Trojan.Katusha
Posted: April 16, 2009
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Ranking: | 16,648 |
---|---|
Threat Level: | 9/10 |
Infected PCs: | 8,469 |
First Seen: | July 24, 2009 |
---|---|
Last Seen: | August 20, 2023 |
OS(es) Affected: | Windows |
Trojan.Katusha is a generic label for a group of Trojans that may install other forms of PC threats or create serious security holes on your PC. Many variants of Trojan.Katusha are currently-propagated, and their symptoms may vary, but some Trojan.Katusha detections are also false positives (instances of a safe file being inaccurately-labeled as a threat). However, SpywareRemove.com malware researchers are pleased to note that all currently-known forms of Trojan.Katusha false positives have been solved by patches; therefore, you should consider updating your anti-malware software if you find a Trojan.Katusha detection that you suspect to be inaccurate. Nonetheless, real Trojan.Katusha infections remain a danger to any PC, and you should be prepared to delete Trojan.Katusha with a dependable anti-malware product if you find an actual Trojan.Katusha Trojan on your computer.
The Fake Trojan.Katusha That You Can Rest Easy Over Encountering
In some cases, SpywareRemove.com malware researchers note that Trojan.Katusha can be, not an actual Trojan, but a simple misidentification error in PC security software. This form of error or false positive is commonly-caused by updates in unrelated and safe programs, and Trojan.Katusha false positives, in particular, have been known to occur even in Windows security updates. If you're certain that a Trojan.Katusha alert is a false positive, you can simply set your anti-malware software to ignore this fake Trojan.Katusha and continue about its business; this will allow the program update to proceed, although your security software should still be able to detect real Trojan.Katusha intrusions from other sources.
All known security programs that have a history of false positives for Trojan.Katusha have also solved these problems via threat definition patches, with the last-known false positive patched as of July 2011. Patching your anti-malware program should, thusly, be one of the basic steps you take after you encounter a fake Trojan.Katusha alert. This should accomplish essentially the same thing as setting your software to ignore the false positive and still allow your security to thwart actual Trojan.Katusha attacks in the future.
The Actual Trojan.Katusha That You Shouldn't Take Lightly
Even though the most publicized Trojan.Katusha alerts have been false positives, real Trojan.Katusha infections are also a distinct possibility for your PC since variants of Trojan.Katusha are still in circulation. SpywareRemove.com malware researchers note that Trojan.Katusha can be recognized by many names due to its broad nature and due to differing categorization methods between PC security companies. Some of Trojan.Katusha's aliases are Trojan.Codecpack.Gen.6, Trojan.FakeAV!gen29, TrojanDownloader:Win32/Renos.LX, VirTool.Win32.Obfuscator.hg!b (v) and Malware-Cryptor.Win32.Palka. Genuine Trojan.Katusha Trojans are spread throughout the web by fake online scanners and fake codec updates; as always, it's recommended that you distrust system scans and software updates that aren't from reputable sources.
Trojan.Katusha attacks may vary, due to a number of factors, but often include:
- Dropper functions that install malicious software (such as spyware, rogue security programs or self-copying worms).
- Backdoor functions that lower your computer's security so that Trojan.Katusha's hacker partners can take over your PC.
In all cases, removing Trojan.Katusha with suitable anti-malware software as quickly as possible is the best solution to re-secure your PC from the possibility of remote control, theft and other forms of damage.
