Trojan-PWS.Magania.BDU

By JubileeX in Trojans

Translate To:

Trojan-PWS.Magania.BDU is a malicious Trojan that specifically monitors the gaming behavior of users. Trojan-PWS.Magania.BDU may capture a user's keystrokes and record details such as passwords or usernames. Trojan-PWS.Magania.BDU is a dangerous threat to your confidential information and should be removed with an effective security tool.

File System Details

Trojan-PWS.Magania.BDU may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%Windir%\e7df.exe
Name: %Windir%\e7df.exe Type: Executable File
2.	%System%\7i79.exe
Name: %System%\7i79.exe Type: Executable File
3.	%ProgramFiles%\Common Files\System\q06.exe
Name: %ProgramFiles%\Common Files\System\q06.exe Type: Executable File
4.	%ProgramFiles%\Common Files\System\q22.exe
Name: %ProgramFiles%\Common Files\System\q22.exe Type: Executable File
5.	%ProgramFiles%\Common Files\System\q30.exe
Name: %ProgramFiles%\Common Files\System\q30.exe Type: Executable File
6.	%Temp%\hfkz\b.dll
Name: %Temp%\hfkz\b.dll Type: Dynamic link library
7.	%Temp%\hfkz\s.exe
Name: %Temp%\hfkz\s.exe Type: Executable File
8.	%ProgramFiles%\WinPcap\ws2help.dll
Name: %ProgramFiles%\WinPcap\ws2help.dll Type: Dynamic link library
9.	%ProgramFiles%\Common Files\System\q19.exe
Name: %ProgramFiles%\Common Files\System\q19.exe Type: Executable File
10.	%ProgramFiles%\Common Files\System\q29.exe
Name: %ProgramFiles%\Common Files\System\q29.exe Type: Executable File
11.	%Temp%\usrinit_t.exe
Name: %Temp%\usrinit_t.exe Type: Executable File
12.	%System%\f7rb.dll
Name: %System%\f7rb.dll Type: Dynamic link library
13.	%ProgramFiles%\MSN\MsnInstaller\ws2help.dll
Name: %ProgramFiles%\MSN\MsnInstaller\ws2help.dll Type: Dynamic link library
14.	%ProgramFiles%\Common Files\System\q08.exe
Name: %ProgramFiles%\Common Files\System\q08.exe Type: Executable File
15.	%ProgramFiles%\Common Files\System\q27.exe
Name: %ProgramFiles%\Common Files\System\q27.exe Type: Executable File
16.	%CommonAppData%\t\a2193.dat
Name: %CommonAppData%\t\a2193.dat Type: Data file
17.	%Windir%\Temp\Temporary Internet Files\Content.IE5\BL7ELAW5\bl[1].y
Name: %Windir%\Temp\Temporary Internet Files\Content.IE5\BL7ELAW5\bl[1].y
18.	%ProgramFiles%\Common Files\System\admin.obj
Name: %ProgramFiles%\Common Files\System\admin.obj
19.	%Windir%\92b7.flv
Name: %Windir%\92b7.flv
20.	%CommonAppData%\t\p2193.dat
Name: %CommonAppData%\t\p2193.dat Type: Data file
21.	%CommonAppData%\t\k2193.dat
Name: %CommonAppData%\t\k2193.dat Type: Data file
22.	%Temp%\102944259.log
Name: %Temp%\102944259.log
23.	%CommonAppData%\t\b2193.dat
Name: %CommonAppData%\t\b2193.dat Type: Data file
24.	%Windir%\Temp\Temporary Internet Files\Content.IE5\SN0SQ0GZ\ut_NO[1].y
Name: %Windir%\Temp\Temporary Internet Files\Content.IE5\SN0SQ0GZ\ut_NO[1].y

Registry Details

Trojan-PWS.Magania.BDU may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1163E531-B58E-4BB9-B877-0906A0A22AEC}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1163E531-B58E-4BB9-B877-0906A0A22AEC}\Programmable

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{122B901E-493F-4AD9-BC69-7DE8C3E52FCC}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{335A9BAE-19FA-42F2-AFD2-20C3275EF392}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{526EB425-7F56-4773-8D70-B8E45AA8E2B6}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6049BC02-7EDA-4C41-B4AB-D5398607C39E}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF2C085-5A0D-2A53-9CF3-BE8915E97E8F}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74DA2FEC-F68F-4DC7-9A45-9174AC044427}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81EB905C-EDF8-4033-80BF-E0F4F46733DF}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6D4583-0FA1-41B2-BAAA-63352E6333CA}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABBE3042-6E0B-4f3c-BA6E-553FE55093E7}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABBE3042-6E0B-4f3c-BA6E-553FE55093E7}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B59F0A61-EF3E-4A2B-9E3A-4A84EDDF2308}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9D0F4D7-C809-4C27-9CB4-63201DFB3D05}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C07B914B-C164-42D2-9838-1422C3F70D99}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D36A1DF7-6582-4160-B925-59A34E39FE30}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F181F067-7046-4DCB-993F-200990736305}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5E7F36B2-E909-4C3F-8A47-A3F70D840720}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B8911142-1524-46C8-91A5-64ECC9A2E581}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DC95FDF7-6B69-46F9-8F67-61F2A1D9030E}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DC95FDF7-6B69-46F9-8F67-61F2A1D9030E}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F8FEE399-8F40-40D8-8D99-A4D99E8DA71C}\1.0\0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F8FEE399-8F40-40D8-8D99-A4D99E8DA71C}\1.0\HELPDIR

