Removed: geurge.exe; Restored: ATAPI.SYS (worm VBNA + rootkit TDSS)
Alex NightWatcher: Solved! Fix it immediately: Malware: ren.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\geurge.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS —————————————————————————————————————————- Detected by UnHackMe: Item Name: ewrgetuj Author: Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\GEURGE.EXE Type: Registry Run Item Name: geurge.exe Author: Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\GEURGE.EXE Type: Running Processes Item Name: Rootkit: TDL3++Device:\\msuooeqx Author: Unknown Related File: Type: Devices in Memory Detected by RegRun Warrior: [...]
Restored: C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS (trojan TDSS/Alureon)
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\setup.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS —————————————————————————————————————————- Detected by UnHackMe: Item Name: ATAPI.SYS Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS Type: Detected using Heuristic Algorithm The original ATAPI.SYS has been successfully restore using RegRun Warrior from the Windows installation CD. Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last [...]
Restored: ..\SYSTEM32\DRIVERS\ATAPI.SYS
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\setup.exe —————————————————————————————————————————- Restored: C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS —————————————————————————————————————————- Detected by UnHackMe: Item Name: ATAPI.SYS Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS Type: Detected using Heuristic Algorithm The original ATAPI.SYS has been successfully restore using RegRun Warrior from the Windows installation CD. Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version [...]
Malware: 73_TDL3_24.02.2010_TDL3.27.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\73_TDL3_24.02.2010_TDL3.27.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.02 Gen:Heur.Krypt.8 Kaspersky 7.0.0.125 2010.03.02 Trojan-GameThief.Win32.Magania.cwgq McAfee 5907 2010.03.01 DNSChanger.at Microsoft 1.5502 2010.03.02 Trojan:Win32/Alureon.CT NOD32 4909 2010.03.02 a variant of Win32/Kryptik.CPZ —————————————————————————————————————————- Additional information File size: 80896 bytes MD5 : 11f1560e6f0d5f85a18dfe99b4be1174 SHA1 : 71e071761c37d94647083508d6c6c413b0ba9246 SHA256: 8115dac8ce2f5e6edf66632c1a47b7e562359838db416079a02efe7abd5e6947 —————————————————————————————————————————- Installation When the program [...]
Restored: ATAPI.SYS
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\browser-player.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.26 Trojan.TDss.ABP Kaspersky 7.0.0.125 2010.03.26 Trojan.Win32.Tdss.ayhi McAfee 5931 2010.03.25 DNSChanger.as Microsoft 1.5605 2010.03.26 Trojan:Win32/Alureon.CT NOD32 4975 2010.03.25 a variant of Win32/Kryptik.DDG —————————————————————————————————————————- Additional information File size: 82432 bytes MD5 : c5d16aa2b08f1cc67df20011fc37d19f SHA1 : d1313bb9c67688bd093daf2d6a6160a35dd289eb SHA256: 5cd8b34b1dc1d486b9a31193aff9a209d7f91863a39312ea59e738d13715a90c —————————————————————————————————————————- Installation When [...]
Restored: ATAPI.SYS
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\setup.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.30 – Kaspersky 7.0.0.125 2010.03.30 Trojan-Dropper.Win32.TDSS.ah McAfee 5935 2010.03.29 – Microsoft 1.5605 2010.03.30 – NOD32 4983 2010.03.29 – —————————————————————————————————————————- Additional information File size: 158208 bytes MD5 : 97924335f34b0e8a0a1ffe4f00db5398 SHA1 : 33e2d222f55750d5c7c8649c7a3754df2b8db433 SHA256: 8733c2b617f23c4ef829521af3300a7f8d330ef86c11d5eb0041cfeee320b18d —————————————————————————————————————————- Installation When [...]
Restored: atapi.sys
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\setup.exe Restored: C:\WINDOWS\system32\drivers\atapi.sys —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.18 Trojan.Generic.KD.4129 Kaspersky 7.0.0.125 2010.03.18 Packed.Win32.Krap.aq McAfee 5923 2010.03.17 – Microsoft 1.5605 2010.03.17 – NOD32 4953 2010.03.17 Win32/Olmarik.VE —————————————————————————————————————————- Additional information File size: 97792 bytes MD5 : d0e968377723f43aefafb39c7170d081 SHA1 : c503c38b0a1afe92750dda76cadaaaf16cefa297 SHA256: 5964a315894ed349c8a01844c33519023109c6ba477c9490e7518f8f38cdd5b2 —————————————————————————————————————————- Installation When [...]
