5927hacz5ool710.dll; 59119oz-a-virusc.ocx; 57e5download9z1926.ocx; 56f754e8-d155-878e-b588-ebb344869fc5.exe; 56701spambot9cez.ocx; 55z5addware9779.exe;
55azs59ware2618.exe; 5510addw9ze1500.exe; 54e5thr9at20z36.dll; 541fste9l15z0.exe; 53594zpy76f.ocx;
5347ztea59593.dll; 52f3d59nloadzr68.exe; 51e54c7f08.sys; 51849worm621z.exe; 5159sparsz137.ocx; 51267dfe7a.sys;
51040hac9tzol3fe.exe; 5098zirusa4.exe; 4zf5vir59269.exe; 4z55thr9at15466.ocx; 4e055ownloadez20859.ocx;
4d5spzr5e389.exe; 4b589ir1865z.exe; 49c55hief1989z.dll; 497.exe; 4935spambzt9c6.ocx; 47a45hreatz3819.exe;
477cs9arse15z0.ocx; 4670.exe; 45fz5r1996.dll; 4591thiefz800.ocx; 458asparze9713.exe;
4589pa5botcz.dll; 456ddow9zoader2343.ocx; 4535thie9z73.ocx; 438z9te5l721.exe; 4342d9wnl5ader286z.dll; 4300tzr9at30956.exe;
4245spy4zf9.exe; 4209.exe; 4119.exe; 4107spy2z95.exe; 405fthief91z9.exe;
3f24spyz9re14335.dll; 3ed6backdz952765.dll; 3cfbe0e1f4.sys; 3c4zad9ware1535.dll; 3bcstea5891z.dll;
March 6th, 2010 | Posted in Kaspersky, TrendMicro | No Comments
59427.exe; uyupesiq.dll; jiffmt.dll; mediaacck.exe; netsi.exe; uyupesiq.dll;
jiffmt.dll; izekegasudevibeb.dll; eputahefozujecaz.dll; is-nor64.exe; bill102.exe Win32.Trojan.VB.ENI 4.3.2010.;
odbns.exe Win32.Trojan.Agent.MPM 4.3.2010.; wmisftl.exe; smvm232.exe; sikvnxhn.dll; 59.doc.exe; j-di_vr.exe;
fd33.exe; cbd3c7.exe; vnkgsmjexjdnrofkuia.exe .; ujdwfwqiyhyfgaoq.exe; runver2.exe;
regdllhelper.exe; oner2010.dll; nt32inf10.exe; nhdldrht.exe; iawmaqua.exe; hujeneje.dll;
e569e6.exe; dirstems.exe; atnadm.exe; a6087d.exe; a14c40.exe;
5d7d74.exe; 31f52b.exe; 7dea53.exe; e840ee.exe; f385b0.exe; 6adaa8.exe;
dc50cc.exe; dc50cc.exe; wx4d15e4.exe; wx48a701.exe; wx43410f.exe;
nt32inf10.exe; e569e6.exe; xv447c65.exe; wx63af95.exe; tx8d2fec.exe;
March 5th, 2010 | Posted in Clam, Kaspersky, NOD32 | No Comments
Threat Name: Net-Worm.Win32.kido.ih
Spread Method:
File Creation
Network Spread
Threat type:Net-Worm.Win32
Net-Worm.Win32.kido.ih first detected:2010-03-04
Virus file known is PE exe file written in C language
File Size:405K Bytes.
Behavior:Unknow behavior
Level of Spread:4
Level of Threat:5
Reported Path:D:\Program Files\
MD5:d30yBPiOxv7Ev0E0tB4prgyFp42Un4uK
SHA1..:3RChixqw21XM11mC0JT80o2n87Od7T1SMaK33281
Read the rest of this entry »
March 4th, 2010 | Posted in Kaspersky | No Comments
Kaspersky detects Backdoor.Win32.Small.ive. KIS also deleted it. Threat Name: Backdoor.Win32.Small.ive
Spread Method:
Registry Value Creation
Threat type:Backdoor.Win32
Backdoor.Win32.Small.ive first detected:18.02.2010 07:01
Virus file known is PE exe file written in C language
File Size:20K Bytes.
Behavior:Unknow behavior
Level of Spread:1
Level of Threat:2
located at C:\WINDOWS\explorer.exe
MD5:E6P118fBi1t826041y5LkfF0JmUXhsJv
SHA1..:MYx4LG2i5M78OT3V40Ys62nJq7dg5br8uH0TTOO6
Read the rest of this entry »
March 4th, 2010 | Posted in Kaspersky | No Comments
Threat Name: Trojan-Dropper.win32.Autoit.k
Spread Method:
Connection to Specific Sites
USB Disk
Registry Value Creation
Threat type:Trojan-Dropper.win32
Trojan-Dropper.win32.Autoit.k first detected:2010-03-04
When scanned, kaspersky reported one of my file contains nearly 200 virus of the type Trojan program Trojan-dropper.win32.Autoit.k on Today, 14:53
File Size:499K Bytes.
Behavior:Usualy have random filename and refers to many versions of a dynamic link library
Level of Spread:1
Level of Threat:5
Reported Path:Unkonow path
MD5:e1qPl647RHKtFobsMe88SsOv82lU27I0
SHA1..:4Lyx6T7EaiM0gw3bn4GGt0w1HP7dOFkI7m220cEf
Read the rest of this entry »
March 4th, 2010 | Posted in Ikarus, Kaspersky | No Comments
wgtqgxch.exe; viqu.exe; fq1.exe; wuiaasgaqzllrbhvthz.exe; livmlcpixfqpudivsf.exe; jixqrkzulvijqbixwlef.exe;
kindextraknob.exe; woyl.exe; fq1.exe; winkgdte.exe; winatihb.exe;
ouwi.exe; wincofhce.exe; nyy4sevq.exe; hwxtdt.exe; gdwfpcd32.sys; d7mfjqyv.exe;
ugryipoc.sys; taskengc.exe; eh1.exe; kwldypod.sys; kwroapod.sys;
ssqgw.exe; pxtdypow.sys; gusbstoi.sys; uwrdrfoc.sys; msizap.exe; z2qkcyip.exe;
awrdapod.sys; kwpyqaow.sys; uwtdapob.sys; kxliiuob.sys; 882c0ae77e.sys;
7a970201ae.sys; 7656562c9f.sys; 27704afc39.sys; bwj483p3.exe; 7a970201ae.sys; 27704afc39.sys;
z2qkcyip.exe; kwpyqaow.sys; kxliiuob.sys; winmgre.exe; eiofax.exe;
pwliapob.sys; kwaiipob.sys; kxtdapow.sys; kwlyafob.sys; pxddypoc.sys;
March 3rd, 2010 | Posted in Ikarus, Panda | No Comments
Threat Name: Trojan-Spy.Win32.Agent.bdpj
Infected copy of c:\windows\system32\DRIVERS\atapi.sys was found and disinfected
Spread Method:
Hacked Website
Malware Installation
Threat type:Trojan-Spy.Win32
Trojan-Spy.Win32.Agent.bdpj first detected:2010-03-02
Virus file known is PE exe file written in C language
File Size:385K Bytes.
