Trojan.Otlard.B
Posted: December 6, 2010
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 1,094 |
| First Seen: | December 6, 2010 |
|---|---|
| Last Seen: | September 7, 2023 |
| OS(es) Affected: | Windows |
Trojan.Otlard.B is a backdoor Trojan that creates security vulnerabilities to let criminals control your PC. Computers that are infected by Trojan.Otlard.B may not show any visible symptoms due to Trojan.Otlard.B's ability to infect baseline Windows memory processes. Trojan.Otlard.B will also hide its files in your Windows directory and can allow a wide range of remote-based attacks to occur. Delete Trojan.Otlard.B from your computer the instant you notice this backdoor Trojan, but the use of an anti-malware or security program is strongly recommended.
Trojan.Otlard.B: a Fake System File with Real Consequences
Trojan.Otlard.B was seen in 2010 but remains in circulation as a threat in 2011. Different variations of the Otlard Trojan have also been noticed, such as TrojanDropper:Win32/Otlard.A, Trojan:WinNT/Otlard.B, Backdoor:Win32/Otlard.A and TrojanDownloader:Win32/Bredolab. All of these Trojan threats, including Trojan.Otlard.B are either Trojan droppers or backdoor Trojans, many of which can use rootkit techniques to conceal their activities.
Trojan.Otlard.B itself can also be detected by the aliases Trojan.Win32.Sasfis.anna or simply Trojan Horse.
Symptoms related to a Trojan.Otlard.B infection are minimal, and you shouldn't expect to see obvious signs of Trojan.Otlard.B on your PC. However, all Trojan.Otlard.B infections will attempt to place a malicious 'msxsltsso.dll' file on your computer. The location of the Trojan.Otlard.B file will vary slightly based on which version of Windows is installed; Winnt\System32 and Windows\System32 are two confirmed Trojan.Otlard.B locations.
In addition to hiding its file components in important locations, Trojan.Otlard.B will infect natural Windows memory processes like 'svchost.exe' to make it difficult to determine when Trojan.Otlard.B is active. Ordinarily, multiple svchost.exe processes are active, but you may be able to identify a Trojan.Otlard.B process by checking the amount of Memory Usage in Task Manager.
The Final Injury That Trojan.Otlard.B Adds to Its Insult
Trojan.Otlard.B's primary duty is to create security vulnerabilities that can be exploited by remote criminals. Significant attacks that are related to the presence of backdoor Trojans like Trojan.Otlard.B can include:
- The installation of other harmful programs, especially Remote Administration Tools, spyware like keyloggers or rogue security applications. Typically, such threats attempt to steal money, passwords and other sensitive information. They may directly record keyboard input and other data or attempt to swindle you into giving away your money and information of your own free will.
- Disabled applications and services. Trojan.Otlard.B may block Task Manager, Windows Update and other vital Windows OS programs, or well-known anti-virus and security-related applications. These programs may even emit fake infection warnings when you try to access them.
- Trojan.Otlard.B may force your PC to participate in DDoS attacks and other crimes. This level of control exerted over your computer can use significant memory and other resources and may harm your system performance.
- System files and other important components may be deleted to harm your PC.
Many of these attacks can be reversed if you remove Trojan.Otlard.B with the proper security software and act quickly. However, the longer you allow Trojan.Otlard.B to remain on your PC, the greater the danger of irreparable harm is.