Malware: dm.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\dm.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.15 Backdoor:W32/TDSS.EN Kaspersky 7.0.0.125 2010.03.15 Trojan.Win32.Tdss.ayec McAfee 5921 2010.03.15 – Microsoft 1.5502 2010.03.12 – NOD32 4946 2010.03.15 a variant of Win32/Kryptik.DAS —————————————————————————————————————————- Additional information File size: 78336 bytes MD5 : fc3b03ce1ff40076415e072dde8b66d0 SHA1 : 906b7ed6bc3377ca433d6e1c987f91e5a831be24 SHA256: e1f92c5f89f9d9be8e04a39605dfc126c922fb26207981301d6ddb3955d867c5 —————————————————————————————————————————- Installation [...]
Malware: file.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: file.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.15 Suspicious:W32/Malware!Gemini Kaspersky 7.0.0.125 2010.03.15 – McAfee 5920 2010.03.14 – Microsoft 1.5502 2010.03.12 – NOD32 4945 2010.03.15 a variant of Win32/Injector.BBG —————————————————————————————————————————- Additional information File size: 9728 bytes MD5 : 5910e59d592781cec3234abf57f8d000 SHA1 : 797a5b08ce2d5d8119d51d44ff16e14eaf2cba51 SHA256: 5c803a729fc41b2394209ab9e2d8d91113d0d543aeef74583d0868eb39fcd216 —————————————————————————————————————————- Installation [...]
Malware: update.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\update.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.10 Gen:Heur.Krypt.8 Kaspersky 7.0.0.125 2010.03.10 – McAfee 5915 2010.03.09 DNSChanger.as Microsoft 1.5502 2010.03.10 Trojan:Win32/Alureon.CT NOD32 4930 2010.03.09 a variant of Win32/Kryptik.CVQ —————————————————————————————————————————- Additional information File size: 81920 bytes MD5 : e599256bb0c5860e946b206195895c94 SHA1 : 9ed4479945fda02d4f2e1c1a060ee50064d5d3bc SHA256: 9fe4eadee402faa21e3f8e4e33ea7a468c79307a83a21e2381a8955709d541c1 —————————————————————————————————————————- Installation [...]
Malware: setup.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\setup.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.09 – Kaspersky 7.0.0.125 2010.03.09 – McAfee 5914 2010.03.08 DNSChanger.bb Microsoft 1.5502 2010.03.09 – NOD32 4927 2010.03.09 – —————————————————————————————————————————- Additional information File size: 133632 bytes MD5 : fb2bcd1211478df55a03a5fec5ba8906 SHA1 : 6c8ff5065c4be4e77abf7561cf731214a2d2c9b2 SHA256: a724fe0ef88064af7dbe26b29efd758aaccf21227275b3f91f7063b8c2f9b9a7 —————————————————————————————————————————- Installation When the program [...]
Malware: auto.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\auto.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.04 Gen:Heur.Krypt.8 Kaspersky 7.0.0.125 2010.03.04 – McAfee 5909 2010.03.03 DNSChanger.as Microsoft 1.5502 2010.03.04 Trojan:Win32/Alureon.CT NOD32 4913 2010.03.03 a variant of Win32/Kryptik.CPZ —————————————————————————————————————————- Additional information File size: 81408 bytes MD5 : 090d524dbae314bee4d7db36b26b0f66 SHA1 : 402dddc09ce824dc433de7b9b39762ee4ebca855 SHA256: c78064c4704ef5400b2c5b0a2d4a9ea2873b41ff880089381a6923fd2433df7d —————————————————————————————————————————- Installation [...]
Malware: ssl.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\ssl.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.05 Gen:Heur.Krypt.8 Kaspersky 7.0.0.125 2010.03.05 Trojan.Win32.Tdss.awwo McAfee 5910 2010.03.04 DNSChanger.as Microsoft 1.5502 2010.03.05 Trojan:Win32/Alureon.CT NOD32 4917 2010.03.05 a variant of Win32/Kryptik.CPZ —————————————————————————————————————————- Additional information File size: 81920 bytes MD5 : 31f17b209815a3aa8a952f24baf33c16 SHA1 : 6bfdd317b6e46cc3b7146e76eacbb8e69e0ba452 SHA256: 89a1ca7d3d9d73bd4607ef658e52ac5d30460f819a7fc5a8500fd4bdeeb7cfde —————————————————————————————————————————- Installation [...]
Malware: setup.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\setup.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.26 – Kaspersky 7.0.0.125 2010.02.26 – McAfee 5904 2010.02.26 – Microsoft 1.5502 2010.02.26 Trojan:Win32/Alureon.CT NOD32 4899 2010.02.26 a variant of Win32/Kryptik.CPZ —————————————————————————————————————————- Additional information File size: 80896 bytes MD5 : 98b8f3d7816e058b06d46b185ddc656d SHA1 : 999a5713cd49cca9c3e4208f7985811b438ebd48 SHA256: 9d379f6103aff7c95a13b8053262a747ca67274ff925ca29e11c5beeeaa2ff51 —————————————————————————————————————————- Installation [...]
Malware: 1266414078.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\1266414078.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.19 – Kaspersky 7.0.0.125 2010.02.17 – McAfee 5898 2010.02.20 Vundo.gen.cu Microsoft 1.5406 2010.02.21 Trojan:Win32/Alureon.CT NOD32 4883 2010.02.20 a variant of Win32/Olmarik.UH Symantec 20091.2.0.41 2010.02.21 VipAntiSpyware —————————————————————————————————————————- Additional information File size: 77824 bytes MD5 : dd0122d1492eadbaaa0a0e5dda34f8db SHA1 : c066b1e8db200387531d4df6b4d1629c871a8f44 [...]
Malware: dogma.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\dogma.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.17 Trojan.Generic.IS.140831 Kaspersky 7.0.0.125 2010.02.17 Trojan.Win32.Monder.cybu McAfee 5894 2010.02.16 Generic.dx!nli Microsoft 1.5406 2010.02.17 Trojan:Win32/Alureon.CT NOD32 4874 2010.02.17 a variant of Win32/Olmarik.UH Symantec 20091.2.0.41 2010.02.17 Packed.Generic.277 —————————————————————————————————————————- Additional information File size: 72704 bytes MD5 : 2ea2e8d81bce8811e38a9d2539f137af SHA1 : c90006eef27acc17bbeb86929dbd525e4078497e [...]
Malware: setup.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\setup.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.13 – Kaspersky 7.0.0.125 2010.02.14 Trojan-Dropper.Win32.Steps.ls McAfee 5892 2010.02.14 – Microsoft 1.5406 2010.02.14 Trojan:Win32/Alureon.CO NOD32 4865 2010.02.14 – Symantec 20091.2.0.41 2010.02.14 Suspicious.Insight —————————————————————————————————————————- Additional information File size: 86016 bytes MD5 : 092074474b06342e531a4cd574d69466 SHA1 : 86d581b97b87e8b40cbea5c73bc50c4657f8fa9b SHA256: 4a0885c5f5776ab44e4598571b0d49618c6558d264e87bb557d309a771fa39c2 —————————————————————————————————————————- [...]
Malware: install11.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: install11.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.03 Suspicious:W32/Riskware!Online Kaspersky 7.0.0.125 2010.02.03 not-a-virus:FraudTool.Win32.InternetAntivirusPro.as McAfee 5881 2010.02.03 FakeAlert-FQ Microsoft 1.5406 2010.02.03 Trojan:Win32/InternetAntivirus NOD32 4832 2010.02.03 a variant of Win32/Kryptik.CBJ —————————————————————————————————————————- Additional information File size: 33280 bytes MD5 : 0f159f049c04cf2cbd58b7c5c8d6f22f SHA1 : 7a3c5a492cdbf345241b3f9d4c53d6d4d6b4a8c5 SHA256: 928e3abdb4814267d773aae1648bd0fd43763ee395bcb149b3cf858891f8a2ba —————————————————————————————————————————- Installation [...]
