Trojan.Scapur!sd6

Posted: February 17, 2010

Trojan.Scapur!sd6 is a Trojan which downloads corrupt files and creates a backdoor for malware. Threats related to Trojan.Scapur!sd6 include a malicious adware program. Trojan.Scapur!sd6 customizes the system settings and adds new values to the system registry. Remove Trojan.Scapur!sd6 and all assciated threats immediately using a reliable anti-virus program.

Aliases

Generic Downloader.ab (McAfee)
Troj/Agent-IME (Sophos)

File System Modifications

The following files were created in the system:

#	File Name
1	%CommonPrograms%\Anti-Spam Bastion\Anti-Spam Bastion.lnk
2	%CommonPrograms%\Anti-Spam Bastion\Uninstall Anti-Spam Bastion.lnk
3	%DesktopDir%\Anti-Spam Bastion.lnk
4	%ProgramFiles%\Anti-Spam Bastion\es1.GIF
5	%ProgramFiles%\Anti-Spam Bastion\kWab.dll
6	%ProgramFiles%\Anti-Spam Bastion\unins000.exe
7	%Programs%\Get 320% Welcome Bonus!.lnk
8	%StartMenu%\Get 320% Welcome Bonus!.lnk

Registry Modifications

The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{248DD890-BB45-11CF-9ABC-0080C7E7B78D}\1.0\HELPDIR][HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{248DD890-BB45-11CF-9ABC-0080C7E7B78D}\1.0][HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{BDC217C8-ED16-11CD-956C-0000C04E4C0A}\1.1\0\win32][HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{BDC217C8-ED16-11CD-956C-0000C04E4C0A}\1.1\HELPDIR][HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{BDC217C8-ED16-11CD-956C-0000C04E4C0A}\1.1][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

Trojan.Scapur!sd6

Aliases

File System Modifications

Registry Modifications

Leave a Reply