Mal/BHO-AC

Category: Viruses and Spyware Protection available since:30 Jul 2010 00:15:43 (GMT)
Type: Malicious behavior Last Updated:30 Jul 2010 00:15:43 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mal/BHO-AC include:

Example 1

File Information

Size
280K
SHA-1
cfa06365b882ce6999de27b78a09bbc938723fe3
MD5
693cda61b98cf143e4ea0dd6196cb99d
CRC-32
442af8d4
File type
application/x-ms-dos-executable
First seen
2011-02-24

Runtime Analysis

Copies Itself To
  • C:\Program Files\gameversionupdate1\GameUpdate1.exe
Dropped Files
  • C:\WINDOWS\system32\drivers\etc\s2er333vice9.ini
    Size
    14
    SHA-1
    ad74186a197db8908bdca28ebd34d7ea6a420350
    MD5
    4399f9ca25c50c52a761970c7303a14c
    CRC-32
    fca92222
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Windows NT\AccessOries7.ini
    Size
    14
    SHA-1
    5014ffe7c368bf53d4f393266065b3f53ae9a556
    MD5
    55769b964c2b2d8ef02b22f5e2794ffe
    CRC-32
    13c189bf
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Microsoft\SeaPort6.ini
    Size
    14
    SHA-1
    d8e6b1745b1b944293cf1f42f4434da6fc5f3149
    MD5
    d24451cc79f1c694e3421fc264a9ffe7
    CRC-32
    f42eb00c
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Windows NT\AccessOries3.ini
    Size
    14
    SHA-1
    c1e3e04885c4cae1cd3796a6daa690c44b388b40
    MD5
    27956ab1c69b03fca67f395971d05783
    CRC-32
    47ab98cc
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Microsoft\SeaPort2.ini
    Size
    14
    SHA-1
    513cffe4e82670b12733253a021ed19461f80d01
    MD5
    16c4350192c707769171046e2b21819d
    CRC-32
    a044a17f
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\WINDOWS\system32\drivers\etc\service8.ini
    Size
    14
    SHA-1
    fbb320c47a6cb471334c16f18696d53b389846e6
    MD5
    ff3c0bc877a5b559c7d02a77538ee009
    CRC-32
    72d764ce
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Microsoft\SeaPort1.ini
    Size
    14
    SHA-1
    fb29f485cc15eacbb56e1aad2bf0d29a749ca0f6
    MD5
    62adfbd2227e8d6d03dc91a759f18f92
    CRC-32
    e9b76c0a
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\WINDOWS\system32\drivers\etc\s4erv444ice5.ini
    Size
    14
    SHA-1
    05ac3f36937631e8513e1b59f6cfe959a1b0c758
    MD5
    6f830c095e405bdadedc6dfd588c86d9
    CRC-32
    001711b7
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Windows NT\AccessOries9.ini
    Size
    14
    SHA-1
    d6feaae32873131bb7289b6d3623b36c6d8723ae
    MD5
    2883eede62ba9f8cce64ff410198d9ec
    CRC-32
    28f231b3
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\WINDOWS\system32\drivers\etc\service5.ini
    Size
    14
    SHA-1
    05ac3f36937631e8513e1b59f6cfe959a1b0c758
    MD5
    6f830c095e405bdadedc6dfd588c86d9
    CRC-32
    001711b7
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Windows NT\AccessOries6.ini
    Size
    14
    SHA-1
    3af57e3ffc060145520f4ef91cd86814b8ec60df
    MD5
    322ea0a124fe803fb7f422c88e303d2b
    CRC-32
    9dbfcf53
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\gameversionupdate1\Config.ini
    Size
    223
    SHA-1
    11428403b8b06a38e4d2a9a42790bc8667f78793
    MD5
    21b29eba6833461f6cb83cc2b13dd703
    CRC-32
    cded0714
    File type
    application/octet-stream
    First seen
    2011-02-25
  • C:\WINDOWS\system32\drivers\etc\s3er333vice10.ini
    Size
    14
    SHA-1
    920572c76805d3c677e3c06fb12c8f14e7dcd614
    MD5
    aa2d095a5e85c56496e1cf50e56d3a22
    CRC-32
    985247be
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\WINDOWS\system32\drivers\etc\service4.ini
    Size
    14
    SHA-1
    9f88fceaed52c9c1f8616cc1e7fdfd1f0d50639d
    MD5
    efdaf84019b0480606cd32a81bf090d3
    CRC-32
    8e69575b
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Windows NT\AccessOries4.ini
    Size
    14
    SHA-1
    fce8423b2a4ef9aaf763c07be720186ba3e9b5c7
    MD5
    a4e620beb4e416dfac0ae786dd6739b5
    CRC-32
    5a3244ca
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Microsoft\SeaPort3.ini
    Size
    14
    SHA-1
    ccd207f7a2b7a5c0878b95f131376e56cbbdb231
