audiohd.exe sample submitted on 2011-09-07 and identified as a threat.
Alias:
Threat File:audiohd.exe
Submit time:2011-09-07
Excute time:3 min 51 sec
Level of Spread:6
Level of Threat:3
type:Trojan-Downloader.Win32.BHO
Filesize:51K Bytes
Files type
audiohd.exe is Windows exe file.
MD5:757R0713X16F7qIccwW6Adlp8kb2eQ5D
77006587.exe; a0026592.exe; a0026583.exe; a0026564.exe; value.exe; shah.exe; publico.exe; municipal.exe; publicas.exe; usados.exe; sebastian.exe; solis.exe; varias.exe; colee.exe; mcb.exe; tags.exe; vphalld.exe; trick.exe; artistic.exe; pool.exe; geo_font.exe; jachvi.exe; miriani.exe; 篥o`a`e`溽?.exe; 06496371.dll; 28060821.dll; greport.dll; a0121881.dll; vs000121.dll; letras).exe; evillyrics-setup.exe; v0.17.exe; 96677394.dll; 67947001.dll; 80237868.dll; 05778097.dll; textfile.scr; ranking.txt.scr; ps.txt.scr; posting.scr; mails.scr; location.rtf.scr; disco.doc.scr; bill.scr; attachment.rtf.scr; story.scr; worm.somefool.gen-2.scr; w32-netsky-b.exe; website.exe;
cleanddm.exe sample submitted on 2011-08-15 and identified as a threat. C:\Documents and Settings\All Users\Application Data\\cleanddm.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
cleanddm = “%AppData%\cleanddm.exe” so that cleanddm.exe runs every time Windows starts
Alias:
Threat File:cleanddm.exe
Submit time:2011-08-15
Excute time:9 min 20 sec
Level of Spread:2
Level of Threat:6
type:Trojan-Downloader.Win32.FraudLoad
Filesize:49K Bytes
Files type
cleanddm.exe is Windows exe file.
MD5:P6AwfI8dT2WKi1CQ8s0EM5yK0g16Jedx
xoausuf.exe; swvaidqegy.exe; qkviis.exe; pvakacn.exe; laqeg.exe; doss.exe; 8080tcpdoss.exe; 1049tcpmicrosoft.exe; exmoo.exe; uilogon.exe; pcxaxp.exe; 762a6c91.exe; 21tcpservicedll.exe; eoxjlw.exe; unhider.exe; kxtdapow.sys; setup2.exe; FacebookUpdate.exe; 3xXx3.exe; lua7.exe; w.exe; MagebotSetupvT90.exe; i.exe; 99knoj0.exe; mservice32.exe; l0ym04fyv1.exe; winlogon.exe; winlogon.exe; sfmil.exe; maswtjoy.exe; wfindsearchc.dll; v3shrtkgn.dll; accad.dll; winlogon.exe; windows.exe; msf.exe; pr4vt.exe; services.exe; be9040.exe; kwimage.dll; del_ah1.exe; uninstallrq.exe; rsetpath.exe; winxfigt.sys; adilodas.dll; 2268163.exe; wsysweb.dll; configser.exe; conta32.exe;
Trojan.Win32.Scar.dpmx is a trojan to steal the QQ acount.
Threat Name: Trojan.Win32.Scar.dpmx
Spread Method:
Instant Message(MSN,Gtalk,QQ etc.)
Threat type:Trojan.Win32
Trojan.Win32.Scar.dpmx first detected:2011-08-01
Virus file known is PE EXE file written in Java
File Size:595K Bytes.
Behavior:Copies files to the Windows system directory
Level of Spread:6
Level of Threat:2
Reported Path:
C:\windows\system\SVCH0ST.exe
C:\windows\system\HJonny.bat
MD5:B4M0y7BWEbqt1o830u4HHc082IQ7ePGr
SHA1..:JVu22Cdfm36vL52S37Upp1K2NqyD4xn6rE7QPK3n
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\AutoKill = “C:\windows\system\SVCH0ST.exe”
hnm5.exe is what? Popup window says hnm5.exe has encountered a problem and needs to close. hnm5.exe sample submitted on 2011-07-05 and identified as a threat.
