« Virus.Boot.Malmo
win.32.small.aply »

Trojan.win32.autorun.abd



Threat Name: Trojan.win32.autorun.abd
Spread Method:
Network Spread
Windows Vulnerability
Same time infected with trojan.win32.autorun.abj,trojan.win32.autorun.abd, gamethief-magania.cxkv, gamethief-magania.cxad appearing over and over again.

Threat type:Trojan.win32
Trojan.win32.autorun.abd first detected:2010-03-06
Virus file known is dll file written in Basic
File Size:482K Bytes.
Behavior:Unknow behavior
Level of Spread:4
Level of Threat:5
Reported Path:System Volume Information on C,D and E drives seems to be most infected.
MD5:g41cdSlrbyAHyEh1wE567jcis5JXqO8N
SHA1..:5UF34bta32BP2G5F1LWBDr350Xrg8w2VPdNLN302

Alias:
Sophos :Backdoor.Win32.Agent.lxc
QuickHeal:Backdoor.Hupigon.9
F-Secure :AdWare.Win32.SuperJuan.cfg
TrendMicro:Trojan.Win32.Agent.cuf
Report Countries:
Qatar
Austria
United Kindom
United Kindom
Ukrainian
Trojan.win32.autorun.abd Removal instructions:
Restart to safe mode
Restart to safe mode
How to remove Trojan.win32.autorun.abd :
1.Use Task Manager to terminate Trojan.win32.autorun.abd programs process.
2.Delete the original Trojan.win32.autorun.abd files and Trojan.win32.autorun.abd created files.
3.Delete the system registry key parameter Trojan.win32.autorun.abd created.
4.Delete the IE temporary files (%Temp%).
5.Update your antivirus databases and perform a full scan of the computer.
Run the following script:
begin
SetAVZGuardStatus(True);
SearchRootkit(true, true);
QuarantineFile(’C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cvasds0.dll’,”);
QuarantineFile(’C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\herss.exe’,”);
QuarantineFile(’D:\autorun.inf’,”);
QuarantineFile(’D:\fk.exe’,”);
QuarantineFile(’E:\autorun.inf’,”);
QuarantineFile(’E:\fk.exe’,”);
QuarantineFile(’F:\autorun.inf’,”);
QuarantineFile(’F:\fk.exe’,”);
DeleteFile(’F:\fk.exe’);
DeleteFile(’F:\autorun.inf’);
DeleteFile(’E:\fk.exe’);
DeleteFile(’E:\autorun.inf’);
DeleteFile(’D:\fk.exe’);
DeleteFile(’D:\autorun.inf’);
DeleteFile(’C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\herss.exe’);
DeleteFile(’C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cvasds0.dll’);
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.

Tags:

Need help? Post you problem on Free Malware Remove Help forum


Trojan.win32.autorun.abd Summary

  • Virus Name:Trojan.win32.autorun.abd
  • Detected By:Kaspersky antivirus program
  • Virus Trojan.win32.autorun.abd Detected times:2316511times
  • Trojan.win32.autorun.abd Overall Risk:Medium 7316512
  • Trojan.win32.autorun.abd file size:36165120 bytes
    • Trojan.win32.autorun.abdwas first Detected by Kaspersky on Saturday, March 6th, 2010 , 2:13 pm,Trojan.win32.autorun.abd is a new threats of Hacking,Malware,Spam,worm.
  • Remove Trojan.win32.autorun.abd instruction:

    • 1.Temporarily Disable System Restore;2.Reboot computer in SafeMode;3.delte Trojan.win32.autorun.abd virus files and kill Trojan.win32.autorun.abd file task process(if have);4.Delete/Modify any values added to the registry by Trojan.win32.autorun.abd ;5.delete IE temp files,restart the computer and run a whole scan with Kaspersky. Trojan.win32.autorun.abd virus files as following:

    For Trojan.win32.autorun.abd first detected Saturday, March 6th, 2010 at 2:13 pm by Kaspersky,we need more information about Trojan.win32.autorun.abd.Please follow any responses to Trojan.win32.autorun.abd through the RSS 2.0 feed ,Or leave your problem about Trojan.win32.autorun.abd .

    Leave a Reply