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FF5795DC-245C-42C3-A882-7C0AAB708619}\1.0\0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FF5795DC-245C-42C3-A882-7C0AAB708619}\1.0\HELPDIR

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEHpr.Invoke\CurVer

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IETimbar.CRNP

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IETimbar.CRNP.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\kzekfmuigt.Xepestebisned\Clsid

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABBE3042-6E0B-4f3c-BA6E-553FE55093E7}

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CTFMOVS\0000

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NATIONAL2.0

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINDOWSMSG\0000

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09FDF8F4-0F9E-4C84-9F0C-21A1143815E3}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1163E531-B58E-4BB9-B877-0906A0A22AEC}\ProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1163E531-B58E-4BB9-B877-0906A0A22AEC}\VersionIndependentProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{335A9BAE-19FA-42F2-AFD2-20C3275EF392}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51716C09-6B08-4CCF-B526-718E912C0573}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6049BC02-7EDA-4C41-B4AB-D5398607C39E}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{612A87C6-33C3-4CCF-9F65-55FFC9C83860}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF2C085-5A0D-2A53-9CF3-BE8915E97E8F}\ProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81EB905C-EDF8-4033-80BF-E0F4F46733DF}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{827E2FB4-1047-43DE-848D-E12BB0C97AAB}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABBE3042-6E0B-4f3c-BA6E-553FE55093E7}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABBE3042-6E0B-4f3c-BA6E-553FE55093E7}\Programmable

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B59F0A61-EF3E-4A2B-9E3A-4A84EDDF2308}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7F1BFDC-4B6C-4E2F-AF7A-638D2D47802C}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C07B914B-C164-42D2-9838-1422C3F70D99}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4BD9D5C-04CA-45E6-8539-98B07D99B6BC}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F181F067-7046-4DCB-993F-200990736305}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5E7F36B2-E909-4C3F-8A47-A3F70D840720}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B8911142-1524-46C8-91A5-64ECC9A2E581}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B8911142-1524-46C8-91A5-64ECC9A2E581}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DC95FDF7-6B69-46F9-8F67-61F2A1D9030E}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F8FEE399-8F40-40D8-8D99-A4D99E8DA71C}\1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F8FEE399-8F40-40D8-8D99-A4D99E8DA71C}\1.0\FLAGS

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FF5795DC-245C-42C3-A882-7C0AAB708619}\1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FF5795DC-245C-42C3-A882-7C0AAB708619}\1.0\FLAGS

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEHpr.Invoke\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEHpr.Invoke.1\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IETimbar.CRNP\CurVer

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\kzekfmuigt.Xepestebisned

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FF2C085-5A0D-2A53-9CF3-BE8915E97E8F}

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CTFMOVS

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JBXLIRNK\0000

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINDOWSMSG

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09FDF8F4-0F9E-4C84-9F0C-21A1143815E3}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1163E531-B58E-4BB9-B877-0906A0A22AEC}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1163E531-B58E-4BB9-B877-0906A0A22AEC}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{122B901E-493F-4AD9-BC69-7DE8C3E52FCC}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51716C09-6B08-4CCF-B526-718E912C0573}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{526EB425-7F56-4773-8D70-B8E45AA8E2B6}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{612A87C6-33C3-4CCF-9F65-55FFC9C83860}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF2C085-5A0D-2A53-9CF3-BE8915E97E8F}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74DA2FEC-F68F-4DC7-9A45-9174AC044427}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{827E2FB4-1047-43DE-848D-E12BB0C97AAB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6D4583-0FA1-41B2-BAAA-63352E6333CA}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABBE3042-6E0B-4f3c-BA6E-553FE55093E7}\ProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABBE3042-6E0B-4f3c-BA6E-553FE55093E7}\VersionIndependentProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7F1BFDC-4B6C-4E2F-AF7A-638D2D47802C}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9D0F4D7-C809-4C27-9CB4-63201DFB3D05}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4BD9D5C-04CA-45E6-8539-98B07D99B6BC}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D36A1DF7-6582-4160-B925-59A34E39FE30}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5E7F36B2-E909-4C3F-8A47-A3F70D840720}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5E7F36B2-E909-4C3F-8A47-A3F70D840720}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B8911142-1524-46C8-91A5-64ECC9A2E581}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DC95FDF7-6B69-46F9-8F67-61F2A1D9030E}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F8FEE399-8F40-40D8-8D99-A4D99E8DA71C}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F8FEE399-8F40-40D8-8D99-A4D99E8DA71C}\1.0\0\win32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FF5795DC-245C-42C3-A882-7C0AAB708619}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FF5795DC-245C-42C3-A882-7C0AAB708619}\1.0\0\win32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEHpr.Invoke

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEHpr.Invoke.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IETimbar.CRNP\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IETimbar.CRNP.1\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1163E531-B58E-4BB9-B877-0906A0A22AEC}

HKEY_LOCAL_MACHINE\SOFTWARE\IETimbar

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JBXLIRNK

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NATIONAL2.0\0000

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ctfmovs

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Trojan-PWS.Magania.BDU

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen