Trend Micro Security

WORM_AGENT.WBP

2012年10月12日

 別名:

Worm:Win32/Mytob.SC (Microsoft); W32/Virut.rem.D (McAfee); W32.Mytob@mm (Symantec); P2P-Worm.Win32.Agent.ez (Kaspersky); VirTool.Win32.DelfInject.gen!AA (v) (Sunbelt); Trojan.Delf.PMQ (FSecure)

 プラットフォーム:

Windows 2000, Windows XP, Windows Server 2003

 危険度:
 ダメージ度:
 感染力:
 感染確認数:


  • マルウェアタイプ: ワーム
  • 破壊活動の有無: なし
  • 暗号化:  
  • 感染報告の有無: はい

  概要


ワームは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。


  詳細

ファイルサイズ 68,814 bytes
タイプ EXE
メモリ常駐 はい
発見日 2012年4月21日

侵入方法

ワームは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。

インストール

ワームは、感染したコンピュータ内に以下のように自身のコピーを作成します。

  • %System Root%\program files\kazaa\my shared folder\Windows 2003 Advanced Server KeyGen.exe
  • %System Root%\program files\kazaa\my shared folder\Youtube Music Downloader 1.0.exe
  • %System Root%\program files\kazaa\my shared folder\ProRat 2.0 Special Edition.exe
  • %System Root%\program files\kazaa\my shared folder\Password Cracker.exe
  • %System Root%\program files\kazaa\my shared folder\Adobe Acrobat Reader keygen.exe
  • %System Root%\program files\kazaa\my shared folder\VmWare keygen.exe
  • %System Root%\program files\kazaa\my shared folder\VmWare ESX GSX server keygen.exe
  • %System Root%\program files\kazaa\my shared folder\TCN ISO cable modem hacking tools.exe
  • %System Root%\program files\kazaa\my shared folder\TCN ISO SigmaX2 firmware.bin.exe
  • %System Root%\program files\kazaa\my shared folder\VMware Workstation 6 Windows keygen.exe
  • %System Root%\program files\kazaa\my shared folder\BitDefender AntiVirus 2008 Keygen.exe
  • %System Root%\program files\kazaa\my shared folder\Norton Anti-Virus 2008 Enterprise Crack.exe
  • %System Root%\program files\kazaa\my shared folder\Error Doctor 2008.exe
  • %System Root%\program files\kazaa\my shared folder\Acker DVD Ripper 2008.exe
  • %System Root%\program files\kazaa\my shared folder\Mirc Keygen.exe
  • %System Root%\program files\kazaa\my shared folder\PC Secuity Tweaker 7.6.exe
  • %System Root%\program files\kazaa\my shared folder\Ashampoo PowerUp v3.10.exe
  • %System Root%\program files\kazaa\my shared folder\SuperRam 5.1.28.2008.exe
  • %System Root%\program files\kazaa\my shared folder\YZdock Machintos osX like toolbar for windows.exe
  • %System Root%\program files\kazaa\my shared folder\Anti-Trojan Elite v4.01.exe
  • %System Root%\program files\kazaa\my shared folder\Microsoft Visual C++ KeyGen.exe
  • %System Root%\program files\kazaa\my shared folder\Microsoft Visual Basic KeyGen.exe
  • %System Root%\program files\kazaa\my shared folder\Microsoft Visual Studio KeyGen.exe
  • %System Root%\program files\kazaa\my shared folder\Absolute Video Converter 3.07.exe
  • %System%\taskmon.exe
  • %System Root%\program files\kazaa\my shared folder\Daemon Tools Pro 4.10.218.0.exe
  • %System Root%\program files\kazaa\my shared folder\Download Boost 2.0.exe
  • %System Root%\program files\kazaa\my shared folder\AOL Password Cracker.exe
  • %System Root%\program files\kazaa\my shared folder\Adobe Soundbooth CS3.exe
  • %System Root%\program files\kazaa\my shared folder\CleanMyPC Registry Cleaner v4.02.exe
  • %System Root%\program files\kazaa\my shared folder\Super Utilities Pro 2008 8.0.1980.exe
  • %System Root%\program files\kazaa\my shared folder\Boilsoft DVD Ripper 2.82.exe
  • %System Root%\program files\kazaa\my shared folder\DivX 5.0 Pro KeyGen.exe
  • %System Root%\program files\kazaa\my shared folder\Shadow Security Scanner 10 Gold.exe
  • %System Root%\program files\kazaa\my shared folder\Email Spider.exe
  • %System Root%\program files\kazaa\my shared folder\Tarantula Full version CRACKED by RaZoR.exe
  • %System Root%\program files\kazaa\my shared folder\Canvas Security Framework 2008 LiMiTeD with 50 0day.exe
  • %System Root%\program files\kazaa\my shared folder\Sophos antivirus updater bypass.exe
  • %System Root%\program files\kazaa\my shared folder\Icepack IDT Gold edition 2008 LEAKED.exe
  • %System Root%\program files\kazaa\my shared folder\Hotmail account bruteforcer bot.exe
  • %System Root%\program files\kazaa\my shared folder\Hotmail spammer bot.exe
  • %System Root%\program files\kazaa\my shared folder\Wow Glider incl serial.SFX.exe
  • %System Root%\program files\kazaa\my shared folder\Google ADsense clicking bot.SFX.exe
  • %System Root%\program files\kazaa lite\my shared folder\Windows 2003 Advanced Server KeyGen.exe
  • %System Root%\program files\kazaa lite\my shared folder\Youtube Music Downloader 1.0.exe
  • %System Root%\program files\kazaa lite\my shared folder\ProRat 2.0 Special Edition.exe
  • %System Root%\program files\kazaa lite\my shared folder\Password Cracker.exe
  • %System Root%\program files\kazaa lite\my shared folder\Adobe Acrobat Reader keygen.exe
  • %System Root%\program files\kazaa lite\my shared folder\VmWare keygen.exe
  • %System Root%\program files\kazaa lite\my shared folder\VmWare ESX GSX server keygen.exe
  • %System Root%\program files\kazaa lite\my shared folder\TCN ISO cable modem hacking tools.exe
  • %System Root%\program files\kazaa lite\my shared folder\TCN ISO SigmaX2 firmware.bin.exe
  • %System Root%\program files\kazaa lite\my shared folder\VMware Workstation 6 Windows keygen.exe
  • %System Root%\program files\kazaa lite\my shared folder\BitDefender AntiVirus 2008 Keygen.exe
  • %System Root%\program files\kazaa lite\my shared folder\Norton Anti-Virus 2008 Enterprise Crack.exe
