Tuesday, January 27, 2009

Crusc Trojan

Removing Crusc
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Crusc Also known as:

[Kaspersky]Trojan-Proxy.Win32.Horst.be,Trojan-Proxy.Win32.Horst.cm,Trojan-Proxy.win32.Horst.be,Trojan-Proxy.Win32.Horst.bk,Trojan-Downloader.Win32.Agent.amc,Trojan-Proxy.Win32.Horst.z,Trojan-Downloader.Win32.Vivia.y;
[McAfee]Spam-Loot,Spam-loot;
[Other]TROJ_AGENT.CAH,Win32.Crusc.K,Win32/Crusc.H,TROJ_HORST.CM,Win32/Crusc.J,Trojan-Spy.Win32.Agent.nr,Trojan.Webus.G,Win32/Crusc.I,Trojan-Proxy.Win32.Horst.cg,Hacktool.Proxy,Win32/Crusc.Q,Trojan-Proxy.win32.Horst.bu,Win32/Crusc.R,Trojan-Proxy.Win32.Horst.bu,Win32/Crusc.P,trojan-backdoor-medbod,Win32/Crusc.M,Trojan.Zlob,Win32/Crusc.N,Backdoor.DMSpammer,Win32/Crusc.L,Win32/Crusc.O,Win32/Crusc.T,Win32/Crusc.S,TROJ_HORST.BU,Win32/Crusc.E,Win32/Crusc.F

Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\14exmodul32e.d.exe
[%PROFILE_TEMP%]\17exmodul32d.1.exe
[%PROFILE_TEMP%]\17exmodul32s.4.exe
[%PROFILE_TEMP%]\18exmodul32d.1.exe
[%PROFILE_TEMP%]\18exmodul32s.4.exe
[%PROFILE_TEMP%]\19exmodul32c.3.exe
[%PROFILE_TEMP%]\1exmodul32d.1.exe
[%PROFILE_TEMP%]\22exmodul32s.4.exe
[%PROFILE_TEMP%]\24exinjs.h.exe
[%PROFILE_TEMP%]\27exmodul32s.4.exe
[%PROFILE_TEMP%]\3.modul32h2.exe
[%PROFILE_TEMP%]\30exmodul32d.1.exe
[%PROFILE_TEMP%]\37exmodul32s.4.exe
[%PROFILE_TEMP%]\41exmodul32d.b.exe
[%PROFILE_TEMP%]\46exmodul32s.4.exe
[%PROFILE_TEMP%]\48exmodul32d.1.exe
[%PROFILE_TEMP%]\49exinjs.h.exe
[%PROFILE_TEMP%]\49exmodul32d.1.exe
[%PROFILE_TEMP%]\5.modul32h2.exe
[%PROFILE_TEMP%]\53exmodul32s.4.exe
[%PROFILE_TEMP%]\54exmodul32e.d.exe
[%PROFILE_TEMP%]\57exmodul32s.4.exe
[%PROFILE_TEMP%]\58exmodul32s.4.exe
[%PROFILE_TEMP%]\6.modul32h2.exe
[%PROFILE_TEMP%]\61exmodul32s.4.exe
[%PROFILE_TEMP%]\62exmodul32d.b.exe
[%PROFILE_TEMP%]\64exmodul32d.4.exe
[%PROFILE_TEMP%]\69exmodul32c.3.exe
[%PROFILE_TEMP%]\69exmodul32e.d.exe
[%PROFILE_TEMP%]\71exmodul32c.3.exe
[%PROFILE_TEMP%]\71exmodul32d.7.exe
[%PROFILE_TEMP%]\72exmodul32d.8.exe
[%PROFILE_TEMP%]\73exmodul32s.4.exe
[%PROFILE_TEMP%]\81exmodul32e.d.exe
[%PROFILE_TEMP%]\82exmodul32d.8.exe
