Vous diminuez les moyens dont nous disposons pour vous proposer des contenus de qualités gratuits.
SVP laissez les publicités s'afficher ou soutenez le site :
Faire un don - si vous ne voulez pas afficher les publicités
Se propage par le fichier contenant le fichier myPhoto10.zip (se trouve dans %windir%) contenant le fichier myPhoto10.jpeg-www.imageshack.com
Message de propagation :
Can I show this photo with a few friends of mine?
will this get banned if I set it as my default pic?
do we look good together? I just threw you into the picture!
How are my photoshop skills? I edited this picture a few hours ago
Does this outfit look hot on me? Or just rediculous?
Have you seen my new hair? I just got it dyed a new color!
Want to see something outrageous? Just take a look at my newest pic!
did you see the party pictures from last weekend? Check this one out!
I think this is the definition of sexy! What do you think?
Have you ever seen me when I was a kid? This picture is a little embarassing, but funny.
do you mind if I throw this picture of you on my blog?
Did you know I'm taking photoshop classes? How do you think my latest project looks?
can I upload this pic of you onto my newest album?
This is just pure insanity. My god, look at the nonsense on this guys shirt!
L'infection ajoute la ligne suivante sur HijackThis :
O4 - HKLM\..\Run: [System DB Manager] sysdbmg.exe
Fichier cp.exe reçu le 2008.07.22 22:37:33 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 2/34 (5.89%)
Fichier cpz.exe reçu le 2008.07.23 13:37:22 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 2/35 (5.72%)
Please find a detailed report concerning each individual sample below:
Filename Result
cp.exe MALWARE
The file 'cp.exe' has been determined to be 'MALWARE'. Our analysts named the threat TR/Qhost.acp. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.
Complete scanning result of "cp.exe", processed in VirusTotal at 07/24/2008 09:20:38 (CET).
[ file data ]
* name..: cp.exe
* size..: 43008
* md5...: 79f7c45b5d74b11bb874c4fa9f011618
* sha1..: 0d473eef07352e7b4a5875d653c824651ee32483
* peid..: BobSoft Mini Delphi -> BoB / BobSoft
[ scan result ]
AhnLab-V3 2008.7.24.0/20080724 found nothing
AntiVir 7.8.1.11/20080724 found [TR/Qhost.acp]
Authentium 5.1.0.4/20080724 found nothing
Avast 4.8.1195.0/20080723 found [Win32:Trojan-gen {Other}]
AVG 8.0.0.130/20080723 found [Injector.AD]
BitDefender 7.2/20080724 found nothing
CAT-QuickHeal 9.50/20080722 found nothing
ClamAV 0.93.1/20080724 found nothing
DrWeb 4.44.0.09170/20080724 found [Trojan.MulDrop.18130]
eSafe 7.0.17.0/20080723 found nothing
eTrust-Vet 31.6.5978/20080724 found nothing
Ewido 4.0/20080723 found nothing
F-Prot 4.4.4.56/20080722 found nothing
F-Secure 7.60.13501.0/20080724 found nothing
Fortinet 3.14.0.0/20080724 found [W32/Agent.BR!tr]
GData 2.0.7306.1023/20080724 found [Trojan.Win32.Inject.ecu]
Ikarus T3.1.1.34.0/20080724 found nothing
Kaspersky 7.0.0.125/20080724 found [Trojan.Win32.Inject.ecu]
McAfee 5345/20080723 found nothing
Microsoft 1.3704/20080724 found [Worm:Win32/Slenfbot.ZP]
NOD32v2 3293/20080723 found [Win32/AutoRun.QN]
Norman 5.80.02/20080723 found nothing
Panda 9.0.0.4/20080724 found nothing
PCTools 4.4.2.0/20080723 found nothing
Prevx1 V2/20080724 found [Worm]
Rising 20.54.30.00/20080724 found nothing
Sophos 4.31.0/20080724 found nothing
Sunbelt 3.1.1536.1/20080718 found nothing
Symantec 10/20080724 found nothing
TheHacker 6.2.96.387/20080723 found nothing
TrendMicro 8.700.0.1004/20080724 found nothing
VBA32 3.12.8.1/20080723 found nothing
ViRobot 2008.7.23.1307/20080723 found nothing
VirusBuster 4.5.11.0/20080723 found nothing
Webwasher-Gateway 6.6.2/20080724 found [Trojan.Qhost.acp]
Complete scanning result of "cpz.exe", processed in VirusTotal at 07/24/2008 09:20:41 (CET).
[ file data ]
* name..: cpz.exe
* size..: 43520
* md5...: e091d546bebb4db47941fa8a4ff09cfa
* sha1..: caa67ed8378e4a09df0977a8b22b5a1429fbc744
* peid..: BobSoft Mini Delphi -> BoB / BobSoft
[ scan result ]
AhnLab-V3 2008.7.24.0/20080724 found nothing
AntiVir 7.8.1.11/20080724 found [TR/Delf.doh]
Authentium 5.1.0.4/20080724 found nothing
Avast 4.8.1195.0/20080723 found nothing
AVG 8.0.0.130/20080723 found [Injector.AD]
BitDefender 7.2/20080724 found nothing
CAT-QuickHeal 9.50/20080722 found nothing
ClamAV 0.93.1/20080724 found nothing
DrWeb 4.44.0.09170/20080724 found [Trojan.MulDrop.18130]
eSafe 7.0.17.0/20080723 found nothing
eTrust-Vet 31.6.5978/20080724 found nothing
Ewido 4.0/20080723 found nothing
F-Prot 4.4.4.56/20080722 found nothing
F-Secure 7.60.13501.0/20080724 found [Trojan.Win32.Delf.doh]
Fortinet 3.14.0.0/20080724 found nothing
GData 2.0.7306.1023/20080724 found [Trojan.Win32.Delf.doh]
Ikarus T3.1.1.34.0/20080724 found [VirTool.Win32.DelfInject.A]
Kaspersky 7.0.0.125/20080724 found [Trojan.Win32.Delf.doh]
McAfee 5345/20080723 found nothing
Microsoft 1.3704/20080724 found [VirTool:Win32/DelfInject.gen!AF]
NOD32v2 3293/20080723 found [Win32/AutoRun.QN]
Norman 5.80.02/20080723 found nothing
Panda 9.0.0.4/20080724 found nothing
PCTools 4.4.2.0/20080722 found nothing
Prevx1 V2/20080724 found [Worm]
Rising 20.54.30.00/20080724 found nothing
Sophos 4.31.0/20080724 found nothing
Sunbelt 3.1.1536.1/20080718 found nothing
Symantec 10/20080724 found nothing
TheHacker 6.2.96.387/20080723 found nothing
TrendMicro 8.700.0.1004/20080724 found nothing
VBA32 3.12.8.1/20080723 found nothing
ViRobot 2008.7.23.1307/20080723 found nothing
VirusBuster 4.5.11.0/20080723 found nothing
Webwasher-Gateway 6.6.2/20080724 found [Trojan.Delf.doh]