Threats report from 7.5166 up to 7.5971– 1/29/2010
Newly Added Threat List
csrss.exe
Ctrl-Center\ccagent.exe
Ctrl-Center\ccmain.exe
danewm\uobhsysguard.exe
ep.exe
inetinfo.exe
kernel33.dll
lsass.exe
Microsoft\winlog.exe
Mobile.exe
ntcheck.dll
PC\agent.exe
PC\pc.exe
PowerFile.exe
PowerFile.exe.exe
rdlyeg\gptisysguard.exe
seres.exe
services.exe
smss.exe
svcst.exe
SystemProc\lsass.exe
Updater.exe
winlogon.exe
wks.exe
xbmdth\gejysysguard.exe
11143754\11143754.exe
50727829\50727829.exe
57092427\57092427.exe
Microsoft\Media
Microsoft\vmonitor.exe
Microsoft\Windows\mspdb39.dll
mplf\mstime32.exe
updates.exe
net.exe
services.exe
services.exe
Default User\ntload.dll
Default User\Start
hook.dl_
LocalService\ntload.dll
NetworkService\ntload.dll
tazebama.dl_
tazebama.dll
Adobe\updates\adobes.exe
APcSafe
ASCII AGA\Uninstall.exe
baidu\bar\BaiduBar.dll
Bifrost\dark.exe
Bifrost\Intern.exe
Bifrost\server.exe
captcha.dll
Common Files\001.exe
Common Files\100038.exe
Common Files\1339.exe
Common Files\17.exe
Common Files\bdceg.exe
Common Files\System\system.exe
Down(4272644).exe
ElcomSoft\PSPR\awprhook.dll
ElcomSoft\PSPR\awprserv.dll
ElcomSoft\PSPR\psprserv.exe
Fanmail.biz
Fanmail.biz Toolbar\fanmail.dll
IEToolbar\Bullseye Tool
Internet Explorer\mstcs.exe
Internet Explorer\rasadhlp.dll
Internet Explorer\wybho1.exe
InternetSecurity2010\IS2010.exe
Microsoft
Microsoft Common\svchost.exe
MSN\uxycedfh.exe
mssy.exe
nanosearch\nanosearchup.exe
svchost.exe
webserver\webserver.exe
Youdao\Toolbar\ydtbv2.2
index.pif
reader_sl.exe
scandisk.dll
1039\Win32dll.exe
1061044.exe
1772553.exe
1791803.exe
1zVL95bYjMs7C.vbs
23137.exe
232718.exe
2361566.exe
243400.exe
263942.exe
28463\WLGM.006
28463\WLGM.007
28463\WLGM.exe
2851786.exe
28892.exe
2909494.exe
2buf.exe
2D Animation.scr
3319361.exe
3967233.exe
4721644.exe
5220132.exe
5797976.exe
6180215.exe
6603799.exe
6to4v32.dll
7y85h.sys
8554041.exe
9028262.exe
9480844.exe
a18467stva41a.dll
AdmDll.dll
adobe ActiveX\shield32.exe.exe
aecces.exe
aecces.exe
aqlb.hjo
aqoeerw.exe
atmacapp.dll
atmacapp.dll
autorun.ini
avi.exe
awServ\svchost.exe
Bifrost\explorer.exe
Bifrost\server.exe
blastclnnn.exe
bnmkue0.dll
bnmkue1.dll
C2H3
cd_clint.dll
cd_htm.dll
cltmon.exe
Cmdd.exe
cmsetac.dll
cooper.mine
critical_warning.html
dbc7.dll
dllcache\cdrom.sys
dllcache\kml9130.dll
dllcache\ndis.sys
dllcache\Regedit32.com
dllcache\Shell32.com
dllcache\user32.dll
dllchache.exe
dllchache\Blank.doc
dllchache\Empty.jpg
dllchache\Hole.zip
dllchache\Unoccupied.reg
dllchache\Zero.txt
drivers\fio32.sys
drivers\H8SRTyreetasvsu.sys
drivers\pcidump.sys
drivers\pvjjo.sys
drivers\TDSSserv.sys
drivers\tkkobe.sys
dtreg.exe
e7ab.dll
ehhbtsc.dll
explorer\explorer.exe
fio32.dll
flashdob.dll
fservice.exe
game.dll
H8SRTkdmexueqec.dll
hakatet\csrss.exe
hakatet\Lsass.exe
hakatet\services.exe
hakatet\SMSS.EXE
hvnyzp.exe
Icons.dll
ieexplorer32.exe
imedllhost09.ime
imPlayok.exe
incognito.exe
jgbwg.exe
jiybqgnnsailbaw.dll
kml9130.dll
lixgap.dll
lixgax.sys
