Technical details:
Categories: Trojan,Adware,BHO,Hijacker
[Kaspersky]Trojan.Win32.Revop.b,Trojan-Clicker.Win32.VB.ae,TrojanClicker.Win32.VB.o;
[Panda]Dialer.DB,Spyware/Adclicker,Trojan Horse WinPup32 Files:
[%WINDOWS%]Buddy.exe
[%WINDOWS%]infbanner.inf
[%PROGRAM_FILES%]over.exe
[%PROGRAM_FILES%]pup.exe
[%SYSTEM%]20444887.exe
[%SYSTEM%]23777407.exe
[%SYSTEM%]24065798.exe
[%SYSTEM%]25199526.exe
[%SYSTEM%]27032107.exe
[%SYSTEM%]39197939.exe
[%SYSTEM%]4026430.exe
[%SYSTEM%]61692446.exe
[%SYSTEM%]64075869.exe
[%SYSTEM%]6904238.exe
[%SYSTEM%]73934572.exe
[%SYSTEM%]75082033.exe
[%SYSTEM%]77946108.exe
[%SYSTEM%]8439272.exe
[%SYSTEM%]92135256.exe
[%SYSTEM%]96062868.exe
[%SYSTEM%]astapir.exe
[%SYSTEM%]en2232v.exe
[%SYSTEM%]input8d.exe
[%SYSTEM%]inverw.exe
[%SYSTEM%]mdrvm.exe
[%SYSTEM%]onsolec.exe
[%SYSTEM%]ppmgra.exe
[%SYSTEM%]winpup.exe
[%SYSTEM%]winpup32.exe
[%SYSTEM%]_932c.exe
[%WINDOWS%]buddy.exe
[%WINDOWS%]hdciffgq.ini
[%WINDOWS%]pup.exe
[%WINDOWS%]systemallbackf.exe
[%WINDOWS%]systemcctresa.exe
[%WINDOWS%]systemdvdq.exe
[%WINDOWS%]systemhellexts.exe
[%WINDOWS%]systemlb32v.exe
[%WINDOWS%]systemlethk32o.exe
[%WINDOWS%]systemm20f.exe
[%WINDOWS%]systemmcompata.exe
[%WINDOWS%]systemmsdmodw.exe
[%WINDOWS%]systemnternati.exe
[%WINDOWS%]systemommdlgc.exe
[%WINDOWS%]systempg2spltm.exe
[%WINDOWS%]systemprservm.exe
[%WINDOWS%]systemsound3dd.exe
[%WINDOWS%]systemsratelcm.exe
[%WINDOWS%]systemstoresp.exe
[%WINDOWS%]systemtaigfxi.exe
[%WINDOWS%]systemwinpup32.exe
[%WINDOWS%]systemysinfos.exe
[%WINDOWS%]Buddy.exe
[%WINDOWS%]infbanner.inf
[%PROGRAM_FILES%]over.exe
[%PROGRAM_FILES%]pup.exe
[%SYSTEM%]20444887.exe
[%SYSTEM%]23777407.exe
[%SYSTEM%]24065798.exe
[%SYSTEM%]25199526.exe
[%SYSTEM%]27032107.exe
[%SYSTEM%]39197939.exe
[%SYSTEM%]4026430.exe
[%SYSTEM%]61692446.exe
[%SYSTEM%]64075869.exe
[%SYSTEM%]6904238.exe
[%SYSTEM%]73934572.exe
[%SYSTEM%]75082033.exe
[%SYSTEM%]77946108.exe
[%SYSTEM%]8439272.exe
[%SYSTEM%]92135256.exe
[%SYSTEM%]96062868.exe
[%SYSTEM%]astapir.exe
[%SYSTEM%]en2232v.exe
[%SYSTEM%]input8d.exe
[%SYSTEM%]inverw.exe
[%SYSTEM%]mdrvm.exe
[%SYSTEM%]onsolec.exe
[%SYSTEM%]ppmgra.exe
[%SYSTEM%]winpup.exe
[%SYSTEM%]winpup32.exe
[%SYSTEM%]_932c.exe
[%WINDOWS%]buddy.exe
[%WINDOWS%]hdciffgq.ini
[%WINDOWS%]pup.exe
[%WINDOWS%]systemallbackf.exe
[%WINDOWS%]systemcctresa.exe
[%WINDOWS%]systemdvdq.exe
[%WINDOWS%]systemhellexts.exe
[%WINDOWS%]systemlb32v.exe
[%WINDOWS%]systemlethk32o.exe
[%WINDOWS%]systemm20f.exe
[%WINDOWS%]systemmcompata.exe
[%WINDOWS%]systemmsdmodw.exe
[%WINDOWS%]systemnternati.exe
[%WINDOWS%]systemommdlgc.exe
[%WINDOWS%]systempg2spltm.exe
[%WINDOWS%]systemprservm.exe
[%WINDOWS%]systemsound3dd.exe
[%WINDOWS%]systemsratelcm.exe
[%WINDOWS%]systemstoresp.exe
[%WINDOWS%]systemtaigfxi.exe
[%WINDOWS%]systemwinpup32.exe
[%WINDOWS%]systemysinfos.exe
WinPup32 Registry Keys:
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorerpup
HKEY_CLASSES_ROOTpup.setup
HKEY_LOCAL_MACHINEsoftwarepup
WinPup32 Registry Values:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun
WinPup32 indications of infection
This symptoms of WinPup32 detection are the files, registry, and network communication referenced in the technical details section.Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.
Also Be Aware of the Following Threats:
SillyDl.CFY Trojan Cleaner
TServe Spyware Cleaner
Skiks Trojan Information
Removing SillyDl.CGI Trojan
Pigeon.AVFK Trojan Removal instruction
Posts
No comments:
Post a Comment