Tag Archives: Olmarik

Restored: WS2IFSL.SYS (trojan TDSS/Alureon/Olmarik)

Malware: C:\sand-box\Ultimate Codes.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS —————————————————————————————————————————- Detected by RegRun Warrior: Item Name: WS2IFSL.SYS Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS Type: Detected using Heuristic Algorithm The original WS2IFSL.SYS has been successfully restore using RegRun Warrior from the Windows installation CD. Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 […]
More…

Restored: INTELIDE.SYS (trojan TDSS/Alureon/Olmarik)

Malware: C:\sand-box\1.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\INTELIDE.SYS —————————————————————————————————————————- Detected by UnHackMe: Item Name: INTELIDE.SYS Related File: C:\WINDOWS\SYSTEM32\DRIVERS\INTELIDE.SYS Type: Detected using Heuristic Algorithm The original INTELIDE.SYS has been successfully restore using RegRun Warrior from the Windows installation CD. Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.05.20 Trojan.TDss.ADZ Kaspersky 7.0.0.125 2010.05.20 […]
More…

Restored: DISK.SYS (infected by Alureon/TDSS/Olmarik)

Malware: C:\sand-box\in.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS —————————————————————————————————————————- Detected by RegRun Warrior: Item Name: DISK.SYS Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS Type: Detected using Heuristic Algorithm The original DISK.SYS has been successfully restore using RegRun Warrior from the Windows installation CD. Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.05.12 […]
More…

Removed: PRAGMAd.sys (variant of TDSS trojan – Alureon/Olmarik)

Malware: C:\sand-box\install01.exe Removed: C:\WINDOWS\PRAGMAqipfvcxnqq\PRAGMAd.sys —————————————————————————————————————————- After first reboot detected by UnHackMe: Item Name: PRAGMAqipfvcxnqq Author: Related File: C:\WINDOWS\PRAGMAQIPFVCXNQQ\PRAGMAD.SYS Type: Services detected by Partizan Removal Results: Success Number of reboot: 2 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.05.11 Gen:Variant.TDss.20 Kaspersky 7.0.0.125 2010.05.11 Trojan-Downloader.Win32.FraudLoad.xcxu Microsoft 1.5703 2010.05.11 Trojan:Win32/Alureon.gen!J NOD32 5105 2010.05.11 Win32/Olmarik.YX —————————————————————————————————————————- Additional […]
More…