CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
spacer spacer
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Login to check your private messagesLogin to check your private messages   LoginLogin   Your Favorite ForumsSelect FavForums 

Another new variant of cpvfeed/smitfraud

 
Post new topic   Reply to topic       All -> FavForums -> Unknown Files [del.icio.us!] [digg it!] [reddit!]
View previous topic :: View next topic  
Author Message
sjpritch25

1st Responder
Premium Member

Joined: Mar 31, 2005
Posts: 5163
Location: West Coast of Florida, USA
1st Responder Mentors 1st Responders MVP Premium Rootkit Responders

PostPosted: Fri Dec 21, 2007 8:19 pm    Post subject: Another new variant of cpvfeed/smitfraud
Reply with quote

File xcvwer.dll received on 12.21.2007 21:06:01 (CET)

Result: 2/31 (6.46%)

Antivirus Version Last Update Result
AhnLab-V3 2007.12.22.10 2007.12.21 -
AntiVir 7.6.0.46 2007.12.21 -
Authentium 4.93.8 2007.12.21 -
Avast 4.7.1098.0 2007.12.20 -
AVG 7.5.0.503 2007.12.21 Downloader.Zlob.QS
BitDefender 7.2 2007.12.21 -
CAT-QuickHeal 9.00 2007.12.21 -
ClamAV 0.91.2 2007.12.21 -
DrWeb 4.44.0.09170 2007.12.21 -
eSafe 7.0.15.0 2007.12.20 -
eTrust-Vet 31.3.5393 2007.12.21 -
Ewido 4.0 2007.12.21 -
FileAdvisor 1 2007.12.21 -
Fortinet 3.14.0.0 2007.12.21 -
F-Prot 4.4.2.54 2007.12.21 -
Ikarus T3.1.1.15 2007.12.21 Virus.Win32.Agent.LTS
Kaspersky 7.0.0.125 2007.12.21 -
McAfee 5191 2007.12.21 -
Microsoft 1.3109 2007.12.21 -
NOD32v2 2740 2007.12.21 -
Norman 5.80.02 2007.12.21 -
Panda 9.0.0.4 2007.12.21 -
Prevx1 V2 2007.12.21 -
Rising 20.23.42.00 2007.12.21 -
Sophos 4.24.0 2007.12.21 -
Sunbelt 2.2.907.0 2007.12.21 -
Symantec 10 2007.12.21 -
TheHacker 6.2.9.166 2007.12.20 -
VBA32 3.12.2.5 2007.12.20 -
VirusBuster 4.3.26:9 2007.12.21 -
Webwasher-Gateway 6.6.2 2007.12.21 -
Additional information
File size: 192512 bytes
MD5: 7b1e3905910e245527ff135804da8037
SHA1: 6f497e158e87a3b2d5325874960c164811794269
PEiD: -


=================================

File ttvbonfwt.dll received on 12.21.2007 21:05:50 (CET)

Result: 3/31 (9.68%)


Antivirus Version Last Update Result
AhnLab-V3 2007.12.22.10 2007.12.21 -
AntiVir 7.6.0.46 2007.12.21 -
Authentium 4.93.8 2007.12.21 -
Avast 4.7.1098.0 2007.12.20 -
AVG 7.5.0.503 2007.12.21 Downloader.Zlob.PW
BitDefender 7.2 2007.12.21 -
CAT-QuickHeal 9.00 2007.12.21 -
ClamAV 0.91.2 2007.12.21 -
DrWeb 4.44.0.09170 2007.12.21 -
eSafe 7.0.15.0 2007.12.20 -
eTrust-Vet 31.3.5393 2007.12.21 -
Ewido 4.0 2007.12.21 -
FileAdvisor 1 2007.12.21 -
Fortinet 3.14.0.0 2007.12.21 -
F-Prot 4.4.2.54 2007.12.21 -
Ikarus T3.1.1.15 2007.12.21 Generic.NetAdware
Kaspersky 7.0.0.125 2007.12.21 -
McAfee 5191 2007.12.21 -
Microsoft 1.3109 2007.12.21 Adware:Win32/SmitFraud
NOD32v2 2740 2007.12.21 -
Norman 5.80.02 2007.12.21 -
Panda 9.0.0.4 2007.12.21 -
Prevx1 V2 2007.12.21 -
Rising 20.23.42.00 2007.12.21 -
Sophos 4.24.0 2007.12.21 -
Sunbelt 2.2.907.0 2007.12.21 -
Symantec 10 2007.12.21 -
TheHacker 6.2.9.166 2007.12.20 -
VBA32 3.12.2.5 2007.12.20 -
VirusBuster 4.3.26:9 2007.12.21 -
Webwasher-Gateway 6.6.2 2007.12.21 -
Additional information
File size: 307200 bytes
MD5: 8bc0013f5a7c665d2f819c674562c5cd
SHA1: ae190bb8fd71237fa6d34ca057aa17b0b42f1152
PEiD: -

=================================

File leosrv.dll received on 12.21.2007 21:05:27 (CET)

Result: 3/32 (9.38%)


Antivirus Version Last Update Result
AhnLab-V3 2007.12.22.10 2007.12.21 -
AntiVir 7.6.0.46 2007.12.21 TR/Zlob.DCC
Authentium 4.93.8 2007.12.21 -
Avast 4.7.1098.0 2007.12.20 -
AVG 7.5.0.503 2007.12.21 -
BitDefender 7.2 2007.12.21 -
CAT-QuickHeal 9.00 2007.12.21 -
ClamAV 0.91.2 2007.12.21 -
DrWeb 4.44.0.09170 2007.12.21 -
eSafe 7.0.15.0 2007.12.20 -
eTrust-Vet 31.3.5393 2007.12.21 -
Ewido 4.0 2007.12.21 -
FileAdvisor 1 2007.12.21 -
Fortinet 3.14.0.0 2007.12.21 -
F-Prot 4.4.2.54 2007.12.21 -
F-Secure 6.70.13030.0 2007.12.21 -
Ikarus T3.1.1.15 2007.12.21 AdWare.NetAdware.CW
Kaspersky 7.0.0.125 2007.12.21 -
McAfee 5191 2007.12.21 -
Microsoft 1.3109 2007.12.21 -
NOD32v2 2740 2007.12.21 -
Norman 5.80.02 2007.12.21 -
Panda 9.0.0.4 2007.12.21 -
Prevx1 V2 2007.12.21 -
Rising 20.23.42.00 2007.12.21 -
Sophos 4.24.0 2007.12.21 -
Sunbelt 2.2.907.0 2007.12.21 -
Symantec 10 2007.12.21 -
TheHacker 6.2.9.166 2007.12.20 -
VBA32 3.12.2.5 2007.12.20 -
VirusBuster 4.3.26:9 2007.12.21 -
Webwasher-Gateway 6.6.2 2007.12.21 Trojan.Zlob.DCC
Additional information
File size: 200704 bytes
MD5: d6345a5837f6dc10bfd4dbedd0915f80
SHA1: 35e2846bf5825312ef86ab1f0b121ed72f430816
PEiD: -

================================


File hjoqor.dll received on 12.21.2007 21:05:13 (CET)

Result: 5/32 (15.63%)


Antivirus Version Last Update Result
AhnLab-V3 2007.12.22.10 2007.12.21 -
AntiVir 7.6.0.46 2007.12.21 ADSPY/Agent.PB
Authentium 4.93.8 2007.12.21 -
Avast 4.7.1098.0 2007.12.20 Win32:Agent-LTS
AVG 7.5.0.503 2007.12.21 -
BitDefender 7.2 2007.12.21 -
CAT-QuickHeal 9.00 2007.12.21 -
ClamAV 0.91.2 2007.12.21 -
DrWeb 4.44.0.09170 2007.12.21 -
eSafe 7.0.15.0 2007.12.20 -
eTrust-Vet 31.3.5393 2007.12.21 -
Ewido 4.0 2007.12.21 -
FileAdvisor 1 2007.12.21 -
Fortinet 3.14.0.0 2007.12.21 -
F-Prot 4.4.2.54 2007.12.21 -
F-Secure 6.70.13030.0 2007.12.21 -
Ikarus T3.1.1.15 2007.12.21 Virus.Win32.Agent.LTS
Kaspersky 7.0.0.125 2007.12.21 -
McAfee 5191 2007.12.21 -
Microsoft 1.3109 2007.12.21 Adware:Win32/SmitFraud
NOD32v2 2740 2007.12.21 -
Norman 5.80.02 2007.12.21 -
Panda 9.0.0.4 2007.12.21 -
Prevx1 V2 2007.12.21 -
Rising 20.23.42.00 2007.12.21 -
Sophos 4.24.0 2007.12.21 -
Sunbelt 2.2.907.0 2007.12.21 -
Symantec 10 2007.12.21 -
TheHacker 6.2.9.166 2007.12.20 -
VBA32 3.12.2.5 2007.12.20 -
VirusBuster 4.3.26:9 2007.12.21 -
Webwasher-Gateway 6.6.2 2007.12.21 Ad-Spyware.Agent.PB
Additional information
File size: 253952 bytes
MD5: 82f937ee9853fe3731b81343e16ca5d2
SHA1: 5771c62fa67a2629cd2bff5f5d8e28018c2d8a94
PEiD: -

