wmngscomcfg.exe; win-rar.exe; windrivxxx.exe; windowshop.dll; windowrlsp.exe;
weficheck.dll; webvaccine.exe; tempdecrypted.exe; syslist.exe; sysintm.dll; svhostr.exe;
supporterlink13.exe; suf.sys; suf.dll; srchasm.dll; spsrvs.exe;
spanalysis.dll; snatch.exe; shk_v10.dll; scvhoct_updata.exe; scsrr.exe; schosts.sfx.exe;
safe-mode.exe; ranksupporter.dll; postcard.scr.exe; postalparati.wma.exe; opeb.exe;
ope17.exe; nambui.exe; nambui.dll; mvreport.exe; mvreg.exe; mvmonremote.dll;
mvmon.exe; mvfilterdriver.sys; mvautoupdate.exe; mvassist.exe; mvaccineengine.dll;
mvaccine.exe; mtransito.exe; mspk.sys; msdwab.exe; msconfig_settings.exe; mmsys.exe;
mkdrv.sys; microsft.exe; mevnusdeu.dll; lunchers.exe; justplu.exe;
August 24th, 2010 | Posted in McAfee | 1 Comment
This article tell you the Trojan with the name Trojan-Clicker.Win32.Agent.ntx description. What is Trojan-Clicker.Win32.Agent.ntx and Trojan-Clicker.Win32.Agent.ntx removal.
Threat Name: Trojan-Clicker.Win32.Agent.ntx
Spread Method:
Malware Installation
Modify the registry:
HKEY_CURRENT_USER\Software\Microoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel\{871C5380-42A0-1069-A2EA-08002B30309D}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu\{871C5380-42A0-1069-A2EA-08002B30309D}
Threat type:Trojan-Clicker.Win32
Trojan-Clicker.Win32.Agent.ntx first detected:2010-08-24
Virus file known is dll file as:
C:\Documents and Settings\Administrator\Desktop\INTERNAT EXLPORER.lnk
C:\Documents and Settings\Administrator\LOCAL SETTINGS\TEMP\INSTALLSTAT.EXE
C:\Documents and Settings\Administrator\LOCAL SETTINGS\TEMP\KK.ILL
C:\Documents and Settings\Administrator\LOCAL SETTINGS\TEMP\STATISTICS.DLL
C:\Program Files\INTERNET EXPLORER\CONNECTION WIZARD\WEB.ICW
C:\Program Files\MICROSOFT\IN
C:\Program Files\MICROSOFT\PACK.DAT
C:\Program Files\MICROSOFT\T
C:\Program Files\MICROSOFT\Y.DAT
C:\Program Files\WINSAFE\33.BAT
C:\Program Files\WINSAFE\33.DAT
C:\Program Files\WINSAFE\KK.ILL
C:\Program Files\WINSAFE\WIN.DAT
C:\Program Files\WINSAFE\WIN.ILL
File Size:78K Bytes.
Behavior:sends a request to IP address
Level of Spread:1
Level of Threat:2
Reported Path:Unkonow path
MD5:pcbOOJ5l6PFJrDMyQKC775qMt82jS17G
SHA1..:833wvrR7CxgK0eu2ylkEER8u0FN6bMDi26K1eaaC
Read the rest of this entry »
August 24th, 2010 | Posted in Kaspersky | No Comments
The article tell you what is ltzqai.exe file and how to remove ltzqai.exe virus file if your computer infected this maleware.
ltzqai.exe sample submitted on 2010-08-24 and identified as a threat.
Alias:
Threat File:ltzqai.exe
Submit time:2010-08-24
Excute time:6 min 26 sec
Level of Spread:2
Level of Threat:4
type:Worm/Allaple
Filesize:43K Bytes
0K Bytes
1K Bytes
Files type
ltzqai.exe is Windows exe file.
MD5:E6P118fBi1t826041y5LkfF0JmUXhsJv
Read the rest of this entry »
August 24th, 2010 | Posted in F-Secure | No Comments
wwwrfd32.exe is what? Is wwwrfd32.exe a threat to my computer? How to remove wwwrfd32.exe virus file when my antivirus program report this malware?
wwwrfd32.exe sample submitted on 2010-08-23 and identified as a threat.
Alias:
Threat File:wwwrfd32.exe
Submit time:2010-08-23
Excute time:2 min 6 sec
Level of Spread:6
Level of Threat:2
type:TR/Crypt.CFI
Filesize:8K Bytes
0K Bytes
1K Bytes
Files type
wwwrfd32.exe is Windows exe file.
MD5:C5N007dXG0rv1p041w5IidD82jRVfQHs
Read the rest of this entry »
August 23rd, 2010 | Posted in Kaspersky | No Comments
wuaucldt.exe; vpnmon.exe; rundll32.exe; smx4pnp.dll; booaw.exe;
842000962.exe; v2.5.exe; asofsrvs.exe; alahzan.exe; 4090687.exe; 039681.exe;
xeqi.exe; d.exe; kekig.exe; ltzqai.exe; lmsn.exe;
842000962.exe; 6726754400.exe; 668887.exe; 574610337.exe; 2940951593.exe; 1055tcplmsn.exe;
1.2.1d.exe; fkwe.exe; xk1.exe; winpgoaig.exe; winansm.exe;
w8ed66.exe; w7cef6.exe; hwnvh.exe; wineqciic.exe; lrgvo.exe; winjyqjhj.exe;
winjkxwu.exe; okkp.exe; meot.exe; bwcr.exe; wksojj.exe;
winlhwplb.exe; winjenbu.exe; winsmlm.exe; w689f24.exe; w1222c2.exe; npfdxl.exe;
clhsj.exe; gtb9.tmp.exe; w791ce.exe; pwjj.exe; chvyp.exe;
August 23rd, 2010 | Posted in F-Prot6 | No Comments
tvct.exe; tprd.exe; smyfuvx.exe; lsbim.exe; mspro32.scr;
syszdcw.exe; sysyhpx.exe; systtuh.exe; sysoxvb.exe; sysnigs.exe; syskncl.exe;
sysfsyn.exe; sysenrs.exe; sysegau.exe; sysdatb.exe; scvhost.exe;
ndubz.exe; xcr.exe; xcr.exe; recsys.exe; xcr.exe; ez1.exe;
a.exe; pxtyypoc.sys; persi0.sys; ontario.exe; nav9_15d.exe;
mscc3.exe; msabtf.exe; ie6setup.exe; gxpuus.exe; eedemo.exe; wingvado.exe;
pxrdipod.sys; catchme.sys; uwtdqaow.sys; ereg.exe; mbr.sys;
iadhide5.dll; uxtdapow.sys; catchme.sys; fxloapow.sys; mbr.sys; echvtqjt.exe;
byqvjo.exe; ap.exe; ah.exe; oqv.exe; xuny.exe;
August 21st, 2010 | Posted in NOD32 | No Comments
VirTool:Win32/VBInject.AQ is a Trojan and with high harmful level. VirTool:Win32/VBInject.AQ is the detection for obfuscated malware code. It attempts to prevent the malware code from being detected by antivirus products. VirTool:Win32/VBInject.AQ is the detection for obfuscated malware code. It attempts to prevent the malware code from being detected by antivirus products. To further prevents analysis of the malware code that it can contain, it does not run in a virtual environment. The file detected as VirTool:Win32/VBInject.AQ may be in the Windows Temporary Files or Desktop folder with the file name as either program.exe or hamodi.exe. The obfuscated code contained within this tool may be virtually any malware.
Threat Name: VirTool:Win32/VBInject.AQ
Threat Name: VirTool:Win32/VBInject.AQ
Spread Method:
Hacked Website
Instant Message(MSN,Gtalk,QQ etc.)
Threat type:VirTool:Win32/VBInject
VirTool:Win32/VBInject.AQ first detected:2010-08-20
Virus file known is PE EXE file written in Basic
File Size:452K Bytes.
Behavior:Creat files in Documents and Settings\[Users]\Local Settings\Temp\
Level of Spread:1
Level of Threat:2
Reported Path:Unkonow path
MD5:6yq55181N4m6Lr6p35bFHVP7FCw3DbKa
SHA1..:B26WXNGMvTn0tsCrR83npEwDnk1Sl3s3cP0xavou
Read the rest of this entry »
August 20th, 2010 | Posted in Microsoft | No Comments
wareg51.exe make pc has been running slow for a while now, but assumed it did not have enough ram etc. Want to know full description of the wareg51.exe file please see below:
wareg51.exe sample submitted on 2010-08-20 and identified as a threat.
Alias:
Threat File:wareg51.exe
Submit time:2010-08-20
Excute time:4 min 17 sec
Level of Spread:1
Level of Threat:3
type:Win32:Alisa
Filesize:28K Bytes
Files type
wareg51.exe is Windows exe file.
MD5:F6Q118gBj278H61O2a6LlgG0JmuY3tK7
Read the rest of this entry »
August 20th, 2010 | Posted in AVG | 1 Comment
Don’t worry if your antivirus program report the xlx75bgnd.exe virus. You can remove xlx75bgnd.exe virus files according to our direction. Following is how:
xlx75bgnd.exe sample submitted on 2010-08-20 and identified as a threat.
Alias:
Threat File:xlx75bgnd.exe
Submit time:2010-08-20
Excute time:4 min 16 sec
Level of Spread:1
Level of Threat:3
type:Win32:Small
Filesize:26K Bytes
30K Bytes
12K Bytes
Files type
xlx75bgnd.exe is Windows exe file.
MD5:F6Q118fBi178H60O2y6LlgG0JmuY2tJv
Read the rest of this entry »
August 20th, 2010 | Posted in Panda | No Comments
This article tell you what is the w32time.dll and how to remove w32time.dll. Following is the full description of the file w32time.dll.
w32time.dll sample submitted on 2010-08-19 and identified as a threat.
Alias:
Threat File:w32time.dll
Submit time:2010-08-19
Excute time:3 min 11 sec
Level of Spread:6
Level of Threat:3
type:BDS/Backdoor
Filesize:17K Bytes
20K Bytes
11K Bytes
Files type
w32time.dll is a A dynamic-link library,which acts as a shared library of functions.
MD5:C5O007dYG1rv1q041w5JidE82kSWfQHt
Read the rest of this entry »
August 19th, 2010 | Posted in F-Secure | No Comments
