||||
Symantec.com > Security Response > Threats and Risks > Hacktool.ABFPRecovery
PRINT THIS PAGE

Hacktool.ABFPRecovery

Printer Friendly Page

Updated: February 13, 2007 11:42:50 AM
Type: Hack Tool
Version: 1.5.0.365
Publisher: ABF software, Inc.
Risk Impact: High
File Names: abfPasswordRecoveryInstall.exe abfPasswordRecovery.exe
Systems Affected: Windows 2000, Windows 98, Windows Me, Windows NT, Windows XP


When Hacktool.ABFPRecovery is installed, the following actions are performed:
    1. Creates the following files:

      • %Userprofile%\Desktop\ABF Password Recovery.lnk
      • %Userprofile%\Start Menu\Programs\ABF software\ABF Password Recovery\ABF Password Recovery help.lnk
      • %Userprofile%\Start Menu\Programs\ABF software\ABF Password Recovery\ABF Password Recovery.lnk
      • %Userprofile%\Start Menu\Programs\ABF software\ABF Password Recovery\Home page.lnk
      • %Userprofile%\Start Menu\Programs\ABF software\ABF Password Recovery\License.lnk
      • %Userprofile%\Start Menu\Programs\ABF software\ABF Password Recovery\ReadMe.lnk
      • %Userprofile%\Start Menu\Programs\ABF software\ABF Password Recovery\Uninstall ABF Password Recovery.lnk
      • %ProgramFiles%\ABF software\ABF Password Recovery\abfPasswordRecovery.cnt
      • %ProgramFiles%\ABF software\ABF Password Recovery\abfPasswordRecovery.exe
      • %ProgramFiles%\ABF software\ABF Password Recovery\abfPasswordRecovery.GID
      • %ProgramFiles%\ABF software\ABF Password Recovery\abfPasswordRecovery.hlp
      • %ProgramFiles%\ABF software\ABF Password Recovery\buy.txt
      • %ProgramFiles%\ABF software\ABF Password Recovery\file_id.diz
      • %ProgramFiles%\ABF software\ABF Password Recovery\home.url
      • %ProgramFiles%\ABF software\ABF Password Recovery\INSTALL.LOG
      • %ProgramFiles%\ABF software\ABF Password Recovery\install.sss
      • %ProgramFiles%\ABF software\ABF Password Recovery\License.txt
      • %ProgramFiles%\ABF software\ABF Password Recovery\pad.xml
      • %ProgramFiles%\ABF software\ABF Password Recovery\ReadMe.txt
      • %ProgramFiles%\ABF software\ABF Password Recovery\Uninstall.exe

        Notes:
      • %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.
      • %UserProfile% is a variable that refers to the current user's profile folder. By default, this is C:\Documents and Settings\<Current User> (Windows NT/2000/XP).

    2. Creates the registry keys:
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A5C4CC8D-2F7D-4FBB-B000-658599ABD432}
      HKEY_CURRENT_USER\Software\ABF software

    Search by name
    Example: W32.Beagle.AG@mm
    Windows 7
    Windows Vista Security
    ©1995 - 2009 Symantec Corporation
    Site Map|
    Legal Notices|
    Privacy Policy|
    |
    Contact Us|
    Global Sites|
    License Agreements|
    RSS