Sus/Autorun-E

Category: Suspicious Behavior and Files Protection available since:17 Feb 2009 18:32:19 (GMT)
Type: Suspicious file Last Updated:17 Feb 2009 18:32:19 (GMT)

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Sus/Autorun-E include:

Example 1

Other vendor detection

Avira
Worm/Agent.W.45
Kaspersky
P2P-Worm.Win32.Palevo.jwe
Trend
WORM_PALEVO.AZ

Runtime Analysis

Modified Files
  • C:\RECYCLER
    • Set the readonly flag
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    avp
    C:\RECYCLER\S-1-5-21-8310448925-3650326752-208816666-0278\hdav.exe
DNS Requests
  • arta.romail3arnest.info
  • parta.q8still.net

Example 2

Other vendor detection

Avira
TR/Crypt.XPACK.Gen2
Kaspersky
Trojan.Win32.Pakes.mas

Example 3

Other vendor detection

Avira
Worm/Agent.lz.7
Kaspersky
P2P-Worm.Win32.Palevo.fiv

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy