Removed: winrev.exe
Malware: Removed: C:\Documents and Settings\Administrator\Application Data\windowx58h\winrev.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.26 – Kaspersky 7.0.0.125 2010.03.26 Trojan-Dropper.Win32.VB.alxr McAfee 5931 2010.03.25 – Microsoft 1.5605 2010.03.26 – NOD32 4976 2010.03.26 Win32/PSW.VB.NER —————————————————————————————————————————- Additional information File size: 151564 bytes MD5 : b2df5e041318f810b8b81397975e52e4 SHA1 : 11665366628eb31a304b19067a7e78387a630f79 SHA256: a59a439157b04369a6a4e8558292cc515bf29d62522dc34c8e70902aac4571d0 —————————————————————————————————————————- Installation When the program is executed, [...]
Removal Tool
Restored: ATAPI.SYS
Malware: C:\sand-box\browser-player.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.26 Trojan.TDss.ABP Kaspersky 7.0.0.125 2010.03.26 Trojan.Win32.Tdss.ayhi McAfee 5931 2010.03.25 DNSChanger.as Microsoft 1.5605 2010.03.26 Trojan:Win32/Alureon.CT NOD32 4975 2010.03.25 a variant of Win32/Kryptik.DDG —————————————————————————————————————————- Additional information File size: 82432 bytes MD5 : c5d16aa2b08f1cc67df20011fc37d19f SHA1 : d1313bb9c67688bd093daf2d6a6160a35dd289eb SHA256: 5cd8b34b1dc1d486b9a31193aff9a209d7f91863a39312ea59e738d13715a90c —————————————————————————————————————————- Installation When the program is executed, it creates [...]
Removal Tool
Removed: One.sys, kav.exe
Malware: C:\sand-box\aaa.exe Removed: C:\WINDOWS\system32\drivers\One.sys C:\WINDOWS\system32\kav.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.27 – Kaspersky 7.0.0.125 2010.03.27 Backdoor.Win32.Nihem.aa McAfee 5932 2010.03.26 Downloader-CGR Microsoft 1.5605 2010.03.27 TrojanDownloader:Win32/Dogrobot.D NOD32 4978 2010.03.26 Win32/AntiAV.NEY —————————————————————————————————————————- Additional information File size: 35328 bytes MD5 : 24de2260548f5892398f0b0c14e57f45 SHA1 : f515591fcc750c90d5e6b81d742720ddbdd7b234 SHA256: 5939305005a3b724863e7fc54b83cbe1a30f60d5acb28bf682acc5b303a38bee —————————————————————————————————————————- Installation When the program is executed, it [...]
Removal Tool
Removed: ashxPaFtu.dll , a2ne6iefh.exe (random filnames) (Fake AV – Virus Protector)
Malware: flash_player_10.35.exe Removed: c:\WINDOWS\system32\ashxPaFtu.dll (random filnames) C:\WINDOWS\system32\a2ne6iefh.exe (random filnames) —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.28 – Kaspersky 7.0.0.125 2010.03.28 – McAfee 5933 2010.03.27 – Microsoft 1.5605 2010.03.28 – NOD32 4978 2010.03.26 – —————————————————————————————————————————- Additional information File size: 74113 bytes MD5 : 69dfc0f1ab8ccf2f59af86f22e70f79e SHA1 : fd9252bc788ccb95f98267179fe445e8b0cefdf9 SHA256: 2707b61f3b97aa78107f00e50da11079500df446bddd6d71a262267a6e6bddc0 —————————————————————————————————————————- Installation When the [...]
Removal Tool
Removed: spoolsv.exe
Malware: hallmark-card.exe Removed: C:\WINDOWS\Temp\spoolsv\spoolsv.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.30 Backdoor.Zapchast.PF Kaspersky 7.0.0.125 2010.03.30 Backdoor.IRC.Zapchast.zwrc McAfee 5935 2010.03.29 potentially unwanted program IRC/Client Microsoft 1.5605 2010.03.30 Backdoor:Win32/IRCFlood NOD32 4984 2010.03.30 REG/RunKeys.NAA —————————————————————————————————————————- Additional information File size: 933588 bytes MD5 : a467b04cfabc4fd2bf9e8a39c5d8ff3d SHA1 : c89a35f99768a2431b0ce3145b159c8c8db9f7f1 SHA256: 107e0fe14c686942fbd748e1d22cdacd82745d30bfb855ceaf465aeba8d3cbf3 —————————————————————————————————————————- Installation When the program is [...]
Removal Tool
Restored: ATAPI.SYS
Malware: C:\sand-box\setup.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.30 – Kaspersky 7.0.0.125 2010.03.30 Trojan-Dropper.Win32.TDSS.ah McAfee 5935 2010.03.29 – Microsoft 1.5605 2010.03.30 – NOD32 4983 2010.03.29 – —————————————————————————————————————————- Additional information File size: 158208 bytes MD5 : 97924335f34b0e8a0a1ffe4f00db5398 SHA1 : 33e2d222f55750d5c7c8649c7a3754df2b8db433 SHA256: 8733c2b617f23c4ef829521af3300a7f8d330ef86c11d5eb0041cfeee320b18d —————————————————————————————————————————- Installation When the program is executed, it creates [...]
Removal Tool
Removed: rxms.pio
Malware: C:\sand-box\file.exe Removed: C:\WINDOWS\system32\rxms.pio —————————————————————————————————————————- Classification: 2 Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.26 – Kaspersky 7.0.0.125 2010.03.25 – McAfee 5931 2010.03.25 – Microsoft 1.5605 2010.03.26 TrojanDropper:Win32/Oficla.G NOD32 4975 2010.03.25 a variant of Win32/Kryptik.DHG —————————————————————————————————————————- Additional information File size: 59392 bytes MD5 : 0ef93cd209526a80e73b08820fd6d7b2 SHA1 : f008b60528aa39615bf6f1caa41a559686a46259 SHA256: 63f1421b7af2c5aefbdd5819ced8e13173eeeffc3097b6acb084850cc67e22d3 —————————————————————————————————————————- Installation When the program [...]
Removal Tool
Removed: services.exe, msbyylfy.dll (random filname)
Malware: C:\sand-box\erdown.exe Removed: C:\WINDOWS\fonts\services.exe C:\WINDOWS\system32\msbyylfy.dll (random filname) —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.27 Suspicious:W32/Malware!Gemini Kaspersky 7.0.0.125 2010.03.27 Trojan-Downloader.Win32.Genome.apng McAfee 5932 2010.03.26 – Microsoft 1.5605 2010.03.27 – NOD32 4978 2010.03.26 a variant of Win32/PSW.WOW.NOP —————————————————————————————————————————- Additional information File size: 18432 bytes MD5 : 4a7bbd7e0de0c56704d034722182aec4 SHA1 : 920bfe65bcf08399ec4a6b851b91760e26669bfd SHA256: 72c7dc5d668c254451c619aa925cea61a48deae46c59d33e5f82135dab884245 —————————————————————————————————————————- Installation When the program is [...]
Removal Tool
Removed: iasdewqx.exe
Malware: antirap.exe Removed: C:\WINDOWS\system32\iasdewqx.exe (Random file name each time you start Windows.) —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.27 Gen:Trojan.Heur.Hype.lq0@aeouoFfi Kaspersky 7.0.0.125 2010.03.27 Trojan-Downloader.Win32.Injecter.dpr McAfee 5933 2010.03.27 Generic Downloader.x!ddi Microsoft 1.5605 2010.03.27 Trojan:Win32/Malagent NOD32 4978 2010.03.26 Win32/Agent.QVQ —————————————————————————————————————————- Additional information File size: 195584 bytes MD5 : 59ea3dac43856ce6f3946f3eb871ab8a SHA1 : 4df81ff5a96cf7f72a93a35a74a96b6fb550be34 SHA256: f9c2622342e3d1eca122da6a9b4bbb82458bf0458316d6b61b70de3205c9d013 —————————————————————————————————————————- Installation When [...]
Removal Tool
Removed: adsnwv.exe (random filename)
Malware: update.exe Removed: C:\WINDOWS\system32\adsnwv.exe (random filename) —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.27 Suspicious:W32/Malware!Gemini Kaspersky 7.0.0.125 2010.03.27 Backdoor.Win32.IRCNite.gk McAfee 5932 2010.03.26 – Microsoft 1.5605 2010.03.26 Trojan:Win32/Meredrop NOD32 4978 2010.03.26 Win32/IRCBot.NBC —————————————————————————————————————————- Additional information File size: 63488 bytes MD5 : 10088d837220b21ddfc4da518b088147 SHA1 : ad268e64172bff50fadef4dc95e2a7f92edfede7 SHA256: 29d08d1443aa24d50102b47f51abe60a9e3625345742426f85dcc7389b6393ab —————————————————————————————————————————- Installation When the program is executed, [...]
Removal Tool
Removed: ACTIVE.EXE
Malware: C:\SAND-BOX\ACTIVE.EXE Removed: C:\SAND-BOX\ACTIVE.EXE —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.27 Backdoor:W32/PoisonIvy.gen!A Kaspersky 7.0.0.125 2010.03.27 Backdoor.Win32.Poison.pg McAfee 5932 2010.03.26 BackDoor-DSS.gen.a Microsoft 1.5605 2010.03.27 Backdoor:Win32/Poisonivy.H NOD32 4978 2010.03.26 Win32/Poison.NAE —————————————————————————————————————————- Additional information File size: 9728 bytes MD5 : 56a9737e9205a3af1521dfda6fbb7396 SHA1 : ea89ff1a542c1f126e350f91eee97965d51120d3 SHA256: a105d75c1fa14cb7c66d398f7ee27a3507e7aaceabbd827404774de02d037b97 —————————————————————————————————————————- Installation When the program is executed, it creates [...]
Removal Tool
Removed: qtplugin.exe
Malware: paints10.exe Removed: C:\WINDOWS\system32\qtplugin.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.25 – Kaspersky 7.0.0.125 2010.03.25 – McAfee 5930 2010.03.24 – Microsoft 1.5605 2010.03.25 Trojan:Win32/Meredrop NOD32 4973 2010.03.25 Win32/PSW.Delf.NWB —————————————————————————————————————————- Additional information File size: 604160 bytes MD5 : 3e17bde3ac4c7d519159f95f018573a4 SHA1 : a15c0ba7310bc7495c0192cb3286e5206aabfbea SHA256: 5e1698cb96e6156155f660c6f74d659b33c8a73135e4c272fd05e25b1ccf42e6 —————————————————————————————————————————- Installation When the program is executed, it creates [...]
Removal Tool
Removed: MsMxEng.exe
Malware: drweb32.exe Removed: C:\RECYCLER\S-1-5-21-0253694876-1249060442-867131471-1179\MsMxEng.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.01 – Kaspersky 7.0.0.125 2010.02.01 – McAfee 5878 2010.01.31 – Microsoft 1.5406 2010.02.01 – NOD32 4823 2010.02.01 a variant of Win32/Injector.ATV —————————————————————————————————————————- Additional information File size: 251911 bytes MD5 : 8debd0f8b55595f4890ada9e9e2e3708 SHA1 : f08b75beca3cee036e68e66521913f4f9e1dcb31 SHA256: bd9cf298ee3321d305c68d34a937d10343b10b583e5180a0fa87532e4933fd55 —————————————————————————————————————————- Installation When the program is [...]
