Archive for March, 2010
winnetq.exe; slegv.exe; winmfvsq.exe; winlibl.exe; wingkhly.exe; windvfn.exe; windghkvr.exe; lsmu.exe; ojx.exe; blfg.exe; bkbldc.exe; tmp1402 .exe; w89fc3.exe; vuyes.exe; ymteu.exe; winxjontk.exe; wininjej.exe; biyr.exe; winuhrxi.exe; winugskil.exe; winragu.exe; winobkkos.exe; winisiwk.exe; wingieao.exe; windkfucc.exe; windgkngq.exe; w968b1.exe; jynnn.exe; jadw.exe; dopss.exe; aasisf.exe; 981.exe; winttfy.exe; winqbkgv.exe; winmdeqwd.exe; winhnmba.exe; wincokm.exe; winbcyvth.exe; fuyak.exe; 06113819.exe; winpwaya.exe; winlcty.exe; w89af8.exe; wenxy.exe; waf58a.exe; pdfupd.exe; jinyehh.exe; win32upd.exe; wuaucldt.exe;
March 31st, 2010 | Posted in NOD32, Sophos | No Comments
kaawhe.exe; jynen.dll; jwcufyyks.exe; joonycrb.dll; jkkgbygn.dll; jhlpmvf.exe; jcsohiq.exe; jawimh.exe; ixxkuj.exe; iwvrgoef.dll; isipa.exe; ijyqbrvdp.dll; igxfxdip.exe; icbew.dll; hwhtgocrc.dll; hvveusnmm.exe; hkhmckrn.dll; heuhkhev.exe; hdmlercw.exe; hbpixp.dll; hawfbw.exe; hauuewm.dll; haepua.exe; gwihiust.dll; guhfcngy.exe; gtlpgj.exe; gamkvnvh.exe; fugieekj.dll; fsapoke.exe; frudol.exe; fkaimaw.exe; ffylbn.exe; fdavryjq.exe; fcgbam.exe; ervgk.dll; eldwsmm.exe; ehfeomi.dll; eeesi.dll; ealqg.dll; dyjvagls.dll; dxpyyb.dll; dxgov.exe; dwuqf.dll; dwmaxo.dll; dwluuqu.exe; dogglakr.exe; dkqciwpqu.exe; djsbwlax.dll; diedb.dll;
March 30th, 2010 | Posted in F-Prot6, McAfee | No Comments
Threat Name: Packed.Win32.Krap.ao
Spread Method:
Connection to Specific Sites
Threat type:Packed.Win32
Packed.Win32.Krap.ao first detected:2010-03-29
%CommonAppData%\e4a12b7\SAe4a1.exe
%CommonAppData%\SABXAV\SAULWGJMKV.cfg
File Size:79K Bytes.
Behavior:Copies files to the Windows system directory
Level of Spread:6
Level of Threat:2
Reported Path:Unkonow path
MD5:iUtH2CiEm380K7FRJ1Uoo3J1MpxC4wn8
SHA1..:qd0POK3m7QY1sWNaRED873rNu82kT17B8l1xWsS7
March 29th, 2010 | Posted in Kaspersky | No Comments
winat3.exe; iexplorerr.exe; wgaqoa.exe; vivaxnets.exe; uxucea.exe; sxynic.exe; sfalua.exe; oa008mon.exe; khygoa.exe; ijulub.exe; htitid.exe; gvitab.exe; gjuzua.exe; ejogoa.exe; cravua.exe; bhanua.exe; sllbwcpwa.dll; orgres screensaver.scr; widsne.dll; uvuwiqul.dll; sfxn.exe; oyiqayis.dll; okqpsftav.exe; ocdwsftav.exe; f72940342 .exe; mzelia.exe; _voidd.sys; svers.dll; mscompz.exe; jblcf_scandal.exe; r_server.exe; mozy-1_8_2_3.exe; glf4e.exe; explorerr.exe; enbgg.exe; svers.dll; mscompz.exe; jblcf_scandal.exe; yzshadow.exe; meprogup.exe; livenotifier.dll; cconter.exe; msadvisor.exe; wkl.exe; winlogonuise.exe; vssadminv.exe; t320068.dll; sredjm.exe; powerdes.exe;
March 28th, 2010 | Posted in DrWeb, NOD32 | No Comments
80_MSIMN.EXE ACDDNLMGR.EXE ADOBE AUDITION 3.0.EXE ANIMATE.EXE ANTISPYWAREPLUS.EXE ANTZOM[n].EXE ARCADEPOOL2-DM.EXE ARM-ELF-GDBTUI.EXE ARMHELPER.OCX ATI2MDXX.EXE ATMUNI.SYS BALLADA.EXE BIGSCORE.EXE BIT9B0.TMP BITSMIG.DLL BLANK.EXE BLOOD.EXE BOOST_GRAPH-VC80-MT-1_36.DLL BROWSCFG.EXE CBSCORE.DLL CDRFLT100.DLL CIELA50.EXE CKLDRV.SYS CLEARREG.EXE CLOCK.EXE CLOCK.SCR COMPILADO.EXE COPYBYTE.EXE CUSTOMERDATASET.DESIGNER.VB.DLL DATAACCESSBRIDGE.DLL DECODE.EXE DEVICEAGENT.DLL DIRECTX_FEB2010_REDIST.EXE DISKCHANGENOTIFY.DLL DUMPED.SYS EAD196.EXE ECRYPT.EXE EGAUTOPRO_CRM.EXE ELFLOAD.DLL EMACS.EXE ENCODE.EXE EXPRESSSERVICE.EXE FILEPREVIEW.EXE FLCONPLAYERNT.EXE FLOCK.EXE FLTMC.EXE FMFAX.EXE GKELOOK.DLL GLINX.EXE GLOBO.EXE GYUJTO2KAR.EXE HKEY-W32.DLL HPZMSI01.EXE [...]
