Archive for the 'Sophos' Category
kwsui.dll; KWSSVC.log; kwssp.dll; KSWebShield.exe; kswebshield.dll; kswbc.dll; wscsvc32.exe; wmsdk64_32.exe; expand32xp.dll; clonereree.exe; cleansweepupd.exe; wscsvc32.exe; wmsdk64_32.exe; pragma9124.tmp; troj000.exe; spam003.exe; spam001.exe; ez1.exe; a.exe; crusty.exe; njylkisshdw.exe; qovffihshdw.exe; wyux.exe; xuny.exe; toac.exe; ofdob.exe; zeac.exe; vovuo.exe; biys.exe; wndutl32.dll; nawexumtssd.exe; ufxw.exe; googleupdate.exe; sessionlauncher.exe; 5459.exe; gtbb.tmp.exe; wireshark antivirus.exe; csrss.exe; conhost.exe; avt.exe; desktoplayer.exe; pragmad.sys; pragmac.dll; winfshgk.exe; winajnej.exe; redsmb.exe; od_l_ldr.exe; lh1157.exe; peamms.exe;
August 15th, 2010 | Posted in NOD32, Sophos | No Comments
Here is the description of the agremove.exe virus file. Tell you what is agremove.exe file and is agremove.exe a virus file. The alias is according to the samples of agremove.exe we received.
agremove.exe sample submitted on 2010-08-15 and identified as a threat.
Alias:
Threat File:agremove.exe
Submit time:2010-08-15
Excute time:7 min 2 sec
Level of Spread:2
Level of Threat:6
type:not-a-virus:FraudTool.Win32.
Filesize:59K Bytes
20K Bytes
13K Bytes
Files type
agremove.exe [...]
August 15th, 2010 | Posted in NOD32, Sophos | No Comments
smx4pnp.dll; jrziem.exe; a.exe; 4x.exe; 3x.exe; 2x.exe; yeah.exe; xp6520~1.exe; visitbot1.0.exe; u3d0c25n.exe; tjuxztau.exe; software.exe; l84alx.exe; jbpjcmth.exe; dbghelp.dll; anticpsvr_.dll; anticpsvr.dll; 755179.exe; 2.3.2.exe; wscsvc32.exe; mschrt20ex.dll; autmgr32.exe; waym.exe; svcnost.exe; pgtdqpow.sys; erms.exe; pgtdqpog.sys; uwldapod.sys; kgdorpow.sys; pgldapoc.sys; pwtdyfog.sys; googleupdate.exe; idmmzcc.dll; hiygu.exe; hiygu.exe; moe.exe; hpe218.dll; 12a1cdc535.sys; yusedehxxx.exe; ufgxxw.exe; ueuoxear.exe; rcoesanmwx.exe; ldrleovj.exe; l84alx.exe; 3678097.sys; r3ghaz.exe; qcl.exe; fxliypow.sys; jtr.exe;
July 26th, 2010 | Posted in DrWeb, Sophos | No Comments
Now we received the file sample about st325602.dll virus and detected st325602.dll, is a virus file. Follwing is the st325602.dll virus file analysis result: st325602.dll sample submitted on 2010-07-10 and identified as a threat.
Alias:
Threat File:st325602.dll
Submit time:2010-07-10
Excute time:10 min 49 sec
Level of Spread:4
Level of Threat:6
type:Win32/PEMask
Filesize:81K Bytes
Files type
st325602.dll is a A dynamic-link library,which acts as a shared [...]
July 10th, 2010 | Posted in F-Prot6, Sophos | No Comments
Tell you about sp45058.exe as what is sp45058.exe and how to remove sp45058.exe:
sp45058.exe sample submitted on 2010-04-18 and identified as a threat.
Alias:
Threat File:sp45058.exe
Submit time:2010-04-18
Excute time:2 min 5 sec
Level of Spread:6
Level of Threat:2
type:GAME/Dldr.TryMedia
Filesize:7K Bytes
Files type
sp45058.exe is Windows exe file.
MD5:A4L8×6A7Daps0n830t4GGb0w1HP7dOFq
April 18th, 2010 | Posted in Microsoft, Sophos | No Comments
winnetq.exe; slegv.exe; winmfvsq.exe; winlibl.exe; wingkhly.exe; windvfn.exe; windghkvr.exe; lsmu.exe; ojx.exe; blfg.exe; bkbldc.exe; tmp1402 .exe; w89fc3.exe; vuyes.exe; ymteu.exe; winxjontk.exe; wininjej.exe; biyr.exe; winuhrxi.exe; winugskil.exe; winragu.exe; winobkkos.exe; winisiwk.exe; wingieao.exe; windkfucc.exe; windgkngq.exe; w968b1.exe; jynnn.exe; jadw.exe; dopss.exe; aasisf.exe; 981.exe; winttfy.exe; winqbkgv.exe; winmdeqwd.exe; winhnmba.exe; wincokm.exe; winbcyvth.exe; fuyak.exe; 06113819.exe; winpwaya.exe; winlcty.exe; w89af8.exe; wenxy.exe; waf58a.exe; pdfupd.exe; jinyehh.exe; win32upd.exe; wuaucldt.exe;
March 31st, 2010 | Posted in NOD32, Sophos | No Comments
Threat Name: Trojan.WinREG.StartPage.am
Spread Method:
Connection to Specific Sites
Instant Message(MSN,Gtalk,QQ etc.)
Connection to Specific Sites
Threat type:Trojan.WinREG
Trojan.WinREG.StartPage.am first detected:2010-03-25
Virus file known is javascript file
File Size:429K Bytes.
%Temp%\nse2.tmp\System.dll
%System%\xx_dh.reg
Level of Spread:6
Level of Threat:4
Reported Path:Unkonow path
MD5:Y7Cynr0mv2yskFEY0u1GO6bMDpGTR210
SHA1..:aDk25sI41P276nmbH1LowA3ul5OCtN433l4580q7
March 25th, 2010 | Posted in Kaspersky, Sophos | No Comments
Threat Name: Rootkit.Win32.Agent.bdvg rootkit
Spread Method:
External Storage Device (USB Device etc.)
Threat type:Rootkit.Win32
Rootkit.Win32.Agent.bdvg rootkit first detected:2010-03-25
Virus file known is PE EXE file written in Basic
File Size:380K Bytes.
Behavior:places the file shown below in the root of the disk::\autorun.inf
Level of Spread:1
Level of Threat:2
Reported Path:
%ProgramFiles%\MSDN\One.sys
%ProgramFiles%\MSDN\One.inf
MD5:rBqQ82moDVCmj1Rk3rhbO8wyUNtvt7Jt
SHA1..:0i8rFPnplxk4k4A45s5jwH12vou10Dq0H320nx78
March 25th, 2010 | Posted in Kaspersky, Microsoft, Sophos | No Comments
jzllw.exe; cvasds0.dll; implayok.exe; synsql.exe; rbx.exe; implayok.exe; daolbx.exe; update.exe; swlsysit.dll; ptu2_tmp.exe; installcasino.exe; ie-homepagelock.exe; edonkey0.50.1.exe; dpsfnshr.exe; bits.dll; asd16.dll; 8xcrbho6.exe; imeshv5.exe; rjvjlsvw.exe; xysfxckx5.exe; ucleaner_setup.exe; sbads.dll; meprogup.exe; livenotifier.dll; golen.exe; cklk381.exe; cconter.exe; asd3.tmp.exe; ams32.exe; twmsico.dll; cmstp.exe; wyeke137.exe; wyeke129.exe; webguard32.exe; nero7keygen.exe; jpjwatcher.exe; imageshackert.exe; dummymsgbox.exe; bmicrosoft.exe; 3proxy.exe; bcil.dll; dpsfnshr.exe; cmdlineextinstallerexe.exe; slun.dll; evillyrics.exe; servertool.exe; dd2.exe; rockxp4.exe; rockxp4_.exe;
March 24th, 2010 | Posted in F-Secure, Microsoft, Sophos | No Comments
Trojan horse Patched_c.CZA.dropper file ACTIVA~1.EXE
Threat Name: Trojan horse Patched_c.CZA.dropper
Spread Method:
E-Mail
Threat type:Trojan horse Patched_c.CZA
Trojan horse Patched_c.CZA.dropper first detected:2010-03-09
Virus file known is PE exe file written in C language
File Size:14K Bytes.
Behavior:Unknow behavior
Level of Spread:1
Level of Threat:2
Reported Path:D:\Winnt\System32\ACTIVA~1.EXE
MD5:E6P118eAi1t826041y5KkfF0IlTXhsJu
SHA1..:MYx4KG2i5M78O63V40Ys62nJq7cg5br7uH8TSOO5
March 9th, 2010 | Posted in AVG, Sophos | No Comments
