ClassName: '' WindowName: 'Bank One - online banking, home equity & mortgage loans, checking accounts, loan calculators - Mozilla Firefox'
  • ClassName: '' WindowName: 'Bank of America | Home | Personal - Mozilla Firefox'
  • ClassName: '' WindowName: 'Capital One Online Account Services - Login - Mozilla Firefox'
  • ClassName: '' WindowName: 'We serve where you serve. - Mozilla Firefox'
  • ClassName: '' WindowName: 'Retail Services Online Customer Care - Jump Page - Mozilla Firefox'
  • ClassName: '' WindowName: 'PayPal - Welcome - Mozilla Firefox'
  • ClassName: '' WindowName: 'e-gold Account Access - Mozilla Firefox'
  • ClassName: '' WindowName: '????? ??????? - Mozilla Firefox'
  • ClassName: '' WindowName: '"la Caixa" - Linea Abierta - Mozilla Firefox'
  • ClassName: '' WindowName: 'Login - Banking Forums.co.uk - Mozilla Firefox'
  • ClassName: '' WindowName: 'Laipni lugti BankWorld sistema. - Mozilla Firefox'
  • ClassName: '' WindowName: 'Internet Banking: log, on, secure, online, free: HSBC Bank UK - Mozilla Firefox'
  • ClassName: '' WindowName: 'Egg Security Login - Mozilla Firefox'
  • ClassName: '' WindowName: 'The Motley Fool UK: Login - Mozilla Firefox'
  • ClassName: '' WindowName: 'Citibank Online - Sign On - Mozilla Firefox'
  • ClassName: '' WindowName: 'Bank One - Home - Mozilla Firefox'
  • ClassName: '' WindowName: 'SunTrust Online Banking - Mozilla Firefox'
  • ClassName: '' WindowName: 'Barclays IBank - Mozilla Firefox'
  • ClassName: '' WindowName: 'Key Bank - Online Banking - Mozilla Firefox'
  • ClassName: '' WindowName: 'Navy Federal - Mozilla Firefox'
  • ClassName: '' WindowName: 'ASB BANK FastNet : Sign On - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'CISCO - THE CYPRUS INVESTMENT AND SECURITIES CORPORATION LTD - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'ASB Securities : Sign On - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'https://myonlineaccounts2.abbeynational.co.uk - Abbey - Log on - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'ASB BANK Master Trust Internet Service: Sign On - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'E*TRADE FINANCIAL - Home - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Sign In - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'http://www.theworkbank.co.uk/ - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Sign in to Yahoo! - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Abbey - Upgrade Browser - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Welcome to ePassporte - Mozilla Firefox'
  • ClassName: '' WindowName: 'Online Banking Services from Washington Mutual - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'https://www3.netbank.commbank.com.au - Logon - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Bank of Maharashtra - Login - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'UNFCU Home - Mozilla Firefox'
  • ClassName: '' WindowName: 'ING DIRECT - Login - Mozilla Firefox'
  • ClassName: '' WindowName: 'Sing In - Mozilla Firefox'
  • ClassName: '' WindowName: 'Commonwealth Securities Ltd. - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'NETELLER - Sign In To Your Acoount - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'USAA | Welcome to USAA - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Raiffeisen on-line - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'Login (W12) - Microsoft Internet Explorer'
  • ClassName: '' WindowName: 'TD Waterhouse webBanking Default0.0 - Microsoft Internet Explorer'

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play