MD5: 26B05D4919F5A18EA2A0E0EAC414B03F
SHA-1: 8C99F5036C1458C7A1172C96BB497865756758CF
============================================================
Created files
C:\Documents and Settings\[UserName]\Local Settings\Temp\olhrwef.exe
C:\Documents and Settings\[UserName]\Local Settings\Temp\nmdfgds0.dll (0-9)
X:\86l2qw.bat
X:\autorun.inf
Registry Modifications
Value Added
HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
cdoosoft = "%Temp%\olhrwef.exe"
Values modified
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
Folder\Hidden\SHOWALL\CheckedValue: 0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
Hidden: 0x00000002
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
ShowSuperHidden: 0x00000000
SHA-1: 8C99F5036C1458C7A1172C96BB497865756758CF
============================================================
Created files
C:\Documents and Settings\[UserName]\Local Settings\Temp\olhrwef.exe
C:\Documents and Settings\[UserName]\Local Settings\Temp\nmdfgds0.dll (0-9)
X:\86l2qw.bat
X:\autorun.inf
Registry Modifications
Value Added
HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
cdoosoft = "%Temp%\olhrwef.exe"
Values modified
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
Folder\Hidden\SHOWALL\CheckedValue: 0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
Hidden: 0x00000002
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
ShowSuperHidden: 0x00000000
