Spyware ( 00009b291 )
Spyware ( 00009b291 ) also known as Trojan.Zbot, Trojan.Win32.Generic!SB.0, Win32/Spy.Zbot.YW. Malware Analysis of Spyware ( 00009b291 ) Created files: %Appdata%\Daer\soapvic.iwu %Appdata%\Daer\soapvic.tmp %Appdata%\Uctihu\fidoifw.exe %Local Appdata%\Identities\{FD9F837C-5851-47A2-A9B3-B6680CCE76B7}\Microsoft\Outlook Express\Folders.dbx %Local Appdata%\Identities\{FD9F837C-5851-47A2-A9B3-B6680CCE76B7}\Microsoft\Outlook Express\Inbox.dbx Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\{795B40C1-E216-093E-0854-EA04784E629A}: “”%Appdata%\Uctihu\fidoifw.exe”” Detected by UnHackMe: FIDOIFW.EXE Default location: %APPDATA%\UCTIHU\FIDOIFW.EXE Dropper hash(md5): 8a90f5e04a74a295955147531dbaa778 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most…