I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMeFully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
WINWORD2.DOC.EXE – Worm Autoit removal
File | MD5 | Virus Alias |
---|---|---|
WINWORD2.DOC.EXE | 5dc8a05c37fb5426f6edd40f16692c30 | Worm Autoit |
WINWORD2.DOC.EXE | 5dc8a05c37fb5426f6edd40f16692c30 | Trojan Generic |
WINWORD2.DOC.EXE | 5dc8a05c37fb5426f6edd40f16692c30 | Trojan Runner |
WINWORD2.DOC.EXE | 5dc8a05c37fb5426f6edd40f16692c30 | Trojan Downloader |
WINWORD2.DOC.EXE | 5dc8a05c37fb5426f6edd40f16692c30 | Worm Sohanat |
WINWORD2.DOC.EXE | 5dc8a05c37fb5426f6edd40f16692c30 | Worm Autorun |
WINWORD2.DOC.EXE size: 261583 bytes
WINWORD2.DOC.EXE hash: 5DC8A05C37FB5426F6EDD40F16692C30
Created files:
C:\Documents and Settings\Default User\Templates\winword.doc.exe
C:\Documents and Settings\Default User\Templates\winword.nal
C:\Documents and Settings\Default User\Templates\winword2.doc.exe
C:\Documents and Settings\Default User\Templates\winword2.nal
%SysDir%\msvbvm50.698
%SysDir%\msvbvm60.340
%SysDir%\mzuchrycbn.exe
%SysDir%\nhsirxoq.exe
%SysDir%\pckhar.exe
%SysDir%\szqewnqojqxthra.exe
%SysDir%\whpimagerphuj.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\iccbrdrb: mzuchrycbn.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\rurrekcn: szqewnqojqxthra.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run : whpimagerphuj.exe
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Hostname: VirusBenci
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\NV Hostname: VirusBenci
Detected by UnHackMe:
WINWORD2.DOC.EXE
Default location: C:\DOCUMENTS AND SETTINGS\DEFAULT USER\TEMPLATES\WINWORD2.DOC.EXE
Dropper information:
MD5: 9043ae71cf504d04e0d0ebd3bee2e272
File size: 261550 bytes