Moiling Trojan

Moiling virus description
Technical details:
Categories: Trojan,Adware
Moiling Aliases:
[Kaspersky]Trojan-Downloader.Win32.Zlob.zj,Trojan-Downloader.Win32.Zlob.zv,Trojan-Downlaoder.Win32.Zlob.to,Trojan-Downlaoder.Win32.Zlob.zy,Trojan-Downloader.Win32.Zlob.zp,Trojan-Downloader.Win32.Zlob.to,Troajn-Downlaoder.Win32.Zlob.wb,Trojan-Downloader.win32.Zlob.aam,Hoax.Win32.Renos.ed,Troajn-Downlaoder.Win32.Zlob.abg,Trojan-Downlaoder.Win32.Zlob.adh,Trojan-Downloader.Win32.Zlob.yt,Trojan-Downloader.Win32.Zlob.aeb,Trojan-Downloader.Win32.Zlob.adl,Trojan-Downloader.Win32.Zlob.afi,Trojan-Downloader.Win32.Zlob.nu,Trojan-Downloader.Win32.Zlob.aap,Trojan-Downloader.Win32.Zlob.xn,Trojan-Downloader.Win32.Zlob.amm,Trojan-Downloader.Win32.Zlob.aew,Trojan-Downloader.Win32.Zlob.ano,Hoax.Win32.Renos.fh,Hoax.Win32.Renos.fn,Troaj-Downloader.Win32.Zlob.aoy,Trojan-Downloader.Win32.Zlob.aqh,Hoax.Win32.Renos.fo,Trojan-downloader.Win32.Zlob.aqh,Trojan-downloader.Win32.Zlob.atg,Trojan-Downloader.Win32.Zlob.auc,Trojan-Downloader.Win32.Zlob.avc,Trojan-Downloader.Win32.Zlob.bh,Trojan-Downloader.Win32.Zlob.mh,Trojan-Downloader.Win32.Zlob.ap,Trojan-Downloader.Win32.Zlob.axt,Trojan-Downloader.Win32.Zlob.ou,Trojan-Downloader.Win32.Zlob.bai,Trojan-Downloader.Win32.Zlob.bni,Trojan-Downlaoder.Win32.Zlob.boi,Trojan-Downloader.Win32.Zlob.bvp,Trojan-Downloader.Win32.Zlob.bnw,Trojan-Downloader.Win32.Zlob.fy;
[McAfee]Puper,Generic Downloader.y,Puper.gen;
[F-Prot]W32/Downloader.JWQ;
[Other]Win32.Moiling.CD,Win32/Moiling.CE,Trojan.Zlob,Win32/Moiling,Win32/Moiling.CO,Win32/Moiling.CJ,Win32/Moiling.CL,Trojan.Vundo,TROJ_ZLOB.AJG,Win32/Moiling.CN,Win32/Moiling.CG,Win32.Moiling.CT,Hoax.Win32.Renos.dy,Win32/Moiling.CU,Win32/Moiling.CX,Trojan-Downloader.Win32.Zlob.yt,Win32/Moiling.DA,Win32/Moiling.DC,Win32/Moiling.DE,Win32/Moiling.DH,Win32/Moiling.DG,Trojan.Secup,Win32/Moiling.DL,Win32/Moiling.DI,Win32/Moiling.DJ,Win32/Moiling.DT,Win32/Moiling.CF,Win32/Moiling.EL,Win32/Moiling.DX,Win32/Moiling.DZ,Win32/Moiling.EA,Win32/Moiling.EC,Win32/Moiling.EE,Win32/Moiling.EF,Win32/Moiling.EG,Win32/Moiling.EH,Win32/Moiling.EJ,spywareQuake,Win32/Moiling.EK,SpywareQuake,Win32/Moiling.EO,Trojan.Emcodec,Win32/Moiling.EP,TROJ_ZLOBMI.W,Trojan-Downloader.Zlob.MediaCodec,Win32/Moiling.EM,Win32/Moiling.EN,Win32/Moiling.EQ,Win32/Moiling EA,DesktopScam,Win32/Moiling!generic,W32/Zlob.ZF,Troj/Zlob-BO,security2k hijacker,Win32/Moiling.AW,Win32/Moiling.DQ,Win32/Moiling.DR,Troj/Zlob-BC,W32/Startpage.CPU,Win32/Moiling.ER,Win32/Moiling.FF,Win32/Moiling.ES,Win32/Moiling.EW,Win32/Moiling.FH,Trojan.Adclicker,Win32/Moiling.FI,Win32/Moiling.FJ,Win32/Moiling.FQ,TrojanDownloader:Win32/Zlob.gen,Win32/Moiling.FX,SpyLocked,Win32/Moiling.FY,TrojanDownloader.Win32/Zlob.gen!D,TrojanDownloader:Win32/Zlob,Win32/Moiling.GD

Moiling Files:
[%PROFILE_TEMP%]\temp.fr????
[%PROFILE_TEMP%]\temp.fr????\pmmnt.exe
[%PROFILE_TEMP%]\temp.fr????\pmmon.exe
[%PROFILE_TEMP%]\temp.fr????\pmsnrr.exe
[%PROGRAM_FILES%]\iVideoCodec\pmmon.exe
[%PROGRAM_FILES%]\iVideoCodec\pmsngr.exe
[%PROGRAM_FILES%]\MMediaCodec\pmmon.exe
[%PROGRAM_FILES%]\Video Access ActiveX Object\pmmnt.exe
[%PROGRAM_FILES%]\Video Access ActiveX Object\pmsnrr.exe
[%PROGRAM_FILES%]\Video ActiveX Object\pmmnt.exe
[%PROGRAM_FILES%]\Video ActiveX Object\pmsnrr.exe
[%PROGRAM_FILES%]\Video AX Object\smmain.exe
[%PROGRAM_FILES%]\Video AX Object\smmon.exe
[%PROGRAM_FILES%]\VideoKeyCodec\pmmon.exe
[%SYSTEM%]\ATMCLK.0XE
[%DESKTOP%]\921185\pmmnt.exe
[%DESKTOP%]\921185\pmsnrr.exe
[%PROFILE_TEMP%]\temp.fr????
[%PROFILE_TEMP%]\temp.fr????\pmmnt.exe
[%PROFILE_TEMP%]\temp.fr????\pmmon.exe
[%PROFILE_TEMP%]\temp.fr????\pmsnrr.exe
[%PROGRAM_FILES%]\iVideoCodec\pmmon.exe
[%PROGRAM_FILES%]\iVideoCodec\pmsngr.exe
[%PROGRAM_FILES%]\MMediaCodec\pmmon.exe
[%PROGRAM_FILES%]\Video Access ActiveX Object\pmmnt.exe
[%PROGRAM_FILES%]\Video Access ActiveX Object\pmsnrr.exe
[%PROGRAM_FILES%]\Video ActiveX Object\pmmnt.exe
[%PROGRAM_FILES%]\Video ActiveX Object\pmsnrr.exe
[%PROGRAM_FILES%]\Video AX Object\smmain.exe
[%PROGRAM_FILES%]\Video AX Object\smmon.exe
[%PROGRAM_FILES%]\VideoKeyCodec\pmmon.exe
[%SYSTEM%]\ATMCLK.0XE
[%DESKTOP%]\921185\pmmnt.exe
[%DESKTOP%]\921185\pmsnrr.exe

Moiling Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run

Moiling indications of infection

This symptoms of Moiling detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Remove Vxidl.API Trojan
Remove Riviera.Gold.Casino Adware
Bancos.GNU Trojan Removal

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)