9jyhdim8.exe
Filesize: 116,030 bytes
File MD5: EFDF18C3A2ACE188284FA3439328CB37
File SHA-1: 0xE8D1F37752F7129A90E41287DFCB17CC10261D4B
===================================================
Created files
C:\Documents and Settings\[User]\Local Settings\temp\herss.exe
C:\Documents and Settings\[User]\Local Settings\temp\cvasds0.dll (0-9)
X:\9jyhdim8.exe
X:\autorun.inf
X:\w3.exe
C:\Documents and Settings\[User]\Local Settings\temp\am1.rar > am1.exe
URL to be downloaded
http://34h93.com/1mg/am1.rar
http://www.googlecai.com/1mg/am.rar
Keys added
HKLM\SOFTWARE\Classes\CLSID\MADOWN
Values added
HKLM\SOFTWARE\Classes\CLSID\MADOWN\urlinfo: "dsa2der.o"
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
cdoosoft: "%Temp%\herss.exe"
Values modified
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
Folder\Hidden\SHOWALL\CheckedValue: 0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\
Advanced\Hidden: 0x00000002
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\
Advanced\ShowSuperHidden: 0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
NoDriveTypeAutoRun: 0x00000091
-------------------------------------------------------------------------
วิธีกำจัด virus : 9jyhdim8.exe
-------------------------------------------------------------------------
1. Download Fix Tool : PeeTechFix-Win32/PSW.OnlineGame Version 2.0.4
ไม่มีความคิดเห็น:
แสดงความคิดเห็น