  • %System Root%\program files\kazaa lite\my shared folder\Error Doctor 2008.exe
  • %System Root%\program files\kazaa lite\my shared folder\Acker DVD Ripper 2008.exe
  • %System Root%\program files\kazaa lite\my shared folder\Mirc Keygen.exe
  • %System Root%\program files\kazaa lite\my shared folder\PC Secuity Tweaker 7.6.exe
  • %System Root%\program files\kazaa lite\my shared folder\Ashampoo PowerUp v3.10.exe
  • %System Root%\program files\kazaa lite\my shared folder\SuperRam 5.1.28.2008.exe
  • %System Root%\program files\kazaa lite\my shared folder\YZdock Machintos osX like toolbar for windows.exe
  • %System Root%\program files\kazaa lite\my shared folder\Anti-Trojan Elite v4.01.exe
  • %System Root%\program files\kazaa lite\my shared folder\Microsoft Visual C++ KeyGen.exe
  • %System Root%\program files\kazaa lite\my shared folder\Microsoft Visual Basic KeyGen.exe
  • %System Root%\program files\kazaa lite\my shared folder\Microsoft Visual Studio KeyGen.exe
  • %System Root%\program files\kazaa lite\my shared folder\Absolute Video Converter 3.07.exe
  • %System Root%\program files\kazaa lite\my shared folder\Daemon Tools Pro 4.10.218.0.exe
  • %System Root%\program files\kazaa lite\my shared folder\Download Boost 2.0.exe
  • %System Root%\program files\kazaa lite\my shared folder\AOL Password Cracker.exe
  • %System Root%\program files\kazaa lite\my shared folder\Adobe Soundbooth CS3.exe
  • %System Root%\program files\kazaa lite\my shared folder\CleanMyPC Registry Cleaner v4.02.exe
  • %System Root%\program files\kazaa lite\my shared folder\Super Utilities Pro 2008 8.0.1980.exe
  • %System Root%\program files\kazaa lite\my shared folder\Boilsoft DVD Ripper 2.82.exe
  • %System Root%\program files\kazaa lite\my shared folder\DivX 5.0 Pro KeyGen.exe
  • %System Root%\program files\kazaa lite\my shared folder\Shadow Security Scanner 10 Gold.exe
  • %System Root%\program files\kazaa lite\my shared folder\Email Spider.exe
  • %System Root%\program files\kazaa lite\my shared folder\Tarantula Full version CRACKED by RaZoR.exe
  • %System Root%\program files\kazaa lite\my shared folder\Canvas Security Framework 2008 LiMiTeD with 50 0day.exe
  • %System Root%\program files\kazaa lite\my shared folder\Sophos antivirus updater bypass.exe
  • %System Root%\program files\kazaa lite\my shared folder\Icepack IDT Gold edition 2008 LEAKED.exe
  • %System Root%\program files\kazaa lite\my shared folder\Hotmail account bruteforcer bot.exe
  • %System Root%\program files\kazaa lite\my shared folder\Hotmail spammer bot.exe
  • %System Root%\program files\kazaa lite\my shared folder\Wow Glider incl serial.SFX.exe
  • %System Root%\program files\kazaa lite\my shared folder\Google ADsense clicking bot.SFX.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Windows 2003 Advanced Server KeyGen.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Youtube Music Downloader 1.0.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\ProRat 2.0 Special Edition.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Password Cracker.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Adobe Acrobat Reader keygen.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\VmWare keygen.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\VmWare ESX GSX server keygen.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\TCN ISO cable modem hacking tools.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\TCN ISO SigmaX2 firmware.bin.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\VMware Workstation 6 Windows keygen.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\BitDefender AntiVirus 2008 Keygen.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Norton Anti-Virus 2008 Enterprise Crack.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Error Doctor 2008.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Acker DVD Ripper 2008.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Mirc Keygen.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\PC Secuity Tweaker 7.6.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Ashampoo PowerUp v3.10.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\SuperRam 5.1.28.2008.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\YZdock Machintos osX like toolbar for windows.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Anti-Trojan Elite v4.01.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Microsoft Visual C++ KeyGen.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Microsoft Visual Basic KeyGen.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Microsoft Visual Studio KeyGen.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Absolute Video Converter 3.07.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Daemon Tools Pro 4.10.218.0.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Download Boost 2.0.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\AOL Password Cracker.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Adobe Soundbooth CS3.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\CleanMyPC Registry Cleaner v4.02.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Super Utilities Pro 2008 8.0.1980.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Boilsoft DVD Ripper 2.82.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\DivX 5.0 Pro KeyGen.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Shadow Security Scanner 10 Gold.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Email Spider.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Tarantula Full version CRACKED by RaZoR.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Canvas Security Framework 2008 LiMiTeD with 50 0day.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Sophos antivirus updater bypass.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Icepack IDT Gold edition 2008 LEAKED.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Hotmail account bruteforcer bot.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Hotmail spammer bot.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Wow Glider incl serial.SFX.exe
  • %System Root%\program files\kazaa lite k++\my shared folder\Google ADsense clicking bot.SFX.exe
  • %System Root%\program files\icq\shared folder\Windows 2003 Advanced Server KeyGen.exe
  • %System Root%\program files\icq\shared folder\Youtube Music Downloader 1.0.exe
  • %System Root%\program files\icq\shared folder\ProRat 2.0 Special Edition.exe
  • %System Root%\program files\icq\shared folder\Password Cracker.exe
  • %System Root%\program files\icq\shared folder\Adobe Acrobat Reader keygen.exe
  • %System Root%\program files\icq\shared folder\VmWare keygen.exe
  • %System Root%\program files\icq\shared folder\VmWare ESX GSX server keygen.exe
  • %System Root%\program files\icq\shared folder\TCN ISO cable modem hacking tools.exe
  • %System Root%\program files\icq\shared folder\TCN ISO SigmaX2 firmware.bin.exe
  • %System Root%\program files\icq\shared folder\VMware Workstation 6 Windows keygen.exe
  • %System Root%\program files\icq\shared folder\BitDefender AntiVirus 2008 Keygen.exe
  • %System Root%\program files\icq\shared folder\Norton Anti-Virus 2008 Enterprise Crack.exe
  • %System Root%\program files\icq\shared folder\Error Doctor 2008.exe
  • %System Root%\program files\icq\shared folder\Acker DVD Ripper 2008.exe
  • %System Root%\program files\icq\shared folder\Mirc Keygen.exe
  • %System Root%\program files\icq\shared folder\PC Secuity Tweaker 7.6.exe
  • %System Root%\program files\icq\shared folder\Ashampoo PowerUp v3.10.exe
  • %System Root%\program files\icq\shared folder\SuperRam 5.1.28.2008.exe
  • %System Root%\program files\icq\shared folder\YZdock Machintos osX like toolbar for windows.exe
  • %System Root%\program files\icq\shared folder\Anti-Trojan Elite v4.01.exe
  • %System Root%\program files\icq\shared folder\Microsoft Visual C++ KeyGen.exe
  • %System Root%\program files\icq\shared folder\Microsoft Visual Basic KeyGen.exe
  • %System Root%\program files\icq\shared folder\Microsoft Visual Studio KeyGen.exe
  • %System Root%\program files\icq\shared folder\Absolute Video Converter 3.07.exe
  • %System Root%\program files\icq\shared folder\Daemon Tools Pro 4.10.218.0.exe
  • %System Root%\program files\icq\shared folder\Download Boost 2.0.exe
  • %System Root%\program files\icq\shared folder\AOL Password Cracker.exe
  • %System Root%\program files\icq\shared folder\Adobe Soundbooth CS3.exe
  • %System Root%\program files\icq\shared folder\CleanMyPC Registry Cleaner v4.02.exe
  • %System Root%\program files\icq\shared folder\Super Utilities Pro 2008 8.0.1980.exe
  • %System Root%\program files\icq\shared folder\Boilsoft DVD Ripper 2.82.exe
  • %System Root%\program files\icq\shared folder\DivX 5.0 Pro KeyGen.exe
  • %System Root%\program files\icq\shared folder\Shadow Security Scanner 10 Gold.exe
  • %System Root%\program files\icq\shared folder\Email Spider.exe
  • %System Root%\program files\icq\shared folder\Tarantula Full version CRACKED by RaZoR.exe
  • %System Root%\program files\icq\shared folder\Canvas Security Framework 2008 LiMiTeD with 50 0day.exe
  • %System Root%\program files\icq\shared folder\Sophos antivirus updater bypass.exe
  • %System Root%\program files\icq\shared folder\Icepack IDT Gold edition 2008 LEAKED.exe
  • %System Root%\program files\icq\shared folder\Hotmail account bruteforcer bot.exe
  • %System Root%\program files\icq\shared folder\Hotmail spammer bot.exe
  • %System Root%\program files\icq\shared folder\Wow Glider incl serial.SFX.exe
  • %System Root%\program files\icq\shared folder\Google ADsense clicking bot.SFX.exe
  • %System Root%\program files\grokster\my grokster\Windows 2003 Advanced Server KeyGen.exe
  • %System Root%\program files\grokster\my grokster\Youtube Music Downloader 1.0.exe
  • %System Root%\program files\grokster\my grokster\ProRat 2.0 Special Edition.exe
  • %System Root%\program files\grokster\my grokster\Password Cracker.exe
  • %System Root%\program files\grokster\my grokster\Adobe Acrobat Reader keygen.exe
  • %System Root%\program files\grokster\my grokster\VmWare keygen.exe
  • %System Root%\program files\grokster\my grokster\VmWare ESX GSX server keygen.exe
  • %System Root%\program files\grokster\my grokster\TCN ISO cable modem hacking tools.exe
  • %System Root%\program files\grokster\my grokster\TCN ISO SigmaX2 firmware.bin.exe
  • %System Root%\program files\grokster\my grokster\VMware Workstation 6 Windows keygen.exe
  • %System Root%\program files\grokster\my grokster\BitDefender AntiVirus 2008 Keygen.exe
  • %System Root%\program files\grokster\my grokster\Norton Anti-Virus 2008 Enterprise Crack.exe
  • %System Root%\program files\grokster\my grokster\Error Doctor 2008.exe
  • %System Root%\program files\grokster\my grokster\Acker DVD Ripper 2008.exe
  • %System Root%\program files\grokster\my grokster\Mirc Keygen.exe