Removal Tool
Removed: rpopv.exe (filename randomly)
Malware: C:\sand-box\admin.exe Removed: C:\WINDOWS\system32\rpopv.exe (filename randomly) —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.26 Suspicious:W32/Malware!Gemini Kaspersky 7.0.0.125 2010.03.26 Trojan.Win32.Pincav.xux McAfee 5932 2010.03.26 PWS-Mmorpg!ne Microsoft 1.5605 2010.03.26 PWS:Win32/Magania.gen NOD32 4978 2010.03.26 Win32/PSW.Gamania.NCK —————————————————————————————————————————- Additional information File size: 53248 bytes MD5 : b302673f5c7cb13a6dc3dbaa1e26104d SHA1 : 25b305f26164341672edd48a60927f11f3f85d92 SHA256: cee9c434a95b4080b6d51fe1cdb45b8022f93bba3ebccbfef52ac1b22e1d871b —————————————————————————————————————————- Installation When the program is executed, [...]
Removal Tool
Removed: cwsq.sys, RtPW.dll (filename randomly)
Malware: image.jpg.exe Removed: C:\WINDOWS\system32\drivers\cwsq.sys C:\WINDOWS\system32\RtPW.dll —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.25 Suspicious:W32/Malware!Gemini Kaspersky 7.0.0.125 2010.03.25 – McAfee 5930 2010.03.24 – Microsoft 1.5605 2010.03.25 Backdoor:Win32/Koutodoor.C NOD32 4972 2010.03.24 – —————————————————————————————————————————- Additional information File size: 70656 bytes MD5 : 1950e36840527f3c089b0a766aaa27f0 SHA1 : 48b3c2011295009c20edc9ce56bf7ff2a7c34f08 SHA256: 9a6db096faa696cc4020e428697ee380de73828c773f29b49f48b5664ffbf913 —————————————————————————————————————————- Installation When the program is executed, it [...]
Removal Tool
Removed: webserver.exe
Malware: 89f1d5f0030856ce231817b895eda362.exe Removed: C:\Program Files\webserver\webserver.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.27 Gen:Trojan.Heur.GZ.amGfbu9frXn Kaspersky 7.0.0.125 2010.03.26 P2P-Worm.Win32.Palevo.xfo McAfee 5932 2010.03.26 W32/Koobface.worm.gen.e Microsoft 1.5605 2010.03.26 Trojan:Win32/Koobface.gen!B NOD32 4978 2010.03.26 Win32/TrojanProxy.Small.NEB —————————————————————————————————————————- Additional information File size: 15360 bytes MD5 : d5db0c2908d025c792231901deeacf42 SHA1 : a945753725b8d8f7484edb735f54cc79e1ef79ed SHA256: 1108276c9773c90d617a96603981624160d8948e6992038eca7826f7700dc397 —————————————————————————————————————————- Installation When the program is executed, it creates the following [...]
Removal Tool
Removed: bill104.exe
Malware: C:\sand-box\b0bef6526619d239f4ebf436adf69e24.exe Removed: C:\WINDOWS\bill104.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.27 – Kaspersky 7.0.0.125 2010.03.26 Net-Worm.Win32.Koobface.fyn McAfee 5932 2010.03.26 Generic Spy.e Microsoft 1.5605 2010.03.26 VirTool:Win32/VBInject.gen!DG NOD32 4978 2010.03.26 Win32/Koobface.NCT —————————————————————————————————————————- Additional information File size: 71680 bytes MD5 : 7aab063c2b270f335ff91b288530bad0 SHA1 : 6e0a25c702b2e37407fbb8e4cd41ed7a46f58f49 SHA256: d55a9f0b78710f44079768b618a11a05cd71bec61d7a9d3117aa1dbb2a37196b —————————————————————————————————————————- Installation When the program is executed, it [...]
Removal Tool
Removed: windump.exe, Svechost.exe
Malware: C:\sand-box\load.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\windump.exe C:\WINDOWS\system32\Svechost.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.25 Gen:Trojan.Heur.Hype.kq0@auFXULmi Kaspersky 7.0.0.125 2010.03.25 Trojan.Win32.Scar.bxvh McAfee 5930 2010.03.24 – Microsoft 1.5605 2010.03.24 – NOD32 4972 2010.03.24 a variant of Win32/Injector.BDW —————————————————————————————————————————- Additional information File size: 177152 bytes MD5 : a04da9805c49fae7b437210201771b14 SHA1 : ca606d7c8eed33f50eadf3bb0b578eef58d955a4 SHA256: e042f3896f9ca655808a6b716561b3f6bd4f910bede1ca9a6446343da6772c43 —————————————————————————————————————————- Installation [...]