Alias:
Threat File:hnm5.exe
Submit time:2011-07-05
Excute time:10 min 4 sec
Level of Spread:3
Level of Threat:4
type:Win32:Bifrose
Filesize:39K Bytes
0K Bytes
1K Bytes
Files type
hnm5.exe is Windows exe file.
MD5:8727W7UjUA0Y62qOP181NLm0LqTPJ82F
tngmwngm.exe; 9967601.exe; 9919134.exe; 9900786.exe; 9080649.exe; 8998604.exe; 780992.exe; 7518420.exe; 7495008.exe; 7337340.exe; 6525116.exe; 5988036.exe; 554562.exe; 5465749.exe; 4759195.exe; 3829880.exe; 3578148.exe; 3567178.exe; 3497875.exe; 2561027.exe; 2398725.exe; 2391819.exe; 2162533.exe; 1926179.exe; 1896888.exe; 1667175.exe; 149695.exe; opovua.exe; is-noojd.exe; is-i121i.exe; is-avgik.exe; is-6v4s4.exe; is-3j75m.exe; 123.vbs; yrixv.exe; winxqsx.exe; winrrrs.exe; winpqrxdk.exe; winmrhp.exe; winhjikx.exe; wingqvtit.exe; winbrawd.exe; winatxobe.exe; loiget.exe; goychx.exe; aare.exe; sucqv.exe; csrss.exe; rwodua.exe;
winwords.exe; winsanta.exe; winb.exe; subidor.exe; msn.exe; kids.exe; facek.exe; windoctorx.exe; to print.exe; taskwbs.exe; grades.exe; document 1.exe; case study.exe; algonic.exe; twloadi0c.dll; timesync.exe; rundll32.exe; quarue.exe; timesync.exe; trol2.exe; sat_secured.exe; pinbol.exe; oem.exe; eclpcg16.exe; cmdb.exe; winst.exe; toikf.exe; papi.exe; driverupdate.exe; cmjngw.exe; jcxaxj.exe; huibfoii.exe; toikf.exe; defender.exe; cmjngw.exe; cleanddm.exe; cleanddm.dll; 1051tcpwinlog.exe; 1050tcpwinlog.exe; winwords.exe; winsanta.exe; winb.exe; subidor.exe; msn.exe; kids.exe; facek.exe; windoctorx.exe; to print.exe; taskwbs.exe;
win32sta.dll is detected as a trojan files and we advise you remove it asap. win32sta.dll sample submitted on 2011-06-11 and identified as a threat.
Alias:
Threat File:win32sta.dll
Submit time:2011-06-11
Excute time:7 min 34 sec
Level of Spread:3
Level of Threat:5
type:not-a-virus:FraudTool.Win32.XpPoliceAntivirus
Filesize:56K Bytes
0K Bytes
1K Bytes
Files type
win32sta.dll is a A dynamic-link library,which acts as a shared library of functions.
MD5:GSR210hCk270I71P206mmhH1KnvA3ul8
Trojan-PSW.Win32.QQPass.aczc
Threat Name: Trojan-PSW.Win32.QQPass.aczc
Spread Method:
Malware Installation
Instant Message(MSN,Gtalk,QQ etc.)
Windows Vulnerability
Threat type:Trojan-PSW.Win32
Trojan-PSW.Win32.QQPass.aczc first detected:2011-05-29
Virus file known is javascript file
File Size:205K Bytes.
Behavior:Delete the original virus file
Level of Spread:1
Level of Threat:1
Reported Path:E:\Winnt\
MD5:X0W5wO44d70L3jr3o6N2nyDF746DAti0
SHA1..:yIxX1pUV41KtQl0RqYoP72ln0UBli05I2qgaN8vw