  • %System Root%\program files\grokster\my grokster\PC Secuity Tweaker 7.6.exe
  • %System Root%\program files\grokster\my grokster\Ashampoo PowerUp v3.10.exe
  • %System Root%\program files\grokster\my grokster\SuperRam 5.1.28.2008.exe
  • %System Root%\program files\grokster\my grokster\YZdock Machintos osX like toolbar for windows.exe
  • %System Root%\program files\grokster\my grokster\Anti-Trojan Elite v4.01.exe
  • %System Root%\program files\grokster\my grokster\Microsoft Visual C++ KeyGen.exe
  • %System Root%\program files\grokster\my grokster\Microsoft Visual Basic KeyGen.exe
  • %System Root%\program files\grokster\my grokster\Microsoft Visual Studio KeyGen.exe
  • %System Root%\program files\grokster\my grokster\Absolute Video Converter 3.07.exe
  • %System Root%\program files\grokster\my grokster\Daemon Tools Pro 4.10.218.0.exe
  • %System Root%\program files\grokster\my grokster\Download Boost 2.0.exe
  • %System Root%\program files\grokster\my grokster\AOL Password Cracker.exe
  • %System Root%\program files\grokster\my grokster\Adobe Soundbooth CS3.exe
  • %System Root%\program files\grokster\my grokster\CleanMyPC Registry Cleaner v4.02.exe
  • %System Root%\program files\grokster\my grokster\Super Utilities Pro 2008 8.0.1980.exe
  • %System Root%\program files\grokster\my grokster\Boilsoft DVD Ripper 2.82.exe
  • %System Root%\program files\grokster\my grokster\DivX 5.0 Pro KeyGen.exe
  • %System Root%\program files\grokster\my grokster\Shadow Security Scanner 10 Gold.exe
  • %System Root%\program files\grokster\my grokster\Email Spider.exe
  • %System Root%\program files\grokster\my grokster\Tarantula Full version CRACKED by RaZoR.exe
  • %System Root%\program files\grokster\my grokster\Canvas Security Framework 2008 LiMiTeD with 50 0day.exe
  • %System Root%\program files\grokster\my grokster\Sophos antivirus updater bypass.exe
  • %System Root%\program files\grokster\my grokster\Icepack IDT Gold edition 2008 LEAKED.exe
  • %System Root%\program files\grokster\my grokster\Hotmail account bruteforcer bot.exe
  • %System Root%\program files\grokster\my grokster\Hotmail spammer bot.exe
  • %System Root%\program files\grokster\my grokster\Wow Glider incl serial.SFX.exe
  • %System Root%\program files\grokster\my grokster\Google ADsense clicking bot.SFX.exe
  • %System Root%\program files\emule\incoming\Windows 2003 Advanced Server KeyGen.exe
  • %System Root%\program files\emule\incoming\Youtube Music Downloader 1.0.exe
  • %System Root%\program files\emule\incoming\ProRat 2.0 Special Edition.exe
  • %System Root%\program files\emule\incoming\Password Cracker.exe
  • %System Root%\program files\emule\incoming\Adobe Acrobat Reader keygen.exe
  • %System Root%\program files\emule\incoming\VmWare keygen.exe
  • %System Root%\program files\emule\incoming\VmWare ESX GSX server keygen.exe
  • %System Root%\program files\emule\incoming\TCN ISO cable modem hacking tools.exe
  • %System Root%\program files\emule\incoming\TCN ISO SigmaX2 firmware.bin.exe
  • %System Root%\program files\emule\incoming\VMware Workstation 6 Windows keygen.exe
  • %System Root%\program files\emule\incoming\BitDefender AntiVirus 2008 Keygen.exe
  • %System Root%\program files\emule\incoming\Norton Anti-Virus 2008 Enterprise Crack.exe
  • %System Root%\program files\emule\incoming\Error Doctor 2008.exe
  • %System Root%\program files\emule\incoming\Acker DVD Ripper 2008.exe
  • %System Root%\program files\emule\incoming\Mirc Keygen.exe
  • %System Root%\program files\emule\incoming\PC Secuity Tweaker 7.6.exe
  • %System Root%\program files\emule\incoming\Ashampoo PowerUp v3.10.exe
  • %System Root%\program files\emule\incoming\SuperRam 5.1.28.2008.exe
  • %System Root%\program files\emule\incoming\YZdock Machintos osX like toolbar for windows.exe
  • %System Root%\program files\emule\incoming\Anti-Trojan Elite v4.01.exe
  • %System Root%\program files\emule\incoming\Microsoft Visual C++ KeyGen.exe
  • %System Root%\program files\emule\incoming\Microsoft Visual Basic KeyGen.exe
  • %System Root%\program files\emule\incoming\Microsoft Visual Studio KeyGen.exe
  • %System Root%\program files\emule\incoming\Absolute Video Converter 3.07.exe
  • %System Root%\program files\emule\incoming\Daemon Tools Pro 4.10.218.0.exe
  • %System Root%\program files\emule\incoming\Download Boost 2.0.exe
  • %System Root%\program files\emule\incoming\AOL Password Cracker.exe
  • %System Root%\program files\emule\incoming\Adobe Soundbooth CS3.exe
  • %System Root%\program files\emule\incoming\CleanMyPC Registry Cleaner v4.02.exe
  • %System Root%\program files\emule\incoming\Super Utilities Pro 2008 8.0.1980.exe
  • %System Root%\program files\emule\incoming\Boilsoft DVD Ripper 2.82.exe
  • %System Root%\program files\emule\incoming\DivX 5.0 Pro KeyGen.exe
  • %System Root%\program files\emule\incoming\Shadow Security Scanner 10 Gold.exe
  • %System Root%\program files\emule\incoming\Email Spider.exe
  • %System Root%\program files\emule\incoming\Tarantula Full version CRACKED by RaZoR.exe
  • %System Root%\program files\emule\incoming\Canvas Security Framework 2008 LiMiTeD with 50 0day.exe
  • %System Root%\program files\emule\incoming\Sophos antivirus updater bypass.exe
  • %System Root%\program files\emule\incoming\Icepack IDT Gold edition 2008 LEAKED.exe
  • %System Root%\program files\emule\incoming\Hotmail account bruteforcer bot.exe