Aliases
More aliases (100)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:C:\Program Files (x86)\Free Keylogger Pro\Free KLP.exe
File name: Free KLP.exeSize: 114.68 KB (114688 bytes)
MD5: d3df5712baf1dea02bf952b59b042564
Detection count: 7,560
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\Free Keylogger Pro\Free KLP.exe
Group: Malware file
Last Updated: August 20, 2023
%APPDATA%\ohydy.exe
File name: ohydy.exeSize: 77.82 KB (77824 bytes)
MD5: d4345f2d7b03cc07a19c5969155e7d70
Detection count: 630
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: September 16, 2010
win32extension.dll
File name: win32extension.dllSize: 637.44 KB (637440 bytes)
MD5: 9da6bb235861b1240560d22a46bd1453
Detection count: 95
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: January 29, 2010
win32extension.dll
File name: win32extension.dllSize: 633.34 KB (633344 bytes)
MD5: 0bd901a7882c55ba6e9edcf61b04beda
Detection count: 94
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: January 29, 2010
win32extension.dll
File name: win32extension.dllSize: 642.04 KB (642048 bytes)
MD5: 7525fa0dbbbcfb2be351710a4920cab6
Detection count: 93
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: January 29, 2010
dwtrig20microsoft.exe
File name: dwtrig20microsoft.exeSize: 153.6 KB (153600 bytes)
MD5: 3dc5d5c9498558f98d3ba036fc637836
Detection count: 81
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: May 18, 2010
79F.tmp
File name: 79F.tmpSize: 153.08 KB (153088 bytes)
MD5: 4ba1a1b00e5b4f48509629edf04e6cce
Detection count: 80
File type: Temporary File
Mime Type: unknown/tmp
Group: Malware file
Last Updated: May 18, 2010
%TEMP%\svchost.exe
File name: svchost.exeSize: 2.78 MB (2781716 bytes)
MD5: 2a2383987f5525bac2108aa1de065b74
Detection count: 68
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: October 20, 2010
win32extension.dll
File name: win32extension.dllSize: 632.32 KB (632320 bytes)
MD5: 9215f341fabc80fc5dc1b5d9bc74e58b
Detection count: 56
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: March 2, 2010
win32extension.dll
File name: win32extension.dllSize: 637.44 KB (637440 bytes)
MD5: 0188bb7dbef3ca94d3116c67c015d98b
Detection count: 44
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: January 24, 2010
win32extension.dll
File name: win32extension.dllSize: 631.29 KB (631296 bytes)
MD5: 9d449cc08152ee8f3738549205342c66
Detection count: 43
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: January 24, 2010
win32extension.dll
File name: win32extension.dllSize: 634.88 KB (634880 bytes)
MD5: f820732a102419049c3c42b5bbb9c3f7
Detection count: 30
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: February 8, 2010
system.exe
File name: system.exeSize: 30.21 KB (30212 bytes)
MD5: aeae34fe29a9b15c0d3eaba7b3521e4a
Detection count: 24
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: April 8, 2010
win32extension.dll
File name: win32extension.dllSize: 626.17 KB (626176 bytes)
MD5: 79f799886829869739bfe8de93c827f2
Detection count: 16
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: February 3, 2010
win32extension.dll
File name: win32extension.dllSize: 630.27 KB (630272 bytes)
MD5: 2a625fcb048f8c3c21f8c489e0be1676
Detection count: 15
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: February 3, 2010
win32extension.dll
File name: win32extension.dllSize: 622.59 KB (622592 bytes)
MD5: 7bfdf3429671d30e167f1da935edd236
Detection count: 14
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: February 3, 2010
%WINDIR%\Mcojoa.exe
File name: Mcojoa.exeSize: 176.12 KB (176128 bytes)
MD5: 5244a690c6ba42c2b095fbf1b9395466
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%
Group: Malware file
Last Updated: November 2, 2010
win32extension.dll
File name: win32extension.dllSize: 632.83 KB (632832 bytes)
MD5: 7462653f70aab2143984a9cf62163fb6
Detection count: 13
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: February 3, 2010
win32extension.dll
File name: win32extension.dllSize: 641.02 KB (641024 bytes)
MD5: 1449eb0393ff723dd66c8bc889859922
Detection count: 12
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: February 3, 2010
win32extension.dll
File name: win32extension.dllSize: 638.46 KB (638464 bytes)
MD5: c691619abd91f2e55b1195c3b7dfd6fe
Detection count: 11
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: February 3, 2010
win32extension.dll
File name: win32extension.dllSize: 627.2 KB (627200 bytes)
MD5: e1bbbbfced68a9275d4cf223c8b771de
Detection count: 10
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: February 3, 2010
notepad.dll
File name: notepad.dllSize: 34.3 KB (34304 bytes)
MD5: 45cddba5ef413e10576745fa4b1faf49
Detection count: 0
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: April 15, 2010
More files
Registry Modifications
CLSID{2E59498D-7E44-4452-9044-0973B080B9E8}
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.