Removal Tool
Removed: intro_hiding.dll
Malware: load.exe Removed: C:\WINDOWS\system32\intro_hiding.dll —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.25 Suspicious:W32/Malware!Gemini Kaspersky 7.0.0.125 2010.03.25 Trojan.Win32.Agent2.cpwr McAfee 5931 2010.03.25 – Microsoft 1.5605 2010.03.25 Trojan:Win32/Malagent NOD32 4975 2010.03.25 Win32/Delf.NQE —————————————————————————————————————————- Additional information File size: 58880 bytes MD5 : aff3a3375747eb984f6e3bef1082aa6c SHA1 : 53f0e34bf4c5ce74e66c4a8b3084b36ccb924d93 SHA256: e95c2048c923b66cd98d078843bd1e47c25ec021a706093cf89a99fb7d94a6f6 —————————————————————————————————————————- Installation When the program is executed, it creates [...]
Removal Tool
Removed: wmfcgr.exe (filename randomly)
Malware: e5ad9814df907e9e1d1490b9d23bf456.exe Removed: C:\RECYCLER\S-1-5-21-8755532886-2138942026-864167170-2676\wmfcgr.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.26 – Kaspersky 7.0.0.125 2010.03.26 P2P-Worm.Win32.Palevo.ymc McAfee 5931 2010.03.25 Generic.dx!pof Microsoft 1.5605 2010.03.26 VirTool:Win32/VBInject.DN NOD32 4976 2010.03.26 a variant of Win32/Injector.BBZ —————————————————————————————————————————- Additional information File size: 200704 bytes MD5 : 07cbf08f500096cd7698c9f5fa44edad SHA1 : 98ae32d9abff6b629d4933f60cd2953e12a43204 SHA256: 5d91324e32124befa690a611c9ed2c609c5e0785c6efbb185e62f9fc05df21f7 —————————————————————————————————————————- Installation When the program is [...]
Removal Tool
Removed: ihnqp.url (filename randomly)
Malware: tbe.exe Removed: C:\Documents and Settings\All Users\ihnqp.url (filename randomly) —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.24 Dropped:Packer.Malware.NSAnti.1 Kaspersky 7.0.0.125 2010.03.24 Trojan.Win32.Chifrax.qg McAfee 5930 2010.03.24 Generic.dx!paz Microsoft 1.5605 2010.03.24 Trojan:Win32/Chifrax.A NOD32 4971 2010.03.24 Win32/Redosdru.CN —————————————————————————————————————————- Additional information File size: 166866 bytes MD5 : 02bf9f780a315067d1de4bf84c30a94f SHA1 : e9244d945dd97e02bc7991250815d2548c7cd019 SHA256: eb80437dade04ef2c2e8a17cc2d0e8ce08d4b4a0cc544de97198bb27f439e36b —————————————————————————————————————————- Installation When the [...]
Removal Tool
Removed: At1.job, memm.exe (filename randomly)
Malware: pics.exe Removed: C:\WINDOWS\system32\memm.exe C:\WINDOWS\Tasks\At1.job —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.25 – Kaspersky 7.0.0.125 2010.03.25 Trojan-Dropper.Win32.Mudrop.hfa McAfee 5931 2010.03.25 Generic Dropper!ctp Microsoft 1.5605 2010.03.25 – NOD32 4974 2010.03.25 Win32/TrojanDropper.Agent.OQK —————————————————————————————————————————- Additional information File size: 227840 bytes MD5 : bd640fac06a1c1984124b3dfc1830b77 SHA1 : 64f628e0a085e1cc7786a58bc202b0b7efc95bf5 SHA256: 7f5a7e5bce8c94d2af9ad022d8367bd88362fb37dc03406c8933056135c60b68 —————————————————————————————————————————- Installation When the program is executed, [...]
Removal Tool
Removed: _VOIDD.SYS, USREXT.DLL, FONTVIEWXP.EXE, USRPROT.EXE (Fake AV – User Protection, aka Antivirus XP 2010)
Malware: C:\sand-box\adobeflashplayerv10.0.45.2.exe Removed: C:\WINDOWS\_VOIDEQQHXRNIXR\_VOIDD.SYS C:\PROGRA~1\USERPR~1\USREXT.DLL C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\FONTVIEWXP.EXE C:\PROGRAM FILES\USER PROTECTION\USRPROT.EXE —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.25 Trojan-Downloader:W32/Agent.OBP Kaspersky 7.0.0.125 2010.03.25 – McAfee 5930 2010.03.24 – Microsoft 1.5605 2010.03.25 – NOD32 4972 2010.03.24 Win32/TrojanDownloader.FakeAlert.AVO —————————————————————————————————————————- Additional information File size: 20992 bytes MD5 : 9e446c421b0e8b121069836936d898a9 SHA1 : 2440e2a763a22017768d827a441bf59a3ee35d12 SHA256: abf966786b2151ce463d085c25645a75f94041242004882ae2b3f400d61f64b6 —————————————————————————————————————————- Installation When the [...]
Removal Tool
Removed: lsass.exe, odbnsy.exe, sms.exe, svc.exe, svw.exe
Malware: 55ttr.exe Removed: C:\WINDOWS\lsass.exe C:\WINDOWS\odbnsy.exe C:\WINDOWS\sms.exe C:\WINDOWS\svc.exe C:\WINDOWS\svw.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.24 – Kaspersky 7.0.0.125 2010.03.24 – McAfee 5930 2010.03.24 – Microsoft 1.5605 2010.03.24 TrojanDropper:Win32/Microjoin.gen!B NOD32 4971 2010.03.24 a variant of Win32/Kryptik.DFO —————————————————————————————————————————- Additional information File size: 2015744 bytes MD5 : 769c38d76e3e99a0fbf4ea58b071b371 SHA1 : 5e9c127892ccfc6df9aabd0e739749382fdc2dc5 SHA256: b6472da2cc868ec09c472acec226d95ac04e0a322db4b9b3ea61c38e5768435b —————————————————————————————————————————- Installation [...]
Removal Tool
Removed: abiautsh.dll
Malware: C:\sand-box\software.exe Removed: C:\WINDOWS\system32\abiautsh.dll —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.24 Suspicious:W32/Malware!Gemini Kaspersky 7.0.0.125 2010.03.24 Trojan.Win32.Inject.aoae McAfee 5929 2010.03.23 – Microsoft 1.5605 2010.03.24 Trojan:Win32/Pucodex.A NOD32 4969 2010.03.23 Win32/Spy.Agent.NRE —————————————————————————————————————————- Additional information File size: 78336 bytes MD5 : 075b56077921864e43a6f1c753580474 SHA1 : a6e01c960b12aa641940b7d00a2a6e37f7094c4d SHA256: 8b8588594f0455ed9647b751c958a3c5ecc924e69e7b1fad0c4d38ab0b3b752f —————————————————————————————————————————- Installation When the program is executed, it creates the following registry [...]
Removal Tool
Removed: REGSRV.EXE, STDRT.EXE
Malware: 48545af0b55a8704de5a2916d40e1763.exe Removed: C:\WINDOWS\SYSTEM\REGSRV.EXE C:\WINDOWS\TEMP\MRT2.TMP\STDRT.EXE —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.17 – Kaspersky 7.0.0.125 2010.03.17 Hoax.Win32.BadJoke.Formatter.j McAfee 5922 2010.03.16 – Microsoft 1.5605 2010.03.17 – NOD32 4950 2010.03.16 – —————————————————————————————————————————- Additional information File size: 675033 bytes MD5 : 6c4661d4d840f5903381c5dc66382aef SHA1 : 94fd4657cedf276724c8c66cd4ec6571bfa5ab2c SHA256: 9cbd2f51a1102b69a78f2522325048c23de53acb33bc333d236567c0fa0505fb —————————————————————————————————————————- Installation When the program is executed, it [...]
