if ($_SERVER["HTTP_X_FORWARDED_FOR"])
{
$_SERVER["REMOTE_ADDR"] = preg_replace('/.*,\s*/','', $_SERVER["HTTP_X_FORWARDED_FOR"]);
}
?>
Notice: Undefined index: related in /data/www/spywareguide/product_show.php on line 49
Notice: Undefined variable: incprefix in /data/www/spywareguide/product_show.php on line 241
Category Description:
Trojans are malicious applications that pose themselves as legitimate software in order to trick users to install them. Once on the victim's machine, it may run any number of malicious process to steal vital information or inflict damage to other software.
Comment:
Troj/Agent.BA is a downloader trojan that downloads other threats.
Comes bundled with DCPlusPlus-0.668. DCPlusPlus-0.4032 also has this Trojan bundled in it.
When DCPlusPlus-0.668 is executed it generates cserv32.exe and ouapcker.exe. When ouapcker.exe is executed it creates a temp file and downloads ISTBar from slotch.com. Also it generates the following files.
%windir%\gripo32.exe ? A variant of ISTBar
%windir%\msodwo.exe
%windir%\ouiast.exe ? On execution this file create webdir.dll which is detected as Webdir Adware