Vapidab Trojan

Vapidab virus description
Technical details:
Categories: Trojan,Downloader
Vapidab Aliases:
[Kaspersky]Hoax.Win32.Renos.kj,Trojan-Downloader.Win32.VB.bql;
[Other]Mal/Emogen-O

Vapidab Folders:
[%PROGRAM_FILES%]\e-zshopper
[%SYSTEM%]\acespy

Vapidab Files:
[%SYSTEM%]\ace16win.dll
[%SYSTEM%]\dpqaqlqx.bin
[%SYSTEM%]\sznf.ascii
[%SYSTEM%]\vxddsk.exe
[%SYSTEM%]\wml.exe
[%WINDOWS%]\764.exe
[%WINDOWS%]\7search.dll
[%WINDOWS%]\aconti.exe
[%WINDOWS%]\aconti.ini
[%WINDOWS%]\aconti.log
[%WINDOWS%]\aconti.sdb
[%WINDOWS%]\acontidialer.txt
[%WINDOWS%]\adbar.dll
[%WINDOWS%]\daxtime.dll
[%WINDOWS%]\dp0.dll
[%WINDOWS%]\eventlowg.dll
[%WINDOWS%]\flt.dll
[%WINDOWS%]\hotporn.exe
[%WINDOWS%]\jd2002.dll
[%WINDOWS%]\kkcomp$.exe
[%WINDOWS%]\ngd.dll
[%WINDOWS%]\pbar.dll
[%WINDOWS%]\spredirect.dll
[%WINDOWS%]\vxddsk.exe
[%WINDOWS%]\wbeInst$.exe
[%WINDOWS%]\wml.exe
[%WINDOWS%]\xadbrk_.exe
[%WINDOWS%]\xxxvideo.exe
[%SYSTEM%]\ace16win.dll
[%SYSTEM%]\dpqaqlqx.bin
[%SYSTEM%]\sznf.ascii
[%SYSTEM%]\vxddsk.exe
[%SYSTEM%]\wml.exe
[%WINDOWS%]\764.exe
[%WINDOWS%]\7search.dll
[%WINDOWS%]\aconti.exe
[%WINDOWS%]\aconti.ini
[%WINDOWS%]\aconti.log
[%WINDOWS%]\aconti.sdb
[%WINDOWS%]\acontidialer.txt
[%WINDOWS%]\adbar.dll
[%WINDOWS%]\daxtime.dll
[%WINDOWS%]\dp0.dll
[%WINDOWS%]\eventlowg.dll
[%WINDOWS%]\flt.dll
[%WINDOWS%]\hotporn.exe
[%WINDOWS%]\jd2002.dll
[%WINDOWS%]\kkcomp$.exe
[%WINDOWS%]\ngd.dll
[%WINDOWS%]\pbar.dll
[%WINDOWS%]\spredirect.dll
[%WINDOWS%]\vxddsk.exe
[%WINDOWS%]\wbeInst$.exe
[%WINDOWS%]\wml.exe
[%WINDOWS%]\xadbrk_.exe
[%WINDOWS%]\xxxvideo.exe

Vapidab Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{00000012-890e-4aac-afd9-eff6954a34dd}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{029e02f0-a0e5-4b19-b958-7bf2db29fb13}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{12f02779-6d88-4958-8ad3-83c12d86adc7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{1adbcce8-cf84-441e-9b38-afc7a19c06a4}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{53c330d6-a4ab-419b-b45d-fd4411c1fef4}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{54645654-2225-4455-44a1-9f4543d34546}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{669695bc-a811-4a9d-8cdf-ba8c795f261e}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6abc861a-31e7-4d91-b43b-d3c98f22a5c0}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{a4a435cf-3583-11d4-91bd-0048546a1450}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{b8875bfe-b021-11d4-bfa8-00508b8e9bd3}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{c2680e10-1655-4a0e-87f8-4259325a84b7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{c4ca6559-2cf1-48b6-96b2-8340a06fd129}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{c5af2622-8c75-4dfb-9693-23ab7686a456}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{ca1d1b05-9c66-11d5-a009-000103c1e50b}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d8efadf1-9009-11d6-8c73-608c5dc19089}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{e9306072-417e-43e3-81d5-369490beef7c}


Vapidab indications of infection

This symptoms of Vapidab detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Bancos.HTU Trojan Cleaner
Win32.VB.bc Trojan Removal
Symes Backdoor Information

No comments: