Archive for August, 2011
24fc2ae3c49.exe; 24fc2ae3079.exe; tmsysr.exe; 000.exe; eli_548.exe; eli_303.exe; eli_175.exe; 1313226317496.exe; 131322631612468.exe; gvtktq.exe; ichyhg.exe; gpdsdy.exe; wincxdnht.exe; rnncfy.exe; streams.exe; mturoute.exe; kav8.0.0.506br.exe; aegvvp.exe; MOBSSYNCC.EXE; jashla.exe; Edxaxe.exe; aegvvp.exe; Io.vbs; 22CC6C32.exe; msnlmsgrsn.exe; Grfsfy.exe; runAPI79.exe; Scxaxs.exe; rubarbroker.exe; rubar.dll; winlogon_47.exe; vgtbs.sys; network.exe; fgths.sys; autokms.exe; wwpkodl.exe; vrvkhms.exe; vjuqrdc.exe; sgjldl.exe; mhtvdha.exe; jorvvo.exe; ggrdoe.exe; eetdmcs.exe; dynupgo.exe; dgwnood.exe; deosee.exe; akibpx.exe; ttms829.dll.vbs; stc.exe;
August 31st, 2011 | Posted in Microsoft, Pctools, VBA32 | No Comments
135171.dll; 7ikm.exe; 223328.dll; 141015.dll; 1068tcpregsvr.exe; 104421_s.dll; uyobezaxeqeta.dll; uxobeqov.dll; uwigugekajomowap.dll; utp.exe; utoyuxoxot.dll; utililabrcsetup.exe; ukuvoyoxajijohap.dll; ujuvevukov.dll; ujexewofeseduzuv.dll; uhcd.exe; ufayadomipusovo.dll; udetudokawasaxov.dll; ubunezud.dll; yhh.exe; yhg.exe; yhf.exe; xbr.exe; kcz.exe; kc0.exe; kc0 .exe; hpdj00.exe; syspol32.sys; snsign32.dll; mcymaa.exe; ltohea.exe; izuxowexuluqizev.dll; iyoyoqev.dll; ixowuroviqohuwu.dll; ixaziyijevulase.dll; iwetibuxerugug.dll; iqesixaxet.dll; ijibukukaseg.dll; ijabewavate.dll; exitwx.exe; eroyiyukejubetov.dll; elulodip.dll; eloqoleziba.dll; desh32.dll; cpldfl10.exe; captng.dll; awedamap.dll; aretibux.dll; apudiruvupoqoxe.dll;
August 28th, 2011 | Posted in DrWeb, Norman, Sophos | No Comments
Constructor.Win32.Agent.ux
Threat Name: Constructor.Win32.Agent.ux
Spread Method:
Connection to Specific Sites
Windows Vulnerability
Threat type:Constructor.Win32
Constructor.Win32.Agent.ux first detected:2011-08-26
Virus file known is PE EXE file written in Dephi
File Size:527K Bytes.
Behavior:Creat files in Documents and Settings\[Users]\Local Settings\Temp\
C:\Documents and Settings\Administrator\Local Settings\Temp\E_4\krnln.fnr
Level of Spread:6
Level of Threat:1
Reported Path:Unkonow path
MD5:5UM34b6a32hp2M5L1lWBD6350Xrg8w2v
SHA1..:VdnST302ROjxPoWmNtejl0S8Jg05G1Oex4vtvRKP
August 25th, 2011 | Posted in Kaspersky | No Comments
EXE 2 LNK.EXE; hamza.exe; u9ikmh8q54.exe; spsjyb.exe; nsm8q6r72571wqvj89.exe; kioluz.exe; 0pr1al2od2.exe; x11811.exe; myies.exe; flt-trp4.exe; eprodv.exe; eprodv.exe; ylhe.exe; usapmy.exe; ohwaz.exe; spsjyb.exe; zeycz.exe; dcxaxd.exe; compmgm.exe; compmgm.dll; 7ikm.exe; 1167udplssas.exe; 1107tcp7ikm.exe; vtypmf.exe; uxdyykob.sys; q2c21o7hgfuo.exe; oaydvwxuh0f7.exe; server.exe; gusyyypjgyd4.exe; 7duitbu48chi.exe; vw9yv4kvspow.exe; kzmiaq1l37bm.exe; explorer.exe; 4925158.exe; 3060195.exe; vtypmf.exe; uxdyykob.sys; hantiat6.exe; FineTopUDF.exe; cap.exe; IEPRS.exe; iOmem.exe; iOmem101.exe; Edxaxe.exe; aegvvp.exe; Io.vbs Vbs.Thea.A; 22CC6C32.exe; antispywarebotsrv.srv.exe; winsidematchupdate.exe;
August 25th, 2011 | Posted in AVG, Ikarus, Norman | No Comments
is2010.exe; intrwt.dll; iexp1ore.exe; iekey.dll; iedate.dll; iiexp10re.exe; rund1132.exe; iexplorer.exe; iexpl0re.exe; 1explore.exe; uninstall.exe; securitycenter.exe; pthreadvc2.dll; hjengine.dll; desktop security.exe; uninstall.exe; securitycenter.exe; pthreadvc2.dll; hjengine.dll; desktop security 2010.exe; rreg.exe; rising.exe; mscs.exe; msinfo32system.exe; iexp10re.exe; install_fbgt.exe; exfine.exe; iwhdeej.exe; rpcapd.exe; winggou.exe; winggosetup.exe; windecrypt.exe; updatefile.exe; sxplayer.exe; svchost.exe; soxunexserver.exe; uninst.exe; sxplayer.exe; soxunexserver.exe; eplayer.ocx; autoupdate.exe; uninstall.exe; slhelper.dll; searchlite.dll; sachost.exe; pro.exe; unins000.exe; doc2pdf.dll; ssubtmr.dll;
August 21st, 2011 | Posted in AVG, Kaspersky, NOD32 | No Comments
Trojan-Downloader.Win32.NSIS.ns is a trojan and you should remove it asap.
