Orifice2K.plugin
Orifice2K.plugin is a dangerous Trojan that may seriously damage an infected system. The presence of Orifice2K.plugin is concealed with the help of rootkit-specific techniques. On infiltrating a system, Orifice2K.plugin may block a victim's access to security websites, as well as the NDS server options to a fixed IPS. Orifice2K.plugin can be detected and remove with an effective anti-spyware application.
Table of Contents
Aliases
2 security vendors flagged this file as malicious.
| Anti-Virus Software | Detection |
|---|---|
| - | Win-Trojan/Xema.variant |
| - | VirTool:Win32/Mader.C |
File System Details
Orifice2K.plugin may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %System%\_sv_.exe | |
| 2. | %System%\drivers\_sv_.sy |
Registry Details
Orifice2K.plugin may create the following registry entry or registry entries:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ntfscore\Security]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\_sv_]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ntfscore\Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ntfscore]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\_sv_]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ntfscore]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\_sv_]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\_sv_]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ntfscore\Enum]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\_sv_]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ntfscore\Enum]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\_sv_]
