Trojan-Spy.Win32.Banker.fti/Banload (albumfotos.exe)

Informations sur les arnaques et Virus sur MSN.
Malekal_morte
Messages : 113154
Inscription : 10 sept. 2005 13:57

Trojan-Spy.Win32.Banker.fti/Banload (albumfotos.exe)

par Malekal_morte »

Message de propagation :
ve as fotos que eu tirei na minha ultima viagem http://www.go2.tw
se propage par le fichier : albumfotos.exe

Ajoute les lignes suivantes :
O2 - BHO: (no name) - {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} - C:\WINDOWS\svchosts.dll
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: svhossst.exe
Ajoute les fichiers suivants :
C:\Windows\system32\gbiehha.exe
C:\Windows\system32\mhtsvho.exe
C:\Windows\system32\munrob.exe
C:\Windows\system32\svhossst.exe
C:\Windows\system32\svmrhos.exe
C:\Windows\svchosts.dll
File albumfotos.exe received on 11.30.2007 14:01:55 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 7/30 (23.34%)

Antivirus Version Last Update Result
AhnLab-V3 2007.11.30.1 2007.11.30 -
AntiVir 7.6.0.34 2007.11.30 -
Authentium 4.93.8 2007.11.30 -
Avast 4.7.1074.0 2007.11.29 Win32:Delf-GVL
AVG 7.5.0.503 2007.11.29 Downloader.Generic6.WLI
BitDefender 7.2 2007.11.30 Trojan.Downloader.Agent.YUX
CAT-QuickHeal 9.00 2007.11.30 -
ClamAV 0.91.2 2007.11.30 -
DrWeb 4.44.0.09170 2007.11.30 -
eSafe 7.0.15.0 2007.11.29 -
eTrust-Vet 31.3.5338 2007.11.30 -
Ewido 4.0 2007.11.30 -
FileAdvisor 1 2007.11.30 -
Fortinet 3.14.0.0 2007.11.30 -
F-Prot 4.4.2.54 2007.11.29 -
F-Secure 6.70.13030.0 2007.11.30 W32/Downloader
Kaspersky 7.0.0.125 2007.11.30 -
McAfee 5174 2007.11.29 -
Microsoft 1.3007 2007.11.30 -
NOD32v2 2695 2007.11.30 -
Norman 5.80.02 2007.11.29 W32/DLoader.EIBN
Panda 9.0.0.4 2007.11.29 Trj/Nabload.CPM
Rising 20.20.40.00 2007.11.30 -
Sophos 4.23.0 2007.11.30 -
Sunbelt 2.2.907.0 2007.11.30 -
Symantec 10 2007.11.30 Downloader
TheHacker 6.2.9.145 2007.11.30 -
VBA32 3.12.2.5 2007.11.30 -
VirusBuster 4.3.26:9 2007.11.29 -
Webwasher-Gateway 6.6.2 2007.11.30 -
Additional information
File size: 568832 bytes
MD5: 64cc26b58fc829db7a43f4fb591c8b21
SHA1: 8a6724d823b623b984175882136ce9e7dd14c99d
File mhtsvho.exe received on 11.30.2007 14:02:21 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 10/32 (31.25%)

Antivirus Version Last Update Result
AhnLab-V3 2007.11.30.1 2007.11.30 -
AntiVir 7.6.0.34 2007.11.30 Worm/Orku.A
Authentium 4.93.8 2007.11.30 -
Avast 4.7.1074.0 2007.11.29 -
AVG 7.5.0.503 2007.11.29 Dropper.Generic.SKJ
BitDefender 7.2 2007.11.30 Trojan.Agent.AFXY
CAT-QuickHeal 9.00 2007.11.30 -
ClamAV 0.91.2 2007.11.30 -
DrWeb 4.44.0.09170 2007.11.30 -
eSafe 7.0.15.0 2007.11.29 -
eTrust-Vet 31.3.5338 2007.11.30 -
Ewido 4.0 2007.11.30 -
FileAdvisor 1 2007.11.30 -
Fortinet 3.14.0.0 2007.11.30 -
F-Prot 4.4.2.54 2007.11.29 -
F-Secure 6.70.13030.0 2007.11.30 -
Ikarus T3.1.1.12 2007.11.30 Virus.Win32.Banload.CYD
Kaspersky 7.0.0.125 2007.11.30 -
McAfee 5174 2007.11.29 New Malware.bl
Microsoft 1.3007 2007.11.30 -
NOD32v2 2695 2007.11.30 a variant of Win32/TrojanDropper.Delf.NFK
Norman 5.80.02 2007.11.29 -
Panda 9.0.0.4 2007.11.29 Trj/Banker.JNW
Prevx1 V2 2007.11.30 -
Rising 20.20.40.00 2007.11.30 -
Sophos 4.23.0 2007.11.30 -
Sunbelt 2.2.907.0 2007.11.30 VIPRE.Suspicious
Symantec 10 2007.11.30 -
TheHacker 6.2.9.145 2007.11.30 -
VBA32 3.12.2.5 2007.11.30 suspected of Trojan-PSW.Pinch.17 (paranoid heuristics)
VirusBuster 4.3.26:9 2007.11.29 -
Webwasher-Gateway 6.6.2 2007.11.30 Worm.Orku.A
Additional information
File size: 232749 bytes
MD5: 93dbb68facad99470895073e7b5be14e
SHA1: d5c2278a62f4c60a870dfb288c2572a8a646a3fd
packers: PEP
File munrob.exe received on 11.30.2007 14:04:03 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 10/32 (31.25%)


