Dangerous Trojan

Posted: April 8, 2008

Dangerous Trojan is Trojan used to promote rogue anti-spyware programs like IEDefender. Once you click on the "Dangerous Trojan" fake warning message, you'll be redirected to a rogue website that will convince you to purchase a rogue anti-spyware program. Do not provide any personal information or download any programs "Dangerous Trojan" fake warning message recommends.

File System Modifications

The following files were created in the system:

#	File Name
1	avicap3.dll
2	browsew.dll
3	byxww.dll
4	ctl3d3.dll
5	D3DCompiler_3.dll
6	dbmsrpcnw.dll
7	ddcyvtt.dll
8	domnftwqpd.dll
9	duserf.dll
10	efcdcbx.dll
11	ezzhjmt.dll
12	hggdbab.dll
13	mljjh.dll
14	oggview32.dll
15	pmkhi.dll
16	poswin.dll
17	sprt_ads.dll
18	ssqpp.dll
19	sstqr.dll
20	toprates.dll
21	ttaqdcwmaoxzw.dll
22	turbosearchsite.dll
23	tuvtr.dll
24	wfcynbmx.dll
25	xmljacodec.dll

Registry Modifications

The following CLSID's were detected:
HKEY..\..\{CLSID Path}819EFD78-6FD4-42EF-9030-F6DAB24BB9F09DEC81A1-919F-41F0-A983-7F202E3EBBB300DC0058-A87E-4D19-9C26-F1AAC98AD4D73DAF1739-AB9E-493E-8DD7-F65CDF363BCB4911E55D-9240-49DB-B878-337DE4F53E70A74F3FC3-CC9A-4D4C-AFB5-B56F0CAA445D14B65C62-1F53-4B15-9476-5D697608536F47EFD4AD-CB46-4549-B24B-CEE415394C563D50DBC0-414E-480F-9C5E-5DB9E4568EF78E015787-B1E3-404a-95DE-3E71E1FA03054AAC4708-FE47-4B80-92EF-47406444DDD2CAA8DC4B-648A-4C2F-8F2A-39E607830DEF4E7BD74F-2B8D-469E-A0E8-F479B685FA7DBD8C0E45-7FC1-48A2-8A8A-ABCDFF848D23C3DFA1D4-A6F6-4920-A4E1-AD78DA649AA29733dacb-e689-4eb1-9928-aa8008944dd5F10587E9-0E47-4CBE-84AE-7DD20B8684BB7E24E909-FB8A-4837-9DF7-05E7587CB26C4EBAA7B0-740D-4CFA-9455-5C233BB354E11E40AD15-4280-428A-9A26-AB96F9DA2ACEE90BBB19-1B2E-42C0-8BFF-AFC6984247DD69B98C68-D2B8-4A4E-9CB7-E85B6F3A701417D2F953-B2D1-4D1B-BCD3-20432E09ECF182C8422E-86A3-41C1-9F2E-094F7BF849E24090F502-6B2D-41B4-8409-B08905A3A0E6BCBC8B3C-397C-4D98-B6BA-FF337B9671E180DFDD57-D8B8-4991-82B9-9E9D426668B0

Dangerous Trojan

File System Modifications

Registry Modifications

Related Posts

Leave a Reply