Autovin

File SHA1: de3f142cf15ac4fc4eb97b14a3c7ad9a73acb227
File MD5 : 8d48379fd946e06b12d1ee8fe9efc65b
File Type: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
Date: Sat Nov 14 03:10:28 MYT 2009
Possible Malware: YES

#– Files Created: –

/Documents and Settings/Administrator/Local Settings/Temp/4otjesjty.mof
/Documents and Settings/Administrator/Local Settings/Temp/c.dat
/Documents and Settings/Administrator/Local Settings/Temp/creg.dat

#– Registry Created: –

[SOFTWARE]
+ [software\AntiMalware]
[SYSTEM]
[SECURITIES]
[DEFAULT]
[NTUSER]

#– System Running Processes: –

#– Malware Traffic – DNS: –

activesecuritytool.cn
superactivesecurity.cn

#– Malware Traffic – Connections: –

193.169.234.28.80
78.129.166.141.80

#– Malware Traffic – www: –

superactivesecurity.cn/malw.db
superactivesecurity.cn/malw.db
superactivesecurity.cn/c.dat
superactivesecurity.cn/creg.dat
activesecuritytool.cn/malw.db

#– Screenshots: –

Screen After 90 Seconds