[thisisu]

Windows First-Class Protector
FakeVimes
pass: infected
https://www.virustotal.com/file/4192d10 ... 333219020/

[rkhunter]

Seems a huge spread of "Smart Fortress" down.

[thisisu]

Windows Activity Debugger
FakeVimes
pass: infected
https://www.virustotal.com/file/fe3caab ... /analysis/

[thisisu]

Windows Activity Debugger
FakeVimes
pass: infected
https://www.virustotal.com/file/88245fa ... 333306214/

[rough_spear]

Hi All, :D
Here is one more Windows First-Class Protector

File name - Setup.exe -----> Dropper.
MD5 - 9e9898b0ca37f87db4d1a69a821268ed
VT link - https://www.virustotal.com/file/65a061e ... /analysis/

File name - Protector-mtqt.exe ---Dropped file.
MD5 - 856328e8d300aa30bab2a9dd00982456
VT link - https://www.virustotal.com/file/5c4cbb8 ... /analysis/

Regards,


rough_spear. ;)

[Maxstar]

Windows Warding System

https://www.virustotal.com/file/ea57a2c ... 333461461/


http://www.imgdumper.nl/uploads5/4f7b03 ... 0c-WWS.png

[thisisu]

Windows Shielding Utility
FakeVimes
pass: infected
https://www.virustotal.com/file/59c46c2 ... 333504821/

[Evilcry]

Delivered by Twitter spam message

jose a. espaillat p. ‏ @jespaillatp
- Shider http://tinyurl.com/7rhqdfy

Location:

http://optimizervulnerabilityprotect.in ... 375cbc551/

https://www.virustotal.com/file/2e36746 ... 333519722/

Pretty similar to Windows Shielding Utility mentioned in the previous post.

Addition:

From the same IP:

pcantivirustest.info/bb61f9bcec711d56/23/
pcantivirustest.info/bb61f9bcec711d56/21
computerantivirusmonitor.info/0520091375cbc551/
keeperdataperfomance.info/39f678a0d39279b6/4/
keeperdataperfomance.info/39f678a0d39279b6/4/

[thisisu]

Internet Security
MD5: 5d27cbb3d1ed14f34139b47809a0807d
pass: infected
https://www.virustotal.com/file/ede446f ... 333595953/

[thisisu]

Internet Security
MD5: 838987c2847acadf95887f00e3275f6b
pass: infected
https://www.virustotal.com/file/0652234 ... 333602002/