Home Malware Programs Browser Hijackers asecuremask.com

asecuremask.com

Posted: September 26, 2007

asecuremask.com is a variant of Trojan.Zlob. It hijacks your homepage and redirects your IE homepage to "www. asecuremask.com". Asecuremask.com displays fake Warning messages stating that your computer is infected by W32.Myzor.fk@yf Trojan, for instance, which is not a real Trojan, and then it asks you to buy other Trojan related rouge security programs such as, VirusProtectPro, AntiVirGear, MalwareAlarm, MalwareWiped and so on. If your PC is hijacked by asecuremask.com, then all your personal and financial may be in jeopardy because asecuremask.com transfers back and forth information from the infected computer which makes it a potential for data security risk.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 afzdbl.dll
    2 bgwttyl.dll
    3 cfqbw.dll
    4 cqsfk.dll
    5 dxovx.dll
    6 dyrwls.dll
    7 fdpzgi.dll
    8 gtawclv.dll
    9 iesplugin.dll
    10 iesuninst.exe
    11 isaddon.dll
    12 isamini.exe
    13 isamonitor.exe
    14 khtbpdl.dll
    15 lrnjnzf.dll
    16 pmmon.exe
    17 pmsngr.exe
    18 pmuninst.exe
    19 psndz.dll
    20 tkrsw.dll
    21 ugofuq.dll
    22 vgibz.dll
    23 vjxwnn.dll
    24 wzhtjqo.dll
    25 zpuwriz.dll

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49CF52D7-8D58-4E22-A874-AAD721F5B523}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70d17a5f-ef27-4295-90f5-20ad6f24834f}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80ced3d6-ece9-48ba-8df8-2503d8d87c2b}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D61D7E1A-6613-49CA-B6F9-51DB248E209D}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa6d4f53-4c8d-4549-84d2-02d584acc4e9}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{967A494A-6AEC-4555-9CAF-FA6EB00ACF91}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSDNS.MSDNSAppHKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{A8954909-1F0F-41A5-A7FA-3B376D69E226}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\browsers.ToolBar.1HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VideoExtension HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSVPS.MSVPSAppHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49CF52D7-8D58-4E22-A874-AAD721F5B523}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5574E139-F59C-4bee-9A61-150B0D3A16C7}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper objects\{D61D7E1A-6613-49CA-B6F9-51DB248E209D}HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}IExplorer Security Plug-inInternet Explorer Secure BarMessenger Service HKEY_LOCAL_MACHINE\SOFTWARE\Classes\browsers.StockBar
Loading...