Home Malware Programs Trojans Un-named Trojan

Un-named Trojan

Posted: May 15, 2006

When you have an Un-named Trojan, or Unclassified Trojan, on your computer, the reason for not being able to classify it could be explained in two scenarios. First, an Un-named Trojan can mean that the component(s) detected is commonly used by a variety of spyware and adware. Second, the Un-named Trojan is considered to be malicious but no no proper name has been assigned to it.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 carules.dll
    2 casync.dll
    3 ccaption.dll
    4 cdaslib.dll
    5 cdaslib2.dll
    6 cdaslib3.dll
    7 cdaslib4.dll
    8 cdrules.dll
    9 cdsync.dll
    10 coax.dll
    11 conexc.dll
    12 coolbar.dll
    13 crrx32.dll
    14 ltmmtsoi.exe
    15 pzabbv.exe
    16 pzmkswp.exe
    17 q9aaikh1.exe
    18 qadm.exe
    19 qarbpvmc.exe
    20 qbfwbk.exe
    21 qorwefzf.exe
    22 qwetcm.exe
    23 raoxkvmb.exe
    24 rtart6.exe
    25 scmzit.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run6nat9u00.exeHKEY_CURRENT_USER\software\microsoft\windows\currentversion\runadmparse1024f.exeHKEY_CURRENT_USER\software\microsoft\windows\currentversion\runadwarespyHKEY_CURRENT_USER\software\microsoft\windows\currentversion\runatiupdateHKEY_CURRENT_USER\software\microsoft\windows\currentversion\runbauqrwz7rHKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonceaolinstentmessengerHKEY_CURRENT_USER\software\microsoft\windows\currentversion\runoncehw6rh.exe
  • The following CLSID's were detected:
    HKEY..\..\{CLSID Path}cd5e2ac9-25ce-a1c5-d1e2-dc6b28a6ed5afa040b34-fbe9-4bef-9d85-f90becaaca995a04c6ca-9f26-4a84-b5c4-e67e817d9bc7e9ccf15d-4c68-4b5a-9e9a-8e12e4bd39bd
Loading...