lmdrki_33.dll
lt.exe
M5VBVM60.EXE
Msn\Messenger.exe
msnhoqog.dll
mssrv32.exe
mswsock32.dll
nal.exe
NativeProc.dll
nmdfgds0.dll
nmdfgds1.dll
nmklo.dll
notepad.dll
ntdtcstp.dll
ntos.exe
nvsvc32.exe
olhrwef.exe
opeia.exe
pbavwtvrwmkf.exe
PeerSvc.exe
pstree.exe
qtplugin.exe
raddrv.dll
RavScrch.dll
reader_s.exe
realplayerupdate.exe
reginv.dll
rund1132.exe
RVHOST.exe
safemon.dll
sdra64.exe
sdra64.exe
server.exe
Servicx.exe
smss32.exe
spool\prtprocs\w32×86\0000333a.tmp
srcile.dll
SSCVIHOST.exe
suwen.dll
svhost.exe
sysldr.cak
system32.exe
win32.exe
t306042.dll
t311015.dll
t320059.dll
t320062.dll
t322037.dll
t322039.dll
taoba_1.dll
TDSSl.dll
tlntsvi.exe
tmp.dat
Updater.exe
updates.exe
warning.html
wfdmgr.exe
windows.exe
winhelp.exe
winhelp32.exe
winkey.dll
winlogon32.exe
winlogon86.exe
WinSit.exe
Winupdate\systemroot.exe
winupdate86.exe
wmdtc.exe
wmdtc.exe
wybho.dll
xjbl997.exe
xm1985.dll
xt0bi\Server.exe
xydzyh.exe
temp\000004e9
temp\00002482
temp\00005134
temp\000056eb
temp\00005eee
temp\1.exe
temp\1.scr
temp\1.tmp
temp\2.exe
temp\2.tmp
temp\3.tmp
temp\5.tmp
temp\611896f1191e2ccf133d402275d9616b.exe
temp\698.exe
temp\7.tmp
temp\7.tmp
temp\8.dll
temp\alg.exe
temp\AV6.tmp
temp\BDS2.exe
temp\bho.dll
temp\Bjqbe.DRV
temp\bt3716.bat
temp\bxn1.tmp
temp\cmsetac.dll
temp\comctl3232.dll
temp\CSM4.tmp
temp\D.exe
temp\d3drm32.dll
temp\data.~f03
temp\dciman3232.dll
temp\ddd – Copie.exe
temp\ddd – Copie.exe
temp\dhdhtrdhdrtr5y
temp\dinput32.dll
temp\diskcopy32.dll
temp\dll1.tmp
temp\dxtdy.DRV
temp\E_N4\dp1.fne
temp\E_N4\eAPI.fne
temp\E_N4\internet.fne
temp\E_N4\shell.fne
temp\E_N4\spec.fne
temp\els32.dll
temp\extrac64_cab.exe
temp\f.exe
temp\fldrclnr32.dll
temp\flyphp-server.exe
temp\fv4wo7cw.dll
temp\guclP.DRV
temp\h8srtacisapppsy.dll
temp\H8SRTbabf.tmp
temp\H8SRTbadf.tmp
temp\H8SRTedb.tmp
temp\h8srtmuuvfmdmta.dll
temp\h8srttopppphborf.dll
temp\h8srttruuvyourg.dat
temp\H8SRTynaunhnkjm.sys
temp\ie4.tmp
temp\iexplore.exe
temp\info_168.exe
temp\info_168.exe
temp\info_y8.exe
temp\init.exe
temp\is-BUH88.tmp\bind_8124.exe
temp\iStealer-server.exe
temp\IXP000.TMP\KHALID~1.EXE
temp\IXP000.TMP\serverR.exe
temp\IXP000.TMP\ts.exe
temp\IXP000.TMP\Updater.exe
temp\IXP001.TMP\serverR.exe
temp\Keygen.exe
temp\Lady_Eats_Her_Shit–www.youtube.com
temp\lfwo7jtqsctoo.exe
temp\lhgjyit0.dll
temp\lhgjyit1.dll
temp\lrnjg.DRV
temp\mirc633.exe
temp\mMIcD.DRV
temp\MSI3.tmp
temp\msinits.exe
temp\msx1\3d.jpg.pif
temp\mtwhU.DRV
temp\myf\y\AppletX.class
temp\myf\y\LoaderX.class
temp\myf\y\PayloadX.class
temp\ntdtcstp.dll
temp\penetration-server..exe
temp\player.dll
temp\RavQQMsiender.exe
temp\RG1.tmp
temp\RG10.tmp
temp\RG1C.tmp
temp\RG25.tmp
temp\RG28.tmp
temp\RG9.tmp
temp\RGD.tmp
temp\serv.exe
temp\server.exe
temp\SubSeven.exe
temp\Svchost.exe
temp\svchst.exe
temp\svhost.exe
temp\TDSSb9c5.tmp
temp\TDSSbaa0.tmp
temp\TDSSbd5f.tmp
temp\Temp.~exe
temp\temp~~2.exe
temp\teste2_p.exe
temp\teste3_p.exe
temp\teste4_p.exe
temp\tmp1.tmp
temp\tmp2.tmp
temp\TQ1.tmp
