Threat Name: Trojan horse Hiloti.V
Spread Method:
Network Spread
USB Disk
Instant Message(MSN,Gtalk,QQ etc.)
Threat type:Trojan horse Hiloti
Trojan horse Hiloti.V first detected:2010-03-09
Virus file known is dll file written in Basic
File Size:28K Bytes.
Behavior:Unknow behavior
Level of Spread:2
Level of Threat:4
Reported Path:E:\Winnt\
MD5:NL7kLrcHJ8Q8GEx4EdMcv3tRSOINQo51
SHA1..:otD6m03iKGrFif27glN3dR0abqjPy78Lw1f07ISq
Threat Name: Trojan horse SHeur2.CMOJ is report bay avg at the same time as following Trojan horse SHeur2.CMOJ and Trojan horse Hiloti.V
Spread Method:
Registry Value Creation
Hacked Website
Instant Message(MSN,Gtalk,QQ etc.)
Threat type:Trojan horse SHeur2
Trojan horse SHeur2.CMOJ first detected:2010-03-09
Virus file known is javascript file
File Size:167K Bytes.
Behavior:Unknow behavior
Level of Spread:5
Level of Threat:5
Reported Path:E:\Winnt\
MD5:r1q65RF6W8U5cMKM0703Hiw2n5MGteCD
SHA1..:646BYahYeHdWeuSU3C3SP58Q7XuN7fklBTAJh05H
Trojan horse Patched_c.CZA.dropper file ACTIVA~1.EXE
Threat Name: Trojan horse Patched_c.CZA.dropper
Spread Method:
E-Mail
Threat type:Trojan horse Patched_c.CZA
Trojan horse Patched_c.CZA.dropper first detected:2010-03-09
Virus file known is PE exe file written in C language
File Size:14K Bytes.
Behavior:Unknow behavior
Level of Spread:1
Level of Threat:2
Reported Path:D:\Winnt\System32\ACTIVA~1.EXE
MD5:E6P118eAi1t826041y5KkfF0IlTXhsJu
SHA1..:MYx4KG2i5M78O63V40Ys62nJq7cg5br7uH8TSOO5
ytrmefvrmeqvwpghkxlnw.exe; jpyeht.exe; winafyx.exe; ysr.exe; rjvjlsvw.exe; lqh.exe; glb75.tmp; winjrip.exe; winvqammv.exe; winwsdo.exe; njnken.exe; nieo.exe; hihinf.exe; f7105421exe; crxt.exe; boplty.exe; df0.exe; ezx.exe; rtkbtmnt.exe; rjvjlsvw.exe; nieo.exe; ix4.exe; yd0.exe; tmp523.exe; winjtteue.exe; winrmyfh.exe; winirqik.exe; w1f9809.exe; svchost.com; sgc.exe; ngx.exe; edh.exe; 977.exe; ucxy.exe; yoxgg7zt.exe; n0vdkzsmx9.exe; x8bsrz1ybm.exe; george.exe; pxtdqpow.sys; pxdoyfod.sys; pxtorpoc.sys; pftdapow.sys; pxtdrpoc.sys; jql.exe; alsysio.sys; x.exe; zxqeduv.exe; aqfbxhfsr.exe; dds.scr;
Threat Name: rootkit.win32.tdss.c
Spread Method:
Windows Vulnerability
USB Disk
Threat type:rootkit.win32
rootkit.win32.tdss.c first detected:2010-02-09
Virus file known is driver file *.sys written in C
File Size:285K Bytes.
