SHYLOCK Banking Trojan discovered by Trusteer Shylock intercepts network traffic and attempts to add malicious code to it. Christopher Bentley 2011-11-10T10:49:23 http://quequero.org/uicwiki/index.php?title=Shylock_via_%20volatility MASTER_ _SHUTDOWN EVT_VNC EVT_BACK EVT_VNC extensadv.cc topbeat.cc brainsphere.cc commonworldme.cc gigacat.cc nw-serv.cc IE_Hook::GetRequestInfo FF_Hook::getRequestInfo EX_Hook::CreateProcess 178.208.75.226 81.177.170.135 88.198.50.150 65.55.87.173 91.223.180.66 92.60.177.233 92.60.177.243 93.190.45.75 hijackdll.dll MTX_ FF::PR_WriteHook entry FF::PR_WriteHook exit HijackProcessAttach::*** MASTER *** MASTER *** MASTER *** %s PID=%u HijackProcessAttach::entry FF::BEFORE INJECT FF::AFTER INJECT IE::AFTER INJECT IE::BEFORE INJECT *** VNC *** VNC *** VNC *** VNC *** VNC *** VNC *** VNC *** VNC *** VNC *** VNC *** %s *** LOG INJECTS *** %s *** inject to process %s not allowed *** BackSocks *** BackSocks *** BackSocks *** BackSocks *** BackSocks *** BackSocks *** BackSocks *** %s .?AVFF_Hook@@ .?AVIE_Hook@@ Inject::InjectDllFromMemory paragua-analyst.cc BadSocks.dll