  • %System Root%\program files\emule\incoming\Hotmail spammer bot.exe
  • %System Root%\program files\emule\incoming\Wow Glider incl serial.SFX.exe
  • %System Root%\program files\emule\incoming\Google ADsense clicking bot.SFX.exe
  • %System Root%\program files\morpheus\my shared folder\Windows 2003 Advanced Server KeyGen.exe
  • %System Root%\program files\morpheus\my shared folder\Youtube Music Downloader 1.0.exe
  • %System Root%\program files\morpheus\my shared folder\ProRat 2.0 Special Edition.exe
  • %System Root%\program files\morpheus\my shared folder\Password Cracker.exe
  • %System Root%\program files\morpheus\my shared folder\Adobe Acrobat Reader keygen.exe
  • %System Root%\program files\morpheus\my shared folder\VmWare keygen.exe
  • %System Root%\program files\morpheus\my shared folder\VmWare ESX GSX server keygen.exe
  • %System Root%\program files\morpheus\my shared folder\TCN ISO cable modem hacking tools.exe
  • %System Root%\program files\morpheus\my shared folder\TCN ISO SigmaX2 firmware.bin.exe
  • %System Root%\program files\morpheus\my shared folder\VMware Workstation 6 Windows keygen.exe
  • %System Root%\program files\morpheus\my shared folder\BitDefender AntiVirus 2008 Keygen.exe
  • %System Root%\program files\morpheus\my shared folder\Norton Anti-Virus 2008 Enterprise Crack.exe
  • %System Root%\program files\morpheus\my shared folder\Error Doctor 2008.exe
  • %System Root%\program files\morpheus\my shared folder\Acker DVD Ripper 2008.exe
  • %System Root%\program files\morpheus\my shared folder\Mirc Keygen.exe
  • %System Root%\program files\morpheus\my shared folder\PC Secuity Tweaker 7.6.exe
  • %System Root%\program files\morpheus\my shared folder\Ashampoo PowerUp v3.10.exe
  • %System Root%\program files\morpheus\my shared folder\SuperRam 5.1.28.2008.exe
  • %System Root%\program files\morpheus\my shared folder\YZdock Machintos osX like toolbar for windows.exe
  • %System Root%\program files\morpheus\my shared folder\Anti-Trojan Elite v4.01.exe
  • %System Root%\program files\morpheus\my shared folder\Microsoft Visual C++ KeyGen.exe
  • %System Root%\program files\morpheus\my shared folder\Microsoft Visual Basic KeyGen.exe
  • %System Root%\program files\morpheus\my shared folder\Microsoft Visual Studio KeyGen.exe
  • %System Root%\program files\morpheus\my shared folder\Absolute Video Converter 3.07.exe
  • %System Root%\program files\morpheus\my shared folder\Daemon Tools Pro 4.10.218.0.exe
  • %System Root%\program files\morpheus\my shared folder\Download Boost 2.0.exe
  • %System Root%\program files\morpheus\my shared folder\AOL Password Cracker.exe
  • %System Root%\program files\morpheus\my shared folder\Adobe Soundbooth CS3.exe
  • %System Root%\program files\morpheus\my shared folder\CleanMyPC Registry Cleaner v4.02.exe
  • %System Root%\program files\morpheus\my shared folder\Super Utilities Pro 2008 8.0.1980.exe
  • %System Root%\program files\morpheus\my shared folder\Boilsoft DVD Ripper 2.82.exe
  • %System Root%\program files\morpheus\my shared folder\DivX 5.0 Pro KeyGen.exe
  • %System Root%\program files\morpheus\my shared folder\Shadow Security Scanner 10 Gold.exe
  • %System Root%\program files\morpheus\my shared folder\Email Spider.exe
  • %System Root%\program files\morpheus\my shared folder\Tarantula Full version CRACKED by RaZoR.exe
  • %System Root%\program files\morpheus\my shared folder\Canvas Security Framework 2008 LiMiTeD with 50 0day.exe
  • %System Root%\program files\morpheus\my shared folder\Sophos antivirus updater bypass.exe
  • %System Root%\program files\morpheus\my shared folder\Icepack IDT Gold edition 2008 LEAKED.exe
  • %System Root%\program files\morpheus\my shared folder\Hotmail account bruteforcer bot.exe
  • %System Root%\program files\morpheus\my shared folder\Hotmail spammer bot.exe
  • %System Root%\program files\morpheus\my shared folder\Wow Glider incl serial.SFX.exe
  • %System Root%\program files\morpheus\my shared folder\Google ADsense clicking bot.SFX.exe
  • %System Root%\program files\limewire\shared\Windows 2003 Advanced Server KeyGen.exe
  • %System Root%\program files\limewire\shared\Youtube Music Downloader 1.0.exe
  • %System Root%\program files\limewire\shared\ProRat 2.0 Special Edition.exe
  • %System Root%\program files\limewire\shared\Password Cracker.exe
  • %System Root%\program files\limewire\shared\Adobe Acrobat Reader keygen.exe
  • %System Root%\program files\limewire\shared\VmWare keygen.exe
  • %System Root%\program files\limewire\shared\VmWare ESX GSX server keygen.exe
  • %System Root%\program files\limewire\shared\TCN ISO cable modem hacking tools.exe
  • %System Root%\program files\limewire\shared\TCN ISO SigmaX2 firmware.bin.exe
  • %System Root%\program files\limewire\shared\VMware Workstation 6 Windows keygen.exe
  • %System Root%\program files\limewire\shared\BitDefender AntiVirus 2008 Keygen.exe
  • %System Root%\program files\limewire\shared\Norton Anti-Virus 2008 Enterprise Crack.exe
  • %System Root%\program files\limewire\shared\Error Doctor 2008.exe
  • %System Root%\program files\limewire\shared\Acker DVD Ripper 2008.exe
  • %System Root%\program files\limewire\shared\Mirc Keygen.exe
  • %System Root%\program files\limewire\shared\PC Secuity Tweaker 7.6.exe
  • %System Root%\program files\limewire\shared\Ashampoo PowerUp v3.10.exe
  • %System Root%\program files\limewire\shared\SuperRam 5.1.28.2008.exe