File System Modifications
- The following files were created in the system:
# File Name 1 1265906.txt 2 2487201.txt 3 activated_071e7.exe 4 Asdiph.exe 5 baka1.exe 6 brsa2d0.sys 7 C_ISCII32.dll 8 cleanswepx.exe 9 clusapi32.dll 10 cmcfg3232.dll 11 cmmovr32.dll 12 cndrive32.exe 13 compobj32.dll 14 ctfmon.exe 15 dhcpcsvc32.dll 16 dp.exe 17 dskclean.dll 18 eapphost32.dll 19 efo3fd1.sys 20 EliBaglA.exe 21 file.exe 22 fillemgmt.dll 23 flacor.dat 24 games.exe 25 gotnewupdate005.exe 26 hcr875f.sys 27 Iasex.dll 28 ibodb6b.sys 29 IEBrowserEvents.dll 30 ifc054d.sys 31 ijt7cb4.sys 32 Install.exe 33 Ipripex.dll 34 KO_HeavenFireII3.2.73.exe 35 lelemd.exe 36 m.2144.tmp.exe 37 m.275.tmp.exe 38 m.2E8BB.tmp.exe 39 mlserver.exe 40 MSASCui.exe 41 msnneb32.exe 42 nt32.exe 43 ntload.dll 44 Nvsvc32.exe 45 ope2E.exe 46 ope9F0E.exe 47 Persi0.sys 48 ProxySwitcher.exe 49 QorytfYFbc.exe 50 rgadtm.dll 51 servicelayer.exe 52 set4.exe 53 smm.exe 54 svchost.exe 55 tqif2ab.sys 56 U5EB4.tmp 57 udp.exe 58 USBGuard.exe 59 winlnm.dat 60 winscdvn.exe 61 wuaucldt.exe
Aliases
Generic25.ALWO [AVG]W32/VBInjector.W!tr [Fortinet]Trojan.Win32.Pincav [Ikarus]Downloader/Win32.Injecter [AhnLab-V3]VirTool:Win32/VBInject.gen!BH [Microsoft]Trojan/Win32.Pincav.gen [Antiy-AVL]Mal/VBCheMan-A [Sophos]Trojan.MulDrop2.63042 [DrWeb]Gen:Trojan.Heur.GM.0040000C22 [BitDefender]Trojan.Win32.Pincav.awcp [Kaspersky]Trojan.Pincav-177 [ClamAV]a variant of Win32/Injector.MPH [NOD32]Trojan [K7AntiVirus]Artemis!BD0E371EF7E7 [McAfee]Heuristic.BehavesLike.Exploit.CodeExec.PGPG [McAfee-GW-Edition]
More aliases (589)
More aliases (589)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%WINDIR%\System32\dhcpcsvc32.dll
File name: dhcpcsvc32.dllSize: 220.67 KB (220672 bytes)
MD5: 7ffbcb416c75e25e239ed9ecb2550ebc
Detection count: 95
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\System32
Group: Malware file
Last Updated: December 7, 2010
%TEMP%\m.275.tmp.exe
File name: m.275.tmp.exeSize: 2.7 MB (2704384 bytes)
MD5: ffd7c4bf6a51efb12c25999b54a4ab28
Detection count: 91
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: December 8, 2010
%WINDIR%\system32\cmcfg3232.dll
File name: cmcfg3232.dllSize: 301.05 KB (301056 bytes)
MD5: bd54d779a384dd31f077354b32844724
Detection count: 85
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\system32
Group: Malware file
Last Updated: December 8, 2010
%PROGRAMFILES%\messenge\Asdiph.exe
File name: Asdiph.exeSize: 581.12 KB (581120 bytes)
MD5: 95864061dc950e604fbf63e228a852c7
Detection count: 75
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\messenge
Group: Malware file
Last Updated: December 7, 2010
%WINDIR%\system32\compobj32.dll
File name: compobj32.dllSize: 191.48 KB (191488 bytes)
MD5: ca018ea9e6edf5144abe0eb907d93758
Detection count: 66
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\system32
Group: Malware file
Last Updated: December 8, 2010
%WINDIR%\system32\mlserver.exe
File name: mlserver.exeSize: 39.42 KB (39424 bytes)
MD5: 2b3ef6292a64e606acc04e0863744a0d
Detection count: 61
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32
Group: Malware file
Last Updated: February 21, 2020
%WINDIR%\System32\drivers\ibodb6b.sys
File name: ibodb6b.sysSize: 138.27 KB (138272 bytes)
MD5: fdfdc29e7e36fee801205777a28b2cb3
Detection count: 61
File type: System file
Mime Type: unknown/sys
Path: %WINDIR%\System32\drivers
Group: Malware file
Last Updated: December 6, 2010
%TEMP%\m.2E8BB.tmp.exe
File name: m.2E8BB.tmp.exeSize: 2.7 MB (2707456 bytes)
MD5: 0c828093046a6526f1f08169959aba6b
Detection count: 60
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: December 8, 2010
