Archive for the 'Trojan' Category
Sunday, February 8th, 2009
This is an harmful program.
Name: lrpfwl
Filename: lrpfwl.dll
Command: %appdata%\Google\lrpfwl.dll
Description: trojan fakealert component
Notes: The trojan uses fake Security Center Alert to trick you into purchasing rogue antispyware
How to remove: How to remove Spyware.ISpynow, win32.zafi.b, Win32.Netsky.Q, Trojan.Zlob.G (Fake Security Center Alert)
Posted in Trojan | No Comments »
Sunday, February 8th, 2009
This is an harmful program.
Name: djvlg2072387
Filename: djvlg2072387.exe
Command: %appdata%\Google\djvlg2072387.exe
Startup Type: HKCU->run
HijackThis Category: O4
Description: trojan fakealert component
Notes: The trojan uses fake Security Center Alert to trick you into purchasing rogue antispyware
How to remove: How to remove Spyware.ISpynow, win32.zafi.b, Win32.Netsky.Q, Trojan.Zlob.G (Fake Security Center Alert)
Posted in O4, Run, Trojan | No Comments »
Sunday, February 8th, 2009
This is an harmful program.
Name: boot
Filename: boot.com
Command: c:\resycled\boot.com
Startup Type: autorun.inf
Description: autorun.inf trojan component
How to remove: How to remove trojans that uses autorun.inf file
Posted in autorun.inf, Trojan | No Comments »
Monday, February 2nd, 2009
This is an harmful program.
Name: systemntmi
Filename: systemntmi.sys
Command: C:\WINDOWS\system32\drivers\systemntmi.sys
Startup Type: Driver
RSIT/Combofix Line:
S2 systemntmi;systemntmi; \??\C:\WINDOWS\system32\drivers\systemntmi.sys []
Description: Trojan, VirTool:Win32/Cutwail.gen
Posted in Driver, Trojan | No Comments »
Monday, February 2nd, 2009
This is an harmful program.
Name: securentm
Filename: securentm.sys
Command: C:\WINDOWS\system32\drivers\securentm.sys
Startup Type: Driver
RSIT/Combofix Line:
S2 securentm;securentm; \??\C:\WINDOWS\system32\drivers\securentm.sys []
Description: Trojan, VirTool:Win32/Cutwail.gen [microsoft]
Posted in Driver, Trojan | No Comments »
Monday, February 2nd, 2009
This is an harmful program.
Name: port135sik
Filename: port135sik.sys
Command: C:\WINDOWS\system32\drivers\port135sik.sys
Startup Type: Driver
Combofix/RSIT Line:
S2 port135sik;port135sik; \??\C:\WINDOWS\system32\drivers\port135sik.sys []
Description: Trojan, VirTool:Win32/Cutwail.gen [microsoft]
Posted in Driver, Trojan | No Comments »
Monday, February 2nd, 2009
This is an harmful program.
Name: ksi32sk
Filename: ksi32sk.sys
Command: C:\WINDOWS\system32\drivers\ksi32sk.sys
Startup Type: Driver
RSIT/Combofix Line:
S2 ksi32sk;ksi32sk; \??\C:\WINDOWS.0\system32\drivers\ksi32sk.sys []
Description: Trojan, VirTool:Win32/Cutwail.gen [microsoft]
Posted in Driver, Trojan | No Comments »
Monday, February 2nd, 2009
This is an harmful program.
Name: fips32cup
Filename: fips32cup.sys
Registry key: key
Command: C:\WINDOWS\system32\drivers\fips32cup.sys
Startup Type: Driver
RSIT/Combofix Line:
S2 fips32cup;fips32cup; \??\C:\WINDOWS\system32\drivers\fips32cup.sys []
Description: Trojan component, VirTool:Win32/Cutwail.gen [microsoft]
Posted in Driver, Trojan | No Comments »
Monday, February 2nd, 2009
This is an harmful program.
Name: amd64si
Filename: amd64si.sys
Command: C:\WINDOWS\system32\drivers\amd64si.sys
Startup Type: Driver
RSIT/Combofix Line:
S2 amd64si;amd64si; \??\C:\WINDOWS\system32\drivers\amd64si.sys []
Description: unknown trojan component
Posted in Driver, Trojan | No Comments »
Monday, February 2nd, 2009
This is an harmful program.
Name: copy
Filename: copy.exe
Registry key:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7c5715d-5709-11dd-93a8-0080483fe4ed}
Command: C:\WINDOWS.0\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
CLSID: e7c5715d-5709-11dd-93a8-0080483fe4ed
Startup Type: autorun.inf
Description: autorun.inf trojan component
How to remove: How to remove trojans that uses autorun.inf file
Posted in autorun.inf, Trojan | No Comments »
