Jump to content

What is Registry Editor CodeASU1


Recommended Posts

I need information on what codeASU1 is in my registry editor.

See Attachment

One program tells me it is Bifroze Trojan but that is one program Advance System Optimizer.

Ran ESET online no virus; also Norton; no virus detected.

Malware bytes all ok nothing found.

I need to know if this key is good and what program did this CodeASU1 come from?

Thank you in advance

Lee

post-329192-0-93087100-1311817850_thumb.

Edited by fixcar1
Link to comment
Share on other sites


You could download Process Monitor from Sysinternals, and run that, looking for what is accessing that key.

Start process monitor with the /noconnect switch (c:\path\to\procmon.exe /noconnect) - which will stop it from instantly logging every single bit of activity from the second it loads.

Add a filter:

If path excludes "CodeASU1" then Exclude. Also, use the 'drop filtered events' option - to stop it from filling up your pagefile.

Now tell it to start capturing events, and from there on, it's a waiting game to see which processes are touching that key.

Link to comment
Share on other sites

It does look to be that virus. Here is more info

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Backdoor%3AWin32%2FBifrose.ACI

Other user reports online have found problems removing it fully, as MSE and Kapersky (from March 2011) only would do a partial quarantine.

Moving to AV forum, as I can't find a good set of removal instructions that doesn't involve downloading some weird removal tool.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...