[%PROFILE_TEMP%]\83exinjs.h.exe
[%PROFILE_TEMP%]\86exmodul32d.1.exe
[%PROFILE_TEMP%]\92exinjs.h.exe
[%PROFILE_TEMP%]\94exmodul32e.d.exe
[%PROFILE_TEMP%]\96exmodul32c.3.exe
[%PROFILE_TEMP%]\96exmodul32e.d.exe
[%PROFILE_TEMP%]\98exmodul32d.1.exe
[%PROFILE_TEMP%]\modul32c.3.exe
[%PROFILE_TEMP%]\modul32d.1.exe
[%PROFILE_TEMP%]\modul32d.4.exe
[%PROFILE_TEMP%]\modul32d.7.exe
[%PROFILE_TEMP%]\modul32d.8.exe
[%PROFILE_TEMP%]\modul32d.b.exe
[%PROFILE_TEMP%]\14exmodul32e.d.exe
[%PROFILE_TEMP%]\17exmodul32d.1.exe
[%PROFILE_TEMP%]\17exmodul32s.4.exe
[%PROFILE_TEMP%]\18exmodul32d.1.exe
[%PROFILE_TEMP%]\18exmodul32s.4.exe
[%PROFILE_TEMP%]\19exmodul32c.3.exe
[%PROFILE_TEMP%]\1exmodul32d.1.exe
[%PROFILE_TEMP%]\22exmodul32s.4.exe
[%PROFILE_TEMP%]\24exinjs.h.exe
[%PROFILE_TEMP%]\27exmodul32s.4.exe
[%PROFILE_TEMP%]\3.modul32h2.exe
[%PROFILE_TEMP%]\30exmodul32d.1.exe
[%PROFILE_TEMP%]\37exmodul32s.4.exe
[%PROFILE_TEMP%]\41exmodul32d.b.exe
[%PROFILE_TEMP%]\46exmodul32s.4.exe
[%PROFILE_TEMP%]\48exmodul32d.1.exe
[%PROFILE_TEMP%]\49exinjs.h.exe
[%PROFILE_TEMP%]\49exmodul32d.1.exe
[%PROFILE_TEMP%]\5.modul32h2.exe
[%PROFILE_TEMP%]\53exmodul32s.4.exe
[%PROFILE_TEMP%]\54exmodul32e.d.exe
[%PROFILE_TEMP%]\57exmodul32s.4.exe
[%PROFILE_TEMP%]\58exmodul32s.4.exe
[%PROFILE_TEMP%]\6.modul32h2.exe
[%PROFILE_TEMP%]\61exmodul32s.4.exe
[%PROFILE_TEMP%]\62exmodul32d.b.exe
[%PROFILE_TEMP%]\64exmodul32d.4.exe
[%PROFILE_TEMP%]\69exmodul32c.3.exe
[%PROFILE_TEMP%]\69exmodul32e.d.exe
[%PROFILE_TEMP%]\71exmodul32c.3.exe
[%PROFILE_TEMP%]\71exmodul32d.7.exe
[%PROFILE_TEMP%]\72exmodul32d.8.exe
[%PROFILE_TEMP%]\73exmodul32s.4.exe
[%PROFILE_TEMP%]\81exmodul32e.d.exe
[%PROFILE_TEMP%]\82exmodul32d.8.exe
[%PROFILE_TEMP%]\83exinjs.h.exe
[%PROFILE_TEMP%]\86exmodul32d.1.exe
[%PROFILE_TEMP%]\92exinjs.h.exe
[%PROFILE_TEMP%]\94exmodul32e.d.exe
[%PROFILE_TEMP%]\96exmodul32c.3.exe
[%PROFILE_TEMP%]\96exmodul32e.d.exe
[%PROFILE_TEMP%]\98exmodul32d.1.exe
[%PROFILE_TEMP%]\modul32c.3.exe
[%PROFILE_TEMP%]\modul32d.1.exe
[%PROFILE_TEMP%]\modul32d.4.exe
[%PROFILE_TEMP%]\modul32d.7.exe
[%PROFILE_TEMP%]\modul32d.8.exe
[%PROFILE_TEMP%]\modul32d.b.exe

How to detect Crusc:

Files:
[%PROFILE_TEMP%]\14exmodul32e.d.exe
[%PROFILE_TEMP%]\17exmodul32d.1.exe
[%PROFILE_TEMP%]\17exmodul32s.4.exe
[%PROFILE_TEMP%]\18exmodul32d.1.exe
[%PROFILE_TEMP%]\18exmodul32s.4.exe
[%PROFILE_TEMP%]\19exmodul32c.3.exe
[%PROFILE_TEMP%]\1exmodul32d.1.exe
[%PROFILE_TEMP%]\22exmodul32s.4.exe
[%PROFILE_TEMP%]\24exinjs.h.exe
[%PROFILE_TEMP%]\27exmodul32s.4.exe
[%PROFILE_TEMP%]\3.modul32h2.exe
[%PROFILE_TEMP%]\30exmodul32d.1.exe
[%PROFILE_TEMP%]\37exmodul32s.4.exe
[%PROFILE_TEMP%]\41exmodul32d.b.exe
[%PROFILE_TEMP%]\46exmodul32s.4.exe
[%PROFILE_TEMP%]\48exmodul32d.1.exe
[%PROFILE_TEMP%]\49exinjs.h.exe
[%PROFILE_TEMP%]\49exmodul32d.1.exe
[%PROFILE_TEMP%]\5.modul32h2.exe
[%PROFILE_TEMP%]\53exmodul32s.4.exe
[%PROFILE_TEMP%]\54exmodul32e.d.exe
[%PROFILE_TEMP%]\57exmodul32s.4.exe
[%PROFILE_TEMP%]\58exmodul32s.4.exe
[%PROFILE_TEMP%]\6.modul32h2.exe
[%PROFILE_TEMP%]\61exmodul32s.4.exe
[%PROFILE_TEMP%]\62exmodul32d.b.exe
[%PROFILE_TEMP%]\64exmodul32d.4.exe
[%PROFILE_TEMP%]\69exmodul32c.3.exe
[%PROFILE_TEMP%]\69exmodul32e.d.exe
[%PROFILE_TEMP%]\71exmodul32c.3.exe
[%PROFILE_TEMP%]\71exmodul32d.7.exe
[%PROFILE_TEMP%]\72exmodul32d.8.exe
[%PROFILE_TEMP%]\73exmodul32s.4.exe
[%PROFILE_TEMP%]\81exmodul32e.d.exe
[%PROFILE_TEMP%]\82exmodul32d.8.exe
[%PROFILE_TEMP%]\83exinjs.h.exe
[%PROFILE_TEMP%]\86exmodul32d.1.exe
[%PROFILE_TEMP%]\92exinjs.h.exe
[%PROFILE_TEMP%]\94exmodul32e.d.exe
[%PROFILE_TEMP%]\96exmodul32c.3.exe
[%PROFILE_TEMP%]\96exmodul32e.d.exe
[%PROFILE_TEMP%]\98exmodul32d.1.exe
[%PROFILE_TEMP%]\modul32c.3.exe
[%PROFILE_TEMP%]\modul32d.1.exe
[%PROFILE_TEMP%]\modul32d.4.exe
[%PROFILE_TEMP%]\modul32d.7.exe
[%PROFILE_TEMP%]\modul32d.8.exe
[%PROFILE_TEMP%]\modul32d.b.exe
[%PROFILE_TEMP%]\14exmodul32e.d.exe
[%PROFILE_TEMP%]\17exmodul32d.1.exe
[%PROFILE_TEMP%]\17exmodul32s.4.exe
[%PROFILE_TEMP%]\18exmodul32d.1.exe
[%PROFILE_TEMP%]\18exmodul32s.4.exe
[%PROFILE_TEMP%]\19exmodul32c.3.exe
[%PROFILE_TEMP%]\1exmodul32d.1.exe
[%PROFILE_TEMP%]\22exmodul32s.4.exe
[%PROFILE_TEMP%]\24exinjs.h.exe
[%PROFILE_TEMP%]\27exmodul32s.4.exe
[%PROFILE_TEMP%]\3.modul32h2.exe
[%PROFILE_TEMP%]\30exmodul32d.1.exe
[%PROFILE_TEMP%]\37exmodul32s.4.exe
[%PROFILE_TEMP%]\41exmodul32d.b.exe
[%PROFILE_TEMP%]\46exmodul32s.4.exe
[%PROFILE_TEMP%]\48exmodul32d.1.exe
[%PROFILE_TEMP%]\49exinjs.h.exe
[%PROFILE_TEMP%]\49exmodul32d.1.exe
[%PROFILE_TEMP%]\5.modul32h2.exe
[%PROFILE_TEMP%]\53exmodul32s.4.exe
[%PROFILE_TEMP%]\54exmodul32e.d.exe
[%PROFILE_TEMP%]\57exmodul32s.4.exe
[%PROFILE_TEMP%]\58exmodul32s.4.exe
[%PROFILE_TEMP%]\6.modul32h2.exe
[%PROFILE_TEMP%]\61exmodul32s.4.exe
[%PROFILE_TEMP%]\62exmodul32d.b.exe
[%PROFILE_TEMP%]\64exmodul32d.4.exe
[%PROFILE_TEMP%]\69exmodul32c.3.exe
[%PROFILE_TEMP%]\69exmodul32e.d.exe
[%PROFILE_TEMP%]\71exmodul32c.3.exe
[%PROFILE_TEMP%]\71exmodul32d.7.exe
[%PROFILE_TEMP%]\72exmodul32d.8.exe
[%PROFILE_TEMP%]\73exmodul32s.4.exe
[%PROFILE_TEMP%]\81exmodul32e.d.exe
[%PROFILE_TEMP%]\82exmodul32d.8.exe
[%PROFILE_TEMP%]\83exinjs.h.exe
[%PROFILE_TEMP%]\86exmodul32d.1.exe
[%PROFILE_TEMP%]\92exinjs.h.exe
[%PROFILE_TEMP%]\94exmodul32e.d.exe
[%PROFILE_TEMP%]\96exmodul32c.3.exe
[%PROFILE_TEMP%]\96exmodul32e.d.exe
[%PROFILE_TEMP%]\98exmodul32d.1.exe
[%PROFILE_TEMP%]\modul32c.3.exe
[%PROFILE_TEMP%]\modul32d.1.exe
[%PROFILE_TEMP%]\modul32d.4.exe
[%PROFILE_TEMP%]\modul32d.7.exe
[%PROFILE_TEMP%]\modul32d.8.exe
[%PROFILE_TEMP%]\modul32d.b.exe

Removing Crusc:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Win32.NTRootKit Backdoor
Remove Pss Trojan
Lynch0 Trojan Removal instruction

No comments: