Thursday, November 20, 2008

Ac3 Downloader

Removing Ac3
Categories: Downloader
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
Ac3 Also known as:

[Kaspersky]Trojan-Downloader.Win32.Small.cyh,Trojan-Dropper.Win32.Agent.ata;
[Other]Trojan-downloader-ac2,W32/AXF.CYH!tr.dldr,trojan-downloader-ac2
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\xfz42d7a.dll
[%WINDOWS%]\ac3_0002.exe
[%SYSTEM%]\set39699.dll
[%SYSTEM%]\set39699.sys
[%WINDOWS%]\ac3_0008.exe
[%SYSTEM%]\xfz42d7a.dll
[%WINDOWS%]\ac3_0002.exe
[%SYSTEM%]\set39699.dll
[%SYSTEM%]\set39699.sys
[%WINDOWS%]\ac3_0008.exe

How to detect Ac3:

Files:
[%SYSTEM%]\xfz42d7a.dll
[%WINDOWS%]\ac3_0002.exe
[%SYSTEM%]\set39699.dll
[%SYSTEM%]\set39699.sys
[%WINDOWS%]\ac3_0008.exe
[%SYSTEM%]\xfz42d7a.dll
[%WINDOWS%]\ac3_0002.exe
[%SYSTEM%]\set39699.dll
[%SYSTEM%]\set39699.sys
[%WINDOWS%]\ac3_0008.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run, vsm62b17=rundll32.exe w3a0cd8f.dll

Removing Ac3:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Random.Wallpaper.Changer Trojan Removal instruction
Cracking.Tool Trojan Removal

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)