Windows Tutorials - Herong's Tutorial Examples - v5.62, by Dr. Herong Yang
What Is Trojan Puper
This section provides a quick description of what is trojan and malware 'Puper' infecting Internet Explorer on Windows systems.
Puper is a malicious program for Windows system. Here are some short descriptions of Puper I found on the Internet:
1. From www.spynomore.com/trojan-search-hijacker-puper-updatesearches.htm
Alias of Puper are Puper.UpdateSearches and Trojan.Puper Puper.UpdateSearches is a trojan malware application that changes Internet Explorer's default home page and default search URL and redirects traffic to updatesearches.com website. Puper.UpdateSearches displays the a pop-up window with false spyware warning.
2. From vil.nai.com/vil/content/v_133666.htm:
The puper family of trojans are used to modify the internet explorer home page and search page in addition to monitoring internet usage. The puper trojan monitors its own processes and will continually execute them to ensure they stay in memory. Additionally it will launch every time explorer.exe gets launched. This trojan may drop hpxxxx.tmp where xxxx is random characters. This file will be detected as puper.dll and is responsible for the start page and search page behavior.
3. From www.sophos.com/security/analyses/trojpuperd.html:
Aliases of Puper: - trojan-clicker.win32.agent.dj - trojan.win32.zapchast - w32/adclicker.dn - puper.dll - trojan.popuper Troj/Puper-D is a browser hacking Trojan for the Windows platform, modifying settings for Microsoft Internet Explorer, including Start Page and search settings. When Troj/Puper-D is installed the following files are created: c:\windows\system32\hhk.dll c:\windows\system32\intmon.exe c:\windows\system32\hpXX.tmp - where XX are random letters.
Table of Contents
Introduction to Microsoft Windows
Introduction to Windows Explorer
Introduction to Internet Explorer
"Paint" Program and Computer Graphics
GIMP - GNU Image Manipulation Program
JPEG Image File Format Quality and Size
GIF Image File Format and Transparent Background
"WinZip" - ZIP File Compression Tool
"WinRAR" - RAR and ZIP File Compression Tool
FTP Server, Client and Commands
"FileZilla" - Free FTP Client and Server
Web Server Log Files and Analysis Tool - "Analog"
Spyware Adware Detection and Removal
IE Addon Program Listing and Removal
Vundo (VirtuMonde/VirtuMundo) - vtsts.dll Removal
►Trojan and Malware "Puper" Description and Removal
Trojan and Malware "Puper" Removal
VSToolbar (VSAdd-in.dll) - Description and Removal
Spybot - Spyware Blocker, Detection and Removal
Setting Up and Using Crossover Cable Network
Home Network Gateway - DSL Modem/Wireless Router
Windows Task Manager - The System Performance Tool
"tasklist" Command Line Tool to List Process Information
"msconfig" - System Configuration Tool
Configuring and Managing System Services
Windows Registry Key and Value Management Tools