  • %System Root%\program files\limewire\shared\YZdock Machintos osX like toolbar for windows.exe
  • %System Root%\program files\limewire\shared\Anti-Trojan Elite v4.01.exe
  • %System Root%\program files\limewire\shared\Microsoft Visual C++ KeyGen.exe
  • %System Root%\program files\limewire\shared\Microsoft Visual Basic KeyGen.exe
  • %System Root%\program files\limewire\shared\Microsoft Visual Studio KeyGen.exe
  • %System Root%\program files\limewire\shared\Absolute Video Converter 3.07.exe
  • %System Root%\program files\limewire\shared\Daemon Tools Pro 4.10.218.0.exe
  • %System Root%\program files\limewire\shared\Download Boost 2.0.exe
  • %System Root%\program files\limewire\shared\AOL Password Cracker.exe
  • %System Root%\program files\limewire\shared\Adobe Soundbooth CS3.exe
  • %System Root%\program files\limewire\shared\CleanMyPC Registry Cleaner v4.02.exe
  • %System Root%\program files\limewire\shared\Super Utilities Pro 2008 8.0.1980.exe
  • %System Root%\program files\limewire\shared\Boilsoft DVD Ripper 2.82.exe
  • %System Root%\program files\limewire\shared\DivX 5.0 Pro KeyGen.exe
  • %System Root%\program files\limewire\shared\Shadow Security Scanner 10 Gold.exe
  • %System Root%\program files\limewire\shared\Email Spider.exe
  • %System Root%\program files\limewire\shared\Tarantula Full version CRACKED by RaZoR.exe
  • %System Root%\program files\limewire\shared\Canvas Security Framework 2008 LiMiTeD with 50 0day.exe
  • %System Root%\program files\limewire\shared\Sophos antivirus updater bypass.exe
  • %System Root%\program files\limewire\shared\Icepack IDT Gold edition 2008 LEAKED.exe
  • %System Root%\program files\limewire\shared\Hotmail account bruteforcer bot.exe
  • %System Root%\program files\limewire\shared\Hotmail spammer bot.exe
  • %System Root%\program files\limewire\shared\Wow Glider incl serial.SFX.exe
  • %System Root%\program files\limewire\shared\Google ADsense clicking bot.SFX.exe
  • %System Root%\program files\tesla\files\Windows 2003 Advanced Server KeyGen.exe
  • %System Root%\program files\tesla\files\Youtube Music Downloader 1.0.exe
  • %System Root%\program files\tesla\files\ProRat 2.0 Special Edition.exe
  • %System Root%\program files\tesla\files\Password Cracker.exe
  • %System Root%\program files\tesla\files\Adobe Acrobat Reader keygen.exe
  • %System Root%\program files\tesla\files\VmWare keygen.exe
  • %System Root%\program files\tesla\files\VmWare ESX GSX server keygen.exe
  • %System Root%\program files\tesla\files\TCN ISO cable modem hacking tools.exe
  • %System Root%\program files\tesla\files\TCN ISO SigmaX2 firmware.bin.exe
  • %System Root%\program files\tesla\files\VMware Workstation 6 Windows keygen.exe
  • %System Root%\program files\tesla\files\BitDefender AntiVirus 2008 Keygen.exe
  • %System Root%\program files\tesla\files\Norton Anti-Virus 2008 Enterprise Crack.exe
  • %System Root%\program files\tesla\files\Error Doctor 2008.exe
  • %System Root%\program files\tesla\files\Acker DVD Ripper 2008.exe
  • %System Root%\program files\tesla\files\Mirc Keygen.exe
  • %System Root%\program files\tesla\files\PC Secuity Tweaker 7.6.exe
  • %System Root%\program files\tesla\files\Ashampoo PowerUp v3.10.exe
  • %System Root%\program files\tesla\files\SuperRam 5.1.28.2008.exe
  • %System Root%\program files\tesla\files\YZdock Machintos osX like toolbar for windows.exe
  • %System Root%\program files\tesla\files\Anti-Trojan Elite v4.01.exe
  • %System Root%\program files\tesla\files\Microsoft Visual C++ KeyGen.exe
  • %System Root%\program files\tesla\files\Microsoft Visual Basic KeyGen.exe
  • %System Root%\program files\tesla\files\Microsoft Visual Studio KeyGen.exe
  • %System Root%\program files\tesla\files\Absolute Video Converter 3.07.exe
  • %System Root%\program files\tesla\files\Daemon Tools Pro 4.10.218.0.exe
  • %System Root%\program files\tesla\files\Download Boost 2.0.exe
  • %System Root%\program files\tesla\files\AOL Password Cracker.exe
  • %System Root%\program files\tesla\files\Adobe Soundbooth CS3.exe
  • %System Root%\program files\tesla\files\CleanMyPC Registry Cleaner v4.02.exe
  • %System Root%\program files\tesla\files\Super Utilities Pro 2008 8.0.1980.exe
  • %System Root%\program files\tesla\files\Boilsoft DVD Ripper 2.82.exe
  • %System Root%\program files\tesla\files\DivX 5.0 Pro KeyGen.exe
  • %System Root%\program files\tesla\files\Shadow Security Scanner 10 Gold.exe
  • %System Root%\program files\tesla\files\Email Spider.exe
  • %System Root%\program files\tesla\files\Tarantula Full version CRACKED by RaZoR.exe
  • %System Root%\program files\tesla\files\Canvas Security Framework 2008 LiMiTeD with 50 0day.exe
  • %System Root%\program files\tesla\files\Sophos antivirus updater bypass.exe
  • %System Root%\program files\tesla\files\Icepack IDT Gold edition 2008 LEAKED.exe
  • %System Root%\program files\tesla\files\Hotmail account bruteforcer bot.exe
  • %System Root%\program files\tesla\files\Hotmail spammer bot.exe
  • %System Root%\program files\tesla\files\Wow Glider incl serial.SFX.exe
  • %System Root%\program files\tesla\files\Google ADsense clicking bot.SFX.exe
  • %System Root%\program files\winmx\shared\Windows 2003 Advanced Server KeyGen.exe
  • %System Root%\program files\winmx\shared\Youtube Music Downloader 1.0.exe
  • %System Root%\program files\winmx\shared\ProRat 2.0 Special Edition.exe
  • %System Root%\program files\winmx\shared\Password Cracker.exe
