1.PWS:Win32/Fignotok.A
Category: Password Stealer
Description: This program is dangerous and captures user passwords.
Recommendation: Remove this software immediately.
Items:
containerfile:C:\System Volume Information\_restore{C2C689FC-6E64-4B37-BADC-F42CE2090FC5}\RP3\A0007367.exe
file:C:\System Volume Information\_restore{C2C689FC-6E64-4B37-BADC-F42CE2090FC5}\RP3\A0007367.exe->(WExtract)->NEO0~1.EXE
http://www.virustotal.com/analisis/208312dc739116cd01e8a54a792129122e6d1bdd172d54b024c3986768c8f39b-12558836442. TrojanClicker:Win32/Yabector.gen
Category: Trojan Notifier
Description: This program connects to the Internet in the background.
Recommendation: Remove this software immediately.
Items:
containerfile:C:\Download\Sound\dxplayer_setup.exe
file:C:\Download\Sound\dxplayer_setup.exe->(inno#000007)->(nsis-1-eBayShortcuts.exe)
(file is downloaded over a year ago but never detected by avast boot timescan with archieve scan turned on)
3. VirTool:Win32/VBInject.gen!BG
Category: Tool
Description: This program is used to create viruses, worms or other malware.
Recommendation: Remove this software immediately.
Items:
containerfile:C:\Download\kaspersky\Ka_IS2010_900459_-_Final.rar
file:C:\Download\kaspersky\Ka_IS2010_900459_-_Final.rar->kis 9.0.0.459EN.exe
(downloaded from pirated website – not detected by Avast boot time scan with archive scan turned on in 3 months)
4. Trojan:Win32/Bumat!rts
Category: Trojan
Description: This program is dangerous and executes commands from an attacker.
Recommendation: Permit this detected item only if you trust the program or the software publisher.
Items:
containerfile:C:\Download\hacks\Hotmail hack\mbhttpbf.zip
file:C:\Download\hacks\Hotmail hack\mbhttpbf.zip->mbhttpbf.exe
(downloaded from pirated website- not detected by Avast boot time scan with archive scan turned on – file is with me for over 3 years never detected by avast scan)
samnetx