Tag Archives: PRAGMAD.SYS

Removed: dfrgsnapnt.exe, AVT.EXE, PRAGMAd.sys (FakeAV – Antivirus)

Malware: C:\sand-box\ad.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\dfrgsnapnt.exe C:\PROGRAM FILES\ANVI\AVT.EXE C:\WINDOWS\PRAGMAbwucbqhose\PRAGMAd.sys —————————————————————————————————————————- Detected by RegRun Warrior: 1. RegRun Reanimator: Item Name: PRAGMAbwucbqhose Author: Related File: C:\WINDOWS\PRAGMABWUCBQHOSE\PRAGMAD.SYS Type: Drivers Item Name: dfrgsnapnt.exe Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\DFRGSNAPNT.EXE Type: Registry Run Item Name: Antivirus Author: Unknown Related File: C:\PROGRAM FILES\ANVI\AVT.EXE Type: Registry Run 2. Multi AntiVirus scan: – […]
More…

Removed: wmsdk64_32.exe, C:\Program Files\AnVi\avt.exe, PRAGMAd.sys (FakeAV – Antivirus)

Malware: exe.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\wmsdk64_32.exe C:\Program Files\AnVi\avt.exe C:\WINDOWS\PRAGMAdbymdrtfti\PRAGMAd.sys —————————————————————————————————————————- Detected by RegRun Warrior: 1. RegRun Reanimator: 1.1 Item Name: PRAGMAdbymdrtfti Author: Related File: C:\WINDOWS\PRAGMADBYMDRTFTI\PRAGMAD.SYS Type: Drivers 1.2 Item Name: wmsdk64_32.exe Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\WMSDK64_32.EXE Type: Registry Run 1.3 Item Name: Antivirus Author: Unknown Related File: C:\PROGRAM FILES\ANVI\AVT.EXE Type: Registry Run 2. Multi […]
More…

Removed: AUTMGR32.EXE, wscsvc32.exe, defcnt.exe, defext.dll, PRAGMAd.sys (FakeAV – Defense Center, one of the options TDSS – PRAGMA)

Malware: C:\sand-box\WinSecurityInstaller.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\AUTMGR32.EXE C:\Documents and Settings\Administrator\Local Settings\Temp\wscsvc32.exe C:\Program Files\Defense Center\defcnt.exe C:\Program Files\Defense Center\defext.dll C:\WINDOWS\PRAGMAmbadmsbfni\PRAGMAd.sys —————————————————————————————————————————- Detected by UnHackMe: Item Name: wscsvc32.exe Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\WSCSVC32.EXE Type: Running Processes Item Name: .exe Author: Unknown Related File: “C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\AUTMGR32.EXE” /START “%1″ %* Type: Main File Extensions Item Name: SimpleShlExt Author: Unknown Related File: […]
More…

Removed: C:\WINDOWS\PRAGMAetynemqxim\PRAGMAd.sys C:\Documents and Settings\Administrator\Local Settings\Temp\AUTMGR32.EXE C:\Program Files\Defense Center\defcnt.exe (FakeAV – Defense Center aka Paladin Antivirus)

Malware: C:\sand-box\ad.exe Removed: C:\WINDOWS\PRAGMAetynemqxim\PRAGMAd.sys C:\Documents and Settings\Administrator\Local Settings\Temp\AUTMGR32.EXE C:\Program Files\Defense Center\defcnt.exe —————————————————————————————————————————- Detected by RegRun Warrior: 1. Examiner: – none – 2. RegRun Reanimator: Item Name: PRAGMAetynemqxim Author: Related File: C:\WINDOWS\PRAGMAETYNEMQXIM\PRAGMAD.SYS Type: Drivers Item Name: .exe Author: Unknown Related File: “C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\AUTMGR32.EXE” /START “%1″ %* Type: Main File Extensions Item Name: Defense Center Author: Unknown Related […]
More…

Removed: PRAGMAd.sys, cntprot.exe, wscsvc32.exe, mscdexnt.exe (FakeAV – Protection Center aka Paladin Antivirus)

Malware: C:\sand-box\ad.exe Removed: C:\WINDOWS\PRAGMAmbitqfwbxt\PRAGMAd.sys C:\Program Files\Protection Center\cntprot.exe C:\Documents and Settings\Administrator\Local Settings\Temp\wscsvc32.exe C:\Documents and Settings\Administrator\Local Settings\Temp\mscdexnt.exe —————————————————————————————————————————- After first reboot detected by UnHackMe: Item Name: PRAGMAmbitqfwbxt Author: Related File: C:\WINDOWS\PRAGMAMBITQFWBXT\PRAGMAD.SYS Type: Services detected by Partizan Item Name: Protection Center Author: Unknown Related File: C:\PROGRAM FILES\PROTECTION CENTER\CNTPROT.EXE Type: Registry Run Item Name: wscsvc32.exe Author: Microsoft Corporation Related […]
More…

Removed: PRAGMAd.sys, wsdkrlxp.exe (variant of TDSS trojan)

