W32.Daprosy
W32.Daprosy is a vicious Worm that steals information such as bank account usernames, passwords and credit card details from your computer and sends it to a hacker. W32.Daprosy contains many malicious components such as an adware component that produces annoying adverts when you connect to the Internet. W32.Daprosy also makes contact with a remote server to log the infection and attempts to install other malware. W32.Daprosy can also easily download malicious trojans that opens network ports and allows hackers to gain unauthorized access to the system. W32.Daprosy should not be given any leeway to take control of your computer, have the threat removed immediately.
Aliases
Worm:Win32/Autorun.UD (Microsoft)
File System Modifications
- The following files were created in the system:
# File Name 1 %CommonAppData%\Microsoft\KBDriver\Classified.exe 2 %CommonAppData%\Microsoft\KBDriver\kbdsys.exe 3 %CommonAppData%\Zilch.InfiniSoft\dirlock.exe 4 %CommonDesktopDir%\Classified.exe 5 %CommonDesktopDir%\classified\Classified.exe 6 %CommonDocuments%\Classified.exe 7 %CommonDocuments%\classified\Classified.exe 8 %CommonDocuments%\My Music.exe 9 %CommonDocuments%\My Pictures.exe 10 %CommonDocuments%\My Videos.exe 11 %CommonPrograms%\Startup\Classified.exe 12 %MyDocuments%\Classified.exe 13 %MyDocuments%\My eBooks.exe 14 %MyDocuments%\My Music.exe 15 %MyDocuments%\My Pictures.exe 16 %ProgramFiles%\Adobe.exe 17 %ProgramFiles%\Classified.exe 18 %ProgramFiles%\Common Files.exe 19 %ProgramFiles%\ComPlus Applications.exe 20 %ProgramFiles%\Internet Explorer.exe 21 %ProgramFiles%\Messenger.exe 22 %ProgramFiles%\microsoft frontpage.exe 23 %ProgramFiles%\Movie Maker.exe 24 %ProgramFiles%\MSN Gaming Zone.exe 25 %ProgramFiles%\MSN.exe 26 %ProgramFiles%\NetMeeting.exe 27 %ProgramFiles%\Online Services.exe 28 %ProgramFiles%\Outlook Express.exe 29 %ProgramFiles%\VMware.exe 30 %ProgramFiles%\Web Publish.exe 31 %ProgramFiles%\Windows Media Player.exe 32 %ProgramFiles%\Windows NT.exe 33 %ProgramFiles%\WinPcap.exe 34 %ProgramFiles%\xerox.exe 35 %System%\1025.exe 36 %System%\1028.exe 37 %System%\1031.exe 38 %System%\1033.exe 39 %System%\1037.exe 40 %System%\1041.exe 41 %System%\1042.exe 42 %System%\1054.exe 43 %System%\2052.exe 44 %System%\3076.exe 45 %System%\3com_dmi.exe 46 %System%\CatRoot.exe 47 %System%\CatRoot2.exe 48 %System%\Classified.exe 49 %System%\Com.exe 50 %System%\config.exe 51 %System%\dhcp.exe 52 %System%\DirectX.exe 53 %System%\drivers.exe 54 %System%\export.exe 55 %System%\ias.exe 56 %System%\icsxml.exe 57 %System%\IME.exe 58 %System%\inetsrv.exe 59 %System%\Macromed.exe 60 %System%\MsDtc.exe 61 %System%\mui.exe 62 %System%\npp.exe 63 %System%\nthlpsvc1.exe 64 %System%\Restore\MachineGuid.txt 65 %Windir%\addins.exe 66 %Windir%\AppPatch.exe 67 %Windir%\Cache.exe 68 %Windir%\Classified.exe 69 %Windir%\Config.exe 70 %Windir%\Connection Wizard.exe 71 %Windir%\Cursors.exe 72 %Windir%\Debug.exe 73 %Windir%\dns.exe 74 %Windir%\Driver Cache.exe 75 %Windir%\ehome.exe 76 %Windir%\Help.exe 77 %Windir%\ime.exe 78 %Windir%\java.exe 79 %Windir%\lsass.exe 80 %Windir%\Media.exe 81 %Windir%\Microsoft.NET.exe 82 %Windir%\msagent.exe 83 %Windir%\msapps.exe 84 %Windir%\mui.exe 85 %Windir%\Offline Web Pages.exe 86 %Windir%\pchealth.exe 87 %Windir%\PeerNet.exe 88 %Windir%\Prefetch.exe 89 %Windir%\Provisioning.exe 90 %Windir%\Registration.exe 91 %Windir%\repair.exe 92 %Windir%\Resources.exe 93 %Windir%\security.exe 94 %Windir%\shutdown.dll 95 %Windir%\SoftwareDistribution.exe 96 %Windir%\srchasst.exe 97 %Windir%\system.exe 98 c:\autorun.inf 99 c:\Classified.exe 100 c:\Documents and Settings.exe 101 c:\Inetpub.exe 102 c:\Program Files.exe 103 c:\Read1st!.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.