AdWare.Win32.Bibibey.a
Threat Name: AdWare.Win32.Bibibey.a
Spread Method:
File Creation
Threat type:AdWare.Win32
AdWare.Win32.Bibibey.a first detected:2011-03-16
Virus file known is Unkown type
File Size:210K Bytes.
Behavior:Copies files to the Windows system directory
Level of Spread:1
Level of Threat:2
Reported Path: D:\Windows\
MD5:D5O007dYG1sv1q041w5JjeE02kSWgRHt
SHA1..:LXw3JE1hoL68N63U48Wr61mIP6bf5yp7tG8SRMM5
1118tcpwjdrive32.exe; 1109tcpwjdrive32.exe; 1102tcpwjdrive32.exe; 1070tcpwinfiles.exe; 1062tcpwinfiles.exe; 1059tcpggdrive32.exe; 1058tcpggdrive32.exe; 1057tcpwjdrive32.exe; 1057tcpggdrive32.exe; 1056tcpggdrive32.exe; 1055tcpcsrs.exe; 1055tcpciaiexpl.exe; 1054tcpggdrive32.exe; 1053tcpxanga.exe; 1052tcpwjdrive32.exe; 1052tcpiexplorel.exe; 1052tcpggdrive32.exe; 1051tcpggdrive32.exe; c0131.exe; ciaiexpl.exe; 1118tcpwjdrive32.exe; 1109tcpwjdrive32.exe; 1102tcpwjdrive32.exe; 1070tcpwinfiles.exe; 1062tcpwinfiles.exe; 1059tcpggdrive32.exe; 1058tcpggdrive32.exe; 1057tcpwjdrive32.exe; 1057tcpggdrive32.exe; 1056tcpggdrive32.exe; 1055tcpcsrs.exe; 1055tcpciaiexpl.exe; 1054tcpggdrive32.exe; 1053tcpxanga.exe; 1052tcpwjdrive32.exe; 1052tcpiexplorel.exe; 1052tcpggdrive32.exe; 1051tcpggdrive32.exe; tosvolregulator.exe; serv8.exe; scriptsyntax.dll.vbs; lhomaa.exe; good2_v154.exe; c508e.com; ydewya.exe; xdypoc.exe; wintqfeg.exe; wintfmujb.exe; winobcba.exe;
NTLDR.DLL; YEAWL.EXE; wupdte002.com; WSZUGOBI.EXE; taskhosth.exe; svchostw7.exe; MAXTHON2.0.EXE; iscwam2h.cmd; IESAFER.EXE; hbnuh.exe; FSWAGZ.EXE; Explorars.exe; EKRNAPPDRV.SYS; COMMONFUNCDLL.DLL; WUDFHOST.EXE; Win32.BLASTER.WORM.EXE; MSICAB.EXE; MEMORYAC.EXE; KVTOOLS.EXE; titi.exe; svvchostw.exe; svchostw7.exe; svvchostw.exe; maxthon2.0.exe; hahagames.exe; games.exe; office.exe; kernel33.dll; rqq.exe; rqp.exe; rqo.exe; rqn.exe; rqm.exe; rql.exe; rqk.exe; rqj.exe; kernel33.dll; rqq.exe; rqp.exe; rqo.exe; rqn.exe; rqm.exe; rql.exe; rqk.exe; rqj.exe; ssmarque.scr; mmonster.exe; xxoc.exe; asetup.exe;
utowad.exe; utowac.exe; utowab.exe; utowaa.exe; uqomehigat.dll; uqisuxom.dll; uqinigowe.dll; uqejulow.dll; umanodijip.dll; uluwoxut.dll; ultramon.scr; ulovowiyel.dll; ulevabuyudikug.dll; ulaxeyuvasa.dll; ukefuzac.dll; ukaxibugojud.dll; ujovaqeg.dll; ujazezoc.dll; uhigevusu.dll; uheresiqaq.dll; uheradiy.dll; ufufyjy.scr; ufiyohupofuyipi.dll; ufinezuduqiya.dll; ufejuxapivehadaj.dll; ufayaloq.dll; udovowiyelukig.dll; udayizajovanile.dll; ucunagog.dll; ubulisuzogerut.dll; ububiweyifeg.dll; ttyxa.sys; fxj.exe; fxi.exe; fxh.exe; bi63f4.exe; oyogeteyojomucet.dll; oviyutom.dll; oricaliroquq.dll; orexavigam.dll; oqocubuwo.dll; oqeguxaboko.dll; opuvupilidar.dll; onuviyifani.dll; onupucusezejoh.dll; onobetog.dll; onegozuxecu.dll; onadahig.dll; omedujodivoduke.dll; okexoxiw.dll; okaruvupo.dll; ojucanuveruq.dll; ojevehulato.dll; ojatucigenoguq.dll; ohowofehocozis.dll; [...]
windows32.exe; Winetworks.exe; init.exe; lgmcn.exe; nsvkbe.exe; aqjunayn.exe; jsvck.exe; bowcav.exe; lyquo.exe; kyquoobih.exe; sjlp.exe; bowcav.exe; sdata.dll; mhorost.exe; file.dll; msfttc p0.dll; msfttc p.dll; msmedia.dll; conhost.exe; dwm.exe; catalystcfg.dll; bowcav.exe; juzjf.exe; abvjx.exe; 522.exe; 462.exe; 274.exe; 00781.exe; bowcav.exe; 959.exe; 874.exe; 865.exe; 643.exe; 630.exe; 626.exe; 496.exe; 444.exe; 337.exe; 210.exe; 146.exe; 110.exe; 041.exe; bowcav.exe; 6622010.exe; 6219202.exe; 536767.exe; 394.exe; 219394.exe; 0.87395252913 60472.exe;
winnew.exe is not one of the most important parts of Windows operating system on your computer. The infected winnew.exe will harmful to you computer. The winnew.exe sample submitted on 2011-02-09 and identified as a threat.
Alias:
Threat File:winnew.exe
Submit time:2011-02-09
Excute time:8 min 12 sec
Level of Spread:5
Level of Threat:3
type:TR/Dropper
Filesize:4K Bytes
Files type
winnew.exe is Windows exe file.
MD5:6F8j3vupW6Awmp8kt2wQj1DX8t0EM5aL
cltest.exe; oekx.exe; jsvck.exe; bowcav.exe; pf.exe; gsyzq.exe; 96365.exe; 481.exe; 453.exe; 0272561.exe; dh5.exe; dh4.exe; dh3.exe; dh2.exe; dh1.exe; bbc.exe; oekx.exe; ltzqai.exe; bowcav.exe; 300485267.exe; 2611215810.exe; bowcav.exe; oekx.exe; ltzqai.exe; bowcav.exe; oekx.exe; nsvb.exe; ltzqai.exe; ltzqai.exe; 6622010.exe; 6219202.exe; 9505.exe; 90872.exe; 83185.exe; molesto.exe; winupdate.exe; dyyug.exe; fljdtj.exe; rsa.dll; wmv.dll; treecodec.exe; sdsvsdfxxx.exe; ms0.dll; hqbohwds.exe; glcnwngp.exe; chcfsnqf.exe; bstaxqzy.exe; 2cccc.exe; ophhz.exe;
mso.sys is a trojan file has been detected as a system driver file.
mso.sys sample submitted on 2011-01-08 and identified as a threat.
Alias:
Threat File:mso.sys
Submit time:2011-01-08
Excute time:4 min 15 sec
Level of Spread:1
Level of Threat:3
type:TR/Drop.Stabs
Filesize:23K Bytes
0K Bytes
1K Bytes
Files type
mso.sys is a drivers file.
MD5:Y4K8xsA7Dyos0m83at4GFA0v1HP6cNEq
fewh.exe was detected as Trojan.Agent/Gen-Virut and Win32.worm.Downadup.Gen(C:Windows\system32\x.
fewh.exe sample submitted on 2011-01-08 and identified as a threat.
Alias:
Threat File:fewh.exe
Submit time:2011-01-08
Excute time:4 min 22 sec
Level of Spread:2
Level of Threat:5
type:Win32:Trojan
Filesize:24K Bytes
0K Bytes
1K Bytes
Files type
fewh.exe is Windows exe file.
MD5:PgsjVuI2Dkfn381L8HSK1Vpp3KGNraD4
updatexxxx.exe; sall.exe; kwt.exe; infosat.exe; 38.exe; xsm.exe; tomov.exe; reulie.exe; qougaav.exe; liuiri.exe; v1.5.exe; tna50.exe; kca.exe; cbz1.tmp.exe; 753206.exe; 526235.exe; password.exe; agor.exe; explore.exe; mapu.exe; 1062tcpwinlog.exe; 1061tcpwinlog.exe; 1060tcpwinlog.exe; 1059tcpwinlog.exe; 1058tcpwinlog.exe; 1057tcpwinlog.exe; 1055tcpwinlog.exe; 1054tcpwinlog.exe; 1053tcpwinlog.exe; 1052tcpwinlog.exe; users.exe; drm.exe; SE2011.EXE; resultbar113.exe; mstinit.exe; wepvysdxdn.exe; IntelCoreD.exe; npbxylvjok.dll; spraitxxxx.exe; wmanashg.dll; wepvysdxdn.exe; 28703.exe; 2.exe; 1.exe; olgv.exe; clsss.exe; dfohcv.exe; winrnsmgr.exe; juzjf.exe;