Threat Name: Trojan-Downloader.Win32.NSIS.ns
Spread Method:
File Creation
Threat type:Trojan-Downloader.Win32
Trojan-Downloader.Win32.NSIS.ns first detected:2011-08-19
Virus file known is driver file *.sys written in C++
File Size:376K Bytes.
Behavior:Unknow behavior
Level of Spread:2
Level of Threat:3
Reported Path:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NSLBFCC.TMP\configuration.ini
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NSLBFCC.TMP\inetc.dll
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NSLBFCC.TMP\system.dll
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\FTP-SERVER-U.exe_
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\START.htm_
MD5:iVtH2CjFm380K7GRJ1Upo3J2NqyC4wn0
SHA1..:qe1PPk3m7QY1sXOaREd883rNu82kT17B8lExXsS7
August 18th, 2011 | Posted in BitDefender, Kaspersky, Norman | No Comments
77006587.exe; a0026592.exe; a0026583.exe; a0026564.exe; value.exe; shah.exe; publico.exe; municipal.exe; publicas.exe; usados.exe; sebastian.exe; solis.exe; varias.exe; colee.exe; mcb.exe; tags.exe; vphalld.exe; trick.exe; artistic.exe; pool.exe; geo_font.exe; jachvi.exe; miriani.exe; 篥o`a`e`溽?.exe; 06496371.dll; 28060821.dll; greport.dll; a0121881.dll; vs000121.dll; letras).exe; evillyrics-setup.exe; v0.17.exe; 96677394.dll; 67947001.dll; 80237868.dll; 05778097.dll; textfile.scr; ranking.txt.scr; ps.txt.scr; posting.scr; mails.scr; location.rtf.scr; disco.doc.scr; bill.scr; attachment.rtf.scr; story.scr; worm.somefool.gen-2.scr; w32-netsky-b.exe; website.exe;
August 18th, 2011 | Posted in AVG, F-Prot6, McAfee | No Comments
uload33.dll sample submitted on 2011-08-15 and identified as a threat.
Alias:
Threat File:uload33.dll
Submit time:2011-08-15
Excute time:9 min 46 sec
Level of Spread:4
Level of Threat:6
type:SHeur.CMDD
Filesize:75K Bytes
Files type
uload33.dll is a A dynamic-link library,which acts as a shared library of functions.
MD5:IUtH20iEl280K7FR307onjJ1MpxC3vm8
August 14th, 2011 | Posted in Avast, CA, F-Secure | No Comments
cleanddm.exe sample submitted on 2011-08-15 and identified as a threat. C:\Documents and Settings\All Users\Application Data\\cleanddm.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
cleanddm = “%AppData%\cleanddm.exe” so that cleanddm.exe runs every time Windows starts
Alias:
Threat File:cleanddm.exe
Submit time:2011-08-15
Excute time:9 min 20 sec
Level of Spread:2
Level of Threat:6
type:Trojan-Downloader.Win32.FraudLoad
Filesize:49K Bytes
Files type
cleanddm.exe is Windows exe file.
MD5:P6AwfI8dT2WKi1CQ8s0EM5yK0g16Jedx
August 14th, 2011 | Posted in BitDefender, F-Prot6, McAfee | No Comments
bclm.exe has been detected as a threat. the malware initiates itself, replicating & it makes like 4000 to 6000 processes within the task manager which is freaking ridiculous.
bclm.exe sample submitted on 2011-08-15 and identified as a threat.
Alias:
Threat File: bclm.exe
Submit time:2011-08-15
Excute time:6 min 41 sec
Level of Spread:5
Level of Threat:6
type:Win32:Virtob
Filesize:35K Bytes
0K Bytes
1K Bytes
Files type
bclm.exe is [...]
August 14th, 2011 | Posted in CA, F-Secure, Kaspersky | 1 Comment