  • %System Root%\program files\winmx\shared\Adobe Acrobat Reader keygen.exe
  • %System Root%\program files\winmx\shared\VmWare keygen.exe
  • %System Root%\program files\winmx\shared\VmWare ESX GSX server keygen.exe
  • %System Root%\program files\winmx\shared\TCN ISO cable modem hacking tools.exe
  • %System Root%\program files\winmx\shared\TCN ISO SigmaX2 firmware.bin.exe
  • %System Root%\program files\winmx\shared\VMware Workstation 6 Windows keygen.exe
  • %System Root%\program files\winmx\shared\BitDefender AntiVirus 2008 Keygen.exe
  • %System Root%\program files\winmx\shared\Norton Anti-Virus 2008 Enterprise Crack.exe
  • %System Root%\program files\winmx\shared\Error Doctor 2008.exe
  • %System Root%\program files\winmx\shared\Acker DVD Ripper 2008.exe
  • %System Root%\program files\winmx\shared\Mirc Keygen.exe
  • %System Root%\program files\winmx\shared\PC Secuity Tweaker 7.6.exe
  • %System Root%\program files\winmx\shared\Ashampoo PowerUp v3.10.exe
  • %System Root%\program files\winmx\shared\SuperRam 5.1.28.2008.exe
  • %System Root%\program files\winmx\shared\YZdock Machintos osX like toolbar for windows.exe
  • %System Root%\program files\winmx\shared\Anti-Trojan Elite v4.01.exe
  • %System Root%\program files\winmx\shared\Microsoft Visual C++ KeyGen.exe
  • %System Root%\program files\winmx\shared\Microsoft Visual Basic KeyGen.exe
  • %System Root%\program files\winmx\shared\Microsoft Visual Studio KeyGen.exe
  • %System Root%\program files\winmx\shared\Absolute Video Converter 3.07.exe
  • %System Root%\program files\winmx\shared\Daemon Tools Pro 4.10.218.0.exe
  • %System Root%\program files\winmx\shared\Download Boost 2.0.exe
  • %System Root%\program files\winmx\shared\AOL Password Cracker.exe
  • %System Root%\program files\winmx\shared\Adobe Soundbooth CS3.exe
  • %System Root%\program files\winmx\shared\CleanMyPC Registry Cleaner v4.02.exe
  • %System Root%\program files\winmx\shared\Super Utilities Pro 2008 8.0.1980.exe
  • %System Root%\program files\winmx\shared\Boilsoft DVD Ripper 2.82.exe
  • %System Root%\program files\winmx\shared\DivX 5.0 Pro KeyGen.exe
  • %System Root%\program files\winmx\shared\Shadow Security Scanner 10 Gold.exe
  • %System Root%\program files\winmx\shared\Email Spider.exe
  • %System Root%\program files\winmx\shared\Tarantula Full version CRACKED by RaZoR.exe
  • %System Root%\program files\winmx\shared\Canvas Security Framework 2008 LiMiTeD with 50 0day.exe
  • %System Root%\program files\winmx\shared\Sophos antivirus updater bypass.exe
  • %System Root%\program files\winmx\shared\Icepack IDT Gold edition 2008 LEAKED.exe
  • %System Root%\program files\winmx\shared\Hotmail account bruteforcer bot.exe
  • %System Root%\program files\winmx\shared\Hotmail spammer bot.exe
  • %System Root%\program files\winmx\shared\Wow Glider incl serial.SFX.exe
  • %System Root%\program files\winmx\shared\Google ADsense clicking bot.SFX.exe
  • %System Root%\Downloads\Windows 2003 Advanced Server KeyGen.exe
  • %System Root%\Downloads\Youtube Music Downloader 1.0.exe
  • %System Root%\Downloads\ProRat 2.0 Special Edition.exe
  • %System Root%\Downloads\Password Cracker.exe
  • %System Root%\Downloads\Adobe Acrobat Reader keygen.exe
  • %System Root%\Downloads\VmWare keygen.exe
  • %System Root%\Downloads\VmWare ESX GSX server keygen.exe
  • %System Root%\Downloads\TCN ISO cable modem hacking tools.exe
  • %System Root%\Downloads\TCN ISO SigmaX2 firmware.bin.exe
  • %System Root%\Downloads\VMware Workstation 6 Windows keygen.exe
  • %System Root%\Downloads\BitDefender AntiVirus 2008 Keygen.exe
  • %System Root%\Downloads\Norton Anti-Virus 2008 Enterprise Crack.exe
  • %System Root%\Downloads\Error Doctor 2008.exe
  • %System Root%\Downloads\Acker DVD Ripper 2008.exe
  • %System Root%\Downloads\Mirc Keygen.exe
  • %System Root%\Downloads\PC Secuity Tweaker 7.6.exe
  • %System Root%\Downloads\Ashampoo PowerUp v3.10.exe
  • %System Root%\Downloads\SuperRam 5.1.28.2008.exe
  • %System Root%\Downloads\YZdock Machintos osX like toolbar for windows.exe
  • %System Root%\Downloads\Anti-Trojan Elite v4.01.exe
  • %System Root%\Downloads\Microsoft Visual C++ KeyGen.exe
  • %System Root%\Downloads\Microsoft Visual Basic KeyGen.exe
  • %System Root%\Downloads\Microsoft Visual Studio KeyGen.exe
  • %System Root%\Downloads\Absolute Video Converter 3.07.exe
  • %System Root%\Downloads\Daemon Tools Pro 4.10.218.0.exe
  • %System Root%\Downloads\Download Boost 2.0.exe
  • %System Root%\Downloads\AOL Password Cracker.exe
  • %System Root%\Downloads\Adobe Soundbooth CS3.exe
  • %System Root%\Downloads\CleanMyPC Registry Cleaner v4.02.exe
  • %System Root%\Downloads\Super Utilities Pro 2008 8.0.1980.exe
  • %System Root%\Downloads\Boilsoft DVD Ripper 2.82.exe
  • %System Root%\Downloads\DivX 5.0 Pro KeyGen.exe
  • %System Root%\Downloads\Shadow Security Scanner 10 Gold.exe
  • %System Root%\Downloads\Email Spider.exe
  • %System Root%\Downloads\Tarantula Full version CRACKED by RaZoR.exe
  • %System Root%\Downloads\Canvas Security Framework 2008 LiMiTeD with 50 0day.exe
  • %System Root%\Downloads\Sophos antivirus updater bypass.exe
  • %System Root%\Downloads\Icepack IDT Gold edition 2008 LEAKED.exe
  • %System Root%\Downloads\Hotmail account bruteforcer bot.exe
  • %System Root%\Downloads\Hotmail spammer bot.exe
  • %System Root%\Downloads\Wow Glider incl serial.SFX.exe
  • %System Root%\Downloads\Google ADsense clicking bot.SFX.exe

