Technical details:
Categories: Trojan
[Other]Adware.Zhong Pcast Folders:
[%PROGRAM_FILES%]\pcast
Pcast Files:
[%DESKTOP%]\%B2%A5%B0%D4%CD%F8%C2%E7%B5%E7%CA%D3.lnk
[%PROGRAMS%]\%B2%A5%B0%D4%CD%F8%C2%E7%B5%E7%CA%D3\%B2%A5%B0%D4%CD%F8%C2%E7%B5%E7%CA%D3.lnk
[%PROGRAMS%]\%B2%A5%B0%D4%CD%F8%C2%E7%B5%E7%CA%D3\%B7%C3%CE%CA%CE%D2%C3%C7%B5%C4%CD%F8%D5%BE.url
[%PROGRAMS%]\%B2%A5%B0%D4%CD%F8%C2%E7%B5%E7%CA%D3\%D0%B6%D4%D8.lnk
[%SYSTEM%]\pCastCtl.dll
[%SYSTEM%]\PcastUpdate.dll
[%PROFILE_TEMP%]\pcastbarminibs-1.0.0.8_yh_001.exe
[%SYSTEM%]\sysreal32.dll
[%DESKTOP%]\%B2%A5%B0%D4%CD%F8%C2%E7%B5%E7%CA%D3.lnk
[%PROGRAMS%]\%B2%A5%B0%D4%CD%F8%C2%E7%B5%E7%CA%D3\%B2%A5%B0%D4%CD%F8%C2%E7%B5%E7%CA%D3.lnk
[%PROGRAMS%]\%B2%A5%B0%D4%CD%F8%C2%E7%B5%E7%CA%D3\%B7%C3%CE%CA%CE%D2%C3%C7%B5%C4%CD%F8%D5%BE.url
[%PROGRAMS%]\%B2%A5%B0%D4%CD%F8%C2%E7%B5%E7%CA%D3\%D0%B6%D4%D8.lnk
[%SYSTEM%]\pCastCtl.dll
[%SYSTEM%]\PcastUpdate.dll
[%PROFILE_TEMP%]\pcastbarminibs-1.0.0.8_yh_001.exe
[%SYSTEM%]\sysreal32.dll
Pcast Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}
HKEY_CLASSES_ROOT\clsid\{87ccfdb0-c4be-4bc2-a78c-9eaa7cf96667}
HKEY_CLASSES_ROOT\clsid\{c1764ebe-fe4f-4f55-b826-89a8aa62a7e0}
HKEY_CLASSES_ROOT\clsid\{fee1002d-90a5-4a5d-aabe-01803ffbcf7a}
HKEY_CLASSES_ROOT\interface\{0a3714dc-376e-4bea-89bb-c9a172964c62}
HKEY_CLASSES_ROOT\interface\{58cbc597-b176-472d-be10-3e7589bd6fee}
HKEY_CLASSES_ROOT\interface\{68bea531-2d55-4ff6-9b40-cdd285c44f7a}
HKEY_CLASSES_ROOT\interface\{8a0bc0bc-362e-4e43-95b6-5d166d3ee595}
HKEY_CLASSES_ROOT\interface\{90fc1985-cbbf-4105-bd75-20f0bffc86dd}
HKEY_CLASSES_ROOT\pcast.podcastbarmini
HKEY_CLASSES_ROOT\pcast.podcastbarmini.1
HKEY_CLASSES_ROOT\pcastcontrol.pcastpanel
HKEY_CLASSES_ROOT\pcastcontrol.pcastpanel.1
HKEY_CLASSES_ROOT\pcastupdate.pcastup
HKEY_CLASSES_ROOT\pcastupdate.pcastup.1
HKEY_CLASSES_ROOT\typelib\{11182f46-0f21-4b04-a095-e7dc0ded4df5}
HKEY_CLASSES_ROOT\typelib\{c02099cc-eb47-4b4f-bc46-72de6582e1c4}
HKEY_CLASSES_ROOT\typelib\{c7f88c1a-df17-423b-b960-108ab7551faa}
HKEY_CURRENT_USER\software\pcast
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\%B3%AC%BC%B6%B2%A5%B0%D4
HKEY_LOCAL_MACHINE\software\pcast
HKEY_CLASSES_ROOT\chajian.chajianhelper
HKEY_CLASSES_ROOT\clsid\{0cb66ba8-5e1f-4963-93d1-e1d6b78fe9a2}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{0cb66ba8-5e1f-4963-93d1-e1d6b78fe9a2}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\³¬¼¶²¥°Ô
Pcast Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Pcast indications of infection
This symptoms of Pcast detection are the files, registry, and network communication referenced in the technical details section.Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.
Also Be Aware of the Following Threats:
Win32.Rebooter Trojan Symptoms
Bancos.GLT Trojan Cleaner
Omnilnet Hacker Tool Removal
Removing Dynamic.Desktop.Media Trojan
Posts
No comments:
Post a Comment