Trojan-PSW.Win32.Dripper Description

Trojan-PSW.Win32.Dripper is a dangerous Trojan which is increasingly being used by the rogue anti-spyware programs Additional Guard and Enterprise Suite to scare users by making them think their systems are infected. Trojan-PSW.Win32.Dripper is well known for it?s nefarious tactics used to steal personal information including passowords, account information and email addresses.

» Learn more about SpyHunter's Spyware Detection Tool
and steps to uninstall SpyHunter.

Trojan-PSW.Win32.Dripper Automatic Detection Tool (Recommended)

Is your PC infected with Trojan-PSW.Win32.Dripper? To safely & quickly detect Trojan-PSW.Win32.Dripper we highly recommend you run the malware scanner listed below.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %Program Files%\Mozilla Firefox\searchplugins\search.xml
    2 %UserProfile%\Application Data\2565da61\278.mof
    3 %UserProfile%\Application Data\2565da61\ag.cfg
    4 %UserProfile%\Application Data\2565da61\AG.ico
    5 %UserProfile%\Application Data\2565da61\AG345d.exe
    6 %UserProfile%\Application Data\2565da61\AGSys
    7 %UserProfile%\Application Data\2565da61\AGSys\
    8 %UserProfile%\Application Data\2565da61\mozcrt19.dll
    9 %UserProfile%\Application Data\2565da61\sqlite3.dll
    10 %UserProfile%\Recent\cb.exe
    11 %UserProfile%\Recent\CLSV.tmp
    12 %UserProfile%\Recent\ddv.dll
    13 %UserProfile%\Recent\dudl.drv
    14 %UserProfile%\Recent\energy.dll
    15 %UserProfile%\Recent\energy.sys
    16 %UserProfile%\Recent\exec.exe
    17 %UserProfile%\Recent\fan.drv
    18 %UserProfile%\Recent\FS.dll
    19 %UserProfile%\Recent\PE.drv
    20 %UserProfile%\Recent\ppal.exe
    21 %UserProfile%\Recent\SICKBOY.tmp
    22 %UserProfile%\Recent\tjd.sys

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “{searchTerms}”HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “{searchTerms}”HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1”HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}HKEY_CLASSES_ROOT\xp_7a9be.DocHostUIHandler

Additional Information on Trojan-PSW.Win32.Dripper

  • The following messages’s were detected:
    # Message
    1 Warning! Virus Detected

    Threat Detected: Trojan-PSW.Win32.Dripper
Posted: October 20, 2010 | By
Rate this article:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Threat Metric
Threat Level: 8/10
Home Malware ProgramsTrojans Trojan-PSW.Win32.Dripper

One Comment

  • William Picaa says:

    Great, I have at last been able to boot into safe mode but this trojan keeps blocking internet access i think. Not sure what i am to do. Last resort will be trying your malware scanner thing and see if that can do it. I will even register to try it out. Well worth it instead of paying geek squad over $80 just to drop my PC off to get fixed.

Leave a Reply

What is 4 + 9 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)