Removed: atualizada.sys, ashDip.exe, Atualizada.exe (trojan Spy.Banker)

August 17, 2010 by NightWatcher · Leave a Comment
Filed under: Malware 

Malware: explore.exe Removed: C:\WINDOWS\system32\drivers\atualizada.sys C:\WINDOWS\system32\ashDip.exe C:\WINDOWS\Atualizada.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: atualizada.sys Author: Unknown Related File: C:\WINDOWS\SYSTEM32\DRIVERS\ATUALIZADA.SYS Type: Drivers Item Name: ashDip.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\ASHDIP.EXE Type: Registry Run Item Name: Author: Unknown Related File: C:\WINDOWS\ATUALIZADA.EXE Type: Registry Run Item Name: Atualizada.exe Author: Unknown Related File: C:\WINDOWS\ATUALIZADA.EXE Type: Running Processes Removal Results: Success [...]

Tags: ashDip.exe, Atualizada.exe, atualizada.sys, Spy.Banker

Removed: Schost.exe, v1.exe, v2.exe, v3.exe (trojan Spy.Banker)

August 16, 2010 by NightWatcher · Leave a Comment
Filed under: Malware 

Malware: schosts.sfx.exe Removed: C:\WINDOWS\Schost.exe C:\WINDOWS\v1.exe C:\WINDOWS\v2.exe C:\WINDOWS\v3.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Author: Unknown Related File: C:\WINDOWS\SCHOST.EXE Type: Registry Run Item Name: Schost.exe Author: Unknown Related File: C:\WINDOWS\SCHOST.EXE Type: Running Processes Item Name: DESKC Author: Unknown Related File: C:\WINDOWS\V3.EXE Type: Explorer Run Item Name: v1.exe Author: Unknown Related File: C:\WINDOWS\V1.EXE Type: Running Processes Item [...]

Tags: Schost.exe, Spy.Banker, v1.exe, v2.exe, v3.exe

Removed: casalote.exe (trojan Spy.Banker)

August 11, 2010 by NightWatcher · Leave a Comment
Filed under: Adware 

Removed: c:\sand-box\casalote.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: InternetExplore1 Author: Unknown Related File: C:\SAND-BOX\CASALOTE.EXE Type: Registry Run Item Name: casalote.exe Author: Unknown Related File: C:\SAND-BOX\CASALOTE.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\InternetExplore1 Value: “casalote.exe” Files: “casalote.exe” or “casalote.jpg” —————————————————————————————————————————- Antivirus Version Last Update [...]

Tags: casalote.exe, Spy.Banker

Removed: C:\WINDOWS\system32\drivers\regtoro.sys, C:\WINDOWS\Tcp_IP.exe (trojan Spy.Banker)

August 5, 2010 by NightWatcher · Leave a Comment
Filed under: Malware 

Malware: logs.jpg.exe Removed: C:\WINDOWS\system32\drivers\regtoro.sys C:\WINDOWS\Tcp_IP.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Author: Unknown Related File: C:\WINDOWS\TCP_IP.EXE Type: Registry Run Item Name: Tcp_IP.exe Author: Unknown Related File: C:\WINDOWS\TCP_IP.EXE Type: Running Processes After first reboot detected by UnHackMe: Item Name: bord_007 Author: Related File: C:\WINDOWS\SYSTEM32\DRIVERS\REGTORO.SYS Type: Services detected by Partizan Removal Results: Success Number of reboot: 2 [...]

Tags: regtoro.sys, Spy.Banker, Tcp_IP.exe

Removed: C:\Documents and Settings\All Users\Application Data\Vista\W7.exe (trojan Spy.Banker)

August 2, 2010 by NightWatcher · Leave a Comment
Filed under: Malware 

Malware: ready.exe Removed: C:\Documents and Settings\All Users\Application Data\Vista\W7.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: W7.exe Nacional Author: Windows 7 Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\VISTA\W7.EXE Type: Registry Run Item Name: W7.exe Author: Windows 7 Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\VISTA\W7.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to [...]

Tags: Spy.Banker, W7.exe