%WINDIR%\System32\drivers\brsa2d0.sys
File name: brsa2d0.sysSize: 138.27 KB (138272 bytes)
MD5: 7f38e2ffb8a8385a1bc10d67eda888bb
Detection count: 41
File type: System file
Mime Type: unknown/sys
Path: %WINDIR%\System32\drivers
Group: Malware file
Last Updated: January 26, 2011
%WINDIR%\TEMP\U5EB4.tmp
File name: U5EB4.tmpSize: 47.1 KB (47104 bytes)
MD5: 62450b74ae0ce418a81bfd04f67398f2
Detection count: 40
File type: Temporary File
Mime Type: unknown/tmp
Path: %WINDIR%\TEMP
Group: Malware file
Last Updated: December 7, 2010
%WINDIR%\TEMP\1265906.txt
File name: 1265906.txtSize: 15.24 KB (15243 bytes)
MD5: 36a01a6ceeff3079d04833318aafada4
Detection count: 33
Mime Type: unknown/txt
Path: %WINDIR%\TEMP
Group: Malware file
Last Updated: December 7, 2010
%WINDIR%\cndrive32.exe
File name: cndrive32.exeSize: 78.33 KB (78336 bytes)
MD5: ce1a7ca3f88aa386d6d8e0bc5165585f
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%
Group: Malware file
Last Updated: December 7, 2010
%USERPROFILE%\Local Settings\Application Data\Desktop Cleanup Wizard\dskclean.dll
File name: dskclean.dllSize: 38.91 KB (38912 bytes)
MD5: 87fe171fa3ec79b576b2b19994a8f150
Detection count: 23
File type: Dynamic link library
Mime Type: unknown/dll
Path: %USERPROFILE%\Local Settings\Application Data\Desktop Cleanup Wizard
Group: Malware file
Last Updated: December 7, 2010
%WINDIR%\System32\drivers\tqif2ab.sys
File name: tqif2ab.sysSize: 19.9 KB (19904 bytes)
MD5: 1598d31167737908a2275692f71af109
Detection count: 21
File type: System file
Mime Type: unknown/sys
Path: %WINDIR%\System32\drivers
Group: Malware file
Last Updated: March 14, 2011
%WINDIR%\System32\drivers\efo3fd1.sys
File name: efo3fd1.sysSize: 138.27 KB (138272 bytes)
MD5: 26930ffa9c489e6b5e848f722c03b488
Detection count: 16
File type: System file
Mime Type: unknown/sys
Path: %WINDIR%\System32\drivers
Group: Malware file
Last Updated: December 9, 2010
%PROGRAMFILES%\Proxy Switcher Standard\ProxySwitcher.exe
File name: ProxySwitcher.exeSize: 4.63 MB (4633600 bytes)
MD5: 191b0b73f68d2cd9037630cc9609d842
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\Proxy Switcher Standard
Group: Malware file
Last Updated: December 28, 2010
%TEMP%\cmmovr32.dll
File name: cmmovr32.dllSize: 40.96 KB (40960 bytes)
MD5: 295a8865ef205061db7c42d3f6073c15
Detection count: 9
File type: Dynamic link library
Mime Type: unknown/dll
Path: %TEMP%
Group: Malware file
Last Updated: December 8, 2010
E:\5535313715560448\943b2986f96709f7e67ca9d4b60b90cb914af50d8cda20a59bb29b9646777f31
File name: 943b2986f96709f7e67ca9d4b60b90cb914af50d8cda20a59bb29b9646777f31Size: 320.51 KB (320512 bytes)
MD5: f2944155adb533ad45bd93367ee6d06f
Detection count: 7
Path: E:\5535313715560448\943b2986f96709f7e67ca9d4b60b90cb914af50d8cda20a59bb29b9646777f31
Group: Malware file
Last Updated: June 30, 2021
%WINDIR%\system32\clusapi32.dll
File name: clusapi32.dllSize: 366.59 KB (366592 bytes)
MD5: 9215e2a7d2b71af8df0582c3564124ce
Detection count: 5
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\system32
Group: Malware file
Last Updated: December 7, 2010
C:\cleanswepx.exe
File name: cleanswepx.exeSize: 139.26 KB (139264 bytes)
MD5: 82e81b4f3aaf1b342e3d9902e9d02e41
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: C:\cleanswepx.exe
Group: Malware file
Last Updated: December 7, 2010
%TEMP%\ope2E.exe
File name: ope2E.exeSize: 514.04 KB (514048 bytes)
MD5: 0229f8a7d62b39ba089371c5eedeeef2
Detection count: 5
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: December 7, 2010
More files
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.