Antivirus Version Last Update Result
AhnLab-V3 2007.11.30.1 2007.11.30 -
AntiVir 7.6.0.34 2007.11.30 TR/Crypt.CFI.Gen
Authentium 4.93.8 2007.11.30 -
Avast 4.7.1074.0 2007.11.29 -
AVG 7.5.0.503 2007.11.29 Dropper.Generic.SKL
BitDefender 7.2 2007.11.30 -
CAT-QuickHeal 9.00 2007.11.30 -
ClamAV 0.91.2 2007.11.30 -
DrWeb 4.44.0.09170 2007.11.30 -
eSafe 7.0.15.0 2007.11.29 -
eTrust-Vet 31.3.5338 2007.11.30 -
Ewido 4.0 2007.11.30 -
FileAdvisor 1 2007.11.30 -
Fortinet 3.14.0.0 2007.11.30 -
F-Prot 4.4.2.54 2007.11.29 -
F-Secure 6.70.13030.0 2007.11.30 -
Ikarus T3.1.1.12 2007.11.30 Virus.Win32.Henky.5668
Kaspersky 7.0.0.125 2007.11.30 -
McAfee 5174 2007.11.29 New Malware.bl
Microsoft 1.3007 2007.11.30 -
NOD32v2 2695 2007.11.30 a variant of Win32/TrojanDropper.Delf.NFK
Norman 5.80.02 2007.11.29 -
Panda 9.0.0.4 2007.11.29 Trj/Banker.JNW
Prevx1 V2 2007.11.30 -
Rising 20.20.40.00 2007.11.30 -
Sophos 4.23.0 2007.11.30 Mal/Generic-A
Sunbelt 2.2.907.0 2007.11.30 VIPRE.Suspicious
Symantec 10 2007.11.30 -
TheHacker 6.2.9.145 2007.11.30 -
VBA32 3.12.2.5 2007.11.30 suspected of Trojan-PSW.Pinch.17 (paranoid heuristics)
VirusBuster 4.3.26:9 2007.11.29 -
Webwasher-Gateway 6.6.2 2007.11.30 Trojan.Crypt.CFI.Gen
Additional information
File size: 708739 bytes
MD5: f2b6596a5fd709872e89e86c8961feca
SHA1: e0ae80794dd3d493679ea5c58ae2135e134244c2
packers: PEP
File gbiehha.exe received on 11.30.2007 14:02:09 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 9/32 (28.13%)
Loading server information...

