File size 36,864 bytes
MD5: 7301917268A05DCB0D3D4BB159950B15
SHA-1: BE635003AE29D94B554BA39DEBF2C2534CE9CC93
===============================================
File created
C:\WINDOWS\system32\ld08.exe
Registry Modifications
Keys deleted
HKCU\AppEvents\Schemes\Apps\Explorer\Navigating
HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\.Current
HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\.Default
Value Added
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
sysldtray = "%Windir%\ld08.exe"
Values deleted
HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\.Default\
(Default) = "%SystemRoot%\media\Windows XP Start.wav"
HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\.Current\
(Default) = "%SystemRoot%\media\Windows XP Start.wav"
HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\
(Default) = ""
Remote Hosts
216.240.187.103 port 80
74.125.95.105 port 80
Data identified
http://lastshanse26032009.com/achcheck.php
http://www.google.com/
=======================================================
วิธีกำจัด/แก้ virus : ld08.exe
=======================================================
Download Fix Tool : PeeTechFix-Win32/Koobface.he 1.0
No comments:
Post a Comment