Malware: C:\sand-box\ad.exe Removed: C:\WINDOWS\PRAGMAnlpcbvtkpy\PRAGMAd.sys C:\Documents and Settings\Administrator\Local Settings\Temp\wsdkrlxp.exe —————————————————————————————————————————- After first reboot detected by UnHackMe: Item Name: PRAGMAnlpcbvtkpy Author: Related File: C:\WINDOWS\PRAGMANLPCBVTKPY\PRAGMAD.SYS Type: Services detected by Partizan Item Name: wsdkrlxp.exe Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\WSDKRLXP.EXE Type: Registry Run Removal Results: Success Number of reboot: 2 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.05.26 […]
More…

Removed: PRAGMAd.sys, datext.dll, napstatxt.exe, datprot.exe (FakeAV – Data Protection)

Malware: C:\sand-box\ad.exe Removed: C:\WINDOWS\PRAGMAxdnyribivn\PRAGMAd.sys C:\Program Files\Data Protection\datext.dll C:\Documents and Settings\Administrator\Local Settings\Temp\napstatxt.exe C:\Program Files\Data Protection\datprot.exe —————————————————————————————————————————- After first reboot detected by UnHackMe: Item Name: PRAGMAxdnyribivn Author: Related File: C:\WINDOWS\PRAGMAXDNYRIBIVN\PRAGMAD.SYS Type: Services detected by Partizan Item Name: SimpleShlExt Author: Unknown Related File: C:\PROGRA~1\DATAPR~1\DATEXT.DLL Type: Context Menu Handlers Item Name: napstatxt.exe Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\NAPSTATXT.EXE Type: Registry […]
More…

Removed: PRAGMAd.sys (variant of TDSS trojan – Alureon/Olmarik)

Malware: C:\sand-box\install01.exe Removed: C:\WINDOWS\PRAGMAqipfvcxnqq\PRAGMAd.sys —————————————————————————————————————————- After first reboot detected by UnHackMe: Item Name: PRAGMAqipfvcxnqq Author: Related File: C:\WINDOWS\PRAGMAQIPFVCXNQQ\PRAGMAD.SYS Type: Services detected by Partizan Removal Results: Success Number of reboot: 2 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.05.11 Gen:Variant.TDss.20 Kaspersky 7.0.0.125 2010.05.11 Trojan-Downloader.Win32.FraudLoad.xcxu Microsoft 1.5703 2010.05.11 Trojan:Win32/Alureon.gen!J NOD32 5105 2010.05.11 Win32/Olmarik.YX —————————————————————————————————————————- Additional […]
More…

Removed: PRAGMAd.sys (variant of TDSS trojan – Alureon)

Malware: C:\sand-box\install01.txt.exe Removed: C:\WINDOWS\PRAGMApoffyabwwk\PRAGMAd.sys —————————————————————————————————————————- After first reboot detected by UnHackMe: Item Name: PRAGMApoffyabwwk Author: Related File: C:\WINDOWS\PRAGMAPOFFYABWWK\PRAGMAD.SYS Type: Services detected by Partizan Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.05.03 Trojan.Generic.KD.9928 Kaspersky 7.0.0.125 2010.05.03 Trojan-Downloader.Win32.FraudLoad.xbiw Microsoft 1.5703 2010.05.03 Trojan:Win32/Alureon.gen!J NOD32 5083 2010.05.03 Win32/Olmarik.YA —————————————————————————————————————————- Additional […]
More…

Removed: PRAGMAD.SYS (variant of TDSS trojan – Olmarik)

Malware: C:\sand-box\install01.txt.exe Removed: C:\WINDOWS\PRAGMAKBFTIVFPJU\PRAGMAD.SYS —————————————————————————————————————————- After first reboot detected by UnHackMe: Item Name: PRAGMAkbftivfpju Author: Related File: C:\WINDOWS\PRAGMAKBFTIVFPJU\PRAGMAD.SYS Type: Services detected by Partizan Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.27 Trojan.Generic.KD.9045 Kaspersky 7.0.0.125 2010.04.27 Trojan.Win32.FraudPack.atiq Microsoft 1.5703 2010.04.27 – NOD32 5065 2010.04.27 Win32/Olmarik.YA —————————————————————————————————————————- Additional […]
More…

Removed: PRAGMAD.SYS (variant of TDSS trojan)

Malware: C:\sand-box\install01.txt.exe Removed: C:\WINDOWS\PRAGMANVSTYLPRXV\PRAGMAD.SYS C:\WINDOWS\PRAGMAnvstylprxv\PRAGMAc.dll —————————————————————————————————————————- After first reboot detected by UnHackMe: Item Name: PRAGMAnvstylprxv Author: Related File: C:\WINDOWS\PRAGMANVSTYLPRXV\PRAGMAD.SYS Type: Services detected by Partizan Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.26 Trojan.Generic.KD.8772 Kaspersky 7.0.0.125 2010.04.26 Trojan-Downloader.Win32.FraudLoad.xazh Microsoft 1.5703 2010.04.26 – NOD32 5061 2010.04.26 – —————————————————————————————————————————- […]
More…