Threat Name: HEUR:Trojan.Win32.Invader
Spread Method:
Windows Vulnerability
Threat type:HEUR:Trojan.Win32
HEUR:Trojan.Win32.Invader first detected:2010-01-30
Virus file known is Script file written in jsp
File Size:132K Bytes.
Behavior:places the file shown below in the root of the disk::\autorun.inf
Level of Spread:5
Level of Threat:5
Reported Path:E:\Winnt\System32\
MD5:p0o65PE5UwT4bLJ406y3Ghv2M5LErdBC
SHA1..:6350WxfXD2cVctRT3B2QO58Ou8sM6eiKYS8If04G
Threat Name: not-a-virus:AdWare.Win32.BadBar.f
Spread Method:
Download From website
Threat type:not-a-virus:AdWare.Win32
not-a-virus:AdWare.Win32.BadBar.f first detected:2010-01-30
Virus file known is driver file *.sys written in C
File Size:570K Bytes.
Behavior:Unknow behavior
Level of Spread:6
Level of Threat:1
Reported Path:D:\Documents and Settings\[Users]\Local Settings\Temp\
MD5:A4L8×6A7Eaps0n830t4GGb0w1HP7dOFq
SHA1..:IUt22BcEl35uK52R37UoocJ1MpxC3wn6qDuP5J3m
stu.exe; oldy.exe; 007ssinstall.exe; wscsvc32.exe; twunk_32x.exe; fgldapod.sys; cdrmkaun.sys; pqr.exe; fmxgrid.exe; herss.exe; ffpage.exe; nsz.exe; xhl.exe; vkl.exe; cpy.exe; herss.exe; azl.exe; herss.exe; ogh.exe; ilx.exe; herss.exe; ffo.exe; iexplorer.exe; latinleapwill.exe; winpommt.exe; nsz.exe; setuper.exe; xhl.exe; vtdnm.exe; bigc.exe; vkl.exe; yeot.exe; w2dcb93.exe; cpy.exe; rtkbtmnt.exe; clclean.0001; azl.exe; tbeacmewuxd.exe; wrpn.exe; wkvmiq.exe; winjkjquk.exe; winutctxv.exe; winkkoj.exe; winfhgh.exe; winecrjld.exe; winbjqd.exe; w91ee6.exe; w40531a.exe; w319ec2.exe;
FieryAds.dll; mlburmh.exe; userlib.dll; windll.exe; cpco.exe; kqbv.exe; wgqi.exe; trhh.exe; sdigdvmg.exe; byyk.exe; [bleep]3.exe; dwytxrzf.exe; pdfupd.exe; pdfupd.exe; 440xpusa.exe; 440insta.exe; h8srtkrl32mainweq.dll; wsf6d0.exe; tbird1.exe; tbird.exe; uwtyrkog.sys; ufqyaaob.sys; kwddapog.sys; wuauclt.exe; ugtdypow.sys; kxtyyfow.sys; xegjgvprc.exe; wtogskwbn.exe; awryypoc.sys; pxroapog.sys; fxaiypog.sys; fuefue.exe; pdwb.exe; nqvkiv.exe; nesng.exe; ajeesil.exe; hidujuku.dll; tvmknwrd.dll; tvmcwrd.dll; gooredfix.exe; 440xpusa.exe; 440insta.exe; uwdyqpog.sys; pxtdapod.sys; ugtdypow.sys; kfldqpoc.sys; pxroapog.sys; lp791a.exe; slscv.exe;
Threat Name: Trojan-Dropper.Win32.Agent.bjck
Spread Method:
USB Disk
Threat type:Trojan-Dropper.Win32
Trojan-Dropper.Win32.Agent.bjck first detected:2010-01-25
Virus file known is driver file *.sys written in C++
File Size:663K Bytes.
Behavior:Unknow behavior
Level of Spread:3
Level of Threat:1
Reported Path:D:\Windows\System32\
MD5:8xsA7Dyos0m73atlGFA0v1HP6cNEqHTS
SHA1..:220bDl25tJ51Q276nnbI1LowB3vm6pCtO5J3l458
Threat Name: Trojan-Dropper.Win32.Agent.bjzk
Spread Method:
Malware Installation
Download From website
Windows Vulnerability
Threat type:Trojan-Dropper.Win32
Trojan-Dropper.Win32.Agent.bjzk first detected:2010-01-25
Virus file known is PE EXE file written in Basic
File Size:93K Bytes.
Behavior:Unknow behavior
Level of Spread:1
Level of Threat:6
Reported Path:C:\Windows\System32\
MD5:lB0IS88o2n87Od7T1S4yK2328121FtFK
SHA1..:7jDqb807I7XVWlVC1aT2rPRGA2PMn0NsUrL83HIX
Threat Name: Trojan-Dropper.Win32.Small.edx
Spread Method:
Registry Value Creation
Instant Message(MSN,Gtalk,QQ etc.)
Threat type:Trojan-Dropper.Win32
Trojan-Dropper.Win32.Small.edx first detected:2010-01-25
Virus file known is javascript file
File Size:13K Bytes.
Behavior:False Instant Message
Level of Spread:6
Level of Threat:1
Reported Path:Unkonow path
MD5:8U0823b2VI86K1eaA7DgosBm13ht6gFA
SHA1..:0d1HPSjNeqHTS220iDl280J7FQ206nniI1LpxB3v
Threat Name: Trojan-Dropper.Win32.Agent.bkao
Spread Method:
Hacked Website
Threat type:Trojan-Dropper.Win32
Trojan-Dropper.Win32.Agent.bkao first detected:2010-01-25
Virus file known is javascript file
File Size:310K Bytes.
Behavior:Copies own executable file
Level of Spread:1
Level of Threat:2
Reported Path:D:\Winnt\System32\
MD5:lXwKJE4hoL01N8IUL2Xr64mIP6bf5ap0
SHA1..:tg1SrmM58tCGvAQdTHf0YN7qxB34V28D0oGbauUX
zqpkfdymnigsinwamxsbq.exe; zqpkfdymnigsinwamxsbq.exe; xmjcvrkwvokuilsueng.exe; wicsibrawmfmxxba.exe; kkuninst.exe; herss.exe; uiucu.exe; lcl.exe; herss.exe; xpl.exe; mswinsrv.exe; herss.exe; mformat.exe; xzpgiauqimgnvdptvxneg.exe; xzpgiauqimgnvdptvxneg.exe; xhh.exe; vvjyyogaqskpvblnnnb.exe; urcolynerqfhknut.exe; kjwkjypixyptydmnml.exe; fsh.exe; pv1.exe; winrcupkc.exe; wineasw.exe; winxhcx.exe; winqgfy.exe; winpabmvo.exe; winhaxys.exe; winemkke.exe; waam.exe; scqi.exe; jvoevo.exe; nhr.exe; winsvyg.exe; lcl.exe; xpl.exe; tmphh.exe; tmp2351.exe; mswinsrv.exe; 1-bwjidstkney9ouxn.exe; winltka.exe; winwfau.exe; lsqnfy.exe; windtcx.exe; hvef.exe; winxexbyn.exe; rjtf.exe; lofqfv.exe; hmuo.exe; fkkr.exe;
kbdsock.dll sample submitted on 2010-01-23 and identified as a threat.
Alias:
Threat File:kbdsock.dll
Submit time:2010-01-23
Excute time:10 min 53 sec
Level of Spread:4
Level of Threat:1
type:Win32.Worm.Allaple.Gen
Filesize:87K Bytes
Files type
kbdsock.dll is a A dynamic-link library,which acts as a shared library of functions.
MD5:7h2ttoV6YuKowIsevPh0BV7r8D35X30M