Removal Tool
Removed: ave.exe (FakeAV – XP AntiMalware 2010, aka Antivirus XP 2010)
Malware: C:\sand-box\3af31e07dde54af9a849a1f6256328ca.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Application Data\ave.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.23 – Kaspersky 7.0.0.125 2010.03.22 – McAfee 5928 2010.03.22 – Microsoft 1.5605 2010.03.22 Trojan:Win32/FakeRean NOD32 4966 2010.03.22 a variant of Win32/Kryptik.DFO —————————————————————————————————————————- Additional information File size: 204800 bytes MD5 : 0e127b49bf372a4189b59f7aae0555f6 SHA1 : b1a8342910c546bd117e7bafd508e68fdc380207 SHA256: 1db7faf308fde71a50a937e2aa82960d3d318fd154670874584f2a651633097c —————————————————————————————————————————- Installation [...]
Removal Tool
Removed: plugin.exe (Locker)
Malware: n002102807r0019Rd111be33X0ee8f3ecY45492f8bZ070f0120316P000500071[1].exe Removed: C:\Program Files\plugin.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.19 – Kaspersky 7.0.0.125 2010.03.19 Trojan-Ransom.Win32.PornoBlocker.rh McAfee 5924 2010.03.18 – Microsoft 1.5605 2010.03.19 – NOD32 4957 2010.03.19 – —————————————————————————————————————————- Additional information File size: 374784 bytes MD5 : d67b3c6c3db208a9db85b0cf5c3859c5 SHA1 : aabe35b8bb15c13e87b26736f61dda40cc8b81b9 SHA256: 37904ada715cc879d45cd3cdf6ac042a7f006ced615d783d9ea72c449029ef92 —————————————————————————————————————————- Installation When the program is executed, it [...]
Removal Tool
Removed: TWAIN32.EXE
Malware: Sexosbbb10.com.exe Removed: C:\WINDOWS\TWAIN32.EXE —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.22 Gen:Trojan.Heur.PT.bm0@beU@@9ni Kaspersky 7.0.0.125 2010.03.22 Trojan-Downloader.Win32.Agent.djis McAfee 5928 2010.03.22 – Microsoft 1.5605 2010.03.22 TrojanDownloader:Win32/Small.gen!AO NOD32 4966 2010.03.22 a variant of Win32/TrojanDownloader.VB.NUI —————————————————————————————————————————- Additional information File size: 24576 bytes MD5 : 09c92f87fad60342a8f55a0629078ad9 SHA1 : 11ff052eda2b5b02231ab9d330bdae4dfb409cf8 SHA256: 3937e9df0e0d6b015b36832934e6431dc0025eb3e4b276c6f8c08133bfb31860 —————————————————————————————————————————- Installation When the program is [...]
Removal Tool
Removed: 0040.DLL
Malware: Browser_Update.exe Removed: C:\WINDOWS\system32\0040.DLL —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.23 – Kaspersky 7.0.0.125 2010.03.23 Trojan-Spy.Win32.Insain.mi McAfee 5929 2010.03.23 – Microsoft 1.5605 2010.03.23 TrojanDropper:Win32/Witkinat.A NOD32 4969 2010.03.23 Win32/Witkinat.A —————————————————————————————————————————- Additional information File size: 40832 bytes MD5 : 99305d34ad7a4e62bf1bfe397c2b3e32 SHA1 : e65f1dcb09e1450c6e754e5ddf7a6254a91666f8 SHA256: dd28c72f85095d7529be974de3c8ef175eb2bb60599fff49c111115d37925ec1 —————————————————————————————————————————- Installation When the program is executed, it creates [...]
Removal Tool
- Remember: the best way to remove rootkits is from the outside!