(註:%System Root%は、標準設定では "C:" です。また、オペレーティングシステムが存在する場所です。. %System%はWindowsの種類とインストール時の設定などにより異なります。標準設定では、Windows 98 および MEの場合、"C:\Windows\System"、Windows NT および 2000 の場合、"C:\WinNT\System32"、Windows XP および Server 2003 の場合、"C:\Windows\System32" です。)

自動実行方法

ワームは、自身のコピーがWindows起動時に自動実行されるよう以下のレジストリ値を追加します。

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Run
F-Secure Gatekeeper = "%System%\taskmon.exe"

他のシステム変更

ワームは、以下のレジストリキーを追加します。

HKEY_LOCAL_MACHINE\Software\Microsoft\
Windows\CurrentVersion\Explorer\
ComDlg32\Version

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\
ComDlg32\Version

ワームは、以下のレジストリ値を追加します。

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\
ComDlg32
ios = "04"

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\
ComDlg32
osi = "21"

作成活動

ワームは、以下のファイルを作成します。

  • %System%\taskmon.exe
  • %User Temp%\Message

(註:%System%はWindowsの種類とインストール時の設定などにより異なります。標準設定では、Windows 98 および MEの場合、"C:\Windows\System"、Windows NT および 2000 の場合、"C:\WinNT\System32"、Windows XP および Server 2003 の場合、"C:\Windows\System32" です。. %User Temp%はWindowsの種類とインストール時の設定などにより異なります。標準設定では、Windows 98 および MEの場合、"C:\Windows\Temp"、Windows NT の場合、"C:\Profiles\<ユーザー名>\TEMP"、Windows 2000、XP、Server 2003 の場合、"C:\Documents and Settings\<ユーザー名>\Local Settings\TEMP" です。)

このウイルス情報は、自動解析システムにより作成されました。


  対応方法

対応検索エンジン: 9.200

手順 1

Windows XP および Windows Server 2003 のユーザは、コンピュータからマルウェアもしくはアドウェア等を完全に削除するために、ウイルス検索の実行前には必ず「システムの復元」を無効にしてください。

手順 2

Windowsをセーフモードで再起動します。

[ 詳細 ]

手順 3

このレジストリキーを削除します。

[ 詳細 ]

警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
レジストリの編集はお客様の責任で行っていただくようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。

  • In HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32
    • Version
  • In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32
    • Version

手順 4

このレジストリ値を削除します。

[ 詳細 ]

警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
レジストリの編集はお客様の責任で行っていただくようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。

  • In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    • F-Secure Gatekeeper = "%System%\taskmon.exe"
  • In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32
    • ios = "04"
  • In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32
    • osi = "21"

手順 5

以下のファイルを検索し削除します。

[ 詳細 ]
コンポーネントファイルが隠しファイル属性の場合があります。[詳細設定オプション]をクリックし、[隠しファイルとフォルダの検索]のチェックボックスをオンにし、検索結果に隠しファイルとフォルダが含まれるようにしてください。
  • %System%\taskmon.exe
  • %User Temp%\Message

手順 6

コンピュータを通常モードで再起動し、最新のバージョン(エンジン、パターンファイル)を導入したウイルス対策製品を用い、「WORM_AGENT.WBP」と検出したファイルの検索を実行してください。 検出されたファイルが、弊社ウイルス対策製品により既に駆除、隔離またはファイル削除の処理が実行された場合、ウイルスの処理は完了しており、他の削除手順は特にありません。


ご利用はいかがでしたか? アンケートにご協力ください