[Diệt] Malware STL | d517e448e15f3ea3b0405b7679eccfd7 | AcrobatUpdater.exe


Dành cho bạn nào thắc mắc về việc làm sao xoá con malware này.

Hãy tìm trong C:\Program Files\Adobe\Updater6\ và nếu có file AcrobatUpdater.exe thì hãy làm những việc sau:

1. Vào trang web này để tải md5sum tool về: http://www.pc-tools.net/win32/md5sums/ rồi xả nén nó ra.

2. Kéo file AcrobatUpdater.exe để chồng lên file md5sums.exe để lấy giá trị hash của file AcrobatUpdater.exe.

3. Nếu giá trị hash là d517e448e15f3ea3b0405b7679eccfd7 thì đích thị nó là thủ phạm.

4. Xoá nó ngay.

5. Vào registry và xoá các key sau:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Acrobat Reader and Acrobat Manager = "%ProgramFiles%\Adobe\Updater6\AcrobatUpdater.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
Acrobat Reader and Acrobat Manager = "%ProgramFiles%\Adobe\Updater6\AcrobatUpdater.exe"

[HKEY_CURRENT_USER\Volatile Environment]
CURRENT = "2011-07-20 16:28:52"
DATA = 5D 4C 3C 3D 3F 4B 57 25 01 12 02 04 08 1E 03 71 45 43 49 44 0E 5F 51 4C 24 48 4D 55 0E 13 26 35 27 49 0A 43 4C 5A 7E 4E 1D 00 1D 2B 3E 2A 06 4E 35 00 41 06 0A 1E 60 53 21 1C 1F 02 0A 0C 0C 10 12 70 11 01 12 41 54 00 0E 0D 12 57 35 1A 09 16 2B 54 15

Chi tiết
http://www.hvaonline.net/hvaonline/posts/list/0/39641.hva

Comments

Post a Comment

Để lại góp ý của bạn để blog của mình hoàn thiện hơn :))

Popular posts from this blog

[Hack crack] Tổng hợp Google Dork

Image
/includes/header.php?systempath= /Gallery/displayCategory.php?basepath= /index.inc.php?PATH_Includes= /nphp/nphpd.php?nphp_config[LangFile]= /include/db.php?GLOBALS[rootdp]= /ashnews.php?pathtoashnews= /ashheadlines.php?pathtoashnews= /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR= /demo/includes/init.php?user_inc= /jaf/index.php?show= /inc/shows.inc.php?cutepath= /poll/admin/common.inc.php?base_path= /pollvote/pollvote.php?pollname= /sources/post.php?fil_config= /modules/My_eGallery/public/displayCategory.php?basepath= /bb_lib/checkdb.inc.php?libpach= /include/livre_include.php?no_connect=lol&chem_absolu= /index.php?from_market=Y&pageurl= /modules/mod_mainmenu.php?mosConfig_absolute_path= /pivot/modules/module_db.php?pivot_path= /modules/4nAlbum/public/displayCategory.php?basepath= /derniers_commentaires.php?rep= /modules/coppermine/themes/default/theme.php?THEME_DIR= /modules/coppermine/include/init.inc.php?CPG_M_DIR= /modules/coppermine/themes/c
Read more

[Security] Internet blackout scheduled in protest of SOPA

Last night I spent an inordinate amount of time on reddit looking at pictures of baby hedgehogs, reading a Q&A with a theoretical physicist, and catching up on the intended blackouts protesting the Stop Online Piracy Act (SOPA) and its sister bill, Protect IP Act (PIPA). Haven’t heard about SOPA? It’s no wonder, since the mainstream media has been curiously silent on the issue. Maybe it’s because most of the big news outlets are owned by companies supporting SOPA. Nonetheless, reddit and others, such as Tucows, Cheezburger, game developer Red 5 Studios, and hacktivist group Anonymous, hope to make the issue broadly known with a coordinated internet blackout scheduled for January 18th. Things will really get interesting if the “nuclear option” is implemented where the likes of Wikipedia, Google, Facebook, Ebay, Yahoo!, LinkedIn, Tumblr, Mozilla, Twitter, and PayPal “go simultaneously dark” to join them in protest of the bill. You may have heard a blip of a news story during the
Read more