Kaspersky Threats

Класс

Платформа

Описание

Technical Details

Троянская программа, которая открывает ссылки в интернете без ведома пользователя. Является приложением Windows (PE EXE-файл). Имеет размер 73728 байт. Написана на Visual Basic.

Payload

Троянец открывает следующие ссылки без ведома пользователя:

http://www.amazon.com/exec/obidos/redirect-home/wwwgreedincco-20
http://service.bfast.com/bfast/click?bfmid=5647408&siteid=40628211&bfpage=name
http://service.bfast.com/bfast/click?bfmid=37920150&siteid=40628211&bfpage=homepage
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=40628211&categoryid=bookhome
http://service.bfast.com/bfast/click?bfmid=30991737&siteid=40628211&bfpage=bb_generic
http://service.bfast.com/bfast/click?bfmid=20904140&siteid=40628211&bfpage=rock_free_music
http://service.bfast.com/bfast/click?bfmid=37922609&siteid=40628211&bfpage=home
http://service.bfast.com/bfast/click?bfmid=37919189&siteid=40628211&bfpage=home1_may01
http://service.bfast.com/bfast/click?bfmid=26864318&siteid=40628211&bfpage=new_release
http://service.bfast.com/bfast/click?bfmid=8929386&siteid=40628211&bfpage=equation
http://www.qksrv.net/click-1348887-2202639
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=31266.10000077&type=3&subid=0
http://service.bfast.com/bfast/click?bfmid=9439958&siteid=40628211&bfpage=166x44logo
http://service.bfast.com/bfast/click?bfmid=26917872&siteid=40628211&bfpage=big_island
http://service.bfast.com/bfast/click?bfmid=37919909&siteid=40628211&bfpage=homepage1
http://service.bfast.com/bfast/click?bfmid=223938&siteid=40628211&bfpage=homepage
http://www.qksrv.net/click-1348887-1495778
http://service.bfast.com/bfast/click?bfmid=1375281&siteid=40628211&bfpage=homepage
http://service.bfast.com/bfast/click?bfmid=37922429&siteid=40628211&bfpage=gotomypc
http://service.bfast.com/bfast/click?bfmid=37925129&siteid=40628211&bfpage=text2
http://www.qksrv.net/click-1348887-2202691
http://service.bfast.com/bfast/click?bfmid=37919329&siteid=40628211&bfpage=home_logos
http://service.bfast.com/bfast/click?bfmid=37923209&siteid=40628211&bfpage=free_shipping4
http://service.bfast.com/bfast/click?bfmid=5607334&siteid=40628211&bfpage=homepage_image
http://service.bfast.com/bfast/click?bfmid=37923429&siteid=40628211&bfpage=homepage
http://service.bfast.com/bfast/click?bfmid=27276611&siteid=40628211&bfpage=special
http://service.bfast.com/bfast/click?bfmid=5327311&siteid=40628211&bfpage=homepage
http://service.bfast.com/bfast/click?bfmid=37922269&siteid=40628211&bfpage=sbc_clanding
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=45613.10000010&type=3&subid=0
http://service.bfast.com/bfast/click?bfmid=26399296&siteid=40628211&bfpage=homepage
http://service.bfast.com/bfast/click?bfmid=18566&sourceid=40628211&categoryid=vacation_deals
http://service.bfast.com/bfast/click?bfmid=37922889&siteid=40628211&bfpage=logos
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=42865.8&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=46363.10000089&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=35492.10000002&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=48771.10000533&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=53111.10000038&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=53020.10000006&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=29195.11&type=4&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=29744.10000180&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=43440.10000097&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=43733.10000020&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=24017.10000122&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=11322.10000045&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=48173.10000007&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=51844.10000001&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=43523.10000017&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=50602.10000070&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=26018.10000041&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=46009.10000022&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=50252.10000008&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=48290.10000033&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=27778.10000072&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=44304.10000039&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=41877.10003984&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=14941.10000066&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=41019.10000039&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=20738.10000010&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=40579.10000001&type=3&subid=0
http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=47355.10000029&type=3&subid=0
http://www.topshelfpussy.com/main.htm?id=default205
http://www.bignaturals.com/main.htm?id=default205
http://www.8thstreetlatinas.com/main.htm?id=default205
http://www.streetblowjobs.com/main.htm?id=default205
http://signups.triplexcash.com/hit.php?w=101297&s=6&p=2
http://signups.triplexcash.com/hit.php?w=101297&s=4&p=2
http://www.bigblackknockers.com
http://signups.triplexcash.com/hit.php?w=101297&s=2&p=2
http://www.inthevip.com/main.htm?id=default205
http://www.inthevip.com/main.htm?id=default205
http://www.cumfiesta.com/main.htm?id=default205
http://www.milfhunter.com/main.htm?id=default205
http://www.captainstabbin.com/main.htm?id=default205
http://track.oxcash.com/?Site=realbutts.com&Webmaster=default7
http://track.oxcash.com/?Site=boobsquad.com&Webmaster=default7
http://track.oxcash.com/?Site=backroomfacials.com&Webmaster=default7
http://track.oxcash.com/?Site=bangbus.com&Webmaster=default7
http://track.oxcash.com/?Site=thebaitbus.com&Webmaster=default7
http://track.oxcash.com/?Site=bigmovieland.com&Webmaster=default7
http://track.oxcash.com/?Site=kingchile.com&Webmaster=default7
http://track.oxcash.com/?Site=olderladies.com&Webmaster=default7
http://track.oxcash.com/?Site=publicamateurs.com&Webmaster=default7
http://track.oxcash.com/?Site=trannytrick.com&Webmaster=default7
http://www.interneteraser.com/enter.html?ID=4145133
http://signups.triplexcash.com/hit.php?w=101297&s=3&p=2
http://signups.triplexcash.com/hit.php?w=101297&s=5&p=2
http://www.ucbill.com/click.php?uid=default205&product=1
http://www.allamateurmovies.com/main.htm?id=default205
http://www.nastyfetish.org/main.htm?id=default205
http://www.wivesinpantyhose.com/main.htm?id=default205
http://www.megacockcravers.com/main.htm?id=default205
http://www.boysfirsttime.com/main.htm?id=default205
http://www.trannysurprise.com/main.htm?id=default205

