Systweak Spyware Library
Systweak Spyware Library text
More than 21875 spyware signatures and growing
Microsoft Gold Certified Partner
Search in:
Adtool.MyWebSearch Analysis Report
Threat Submitted On: 10 Nov 2008
Threat Analysed On: 11 Nov 2008
Threat Updated On: 11 Sept 2009
Type : Adtool
Symptoms of juntador
  • Drops malicious items on to the user’s system.
  • Upon execution, the files are extracted in a temporary folder and executed.
  • May include harmless files also to pose as a non-malicious program.
Information
Alias : [Not Available]
Md5 Hash : [Not Available]
File Size : [ Not Available ]

Technical Details

Here are the Technical findings of our analysis team after analyzing this malware in detail :-

Creates the following infected Files on user's System
Note:
Delete the following Files to remove Infection
File: csrss.exe
Path : %allusersprofile%\start menu\programs\startup

Md5Hash :dec894a7817ce4de713c4d866b1cfbdf ( 525892 bytes)
File: svchost.exe
Path : %programfiles%\win33

Md5Hash :5cfd977b73aa76b18f4a6222c09f0b5b ( 51788 bytes)
File: chongsbong.exe
Path : %systemdrive%

Md5Hash :bd4da3982d138342eca4b675dca67362 ( 68096 bytes)
File: computer-life-sucks.exe
Path : %systemdrive%

Md5Hash :3dc61bdc660b1dabbff4ab11e71e7ff3 ( 216576 bytes)
File: explorer.exe
Path : %systemdrive%

Md5Hash :cc5f136c8699bbe54cbc7b02322003a0 ( 269354 bytes)
File: pic1.bat
Path : %systemdrive%

Md5Hash :1b75bcc0587e00d026da3276be1469d4 ( 10215 bytes)
File: poisonhoneybeeee.exe
Path : %systemdrive%

Md5Hash :a4ffd48da15bcd4cf5360626d0aad405 ( 68096 bytes)
File: sitehack.bat
Path : %systemdrive%

Md5Hash :11e0fbd47663244529bbe098e82d7812 ( 10215 bytes)
File: virusworm.exe
Path : %systemdrive%

Md5Hash :7544a8a21370ddf8bf9c8d2092702e18 ( 36864 bytes)
File: arm21.tmp
Path : %temp%

Md5Hash :59d397b82b8c065871a35cc869730e46 ( 106496 bytes)
File: arm25.tmp
Path : %temp%

Md5Hash :59d397b82b8c065871a35cc869730e46 ( 106496 bytes)
File: gsr.exe
Path : %temp%

Md5Hash :34e092ed979caf22b15bba7e552cfba2 ( 97280 bytes)
File: jaa.exe
Path : %temp%

Md5Hash :34e092ed979caf22b15bba7e552cfba2 ( 97280 bytes)
File: kernel32.exe
Path : %temp%

Md5Hash :579a4adc514f12776e7fef6a216fc7e1 ( 25028 bytes)
File: mpw.exe
Path : %temp%

Md5Hash :0b7c78fc847b9a3031887ccc884626b6 ( bytes)
File: 161041852440380825.exe
Path : %temp%\se_1203140251

Md5Hash :ae7e8092198f5902b28d0deabee10d3e ( bytes)
File: 97473655080486522.exe
Path : %temp%\se_1946297167

Md5Hash :2db8f2c51e2b540377094221003e2737 ( 414336 bytes)
File: tbx.exe
Path : %temp%

Md5Hash :34e092ed979caf22b15bba7e552cfba2 ( 97280 bytes)
File: smv32.dat
Path : %userprofile%\application data

Md5Hash :eec89116426512aa885fb809bda78b81 ( 22040 bytes)
File: afdx.exe
Path : %windir%

Md5Hash :ba8a5c5ef8e03578dcf90854eed35801 ( 77312 bytes)
File: agbiehfuck.bat
Path : %windir%

Md5Hash :c592748d0a86050e0e372ea4a624faff ( 124 bytes)
File: cmd.dll
Path : %windir%

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
3a5601167a941ee32989b9c5b290552b ( 823296 bytes)
7211e7d5eb4939ffe6ab8b41f0f9da04 ( 387125 bytes)
File: cmsetac.dll
Path : %windir%

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
0f048c7be63fb49e73ef6bd3f71e7fa6 ( 33792 bytes)
18961529440111fdef899f51e9a27cdb ( 33792 bytes)
309cd402c3a34b28342d6feee9dbacd9 ( 33792 bytes)
321a5edbc3db79f5ecced9faa79073af ( 33792 bytes)
39b57049e00643d1f3d59711db966c86 ( 33792 bytes)
52ccb5086ec9a4a0dbf59b8fea3bb446 ( 33792 bytes)
8406d90a871f70a74d631b556689fc16 ( 33792 bytes)
d0905b7f93014a893a67b4710ea67b67 ( 33792 bytes)
df873fc789919318e403849a12fdab40 ( 33792 bytes)
e53f01f717667e861e3e2aa19bd2048c ( 33792 bytes)
f7c12813fda458b50cd861d44e6ac1bd ( 33792 bytes)
File: dj_maryam.exe
Path : %windir%

Md5Hash :36499d137d4f9ec135a274663d29f3e5 ( 10215 bytes)
File: explorer1.bat
Path : %windir%

