hi,
Can any one help me to fix the sample in the below link
1) http://www.kernelmode.info/forum/viewto ... &start=150
2) MD5 0a211ac6b398f49f8ce982bb0b07bd4a
3) http://www.virustotal.com/file-scan/rep ... 1275018744
a)Run the malware
b)Files Added:
%Systemroot%\system32\drivers\xcpip.sys
%Systemroot%\system32\drivers\xpsec.sys
Registry Changes:
HKLM\System\CurrentControlSet\Services\xcpip
HKLM\System\CurrentControlSet\Services\xpsec
c) MBR has been modified, and unable to remove the registries keys
please help me to remove the registry entries.
Can any one help me to fix the sample in the below link
1) http://www.kernelmode.info/forum/viewto ... &start=150
2) MD5 0a211ac6b398f49f8ce982bb0b07bd4a
3) http://www.virustotal.com/file-scan/rep ... 1275018744
a)Run the malware
b)Files Added:
%Systemroot%\system32\drivers\xcpip.sys
%Systemroot%\system32\drivers\xpsec.sys
Registry Changes:
HKLM\System\CurrentControlSet\Services\xcpip
HKLM\System\CurrentControlSet\Services\xpsec
c) MBR has been modified, and unable to remove the registries keys
please help me to remove the registry entries.
