k9cuos2q.exe , aqoeerw.exe
Files size 125,407 bytes
MD5: 0xAEF2ECC32F0476891820014D3F3784F5
SHA-1: 0x3C14354DFC494473A7800D02734532DEC2425405
==================================================
C:\WINDOWS\system32\aqoeerw.exe
C:\WINDOWS\system32\bnmkue0.dll
X:\k9cuos2q.exe
X:\autorun.inf
Registry Modifications
Key Added
HKLM\SOFTWARE\Classes\CLSID\MADOWN
Values Added
HKLM\SOFTWARE\Classes\CLSID\MADOWN\ urlinfo : awscjm.p
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
coolsos : C:\WINDOWS\system32\aqoeerw.exe"
Values modified
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
Advanced\ Folder\Hidden\SHOWALL\CheckedValue: 0x00000000 HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\
Advanced\Hidden: 0x00000002
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\
Advanced\ShowSuperHidden: 0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoDriveTypeAutoRun: 0x00000091
Remote Host
218.59.144.134 port 80
http://www.sina90f.com/1tw/at1.rar > %temp%\at1.exe
http://www.sina90f.com/1tw/at.rar > %temp%\at.exe
---------------------------------------------------------------------------
วิธีกำจัด/แก้ virus : k9cuos2q.exe , aqoeerw.exe
---------------------------------------------------------------------------
Download Fix Tool : PeeTechFix-Win32/PSW.OnlineGames 2.0.5 AVDB-009
http://hotzone-it.blogspot.com/2009/08/virus-remove-tool.html
No comments:
Post a Comment