Archive for the 'Ikarus' Category
Threat Name: Trojan-Dropper.win32.Autoit.k
Spread Method:
Connection to Specific Sites
USB Disk
Registry Value Creation
Threat type:Trojan-Dropper.win32
Trojan-Dropper.win32.Autoit.k first detected:2010-03-04
When scanned, kaspersky reported one of my file contains nearly 200 virus of the type Trojan program Trojan-dropper.win32.Autoit.k on Today, 14:53
File Size:499K Bytes.
Behavior:Usualy have random filename and refers to many versions of a dynamic link library
Level of Spread:1
Level [...]
March 4th, 2010 | Posted in Ikarus, Kaspersky | No Comments
wgtqgxch.exe; viqu.exe; fq1.exe; wuiaasgaqzllrbhvthz.exe; livmlcpixfqpudivsf.exe; jixqrkzulvijqbixwlef.exe; kindextraknob.exe; woyl.exe; fq1.exe; winkgdte.exe; winatihb.exe; ouwi.exe; wincofhce.exe; nyy4sevq.exe; hwxtdt.exe; gdwfpcd32.sys; d7mfjqyv.exe; ugryipoc.sys; taskengc.exe; eh1.exe; kwldypod.sys; kwroapod.sys; ssqgw.exe; pxtdypow.sys; gusbstoi.sys; uwrdrfoc.sys; msizap.exe; z2qkcyip.exe; awrdapod.sys; kwpyqaow.sys; uwtdapob.sys; kxliiuob.sys; 882c0ae77e.sys; 7a970201ae.sys; 7656562c9f.sys; 27704afc39.sys; bwj483p3.exe; 7a970201ae.sys; 27704afc39.sys; z2qkcyip.exe; kwpyqaow.sys; kxliiuob.sys; winmgre.exe; eiofax.exe; pwliapob.sys; kwaiipob.sys; kxtdapow.sys; kwlyafob.sys; pxddypoc.sys;
March 3rd, 2010 | Posted in Ikarus, Panda | No Comments
Threat Name: worm.win32.agent.wm
Spread Method:
E-Mail
Threat type:worm.win32
worm.win32.agent.wm first detected:2010-02-17
Virus file known is driver file *.sys written in C
File Size:573K Bytes.
Behavior:Unknow behavior
Level of Spread:6
Level of Threat:1
Reported Path:D:\Documents and Settings\[Users]\Local Settings\Temp\
MD5:A4L8×6A7Eaps0n830u4GGb0w1HP7dOFq
SHA1..:IUt22CcEm35uK52R37UoocJ1MpxC4wn6qD7P5K3m
February 17th, 2010 | Posted in Ikarus, Kaspersky | No Comments
uacinit.dll and uacinit.dll removal
Threat Name: uacinit.dll
Spread Method:
Instant Message(MSN,Gtalk,QQ etc.)
Network Spread
Windows Vulnerability
Threat type:uacinit
uacinit.dll first detected:2010-02-04
Virus file known is Unkown type
File Size:558K Bytes.
Behavior:Registry Modification
Level of Spread:1
Level of Threat:5
Reported Path:E:\Winnt\System32\
MD5:g2ssnU58tJNvHrduOg0AU7qxC34W38L0
SHA1..:5Nb07vXG0ko1ja4dp5IivD82jRVfQHmK8o331egh
February 4th, 2010 | Posted in Ikarus, Kaspersky | No Comments
Threat Name: Trojan-Downloader.Win32.BHO.pcb
Spread Method:
Windows Vulnerability
Connection to Specific Sites
Threat type:Trojan-Downloader.Win32
Trojan-Downloader.Win32.BHO.pcb first detected:2010-01-30
Virus file known is dll file written in C language
File Size:385K Bytes.