Antivirus Version Last Update Result
AhnLab-V3 2007.11.30.1 2007.11.30 -
AntiVir 7.6.0.34 2007.11.30 TR/Crypt.FKM.Gen
Authentium 4.93.8 2007.11.30 -
Avast 4.7.1074.0 2007.11.29 -
AVG 7.5.0.503 2007.11.29 Obfustat.AAVP
BitDefender 7.2 2007.11.30 -
CAT-QuickHeal 9.00 2007.11.30 -
ClamAV 0.91.2 2007.11.30 -
DrWeb 4.44.0.09170 2007.11.30 -
eSafe 7.0.15.0 2007.11.29 -
eTrust-Vet 31.3.5338 2007.11.30 -
Ewido 4.0 2007.11.30 -
FileAdvisor 1 2007.11.30 -
Fortinet 3.14.0.0 2007.11.30 -
F-Prot 4.4.2.54 2007.11.29 -
F-Secure 6.70.13030.0 2007.11.30 -
Ikarus T3.1.1.12 2007.11.30 Trojan-Downloader.Win32.Banload.kl
Kaspersky 7.0.0.125 2007.11.30 -
McAfee 5174 2007.11.29 New Malware.bl
Microsoft 1.3007 2007.11.30 -
NOD32v2 2695 2007.11.30 -
Norman 5.80.02 2007.11.29 -
Panda 9.0.0.4 2007.11.29 Trj/Banker.JNW
Prevx1 V2 2007.11.30 -
Rising 20.20.40.00 2007.11.30 -
Sophos 4.23.0 2007.11.30 Mal/Generic-A
Sunbelt 2.2.907.0 2007.11.30 VIPRE.Suspicious
Symantec 10 2007.11.30 -
TheHacker 6.2.9.145 2007.11.30 -
VBA32 3.12.2.5 2007.11.30 suspected of Trojan-PSW.Pinch.17 (paranoid heuristics)
VirusBuster 4.3.26:9 2007.11.29 -
Webwasher-Gateway 6.6.2 2007.11.30 Trojan.Crypt.FKM.Gen
Additional information
File size: 964084 bytes
MD5: fe4b82d45723cdc10100726ef3073bca
SHA1: 210e5c0641408450de80f5b7191370a1b4172fdd
packers: PEP
File svchosts.dll received on 11.30.2007 14:05:09 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 23/32 (71.88%)


Antivirus Version Last Update Result
AhnLab-V3 2007.11.30.1 2007.11.30 Win-Trojan/Banker.649728.L
AntiVir 7.6.0.34 2007.11.30 TR/Spy.Banker.fti
Authentium 4.93.8 2007.11.30 -
Avast 4.7.1074.0 2007.11.29 Win32:Delf-GVL
AVG 7.5.0.503 2007.11.29 PSW.Banker4.HMO
BitDefender 7.2 2007.11.30 -
CAT-QuickHeal 9.00 2007.11.30 TrojanSpy.Banker.fti
ClamAV 0.91.2 2007.11.30 Trojan.Bancos-7085
DrWeb 4.44.0.09170 2007.11.30 Trojan.MulDrop.origin
eSafe 7.0.15.0 2007.11.29 Win32.Banker.fti
eTrust-Vet 31.3.5338 2007.11.30 -
Ewido 4.0 2007.11.30 Logger.Banker.fti
FileAdvisor 1 2007.11.30 -
Fortinet 3.14.0.0 2007.11.30 W32/Banker.TFI!tr.spy
F-Prot 4.4.2.54 2007.11.29 W32/Banker.BAKC
F-Secure 6.70.13030.0 2007.11.30 Trojan-Spy.Win32.Banker.fti
Ikarus T3.1.1.12 2007.11.30 Trojan-Spy.Win32.Banker.fti
Kaspersky 7.0.0.125 2007.11.30 Trojan-Spy.Win32.Banker.fti
McAfee 5174 2007.11.29 PWS-Banker
Microsoft 1.3007 2007.11.30 -
NOD32v2 2695 2007.11.30 Win32/Spy.Banker.FTI
Norman 5.80.02 2007.11.29 -
Panda 9.0.0.4 2007.11.29 Trj/Banker.JNW
Prevx1 V2 2007.11.30 Heuristic: Suspicious File With Mass Email Capabilities
Rising 20.20.40.00 2007.11.30 Trojan.Spy.Win32.Banker.fti
Sophos 4.23.0 2007.11.30 Mal/Behav-053
Sunbelt 2.2.907.0 2007.11.30 -
Symantec 10 2007.11.30 -
TheHacker 6.2.9.145 2007.11.30 -
VBA32 3.12.2.5 2007.11.30 Trojan-Spy.Win32.Banker.fti
VirusBuster 4.3.26:9 2007.11.29 TrojanSpy.Banker.NPJ
Webwasher-Gateway 6.6.2 2007.11.30 Trojan.Spy.Banker.fti
Additional information
File size: 649728 bytes
MD5: 48cbc1df470568a4ab5a9165341987a5
SHA1: f1737b7e3e9454713e3fba5aa416e8fa8f1e880b
[/quote]
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
Comment protéger son PC des virus
Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11

Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
Haut
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Vers/Virus MSN et arnaques sur MSN »