Threat Encyclopedia

W32/OnLineGames.MJO!tr.pws

Analysis

  • Drops the following files:
    • undefinedSYSTEMundefined/Kvsc3.dll
  • Adds the following registry:
    • key: HKEY_LOCAL_MACHINE\SoftWare\Microsoft\Windows\CurrentVersion\RUN
    • value: Kvsc3
    • data: undefinedWINDOWSundefined\Kvsc3.exE
  • Registers itself as a windows service.
  • Recommended Action

      FortiGate Systems
    • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
      FortiClient Systems
    • Quarantine/delete files that are detected and replace infected files with clean backup copies.