Троянец имеет функции, с помощью которых может изменять стартовую страницу Microsoft Internet Explorer, а также скачивать и запускать файлы из интернета.

Removal instructions

При помощи «Диспетчера задач» завершить троянский процесс.
Удалить оригинальный файл троянца (его расположение на зараженном компьютере зависит от способа, которым программа попала на компьютер).
Произвести полную проверку компьютера Антивирусом Касперского с обновленными антивирусными базами (скачать пробную версию).

Узнай статистику распространения угроз в твоем регионе

Класс	Trojan-Clicker
Платформа	Win32
Описание	Technical Details Троянская программа, которая открывает ссылки в интернете без ведома пользователя. Является приложением Windows (PE EXE-файл). Имеет размер 73728 байт. Написана на Visual Basic. Payload Троянец открывает следующие ссылки без ведома пользователя: http://www.amazon.com/exec/obidos/redirect-home/wwwgreedincco-20 http://service.bfast.com/bfast/click?bfmid=5647408&siteid=40628211&bfpage=name http://service.bfast.com/bfast/click?bfmid=37920150&siteid=40628211&bfpage=homepage http://service.bfast.com/bfast/click?bfmid=2181&sourceid=40628211&categoryid=bookhome http://service.bfast.com/bfast/click?bfmid=30991737&siteid=40628211&bfpage=bb_generic http://service.bfast.com/bfast/click?bfmid=20904140&siteid=40628211&bfpage=rock_free_music http://service.bfast.com/bfast/click?bfmid=37922609&siteid=40628211&bfpage=home http://service.bfast.com/bfast/click?bfmid=37919189&siteid=40628211&bfpage=home1_may01 http://service.bfast.com/bfast/click?bfmid=26864318&siteid=40628211&bfpage=new_release http://service.bfast.com/bfast/click?bfmid=8929386&siteid=40628211&bfpage=equation http://www.qksrv.net/click-1348887-2202639 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=31266.10000077&type=3&subid=0 http://service.bfast.com/bfast/click?bfmid=9439958&siteid=40628211&bfpage=166x44logo http://service.bfast.com/bfast/click?bfmid=26917872&siteid=40628211&bfpage=big_island http://service.bfast.com/bfast/click?bfmid=37919909&siteid=40628211&bfpage=homepage1 http://service.bfast.com/bfast/click?bfmid=223938&siteid=40628211&bfpage=homepage http://www.qksrv.net/click-1348887-1495778 http://service.bfast.com/bfast/click?bfmid=1375281&siteid=40628211&bfpage=homepage http://service.bfast.com/bfast/click?bfmid=37922429&siteid=40628211&bfpage=gotomypc http://service.bfast.com/bfast/click?bfmid=37925129&siteid=40628211&bfpage=text2 http://www.qksrv.net/click-1348887-2202691 http://service.bfast.com/bfast/click?bfmid=37919329&siteid=40628211&bfpage=home_logos http://service.bfast.com/bfast/click?bfmid=37923209&siteid=40628211&bfpage=free_shipping4 http://service.bfast.com/bfast/click?bfmid=5607334&siteid=40628211&bfpage=homepage_image http://service.bfast.com/bfast/click?bfmid=37923429&siteid=40628211&bfpage=homepage http://service.bfast.com/bfast/click?bfmid=27276611&siteid=40628211&bfpage=special http://service.bfast.com/bfast/click?bfmid=5327311&siteid=40628211&bfpage=homepage http://service.bfast.com/bfast/click?bfmid=37922269&siteid=40628211&bfpage=sbc_clanding http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=45613.10000010&type=3&subid=0 http://service.bfast.com/bfast/click?bfmid=26399296&siteid=40628211&bfpage=homepage http://service.bfast.com/bfast/click?bfmid=18566&sourceid=40628211&categoryid=vacation_deals http://service.bfast.com/bfast/click?bfmid=37922889&siteid=40628211&bfpage=logos