Md5Hash :85bfdc8d44051d035e83bd454044f060 ( 298268 bytes)
File: foto1.exe
Path : %windir%

Md5Hash :7211e7d5eb4939ffe6ab8b41f0f9da04 ( 387125 bytes)
File: gbieh.dll
Path : %windir%

Md5Hash :4974b3d7bcb1e193c054e32c891ca7b6 ( 125025 bytes)
File: gbiehuni.dll
Path : %windir%

Md5Hash :a96d47d796bd55c446858af26a74cc0e ( 118427 bytes)
File: gir.jpg.exe
Path : %windir%

Md5Hash :89b8f8015983506ab2817571c6590ce5 ( 10215 bytes)
File: intelmouse.exe
Path : %windir%

Md5Hash :8062d73431437e727794da1fb88485c3 ( 11808 bytes)
File: ipcpass.dic
Path : %windir%

Md5Hash :2f9a398957c71eb2c34f13f814e5616a ( 499 bytes)
File: j-aimbot.exe
Path : %windir%

Md5Hash :2db8f2c51e2b540377094221003e2737 ( 414336 bytes)
File: msgsrv32.exe
Path : %windir%\litmus

Md5Hash :83c30384023beca3474d7fe9fdfe280d ( 36384 bytes)
File: locproxy1.exe
Path : %windir%

Md5Hash :5ef4df42eeb457e7e04362b7553bafbf ( 26128 bytes)
File: lsass.exe
Path : %windir%

Md5Hash :754a8c5588d5e7e9fa29e47e7ad5e35a ( 118286 bytes)
File: mgrqrts.dll
Path : %windir%

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
3abe9bc87aadc26bd7d543ac62f9567b ( bytes)
53b4507712bdc37eb35835819f689728 ( bytes)
5574e4614944f4cc863ddb1d92fb9e46 ( bytes)
ac72864eac08800dae4f22a3f63ad025 ( bytes)
d19b2e63cbf9168f58c864d76b3a350d ( bytes)
File: mstwain32.exe
Path : %windir%

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
2012f1c2537b490a2f50d55f54b576cb ( 112128 bytes)
6684165fffa56772e29d72efd1c7b9c6 ( 111616 bytes)
6ff8abc31f4ce145933dbc4e64bb388d ( 111616 bytes)
8390baa52c0f393c6545e9e648dd22e1 ( 111616 bytes)
a11a06a593f8a8fde893e9d7ba600708 ( 444416 bytes)
af79603ce8301d4d6bacceee98f50148 ( 128512 bytes)
eca2308503cea562678f8601eb0e701b ( 111616 bytes)
f5e8491d6d428ae9facdea4ce2180973 ( 114688 bytes)
f849593145e560b0163c13539bbae527 ( 115200 bytes)
File: mypic.exe
Path : %windir%

Md5Hash :0d878230592c318318303408803dff26 ( bytes)
File: mypic.jpg.exe
Path : %windir%

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
14aa131e5ab68768fb79ddd64a712d2c ( 10215 bytes)
9368521ab62c3db42effb49fd1274a12 ( 10215 bytes)
File: ñòfmîn.exe
Path : %windir%

Md5Hash :062149a8eb1180711276a3d2feeca00c ( 5892 bytes)
File: norton.exe
Path : %windir%

Md5Hash :36499d137d4f9ec135a274663d29f3e5 ( 10215 bytes)
File: ~jctndrvr.exe
Path : %windir%\olefiles

Md5Hash :1ae4637482ac18c30a27252783e60fce ( 29188 bytes)
File: pic1.bat
Path : %windir%

Md5Hash :a8a8f8fc68e6ad38749bfe0c55ed7f72 ( 10215 bytes)
File: psexec.exe
Path : %windir%

Md5Hash :da9e480443d97470892b16311a9d1f15 ( 122880 bytes)
File: r2d2.hik
Path : %windir%

Md5Hash :4cd6183c71c9d6ff92c736e2a84a4e33 ( 12000000 bytes)
File: regedit.ocx
Path : %windir%

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
3a5601167a941ee32989b9c5b290552b ( 823296 bytes)
7211e7d5eb4939ffe6ab8b41f0f9da04 ( 387125 bytes)
File: regsvr.exe
Path : %windir%

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
9368521ab62c3db42effb49fd1274a12 ( 10215 bytes)
fc547e39e6676676ab2d4cdee7149b04 ( 10215 bytes)
File: rscan.exe
Path : %windir%

Md5Hash :d11a14e04c39e7fdccad7747c0cb7ae4 ( 29184 bytes)
File: run.exe
Path : %windir%

Md5Hash :9a41a9f83fd10af38a1ad608b4d163ca ( 10215 bytes)
File: runmefile2.vbs
Path : %windir%

Md5Hash :ef78bcfa92212af3659b31b6818de767 ( 6885 bytes)
File: services.exe
Path : %windir%

Md5Hash :5393b5b8906eb77aba1b137b25552382 ( 350764 bytes)
File: starlights.exe
Path : %windir%

Md5Hash :f5e8491d6d428ae9facdea4ce2180973 ( bytes)
File: svchost.exe
Path : %windir%

Md5Hash :14aa131e5ab68768fb79ddd64a712d2c ( 10215 bytes)
File: sysbackup.exe
Path : %windir%

Md5Hash :5cc8bc7bdb30981d316a83309796aacf ( 25600 bytes)
File: compressed.exe
Path : %windir%\system

Md5Hash :a9acfa9afbfc8ffe1d5c73ff5c24c527 ( 345535 bytes)
File: dllsys.exe
Path : %windir%\system

Md5Hash :29ed0e7a3a476b1a323e7c46a8b1ab84 ( 49152 bytes)
File: edit.exe
Path : %windir%\system

Md5Hash :2040f9705e61f7d8915032cef0fc9a09 ( 17952 bytes)
File: explorer.exe
Path : %windir%\system

Md5Hash :8c3f8ddeeb736aee135c0344ff13f309 ( 25028 bytes)
File: i-worm.satanik.child.vbs
Path : %windir%\system

Md5Hash :fee9c5131d7d904966b94f51b19ed19a ( 18024 bytes)
File: icqmapi.dll
Path : %windir%\system

Md5Hash :6bd04dcf8354ff684e386d4e9d07815b ( 58880 bytes)
File: install.exe
Path : %windir%\system

Md5Hash :7a6fc2286c885b6e1a3837f3a4e244fc ( 182933 bytes)
File: killer.exe
Path : %windir%\system

Md5Hash :574394b8c9ae257c2442e679728da671 ( 17412 bytes)
File: modelclip3.exe
Path : %windir%\system

Md5Hash :85e9be05f47f15ebf93fd8707f7182e6 ( 60928 bytes)
File: mypic.jpg.exe
Path : %windir%\system

Md5Hash :e17cbc553fb4b42e104edaa7dc8b47ff ( 10215 bytes)
File: op4 srvr.exe
Path : %windir%\system

Md5Hash :1ae4637482ac18c30a27252783e60fce ( bytes)
File: patch.exe
Path : %windir%\system

Md5Hash :0a7519ee1eef48c6bfaed98bdcb241bd ( 6144 bytes)
File: poisonhoney.exe
Path : %windir%\system

Md5Hash :ff9be4d411e0f39d48609893388ed6a0 ( 68096 bytes)
File: server.exe
Path : %windir%\system

Md5Hash :2317dfab0f0105a1bd78ac48a10f95a3 ( bytes)
File: serwer.exe
Path : %windir%\system

Md5Hash :754a8c5588d5e7e9fa29e47e7ad5e35a ( 118286 bytes)
File: sservice.exe
Path : %windir%\system

Md5Hash :5393b5b8906eb77aba1b137b25552382 ( 350764 bytes)
File: sysbackup.ocx
Path : %windir%\system

Md5Hash :a804609edecad69b7130dc74e8da2b51 ( 29696 bytes)
File: thepic.jpg.scr
Path : %windir%\system

Md5Hash :fc547e39e6676676ab2d4cdee7149b04 ( 10215 bytes)
File: upload.exe
Path : %windir%\system

Md5Hash :cfcfdf11576b994bccabb702cce351df ( 4096 bytes)
File: taskmgr.exe
Path : %windir%\system32\1028

Md5Hash :f823a145039b94716e5b27c0174e6e1c ( 500224 bytes)
File: cftmon.exe
Path : %windir%\system32

Md5Hash :0993930c82dea274d81477aad475b360 ( bytes)
File: cftmonhk.dll
Path : %windir%\system32

Md5Hash :57e6b664c82d4617900fc68427847f7d ( bytes)
File: cftmonr.exe
Path : %windir%\system32

Md5Hash :25ca20c1d62da229dc135015cef460e4 ( 16384 bytes)
File: cftmonwb.dll
Path : %windir%\system32

Md5Hash :5d6103059981886ee29698ef77006398 ( bytes)
File: iexplore.exe
Path : %windir%\system32\config

Md5Hash :579a4adc514f12776e7fef6a216fc7e1 ( 25028 bytes)
File: services.exe
Path : %windir%\system32\config

Md5Hash :8c3f8ddeeb736aee135c0344ff13f309 ( 25028 bytes)
File: winsock.exe
Path : %windir%\system32\config

Md5Hash :c7dbb6caaa75644bc5af84bfee3d286a ( 25028 bytes)
File: system.exe
Path : %windir%\system32\config32

Md5Hash :2317dfab0f0105a1bd78ac48a10f95a3 ( 49636 bytes)
File: rkreveal150.sys
Path : %windir%\system32\drivers

Md5Hash :66ac5fe7a28b0e77241d9e3747af0c83 ( bytes)
File: eqqn.ewc
Path : %windir%\system32

Md5Hash :028b428559e92a1fed010c025c467492 ( 59392 bytes)
File: expl0rer.exe
Path : %windir%\system32

Md5Hash :834e959a4d945bff6813eaa25d4a46c5 ( 294908 bytes)
File: explorer.dll
Path : %windir%\system32

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
3a5601167a941ee32989b9c5b290552b ( 823296 bytes)
7211e7d5eb4939ffe6ab8b41f0f9da04 ( 387125 bytes)
85bfdc8d44051d035e83bd454044f060 ( 298268 bytes)
File: fkg.006
Path : %windir%\system32

Md5Hash :5b4fa20c178ac0796ce5a60dfacc7ae4 ( 5120 bytes)
File: fkg.exe
Path : %windir%\system32

Md5Hash :b1fee1a0a26a8b490df859f74e4da284 ( 292864 bytes)
File: fservice.exe
Path : %windir%\system32

Md5Hash :5393b5b8906eb77aba1b137b25552382 ( 350764 bytes)
File: inst.dat
Path : %windir%\system32

Md5Hash :a4ecfae3e52d9535f0f8fa5faa55507f ( bytes)
File: kernel32.exe
Path : %windir%\system32

Md5Hash :cc5f136c8699bbe54cbc7b02322003a0 ( 269354 bytes)
File: kernel32.ocx
Path : %windir%\system32

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
3a5601167a941ee32989b9c5b290552b ( 823296 bytes)
7211e7d5eb4939ffe6ab8b41f0f9da04 ( 387125 bytes)
File: lecq.xaj
Path : %windir%\system32

Md5Hash :5c06dbb234f088a487248ff37b10a41c ( 36352 bytes)
File: lfjjiqg.hxj
Path : %windir%\system32

Md5Hash :fb47fde536f423576d111cea96699440 ( 49664 bytes)
File: logictech.exe
Path : %windir%\system32

Md5Hash :8062d73431437e727794da1fb88485c3 ( 11808 bytes)
File: mshost.exe
Path : %windir%\system32

Md5Hash :5a23040fa7f1070a414d9171038286d6 ( 281088 bytes)
File: pk.bin
Path : %windir%\system32

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
55120f6cdcb936e1b4f74fe2c68f9339 ( bytes)
6e2001d41989d0f46dbf0cc860a22a4b ( bytes)
800d06da1c893c2a2d531df4446bdf15 ( 3680 bytes)
File: pxps.ckx
Path : %windir%\system32

Md5Hash :52052d563d82628f1ed715abf69405ea ( 11776 bytes)
File: rinst.exe
Path : %windir%\system32

Md5Hash :25ca20c1d62da229dc135015cef460e4 ( bytes)
File: shell32.sys
Path : %windir%\system32

Md5Hash :85bfdc8d44051d035e83bd454044f060 ( 298268 bytes)
File: sp00lsv.exe
Path : %windir%\system32

Md5Hash :834e959a4d945bff6813eaa25d4a46c5 ( 294908 bytes)
File: sys2.exe
Path : %windir%\system32

Md5Hash :ba8a5c5ef8e03578dcf90854eed35801 ( 77312 bytes)
File: tapi32init.exe
Path : %windir%\system32

Md5Hash :3ebb1ec3afee52f8c778a2536a894077 ( 14832 bytes)
File: wed_sep_17_2008.txt
Path : %windir%\system32

Md5Hash :1b1254452bba8afe4289f1e657d04ec4 ( 14 bytes)
File: wilj.bhk
Path : %windir%\system32

Md5Hash :b915b13b9deed4a76b073ba064f217e9 ( 53248 bytes)
File: win32log.dat
Path : %windir%\system32

Md5Hash :42847586b79d67f8e1ece5efb02f46e8 ( 4207 bytes)
File: __oddysee.exe
Path : %windir%\temp

Md5Hash :d3df44a57ac57c6facbd2a9366a419e6 ( 28672 bytes)
File: 1 bullet barney.exe
Path : %windir%\temp

Md5Hash :51a54da972ba0877b0ce334feeeb588c ( 188416 bytes)
File: 1174668246_f.jpeg
Path : %windir%\temp

Md5Hash :158bd65f46ce0ff61e9ed16dc6f7d7f2 ( 29009 bytes)
File: 258bg.exe
Path : %windir%\temp

Md5Hash :68960b10b402ea6564debd88480670d7 ( 1319758 bytes)
File: 6e982dd5c3.exe
Path : %windir%\temp

Md5Hash :5a23040fa7f1070a414d9171038286d6 ( 281088 bytes)
File: abc.tx
Path : %windir%\temp

Md5Hash :( bytes)
File: agony.exe
Path : %windir%\temp

Md5Hash :c95f655ddf06402a87b7453ff46c7f4c ( 51705 bytes)
File: aimbot 2.4.exe
Path : %windir%\temp

Md5Hash :f4e0b7351c385be876c23d56baa5b839 ( 508616 bytes)
File: antiantivirus.vbs
Path : %windir%\temp

Md5Hash :520d2614c432effb50775353d05fca67 ( 6055 bytes)
File: bdcli100.exe
Path : %windir%\temp

Md5Hash :b0880d5e7d8491703ee27e7d7321f5cc ( 26624 bytes)
File: beast.exe
Path : %windir%\temp

Md5Hash :41aa4acc13ed3508143d7dd07c974809 ( 540160 bytes)
File: bigbomb.exe
Path : %windir%\temp

Md5Hash :d54ebfb88e9cbcc43945793d7d0c4266 ( 52736 bytes)
File: booter.exe
Path : %windir%\temp

Md5Hash :03bd8f010231f5cc29eadcc9ea7a04ba ( 115200 bytes)
File: bpk.dat
Path : %windir%\temp

Md5Hash :5ef9695884779e6ce945254947b323b3 ( 550 bytes)
File: bubblepop.exe
Path : %windir%\temp

Md5Hash :5af0f42c0b31b1963fecaf4f950ae8e3 ( 941728 bytes)
File: client.exe
Path : %windir%\temp

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
59bc9018ebbf33cc0aaeaa28dafa1e1e ( 404784 bytes)
dafa97fd37bf75153f760dc2c67a7b0a ( 393728 bytes)
File: computer-life-sucks.exe
Path : %windir%\temp

Md5Hash :3dc61bdc660b1dabbff4ab11e71e7ff3 ( 216576 bytes)
File: connector.exe
Path : %windir%\temp

Md5Hash :a7627140078e55c1335841b1e62aedec ( 249344 bytes)
File: cópia de servernormal.exe
Path : %windir%\temp

Md5Hash :3a5601167a941ee32989b9c5b290552b ( 823296 bytes)
File: d.exe
Path : %windir%\temp

Md5Hash :d959b46c761d5d8809e48f253bc0f41e ( bytes)
File: danceclubvideo.exe
Path : %windir%\temp

Md5Hash :eca2308503cea562678f8601eb0e701b ( bytes)
File: dancemodel.exe
Path : %windir%\temp

Md5Hash :f849593145e560b0163c13539bbae527 ( bytes)
File: dh.exe
Path : %windir%\temp

Md5Hash :5e7de38b7de67a29c1ab07239adb5294 ( 538438 bytes)
File: dito.exe
Path : %windir%\temp

Md5Hash :dc601e277d9d12d0be9537cd120503a5 ( 144384 bytes)
File: dj_maryam.exe
Path : %windir%\temp

Md5Hash :900bbbed393f20f1c6a3155d115562c6 ( 10215 bytes)
File: downarockyroad.exe
Path : %windir%\temp

Md5Hash :9b65ca283afac0670e96a3cc4e85c1fc ( 354304 bytes)
File: dwyzz.exe
Path : %windir%\temp

Md5Hash :a11a06a593f8a8fde893e9d7ba600708 ( 444416 bytes)
File: dwyzzcrack.bat
Path : %windir%\temp

Md5Hash :86255f5cccaf9a152fe145cf3293741a ( 447 bytes)
File: editor.exe
Path : %windir%\temp

Md5Hash :d619e78ba7667a20332f9771c3d6d8ea ( 78848 bytes)
File: editsrv.exe
Path : %windir%\temp

Md5Hash :ec60b05db1ad01fff636a19a72f8c8a5 ( 236032 bytes)
File: exploit.bat
Path : %windir%\temp

Md5Hash :bf54e47e4c1abb7a5147b7923b417ed3 ( 54932 bytes)
File: exploited-dom.exe
Path : %windir%\temp

Md5Hash :b25d1b7257cf1c111b9b711cb0d9cd70 ( 220160 bytes)
File: exploited-domination1.7.exe
Path : %windir%\temp

Md5Hash :3b7cf5508ccef43e3ef655b76201ead0 ( 147968 bytes)
File: fl_server.exe
Path : %windir%\temp

Md5Hash :87d0d40b3e9e2ca4be055e179250dc16 ( bytes)
File: fu.exe
Path : %windir%\temp

Md5Hash :d3548b4b95546ad3d08a07b036c5c3db ( 98304 bytes)
File: gameboost.exe
Path : %windir%\temp

Md5Hash :2298a39158330f461b57eb8ba9238dcc ( 927504 bytes)
File: gansta-clip1.exe
Path : %windir%\temp

Md5Hash :1ec261a62a92ab7bd6abf7f1a509aa96 ( 366592 bytes)
File: gg_crack.exe
Path : %windir%\temp

Md5Hash :43316b18acf35249f8ed348076e6814e ( 172032 bytes)
File: gir.jpg.exe
Path : %windir%\temp

Md5Hash :a8c81016f8e56558b5750a633009b859 ( 10215 bytes)
File: gold_hack.exe
Path : %windir%\temp

Md5Hash :42757a2b716c7687ad2476812851910d ( 428357 bytes)
File: honeybee.exe
Path : %windir%\temp

Md5Hash :85e9be05f47f15ebf93fd8707f7182e6 ( 60928 bytes)
File: hxdef100.exe
Path : %windir%\temp

Md5Hash :1b393e2e13b9c57fb501b7cd7ad96b25 ( 70656 bytes)
File: hyr.exe
Path : %windir%\temp

Md5Hash :d756c2921a8be0a1563cef71bfa67199 ( 890190 bytes)
File: inst.dat
Path : %windir%\temp

Md5Hash :6078fc0ef587f0331d6bfd487b6a9380 ( 728 bytes)
File: install coldfusion v1.1.exe
Path : %windir%\temp

Md5Hash :ad2905637bcbb4920d055f34c671b26d ( 2264264 bytes)
File: ip-relay.exe
Path : %windir%\temp

Md5Hash :3dc61bdc660b1dabbff4ab11e71e7ff3 ( 216576 bytes)
File: ip.exe
Path : %windir%\temp

Md5Hash :eb9e39e418f3cf7ba20b97ab112a975b ( 98304 bytes)
File: ju.exe
Path : %windir%\temp

Md5Hash :770fe6a499fcd3b41e14184768dc9151 ( 1492817 bytes)
File: kernel32.exe
Path : %windir%\temp

Md5Hash :579a4adc514f12776e7fef6a216fc7e1 ( 25028 bytes)
File: keyloggerhuntersetup.exe
Path : %windir%\temp

Md5Hash :a747854094b74a7a0b59e678ba0c9844 ( 625970 bytes)
File: kill.exe
Path : %windir%\temp