==================================

File binret.exe received on 12.21.2007 21:04:54 (CET)

Result: 0/32 (0%)


Antivirus Version Last Update Result
AhnLab-V3 2007.12.22.10 2007.12.21 -
AntiVir 7.6.0.46 2007.12.21 -
Authentium 4.93.8 2007.12.21 -
Avast 4.7.1098.0 2007.12.20 -
AVG 7.5.0.503 2007.12.21 -
BitDefender 7.2 2007.12.21 -
CAT-QuickHeal 9.00 2007.12.21 -
ClamAV 0.91.2 2007.12.21 -
DrWeb 4.44.0.09170 2007.12.21 -
eSafe 7.0.15.0 2007.12.20 -
eTrust-Vet 31.3.5393 2007.12.21 -
Ewido 4.0 2007.12.21 -
FileAdvisor 1 2007.12.21 -
Fortinet 3.14.0.0 2007.12.21 -
F-Prot 4.4.2.54 2007.12.21 -
F-Secure 6.70.13030.0 2007.12.21 -
Ikarus T3.1.1.15 2007.12.21 -
Kaspersky 7.0.0.125 2007.12.21 -
McAfee 5191 2007.12.21 -
Microsoft 1.3109 2007.12.21 -
NOD32v2 2740 2007.12.21 -
Norman 5.80.02 2007.12.21 -
Panda 9.0.0.4 2007.12.21 -
Prevx1 V2 2007.12.21 -
Rising 20.23.42.00 2007.12.21 -
Sophos 4.24.0 2007.12.21 -
Sunbelt 2.2.907.0 2007.12.21 -
Symantec 10 2007.12.21 -
TheHacker 6.2.9.166 2007.12.20 -
VBA32 3.12.2.5 2007.12.20 -
VirusBuster 4.3.26:9 2007.12.21 -
Webwasher-Gateway 6.6.2 2007.12.21 -
Additional information
File size: 77824 bytes
MD5: 7db1855df8083f11dc6bc2aa1628f71c
SHA1: 584c93d46b2fcd1c048c1ebe5671123a7612cc2d
PEiD: -


_________________
Microsoft Valuable Professional--Consumer Security 2007-2009 image
image
http://geekfox26.blogspot.com/
Back to top
View users profile Send private message Visit posters website
tetak

MIRT Team Lead
Premium Member

Joined: Jan 19, 2007
Posts: 5878

MIRT Premium

PostPosted: Sat Dec 22, 2007 1:53 pm    Post subject:
Reply with quote

I've added the files to the malware listserv.


_________________
Got Windows XP? Help protect your PC from malware with Microsofts anti-spyware program Windows Defender.

Download it for free from http://www.microsoft.com/athome/security/spyware/software/default.mspx
Back to top
View users profile Send private message
Display posts from previous:   
Post new topic   Reply to topic       All -> FavForums -> Unknown Files All times are GMT
Page 1 of 1

 
Quick Reply:
Username: 

Quote the last message
Attach signature (signatures can be changed in profile)
 
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You cannot download files in this forum


Powered by phpBB © 2001 phpBB Group
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
137ppm 0.180s (0.032s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer