Multi-Device Licenses (Volume Discounts)

Change Region

English Español
Threat Database Trojans Trojan-PSW.Win32.Dripper

Trojan-PSW.Win32.Dripper

By JubileeX in Trojans
Translate To:
English

Trojan-PSW.Win32.Dripper is a malicious password-stealing Trojan that targets online banking details, passwords and usernames. Trojan-PSW.Win32.Dripper is also being used in fake security alerts displayed by rogueware such as Additional Guard and SystemDefender. These fake alerts are displayed to trick users into thinking that their computers are infected and then prompt them into purchasing fake security software. Whether or not you are infected with the real Trojan-PSW.Win32.Dripper, once you experience security alerts, use a legitimate security tool to detect and remove Trojan-PSW.Win32.Dripper and the rogueware that may be associated with it.

File System Details

Trojan-PSW.Win32.Dripper may create the following file(s):
Expand All | Collapse All
# File Name Detections
1. %UserProfile%\Application Data\2565da61\sqlite3.dll
2. %UserProfile%\Recent\energy.dll
3. %UserProfile%\Recent\FS.dll
4. %UserProfile%\Application Data\2565da61\mozcrt19.dll
5. %UserProfile%\Recent\ddv.dll
6. %UserProfile%\Recent\exec.exe
7. %UserProfile%\Recent\tjd.sys
8. %UserProfile%\Application Data\2565da61\AG345d.exe
9. %UserProfile%\Recent\cb.exe
10. %UserProfile%\Recent\energy.sys
11. %UserProfile%\Recent\ppal.exe
12. %UserProfile%\Application Data\2565da61\AGSys
13. %UserProfile%\Recent\CLSV.tmp
14. %UserProfile%\Recent\PE.drv
15. %UserProfile%\Application Data\2565da61\AG.ico
16. %UserProfile%\Application Data\2565da61\ag.cfg
17. %UserProfile%\Recent\fan.drv
18. %Program Files%\Mozilla Firefox\searchplugins\search.xml
19. %UserProfile%\Application Data\2565da61\278.mof
20. %UserProfile%\Application Data\2565da61\AGSys\vd952342.bd
21. %UserProfile%\Recent\dudl.drv
22. %UserProfile%\Recent\SICKBOY.tmp

Registry Details

Trojan-PSW.Win32.Dripper may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://search-gala.com/?&uid=220&q={searchTerms}"
HKEY_CLASSES_ROOT\xp_7a9be.DocHostUIHandler
HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://search-gala.com/?&uid=220&q={searchTerms}"
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"

Messages

The following messages associated with Trojan-PSW.Win32.Dripper were found:

Warning! Virus Detected

Threat Detected: Trojan-PSW.Win32.Dripper

Trending

Most Viewed

Loading...