    MD5
    61d12ed4b25fbe6a02d2f056f1b1c042
    CRC-32
    2e3ae793
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Windows NT\AccessOries2.ini
    Size
    14
    SHA-1
    1c2a065f03a93ac1bb7e366397468a07516679e6
    MD5
    7be73312ab0ddfea74e9e0377e9e9aa4
    CRC-32
    c9d5de20
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Microsoft\SeaPort4.ini
    Size
    14
    SHA-1
    6a19a03de173c0442477b58c725f9aaa155d283e
    MD5
    a92cbb5189c296de8f63e13f1cb41944
    CRC-32
    33a33b95
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\WINDOWS\system32\drivers\etc\service9.ini
    Size
    14
    SHA-1
    ad74186a197db8908bdca28ebd34d7ea6a420350
    MD5
    4399f9ca25c50c52a761970c7303a14c
    CRC-32
    fca92222
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Microsoft\S6ea222Port10.ini
    Size
    14
    SHA-1
    8d070f55700ad8483e42eb1dbb3664bdffe182cc
    MD5
    bd2cd8d872b20b61740555247508bdd7
    CRC-32
    25982b70
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Windows NT\AccessOries5.ini
    Size
    14
    SHA-1
    20d9693dbeba06c6f953af3193833bd6319dbe06
    MD5
    effa2ea97fb41b02e39633bd1f97d2ec
    CRC-32
    d44c0226
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\WINDOWS\system32\drivers\etc\service1a.ini
    Size
    15
    SHA-1
    b50279c8aec8932b6d46e2051902ed9e7d38cdd5
    MD5
    5b9dcbe2936a16e0be14544d1087bf96
    CRC-32
    b3f14146
    File type
    application/octet-stream
    First seen
    2011-02-25
  • C:\Program Files\Windows NT\A3ccess999Ories5.ini
    Size
    14
    SHA-1
    20d9693dbeba06c6f953af3193833bd6319dbe06
    MD5
    effa2ea97fb41b02e39633bd1f97d2ec
    CRC-32
    d44c0226
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Microsoft\S8ea555Port5.ini
    Size
    14
    SHA-1
    e83585e769d1fb77a63863600ea097cf2b61ed17
    MD5
    311ce49ff865606185c09c2ab49f7630
    CRC-32
    bddd7d79
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Microsoft\SeaPort9.ini
    Size
    14
    SHA-1
    a2ea45b2d9db959e6ab5f7eefa6192d6a33a47f2
    MD5
    8bfc8d4076233461d6b23dc958a9c9c3
    CRC-32
    41634eec
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Windows NT\A2ccess777Ories4.ini
    Size
    14
    SHA-1
    fce8423b2a4ef9aaf763c07be720186ba3e9b5c7
    MD5
    a4e620beb4e416dfac0ae786dd6739b5
    CRC-32
    5a3244ca
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\WINDOWS\system32\drivers\etc\service7.ini
    Size
    14
    SHA-1
    592f52ece1a07b9bcc81d3d438abbb369a696174
    MD5
    138926f048e1ed58b9923ee7f8b2f1ba
    CRC-32
    c79a9a2e
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Microsoft\SeaPort10.ini
    Size
    14
    SHA-1
    8d070f55700ad8483e42eb1dbb3664bdffe182cc
    MD5
    bd2cd8d872b20b61740555247508bdd7
    CRC-32
    25982b70
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Windows NT\A4ccess999Ories6.ini
    Size
    14
    SHA-1
    3af57e3ffc060145520f4ef91cd86814b8ec60df
    MD5
    322ea0a124fe803fb7f422c88e303d2b
    CRC-32
    9dbfcf53
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Microsoft\SeaPort8.ini
    Size
    14
    SHA-1
    01495c384a8f81dc0e40c399674334c956a341fb
    MD5
    cb753102c80d1cf11286abb87a2130ed
    CRC-32
    cf1d0800
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Microsoft\S7ea555Port4.ini
    Size
    14
    SHA-1
    6a19a03de173c0442477b58c725f9aaa155d283e
    MD5
    a92cbb5189c296de8f63e13f1cb41944
    CRC-32
    33a33b95
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Microsoft\S5ea222Port9.ini
    Size
    14
    SHA-1
    a2ea45b2d9db959e6ab5f7eefa6192d6a33a47f2
    MD5
    8bfc8d4076233461d6b23dc958a9c9c3
    CRC-32
    41634eec
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\NetMeeting\180890temp
    Size
    160K
    SHA-1
    2dd95189191220047070aa9e9c6a58265e6b45f6
    MD5
    63af96501b3d19e48e1af0dbe15855e9
    CRC-32
    c1930372
    File type
    application/x-ms-dos-executable
    First seen
    2011-02-25
  • C:\Program Files\Microsoft\SeaPort7.ini
    Size
    14