Md5Hash :663604b29d5bd47d8fd7e34843438bcf ( 186993 bytes)
File: killerbooter.exe
Path : %windir%\temp

Md5Hash :465cfcdf26c29ea97c48c92edb9ffae0 ( 36864 bytes)
File: kuytr.exe
Path : %windir%\temp

Md5Hash :3c69d9990ced6971a46454cd156e546f ( 828750 bytes)
File: lastdance.exe
Path : %windir%\temp

Md5Hash :cc5f136c8699bbe54cbc7b02322003a0 ( 269354 bytes)
File: loader.exe
Path : %windir%\temp

Md5Hash :be61c21d063903a9d8e392b4c31fb162 ( 49152 bytes)
File: lol.exe
Path : %windir%\temp

Md5Hash :b4438be6f4b1a470873c67463476c543 ( 316928 bytes)
File: loozikots.exe
Path : %windir%\temp

Md5Hash :af5ec0a1d558123e3e4f1560860a1a7a ( 1523712 bytes)
File: lostagain.exe
Path : %windir%\temp

Md5Hash :4f8b4490287e07df5c463874cde21f28 ( 145920 bytes)
File: mc.dat
Path : %windir%\temp

Md5Hash :d969d89fd8865f52c0ec63d41c6f8451 ( 388 bytes)
File: navegadorcef.exe
Path : %windir%\temp

Md5Hash :51af01b40c7f3cfbee61f7f3618c4c19 ( 608768 bytes)
File: nju.exe
Path : %windir%\temp

Md5Hash :b9d3fcbe3fbacade852971745a7d1c31 ( 730458 bytes)
File: ntsecurity.exe
Path : %windir%\temp

Md5Hash :5e244d14080f048c0d38a41305b46812 ( 411043 bytes)
File: optical.exe
Path : %windir%\temp

Md5Hash :a077e2caa44bc6e44addd31f5a9fa551 ( 22016 bytes)
File: otnetip.exe
Path : %windir%\temp

Md5Hash :8df2a60aa2c26c675417b6fc2d764540 ( 136030 bytes)
File: pespin.exe
Path : %windir%\temp

Md5Hash :e654a0f28942cbae0180d7420e0dde31 ( 36864 bytes)
File: pic1.bat
Path : %windir%\temp

Md5Hash :0a7b11d5febd2e50432660dd26600f76 ( 10215 bytes)
File: pk.bin
Path : %windir%\temp

Md5Hash :6f5f99856a72913d41c1acc9ac02c789 ( 3404 bytes)
File: proconnective.exe
Path : %windir%\temp

Md5Hash :0891b1d690e577c33036b10c6e273a0c ( 257280 bytes)
File: project1.exe
Path : %windir%\temp

Md5Hash :f823a145039b94716e5b27c0174e6e1c ( 500224 bytes)
File: rdrbs100.exe
Path : %windir%\temp

Md5Hash :7c752bcd6da796d80a6830c61a632bff ( 49152 bytes)
File: root.exe
Path : %windir%\temp

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
3a439fb905a2e3a0547dcf6c6aa7e539 ( 20609 bytes)
c54c622e3e10f724243d3d806712099a ( 83968 bytes)
File: rootkitrevealer.exe
Path : %windir%\temp

Md5Hash :34e092ed979caf22b15bba7e552cfba2 ( 97280 bytes)
File: server compactado.exe
Path : %windir%\temp

Md5Hash :85bfdc8d44051d035e83bd454044f060 ( 298268 bytes)
File: server.exe
Path : %windir%\temp

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
54f518a1caa37a1e4527bf38d5a4a7ee ( 711182 bytes)
5cfd977b73aa76b18f4a6222c09f0b5b ( bytes)
c72eec2bc470a4c5d3b2c2948e168f9a ( 431523 bytes)
File: server.scr
Path : %windir%\temp

Md5Hash :5393b5b8906eb77aba1b137b25552382 ( 350764 bytes)
File: server_indetectable.exe
Path : %windir%\temp

Md5Hash :4dc61afdca0a64e753e23269e2878c18 ( 244347 bytes)
File: server1.exe
Path : %windir%\temp

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
834e959a4d945bff6813eaa25d4a46c5 ( 294908 bytes)
8436ccdf5ba250e5599a09e4f062dce2 ( 183588 bytes)
File: server206.exe
Path : %windir%\temp

Md5Hash :1a3aae9bb63032def6ded04b777637f1 ( 162961 bytes)
File: servidor.exe
Path : %windir%\temp

Md5Hash :776b16d62fb40c07c4efd70f37497a9b ( 186880 bytes)
File: sitehack.bat
Path : %windir%\temp

Md5Hash :8f8da8327ad69c2f65a41fc626fd8165 ( 10215 bytes)
File: smss.exe
Path : %windir%\temp

Md5Hash :c7dbb6caaa75644bc5af84bfee3d286a ( 25028 bytes)
File: stub.exe
Path : %windir%\temp

Md5Hash :f80e3a8c5aaa3a72604f2621721c0c2a ( 25600 bytes)
File: stupidmario.exe
Path : %windir%\temp

Md5Hash :0613d207c87ac6f42ff56bc57e9625ba ( bytes)
File: system.exe
Path : %windir%\temp

Md5Hash :7929287084b1d944b9269fa467f96adc ( 395804 bytes)
File: systemhk.dll
Path : %windir%\temp

Md5Hash :1f2f4e95fc4f145964d33e73400e468f ( 8192 bytes)
File: systemwb.dll.1
Path : %windir%\temp

Md5Hash :5a7ab82d6fbd398472b23d409122bb24 ( 40960 bytes)
File: titles.dat
Path : %windir%\temp

Md5Hash :eaac77927d2b2156d6d133ae37df1449 ( 19 bytes)
File: tosqueira.exe
Path : %windir%\temp

Md5Hash :96ae7d0326e5deb36e1cc9cd0ec88ece ( 443392 bytes)
File: undetected.exe
Path : %windir%\temp

Md5Hash :81a796cd1b4430bbdc0123dc49582db9 ( 431523 bytes)
File: uniom
Path : %windir%\temp

Md5Hash :e5cd999b3102094eb17c25c36e342354 ( 918528 bytes)
File: union2
Path : %windir%\temp

Md5Hash :332229944aa6ed38371b9e0bd30f6ed0 ( 953344 bytes)
File: union3
Path : %windir%\temp

Md5Hash :d67d6f4f72eca0596b6aa71a66f2f573 ( 934912 bytes)
File: upx.exe
Path : %windir%\temp

Md5Hash :9857f7401eff1ddfba4123ba9d5ee08a ( 126464 bytes)
File: videoclip2.exe
Path : %windir%\temp

Md5Hash :6684165fffa56772e29d72efd1c7b9c6 ( bytes)
File: videoclip3.exe
Path : %windir%\temp

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
2012f1c2537b490a2f50d55f54b576cb ( bytes)
6ff8abc31f4ce145933dbc4e64bb388d ( bytes)
8390baa52c0f393c6545e9e648dd22e1 ( 111616 bytes)
a67995232b5c69e51acd2d5a80335076 ( 115200 bytes)
File: videoclip4.exe
Path : %windir%\temp

Md5Hash :90b1ab9f9f083106ec75704f68a0e701 ( 429568 bytes)
File: videoclips.exe
Path : %windir%\temp

Md5Hash :55162de3e0c1434fc9a9c471730f92e1 ( 111616 bytes)
File: winipc.exe
Path : %windir%\temp

Md5Hash :dec894a7817ce4de713c4d866b1cfbdf ( 525892 bytes)
File: winupdate.bat
Path : %windir%\temp

Md5Hash :fecb18e96c8ce5705ec541b08b83dc39 ( 55 bytes)
File: xp
Path : %windir%\temp

Md5Hash :423e1fccfa0a5c0b5868f1e0df9f3905 ( 42496 bytes)
File: zoli diavetítés.exe
Path : %windir%\temp

Md5Hash :2b052bd8183bae8c7e2858fb185f0e63 ( 326459 bytes)
File: trojanworm.exe
Path : %windir%

Md5Hash :4c2126de13be3c2695ddcf611eaaacf1 ( 33792 bytes)
File: user32.exe
Path : %windir%

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
1a3aff3090e60c76bb805d91ba37c487 ( 10215 bytes)
a8c81016f8e56558b5750a633009b859 ( 10215 bytes)
File: userinit.exe
Path : %windir%

Md5Hash :4bffcdcdbf3e308bed7cb09a359bfc8c ( 30791 bytes)
File: whiteboys.exe
Path : %windir%

Md5Hash :af79603ce8301d4d6bacceee98f50148 ( bytes)
File: winagent.exe
Path : %windir%

Md5Hash :89b8f8015983506ab2817571c6590ce5 ( 10215 bytes)
File: winbot.exe
Path : %windir%

Md5Hash :5ef4df42eeb457e7e04362b7553bafbf ( 26128 bytes)
File: windows.bat
Path : %windir%

Md5Hash :83c30384023beca3474d7fe9fdfe280d ( 36384 bytes)
File: windowsupdate.frm
Path : %windir%

Md5Hash :f7264600a421cc53d38335f1b7428ae7 ( 3405 bytes)
File: winlog.exe
Path : %windir%

Md5Hash :87d0d40b3e9e2ca4be055e179250dc16 ( 24471 bytes)
File: winlogon.exe
Path : %windir%

Md5Hash :0613d207c87ac6f42ff56bc57e9625ba ( 114688 bytes)
File: winvxd.exe
Path : %windir%

Md5Hash :2040f9705e61f7d8915032cef0fc9a09 ( 17952 bytes)
File: [randomname].exe
Path : %workingdir%