temp\TQ17.tmp
temp\TQ18.tmp
temp\TQ19.tmp
temp\TQ2.tmp
temp\TQ22.tmp
temp\TQ23.tmp
temp\TQ24.tmp
temp\TQ27.tmp
temp\TQ29.tmp
temp\TQ2A.tmp
temp\TQ3.tmp
temp\TQ4.tmp
temp\TQ5.tmp
temp\TQ7.tmp
temp\TQ8.tmp
temp\TQA.tmp
temp\TQB.tmp
temp\TQC.tmp
temp\TQF.tmp
temp\TW9454.tmp
temp\UMEYJ.DRV
temp\uNJth.DRV
temp\uqrdj8gv.html
temp\uret463.exe
temp\vwwixjz.exe
temp\wfsjowfdsaw.dll
temp\win32extension.dll
temp\winhlp64.exe
temp\WinPcap_4_0.exe
temp\xsa1.tmp
temp\yTWHh.DRV
temp\zpskon_1264459291.exe
temp\zpskon_1264459759.exe
temp\zpskon_1264665884.exe
temp\zpskon_1264671709.exe
%Templates%\A.yaresoJ.com
%Templates%\winword.doc.exe
%Templates%\winword2.doc.exe
%UserProfile%\%UserName%.exe
%UserProfile%\imPlayok.exe
%UserProfile%\ntload.dll
%UserProfile%\reader_s.exe
101.exe
1b6.bmp
91b.exe
amoumain.exe
Bifrost\server.exe
broadcast\upd.exe
comres.dll
ctfmon.exe
dc.exe
def26500aab6334ccd.dll
explore\explore.exe
f91.flv
file.bat
freddy49.exe
freddy81.exe
Hacker.com.cn.exe
Help\Other.exe
iexplorer.exe
inf\esoJray.exe
inf\Other.exe
inibdmrf.dll
jkky\2.exe
jkky\win20.exe
jkky\win21.exe
ld09.exe
ld10.exe
ld11.exe
mssrvc\svchost.exe
MTIjgod.dll
my_sfc_os.dll
officeactiv.exe
pp14.exe
PPlayer.2.1.58130.251.(508).dll
rdr_1264449544.exe
rdr_1264449625.exe
rdr_1264449654.exe
rdr_1264652957.exe
rdr_1264653017.exe
RemoteAbc.exe
RVHOST.exe
servicelayer.exe
services.exe
sqsoypg.dll
windows\SSCVIHOST.exe
SVIQ.EXE
system\AV6.tmp
system\Bjqbe.DRV
system\ctfmon.exe
system\dxtdy.DRV
system\Fun.exe
system\guclP.DRV
system\lrnjg.DRV
windows\system\mMIcD.DRV
system\mtwhU.DRV
system\RG1.tmp
system\RG10.tmp
system\RG1C.tmp
system\RG25.tmp
system\RG28.tmp
system\RG9.tmp
system\RGD.tmp
system\sservice.exe
system\winlogons.exe
system\TQ1.tmp
system\TQ18.tmp
system\TQ19.tmp
system\TQ23.tmp
system\TQ27.tmp
system\TQ29.tmp
system\TQ3.tmp
system\TQ4.tmp
system\TQ5.tmp
system\TQ8.tmp
system\TQA.tmp
system\TQC.tmp
system\TQF.tmp
system\UMEYJ.DRV
system\uNJth.DRV
system\yTWHh.DRV
system32.exe
SysTrayIcon.exe
Temp\1.tmp
Temp\1.tmp
Temp\115109.tmp
Temp\fv4wo7cw.dll
Temp\ntload.dll
Temp\ntload.dll
Temp\VRT2.tmp
Temp\VRT6.tmp
tmp1429327.log
tmp5432163.log
winampa.exe
WINDir.EXE
winDVD.exe
100002927-7690.com
682003330-1013\Taquito.exe
725345543-500\a.reg
725345543-500\a_friend.exe
725345543-500\csrss.exe
725345543-500\sup.exe
Bar\lw.dll
Bar\tbhelper.dll
0eboyg.exe
4.exe
8.EXE
Arquivos de Programas\Internet
AUT0EXEC.BAT
autorun.inf
BFROST V1.2D DR.ABDULILAH.EXE
Documents and Settings.exe
dos.pif
Extracted\Al-mojaheden BiFrOsT.exe
Extracted\alrif.exe
file1.exe
GRIL.PIF
hkn6k.bat
Inetpub.exe
j16dp6.exe
My Pictures.exe
obken09\lsass.exe
oteox\ob.exe
oteox\on.exe
piaoyao.exe
private.exe
Program Files.exe
rmupdate.exe
SCAN_passowrd.exe
server.exe
setup.exe
Turkojan 4.0.exe
vshost.exe
WINDOWS.exe
zPharaoh.exe
PLUGINS\iewd.exe
scandisk.dll
SYSTEM\sysbar.exe
mtlrd.sys
APcSafe\APcSafe.exe
Toolbar\tbhelper.dll
winword.doc.exe
winword2.doc.exe
0 Comments until now.