Behavior:Unknow behavior
Level of Spread:5
Level of Threat:5
Reported Path:C:\Program Files\
MD5:32CP2G5F2mWCDs46BYsh8xHWPeOMN313
SHA1..:LIjxJoXnHufDF0MADAbpAgIfX4wuvLEKtq62R8yv
January 30th, 2010 | Posted in F-Secure, Ikarus | No Comments
FieryAds.dll; mlburmh.exe; userlib.dll; windll.exe; cpco.exe; kqbv.exe; wgqi.exe; trhh.exe; sdigdvmg.exe; byyk.exe; [bleep]3.exe; dwytxrzf.exe; pdfupd.exe; pdfupd.exe; 440xpusa.exe; 440insta.exe; h8srtkrl32mainweq.dll; wsf6d0.exe; tbird1.exe; tbird.exe; uwtyrkog.sys; ufqyaaob.sys; kwddapog.sys; wuauclt.exe; ugtdypow.sys; kxtyyfow.sys; xegjgvprc.exe; wtogskwbn.exe; awryypoc.sys; pxroapog.sys; fxaiypog.sys; fuefue.exe; pdwb.exe; nqvkiv.exe; nesng.exe; ajeesil.exe; hidujuku.dll; tvmknwrd.dll; tvmcwrd.dll; gooredfix.exe; 440xpusa.exe; 440insta.exe; uwdyqpog.sys; pxtdapod.sys; ugtdypow.sys; kfldqpoc.sys; pxroapog.sys; lp791a.exe; slscv.exe;
January 27th, 2010 | Posted in DrWeb, Ikarus | No Comments
Threat Name: Trojan-Dropper.Win32.Small.edx
Spread Method:
Registry Value Creation
Instant Message(MSN,Gtalk,QQ etc.)
Threat type:Trojan-Dropper.Win32
Trojan-Dropper.Win32.Small.edx first detected:2010-01-25
Virus file known is javascript file
File Size:13K Bytes.
Behavior:False Instant Message
Level of Spread:6
Level of Threat:1
Reported Path:Unkonow path
MD5:8U0823b2VI86K1eaA7DgosBm13ht6gFA
SHA1..:0d1HPSjNeqHTS220iDl280J7FQ206nniI1LpxB3v
January 25th, 2010 | Posted in Ikarus, Kaspersky | No Comments
herss.exe; qjzolutnwqiaiibjgw.exe; hzocygexfypgnmelh.exe; bvmcakkfpkdwfgajhyr.exe; herss.exe; zrohslevlyiozldvs.exe; servces.exe; c.exe; 22324720.exe; svchost.com; c.exe; herss.exe; cpe17antiautorun1495.exe; mbam-setup.tmp; ichtm.exe; gkpwyv.exe; synsql.exe; bvmcakkfpkdwfgajhyr.exe; bjosecq.exe; hpyp.exe; wincikn.exe; wtqhp.exe; winvsyp.exe; wincncl.exe; jwhlli.exe; winwpriv.exe; v3exclv.com; servces.exe; c.exe; xigxq.exe; winpslkj.exe; pxje.exe; fmxc.exe; wingxpqg.exe; svchost.com; infostopsetupr_copy.exe; ikwur.exe; winbgrtr.exe; xsvx.exe; vttjbk.exe; system_v.exe; tbuxrq.exe; odgnoe.exe; fieryads.dll; 3748030016.dll; jvumr.dll; xwnsnstu.exe; wkamv.exe; icjm.exe;
January 20th, 2010 | Posted in Ikarus, Kaspersky | No Comments
settdebugx.exe sample submitted on 2010-01-19 and identified as a threat.
Alias:
Threat File:settdebugx.exe
Submit time:2010-01-19
Excute time:5 min 10 sec
Level of Spread:3
Level of Threat:3
type:Win32:VB
Filesize:40K Bytes
0K Bytes
1K Bytes
Files type
settdebugx.exe is Windows exe file.
MD5:kb4eQ5DCXEaIEMQgKBnF8q331fBi478H
January 19th, 2010 | Posted in DrWeb, Ikarus | No Comments
pr15.dll sample submitted on 2010-01-19 and identified as a threat.
Alias:
Threat File:pr15.dll
Submit time:2010-01-19
Excute time:3 min 57 sec
Level of Spread:5
Level of Threat:6
type:Net-Worm.Win32.Kolab
Filesize:55K Bytes
0K Bytes
1K Bytes
Files type
pr15.dll is a A dynamic-link library,which acts as a shared library of functions.
MD5:FNRhLCoF6R118gCj278I61P2a6MlgH1K
January 19th, 2010 | Posted in Ikarus, Kaspersky | No Comments
