Virus.Win32.Virut.q
Virus.Win32.Virut.q is a malicious computer virus which uses malicious tricks to download dangerous malware from the web. Virus.Win32.Virut.q opens up firewalls and gathers personal details, such as personal financial information. Virus.Win32.Virut.q also downloads additional components before the attackers gain remote access to the affected computer. Virus.Win32.Virut.q corrupts executable files by apending its encrypted code at the end of the host file. Virus.Win32.Virut.q has to be removed by the reputable anti-spyware removal tool.
File System Modifications
- The following files were created in the system:
# File Name 1 %AppData%\csrss.exe 2 %AppData%\inetinfo.exe 3 %AppData%\Isass.exe 4 %AppData%\ListHost5.txt 5 %AppData%\services.exe 6 %AppData%\smss.exe 7 %AppData%\winlogon.exe 8 %Programs%\Startup\Speed.pif 9 %System%\%UserName%'s Picture.scr 10 %Templates%\DIA 54TR10.com 11 %Windir%\Temp\qtfcyyp.exe 12 %Windir%\Temp\s8w485dpq.exe 13 %Windir%\Temp\ydky9kv.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\SystemHKEY..\..\..\..{RegistryKeys}60xu9 = "%Windir%\TEMP\qtfcyyp.exe"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MouseDriverHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MouseDriver\SecurityHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MouseDriverHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MouseDriver\SecurityHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ExplorerHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] New Anti Virus = ""%Windir \Security\System.exe"" UserFaultCheck = "%System%\dumprep 0 -u"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] pn13 = "%Windir%\TEMP\ydky9kv.exe"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.