W32/Autorun.worm!ip
W32/Autorun.worm!ip is a worm that will attempt to download a dialer on targeted PC system. This malicious dialer will be used by an attacker for corrupt purposes. W32/Autorun.worm!ip also has the ability to alter system settings and create its own entries on the Windows registry. Do do not give this malicious computer worm a chance to create chaos and spread. Use a reliable antivirus program to remove W32/Autorun.worm!ip.
File System Modifications
- The following files were created in the system:
# File Name 1 %SystemDrive %\RELEASE\DEBUG 2 %SystemDrive%\RELEASE 3 %SystemDrive%\RELEASE\DEBUG\ghx.exe 4 %UserProfile%\x4t4c57w3.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{67XOR2B0-3GMC-89VV-JIJ1-32KL5R3423144}][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{67XOR2B0-3GMC89VV-JIJ1-32KL5R3423144}\]"StubPath: "="%SystemDrive%RELEASE\DEBUG\ghx.exe"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DownloadManager]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.