    SHA-1
    ea5fac0b28693cdad9682a5d03fe81abeab5f8b9
    MD5
    d8bf51aa634ac2908e2216dd2395c473
    CRC-32
    7a50f6e0
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\WINDOWS\system32\drivers\etc\service6.ini
    Size
    14
    SHA-1
    80e177afcef8f67725053a9c2d6b2dcb87e96a41
    MD5
    40da7b2d6517d0a4651a536b6b40ac99
    CRC-32
    49e4dcc2
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\WINDOWS\system32\drivers\etc\service2a.ini
    Size
    14
    SHA-1
    a3cae2077e11634232bcb604eeb488ad5dc252fc
    MD5
    b8f463cb3ed7e368e86a6223aa439cba
    CRC-32
    1d8ecdb1
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Windows NT\A1ccess777Ories3.ini
    Size
    14
    SHA-1
    c1e3e04885c4cae1cd3796a6daa690c44b388b40
    MD5
    27956ab1c69b03fca67f395971d05783
    CRC-32
    47ab98cc
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\WINDOWS\system32\drivers\etc\service3.ini
    Size
    14
    SHA-1
    42e574edd7e6e5387e1942b17971d353c6501618
    MD5
    4569a1d9d052935aa58532976d6da1a8
    CRC-32
    93f08b5d
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Windows NT\AccessOries1.ini
    Size
    14
    SHA-1
    3bd8a595cbd2c307446905d7193ea984fc1445bb
    MD5
    003b18dc7c63400a938422ec3b7359b3
    CRC-32
    80261355
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Microsoft\SeaPort5.ini
    Size
    14
    SHA-1
    e83585e769d1fb77a63863600ea097cf2b61ed17
    MD5
    311ce49ff865606185c09c2ab49f7630
    CRC-32
    bddd7d79
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\WINDOWS\system32\drivers\etc\service10.ini
    Size
    14
    SHA-1
    920572c76805d3c677e3c06fb12c8f14e7dcd614
    MD5
    aa2d095a5e85c56496e1cf50e56d3a22
    CRC-32
    985247be
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Windows NT\AccessOries8.ini
    Size
    14
    SHA-1
    da13d19d319c8852fc0069f334adc3e40b149566
    MD5
    d4224f231b136f898b57681e7f3e1dfb
    CRC-32
    a68c775f
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\WINDOWS\system32\drivers\etc\s5erv444ice6.ini
    Size
    14
    SHA-1
    80e177afcef8f67725053a9c2d6b2dcb87e96a41
    MD5
    40da7b2d6517d0a4651a536b6b40ac99
    CRC-32
    49e4dcc2
    File type
    application/octet-stream
    First seen
    2010-11-08
  • C:\Program Files\Windows NT\AccessOries10.ini
    Size
    14
    SHA-1
    5dc49ce5860fdc53594fa7d28da3fa464972ed7a
    MD5
    1ffbabdc2f0b0046733ec99703d1b19f
    CRC-32
    4c09542f
    File type
    application/octet-stream
    First seen
    2010-11-08
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012011022520110226
    CacheRepair
    0x00000000
  • HKCU\Software\Microsoft\Internet Explorer\International\CpMRU
    Factor
    0x00000014
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    GameVersionUpdate1
    c:\program files\gameversionupdate1\GameUpdate1.exe
HTTP Requests
  • http://edonkeyserver4.8800.org/ConfigDownload/GameVersionUpdate1.txt
  • http://icon.cnzz.com/pic1.gif
  • http://linuxstat.gamedia.cn/Start.htm
  • http://pcgame.gamedia.cn/css/style_c8c.css
  • http://pcgame.gamedia.cn/images/images_c8c/list-bg.gif
  • http://pcgame.gamedia.cn/images/images_c8c/search-botton.gif
  • http://pcgame.gamedia.cn/images/images_c8c/title-bg-02.gif
  • http://pcgame.gamedia.cn/pcgame/C8C/gl/cnzz6.html
  • http://s17.cnzz.com/stat.php
  • http://test.hygame8888.cn/c8c_ini/GameVersionUpdate90.dll
  • http://zs17.cnzz.com/stat.htm
DNS Requests
  • edonkeyserver4.8800.org
  • icon.cnzz.com
  • linuxstat.gamedia.cn
  • pcgame.gamedia.cn
  • s17.cnzz.com
  • test.hygame8888.cn
  • zs17.cnzz.com

Example 2

File Information

Size
256K
SHA-1
00014514580f57bee5adfa0d065598ce40ab5215
MD5
96b7c845c16911ff3a19651832f147fb
CRC-32
b8453326
File type
application/x-ms-dos-executable
First seen
2011-03-15

Example 3

File Information

Size
256K
SHA-1
00032b64e9f585ea1f6176c38d5bd6f91942520b
MD5
d36a27d24836b6fa1bdd2cd0976edeb9
CRC-32
87b6761e
File type
application/x-ms-dos-executable
First seen
2011-01-04

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy