Files size 114,819 bytes
MD5: F87EA91860680A40FE4F481DED44A4DA
SHA-1: D9A7913B2614D8A7574A7ABCE5D13358DB7D5BF5
============================================================
Files createdC:\Documents and Settings\[User]\Local Settings\temp\herss.exe
C:\Documents and Settings\[User]\Local Settings\temp\cvasds0.dll (0-9)
X:\vlvtdflx.exe
X:\autorun.inf
Registry Modifications
Value Added:HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
cdoosoft : "%Temp%\herss.exe"
Values modified
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
Folder\Hidden\SHOWALL\CheckedValue: 0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
Hidden: 0x00000002
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
ShowSuperHidden: 0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
NoDriveTypeAutoRun: 0x00000091
MD5: F87EA91860680A40FE4F481DED44A4DA
SHA-1: D9A7913B2614D8A7574A7ABCE5D13358DB7D5BF5
============================================================
Files createdC:\Documents and Settings\[User]\Local Settings\temp\herss.exe
C:\Documents and Settings\[User]\Local Settings\temp\cvasds0.dll (0-9)
X:\vlvtdflx.exe
X:\autorun.inf
Registry Modifications
Value Added:HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
cdoosoft : "%Temp%\herss.exe"
Values modified
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
Folder\Hidden\SHOWALL\CheckedValue: 0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
Hidden: 0x00000002
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
ShowSuperHidden: 0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
NoDriveTypeAutoRun: 0x00000091