http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=42865.8&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=46363.10000089&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=35492.10000002&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=48771.10000533&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=53111.10000038&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=53020.10000006&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=29195.11&type=4&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=29744.10000180&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=43440.10000097&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=43733.10000020&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=24017.10000122&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=11322.10000045&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=48173.10000007&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=51844.10000001&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=43523.10000017&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=50602.10000070&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=26018.10000041&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=46009.10000022&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=50252.10000008&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=48290.10000033&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=27778.10000072&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=44304.10000039&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=41877.10003984&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=14941.10000066&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=41019.10000039&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=20738.10000010&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=40579.10000001&type=3&subid=0 http://click.linksynergy.com/fs-bin/click?id=RuI8k2bphaE&offerid=47355.10000029&type=3&subid=0 http://www.topshelfpussy.com/main.htm?id=default205 http://www.bignaturals.com/main.htm?id=default205 http://www.8thstreetlatinas.com/main.htm?id=default205 http://www.streetblowjobs.com/main.htm?id=default205 http://signups.triplexcash.com/hit.php?w=101297&s=6&p=2 http://signups.triplexcash.com/hit.php?w=101297&s=4&p=2 http://www.bigblackknockers.com http://signups.triplexcash.com/hit.php?w=101297&s=2&p=2 http://www.inthevip.com/main.htm?id=default205 http://www.inthevip.com/main.htm?id=default205 http://www.cumfiesta.com/main.htm?id=default205 http://www.milfhunter.com/main.htm?id=default205 http://www.captainstabbin.com/main.htm?id=default205 http://track.oxcash.com/?Site=realbutts.com&Webmaster=default7 http://track.oxcash.com/?Site=boobsquad.com&Webmaster=default7 http://track.oxcash.com/?Site=backroomfacials.com&Webmaster=default7 http://track.oxcash.com/?Site=bangbus.com&Webmaster=default7 http://track.oxcash.com/?Site=thebaitbus.com&Webmaster=default7 http://track.oxcash.com/?Site=bigmovieland.com&Webmaster=default7 http://track.oxcash.com/?Site=kingchile.com&Webmaster=default7 http://track.oxcash.com/?Site=olderladies.com&Webmaster=default7 http://track.oxcash.com/?Site=publicamateurs.com&Webmaster=default7 http://track.oxcash.com/?Site=trannytrick.com&Webmaster=default7 http://www.interneteraser.com/enter.html?ID=4145133 http://signups.triplexcash.com/hit.php?w=101297&s=3&p=2 http://signups.triplexcash.com/hit.php?w=101297&s=5&p=2 http://www.ucbill.com/click.php?uid=default205&product=1 http://www.allamateurmovies.com/main.htm?id=default205 http://www.nastyfetish.org/main.htm?id=default205 http://www.wivesinpantyhose.com/main.htm?id=default205 http://www.megacockcravers.com/main.htm?id=default205 http://www.boysfirsttime.com/main.htm?id=default205 http://www.trannysurprise.com/main.htm?id=default205 Троянец имеет функции, с помощью которых может изменять стартовую страницу Microsoft Internet Explorer, а также скачивать и запускать файлы из интернета. Removal instructions При помощи «Диспетчера задач» завершить троянский процесс. Удалить оригинальный файл троянца (его расположение на зараженном компьютере зависит от способа, которым программа попала на компьютер). Произвести полную проверку компьютера Антивирусом Касперского с обновленными антивирусными базами (скачать пробную версию).
	Узнай статистику распространения угроз в твоем регионе

Trojan-Clicker.Win32.Ipons

Technical Details

Payload

Removal instructions