Behavior:Registered as a Dynamic Link Library File
Level of Spread:3
Level of Threat:5
Reported Path:D:\Documents and Settings\[Users]\Local Settings\Temp\
MD5:c30XAOhNxu7Dv0D0sA3pqgyFol2Um3t3
SHA1..:kQCgiwpv2d8L10lB0IS88o2n87Oc7S1R4yJ23181
Read the rest of this entry »
March 2nd, 2010 | Posted in Kaspersky | No Comments
tr.exe; temp7789.exe; sshnas21.dll; puker.exe; bind1.exe; amcfjskmp.exe;
alh.exe; alf.exe; advhelp.dll; tgt.exe; herss.exe;
cvasds0.dll; am.exe; x.exe; x.exe; mspdb12.dll; pwtdqpob.sys;
kfaoqfoc.sys; rzm.exe; pxryiaob.sys; pdfupd.exe; kxliiuob.sys;
jinyehh.exe; winktkmg.exe; tlr.exe; winvrlgal.exe; winumbshr.exe; winafkui.exe;
winacnew.exe; w9616d.exe; w19a29e4.exe; winpefwj.exe; winoqdppw.exe;
rrehc.exe; im1.exe; wineqsq.exe; winqvgu.exe; winyimmje.exe; winctyoh.exe;
w9b1cf.exe; rfwl.exe; beubfu.exe; winqxlut.exe; ycl.exe;
winyrvk.exe; winlqjl.exe; iuucgk.exe; kzd.exe; akqp.exe;
March 2nd, 2010 | Posted in McAfee, TrendMicro | No Comments
Trojan-GameThief.Win32.Magania.cjqd
Threat Name: Trojan-GameThief.Win32.Magania.cjqd
Different descriptin:Net-Worm.SillyFDC [PCTools]
W32.SillyFDC [Symantec]
Trojan-GameThief.Win32.Magania.cjqd [Kaspersky Lab]
PWS-Mmorpg!ha [McAfee]
Mal/Taterf-B, Mal/Taterf-A [Sophos]
Worm:Win32/Taterf.B [Microsoft]
Dropper/OnlineGameHack.116183 [AhnLab]
Spread Method:
Windows Vulnerability
E-Mail
detect files name: C:\nds0q.exe
%Temp%\cvasds0.dll
%Temp%\cvasds1.dll
%Temp%\cvasds2.dll
%Temp%\herss.exe
c:\nds0q.exe
c:\autorun.inf
The newly created Registry Value is:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
cdoosoft = “%Temp%\herss.exe”
Threat type:Trojan-GameThief.Win32
Trojan-GameThief.Win32.Magania.cjqd first detected:2010-02-28
Virus file known is Unkown type
File Size:587K Bytes.
Behavior:Attempted Connection to External Sites
Level of Spread:2
Level of Threat:6
Reported Path:Unkonow path
MD5:i2ttoV6YuKowIsevPh0BV7r0D45X30M1
SHA1..:5Oc08wYh1lp2kb4eq5JjxE0HlTWgRInL8q3311hi
Read the rest of this entry »
February 28th, 2010 | Posted in NOD32, TrendMicro | No Comments
Threat Name: Trojan.Win32.Fraudpack.amau
Description as :Trojan.Win32.Fraudpack.amau in C:\Documents and Settings\Local Settings\TEMP\7.682492419092743E8.EXE. Kaspersky seems to have quarantined it the day it detected it. But the next day it pops up again multiple times, along with the following:
Trojan.Win32.FraudPack.ambs in C:\Documents and Settings\Local Settings\TEMP\2.0650159810297944E7.EXE
Trojan.Win32.FraudPack.ambs in C:\Documents and Settings\Local Settings\Application Data\av.exe
Trojan.Win32.FraudPack.ambs in C:\Documents and Settings\Local Settings\Application Data\MSASCui.exe
Trojan.Win32.FraudPack.amau in C:\Documents and Settings\Local Settings\Application Data\mtg.exe
Trojan. Downloader - C:\WINDOWS\system32\braviax.exe
Spread Method:
E-Mail
Malware Installation
Threat type:Trojan.Win32
Trojan.Win32.Fraudpack.amau first detected:2010-02-28
Virus file known is PE EXE file written in Java
File Size:342K Bytes.
Behavior:Propagation via P2P networks
Level of Spread:3
Level of Threat:4
Reported Path:c:\System Volume Information\ _restore…\
MD5:A28WXNGMvS7Bt8BxRX3npEWDmk1Sk3s3
SHA1..:iPAeguot1b7J00j8aGQ78mfl76Mb6R053xI22dv1
Read the rest of this entry »
February 28th, 2010 | Posted in Kaspersky | No Comments