Behavior:Add/modify system registry key parameter
Level of Spread:2
Level of Threat:4
Reported Path:C:\Winnt\
MD5:X1vTV3DJtQ68R8YvP7glmCUBki05I2q2
SHA1..:g48ceSLrcy62a8h8xE567Kdj65KYqP852UG12bt0
herss.exe; fn1.exe; herss.exe; ssr.exe; vs60wiz.exe; pn1.exe; incognito.exe; herss.exe; lds.exe; userjhwm.exe; wincnrstw.exe; winvnios.exe; setupv.exe; ldm1.exe; fn1.exe; ssr.exe; veasdy.exe; winrbnr.exe; wincsylge.exe; w2a1233.exe; vmdylv.exe; v3exclv.exe; pn1.exe; incognito.exe; lds.exe; nqiygi.exe; winmcmg.exe; userjhwm.exe; sshnas21.dll; awl.exe; awk.exe; smkiiz.exe; vobmerge251.exe; veb8iqoz.exe; jjd70g7h.exe; 03fyyliu.exe; 1ioetzzo.exe; yditvmj.exe; xoledbl.dll; wkxnwy.exe; tsryxtr.exe; smg.dll; oxxm.exe; kkalf.exe; putty.exe; 6jh25cic.exe; rayv.dll; pxtdypob.sys; pwrirfoc.sys;
sysguard.exe and sysguard.exe removal
Threat Name: sysguard.exe
Spread Method:
Instant Message(MSN,Gtalk,QQ etc.)
Threat type:sysguard
sysguard.exe first detected:2010-02-04
Virus file known is Unkown type
File Size:591K Bytes.
Behavior:Add/modify system registry key parameter
Level of Spread:6
Level of Threat:5
Reported Path:C:\Documents and Settings\All Users\Application Data\
MD5:U5VM34b7032ip2n5M2mWCD6460Ysh8xH
SHA1..:wWdoSU303SPjxQoXnNufkl0TAJg05H2Ofx4vtvRK
w976ba.exe; iqaat.exe; winpgsnhk.exe; w92445.exe; vkq.exe; kbtx.exe; winvluouk.exe; wineorubf.exe; monfde.exe; rm0.exe; lw1.exe; c.exe; winyajq.exe; wae425.exe; lmpr.exe; pvb.exe; winyajfib.exe; zaist.exe; wyeke-wyekefrez.exe; winxaqbcl.exe; sfiagj.exe; vxpe.exe; rkverify.exe; webfettiinst.exe; appsetup.exe; 30422415.exe; winuomog.exe; 320.exe; 097.exe; synsql.exe; pbpbhf.exe; onlybelief.exe; mbam-setup.tmp; dvx.exe; wyrh.exe; wrugiww.exe; aebwttf.exe; cbss.dll; nxx.exe; sshnas21.dll; nxz.exe; sdra64.exe; cbr0wqsc.exe; younwnoa.dll; wwwpos32.exe; glb1a2b.exe; ywiseext.dll; ywiseext.dll; alsysio.sys;
Threat Name: TR/Dldr.Lipler.a.1
Spread Method:
E-Mail
Windows Vulnerability
Network Spread
Threat type:TR/Dldr.Lipler
TR/Dldr.Lipler.a.1 first detected:2010-01-31
Virus file known is Script file written in php
File Size:599K Bytes.
Behavior:Unknow behavior
Level of Spread:3
Level of Threat:1
Reported Path:C:\Windows\
MD5:5N007dYG1rv1q041w5JidD82kSWfQHtK
SHA1..:Xv3JE1hoK68M62T48Wr51lHP6be4yp7sF8RRM455
is2010.exe; desktop defender 2010.exe; synsql.exe; guarderml.exe; sysdiag32.exe; otitanekulemuna.dll; ijklmn.exe; evaxelayotevok.dll; winmpgabm.exe; guarderml.exe; sysdiag32.exe; infocard.exe; amoumain.exe; svw.exe; wdmon.exe; b45a24df06.dll; winsys.dll; lsoss.exe; spoolsv.exe; winsccoo.exe; jjuioz.exe; kedugakx.dll; pqkeupir.dll; qcqvqojokcnr.sys; msivxgojconmicyfjdbfpxfkfajhyvvyxlawr.sys; powseqpr.dll; mp4idpop.sys; ambaamb.dll; akyfzmhe.dll; axg1hqbili0ahe_h3jiiw.dll; ripadpnp.dll; mb1.exe; ag58724.dll; hi45947.dll; regetup.dll; msjcfilp.dll; legoosso.exe; nl1.exe; uq1.exe; lfg.exe; ygk.exe; xxx1584.exe; xwr16380.dll; wwwpos32.exe; wini35.exe; vsvxx.exe; sdmgt.dll; qitu.dll; podarki.exe;