March 27th, 2010 | Posted in Avast, F-Secure | No Comments
Threat Name: Win32.Worm.DownadupJob.A
Spread Method:
File Creation
Threat type:Win32.Worm
Win32.Worm.DownadupJob.A first detected:2010-03-26
Virus file known is PE exe file written in C language
File Size:19K Bytes.
Behavior:Unknow behavior
Level of Spread:1
Level of Threat:2
Reported Path:Presence of many scheduled jobs in C:\Windows\Tasks named At.job
MD5:E6P118fAi1t826041y5LkfF0ImUXhsJv
SHA1..:MYx4LG2i5M78OT3V40Ys62nJq7dg5br8uH8TTOO6
March 26th, 2010 | Posted in BitDefender | No Comments
Threat Name: Trojan.PWS.YOX
Spread Method:
USB Disk
USB Disk
Threat type:Trojan.PWS
Trojan.PWS.YOX first detected:2010-03-26
Virus file known is PE exe file written in C language
File Size:393K Bytes.
Behavior:Registered as a Dynamic Link Library File
Level of Spread:3
Level of Threat:5
Reported Path:D:\Documents and Settings\[Users]\Local Settings\Temp\
MD5:c30XAOiNxu7Dv0D0tA3prgyFom2Um4uK
SHA1..:3RCgiwpv218L11lB0IS88o2n87Od7T1S4aK23281
March 26th, 2010 | Posted in BitDefender | No Comments
AEXMETRICCHARTAX.DLL ALOHA.EXE ANEMCOM.EXE ARPWRMSG.EXE ASMMATRIX216I.DLL ATCLIUN.EXE ATMRDR.SYS AUTOCAMRES.DLL AVAST.EXE AVGIDSWATCHER.EXE AXISGMAIN.DLL AYK307.DLL BAEL.DLL BANNED_BBS_VIDEO[1].EXE BL.MAGNET.CIRCDATA.NET.DLL BPRBASE.DLL BUILDALOT3.EXE CAMSOPCSERVERSETTING.EXE CATPRSBACKGROUNDINTERFACES.DLL CATPRSREP.DLL CATSMARTEAMINTEGRATION.DLL CCINSERT.EXE CCLICW.DLL CDSAFE.EXE CERCPAN.DLL CERCVGI.DLL CFGPLANO.DLL CLASSWIZARD.EXE CLIP4.EXE COCONUTQUEEN.EXE CPIO.DLL CV07.DLL CV09.DLL CV14.DLL DAPIEENGINE.DLL DESIGNSENSORSRES.DLL DESPLANO.DLL DIBBASE.DLL DLECCOMS.EXE DOTNETNUKE.MODULES.USERSONLINE.DLL DOWNLOAD[n].EXE DRBPLG.EXE DRMSSO.DLL DSI_TS_TCPIP.EXE DSLIBRARY.DLL DVD2DVD.DLL EAZYPAPERDOT.DLL ECMACCOUNTING.EXE ELMWIN.DLL ERRORLOG.EXE EZCAPT.EXE FF_LIBDTS.DLL FILEIESCNSST.DLL FISHDOMH2OHIDDENODYSSEY.DLL FIXMFS.DLL [...]
March 26th, 2010 | Posted in Kaspersky, Pctools | No Comments
Threat Name: TrojanDownloader.Small.kjv
Spread Method:
File Creation
Hacked Website
Threat type:TrojanDownloader.Small
TrojanDownloader.Small.kjv first detected:2010-03-25
A program that downloads files to the local computer that may represent security risk
File Size:460K Bytes.
Behavior:Usualy created by unsafe process
Level of Spread:6
Level of Threat:4
Reported Path:E:\Documents and Settings\[Users]\Local Settings\Temp\
MD5:dcPOJ5m7QFJsEnaQKC876rMu82kS17H8
SHA1..:43wwrR7CyhK0fv2ylkFES8u1GO6bMDiG6L2f0aDd
Platform:WIN9X/ME/NT/2000/XP/2003/Vista/Win7
March 25th, 2010 | Posted in Kaspersky, Symantec | No Comments
Threat Name: Worm.SymbOS.Yxe.e
Spread Method:
File Creation
Threat type:Worm.SymbOS
Worm.SymbOS.Yxe.e first detected:2010-03-25
Virus file known is dll file written in C++
File Size:516K Bytes.
Behavior:Attempted Connection to External Sites
Level of Spread:5
Level of Threat:1
Reported Path:
C:\system\data\Local_Para.txt
C:\system\data\Remote_Para.txt
C:\system\data\SisInfo.cfg
C:\system\data\Source.ini
MD5:833wvrX7Bxnq0lu2xrkEEY8u0FN6bMDo
SHA1..:2SR118aCj25sI41Pgt6MmaH1KnvA3uk5OBs4422k
March 25th, 2010 | Posted in Kaspersky | No Comments