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
00822dd2b993788bfda1213184b01837 ( 36352 bytes)
040baa7b59905ebecd31e73eac6224a7 ( 576512 bytes)
045e7415ce3b171641703f3b0a76efea ( 120320 bytes)
0a326ebe4f8e83f6a4dad032116bd510 ( 268288 bytes)
0be16709fd28067b2f6a7c597c80784b ( 159744 bytes)
0fdc885e692c07dfb566365239f553a8 ( 610304 bytes)
13d490081aae8a6eba0ede6ccbe68d0d ( 5450752 bytes)
14cdf88b118ba2b3bb446a73029439c5 ( 131586 bytes)
1562c87094474b4efd1b2b17da2e3f5e ( 1708544 bytes)
192cab59ff0900cf3c14fe1c31670904 ( 3069952 bytes)
1a26291f7dd7a667bd2fc0f76ea55413 ( 545282 bytes)
1b216cd86c7ed25795988ebb7b05a869 ( 65024 bytes)
1df10eaf940488285369b8d83cc60da2 ( 245248 bytes)
1f732e6f27226bb57e9e348beeda5b57 ( 1984000 bytes)
23ec6bce352a23efe1d271fea4f7782f ( 619520 bytes)
2463d98cb144b2e3d19e0dbcf9e28a01 ( 1298432 bytes)
263562431285cf4edfce8bb537a11dc2 ( 835212 bytes)
2755c072bcb81d59010390d4ea6de103 ( 426496 bytes)
338fece71129089d37bc353c37c5b999 ( 660992 bytes)
33e62aa4a6ea2b59e8f61643ac399212 ( 139776 bytes)
36e56680091aefc3df38b20170a5e525 ( 298496 bytes)
37bdc4821be677a507e638216fcf827a ( 35328 bytes)
3afc6cb1628e22aa730dbf6c9331b4f7 ( 372333 bytes)
3b32ce54e80841e85aa99d8cd61eb8a8 ( 2307623 bytes)
3b5394d140baa3ae79c18db75b04ea09 ( 1017687 bytes)
403fba99a8a3e95152abb33e1d3dca64 ( 17408 bytes)
405fe0eb7e3eea8d5ad807ee827b057c ( 6155264 bytes)
406389d7553db8f58db489f8a16a352f ( 287924 bytes)
423e1fccfa0a5c0b5868f1e0df9f3905 ( 42496 bytes)
4753526fda277b231c27e6b5167534de ( 360448 bytes)
4795b2db2650364e3a102423344f7596 ( 54272 bytes)
4fbf81d69b4925b7b00e15425b23e235 ( 373248 bytes)
538fcf09382cd720eb065257bbd576b2 ( 935936 bytes)
554d627ea737481adc4b10d12f74c461 ( 52493 bytes)
5660c0f7c87c70832927daf18948c511 ( 2535424 bytes)
57adb968f0af3249316e88784ac334e8 ( 1085952 bytes)
5a6276c061702a21be961f638f7b9fc4 ( bytes)
5b1524f1b0250830d75af0c5bef53bd4 ( 186368 bytes)
5cf38b430fb86faefee1c5b96047de3c ( 1545216 bytes)
5f3541504bf0d4730b20263c58649eb5 ( 514048 bytes)
6809bd96461e0105321ee3e4b6b13564 ( 652288 bytes)
689262ec0bfe3518ad0d85b2d876f026 ( 143872 bytes)
7216f52c453d6a71ad5526f4f6cfe837 ( 162816 bytes)
735074119bdfd129f8675d61107a1ad4 ( 781338 bytes)
754aa4fbb1f99c27aab0cff3133e6bf9 ( 143360 bytes)
788885f33849435ac8b7f77913a3a725 ( 297764 bytes)
7c78dc3efd713d9ac9f7f9a18c5428b5 ( 106496 bytes)
81e4bfec2907d637761b52c5b0233d5d ( 209920 bytes)
81f0d7bafdcc70801cb29e709fe66c69 ( 545282 bytes)
83ada3cd1d136711957607afb059727b ( 186368 bytes)
85ef107e6167b021a773d6c155d6ce57 ( 1299221 bytes)
8a44d25968e54e732a9004567f801fbb ( 433152 bytes)
8ad90be17f87d1fba02b94c98b3b67dc ( 159746 bytes)
8cdf5b998193c4cb8a2bd1cc3d02a885 ( 225280 bytes)
8ef822eb208e65f22d3f15bf65b462bc ( 193536 bytes)
8fb98ad8c35fe94e7e2ff90a50e7823f ( 687962 bytes)
90758884b8a6ffc179972536930b5e51 ( 625664 bytes)
91df92b7d692291ecb184033390302a6 ( 44544 bytes)
94273dcbfd9fe90b1152e8b8fd187be5 ( 374784 bytes)
956e22bf93559363d3335401492c68de ( 368128 bytes)
96
Also creates the following files on user's System which are also created by Genuine Software :-
Note:
These file(s) can be kept as they are also created by genuine Software.
File : comdlg32.ocx
Path : %windir%\system

Md5Hash :3ec0a48ed8d8a019175cfa3952ccb3b7 ( 140096 bytes)
File : mpr.dll
Path : %windir%\system

Md5Hash :a0c86da708f28275689f5a2ce123aa03 ( 57344 bytes)
File : winsck.ocx
Path : %windir%\system

Md5Hash :166c89ff325211884c5881281675f5ee ( 141312 bytes)
File : brcc32.exe
Path : %windir%\temp

Md5Hash :de3f8fcdd1bdb42ccc28ce8d610bd2d8 ( 168992 bytes)
File : hkit.exe
Path : %windir%\temp

Md5Hash :fba04bcc0f009dd29739ece315d0c6e4 ( 29696 bytes)
File : upx.exe
Path : %windir%\temp

Md5Hash :6ef20e56d1f5eb53882e71a29701138e ( 94208 bytes)
File : wini.exe
Path : %windir%\temp

Md5Hash :854b9cc38bdcb1b63ba538d2e576772a ( bytes)
File : wini.exe
Path : %windir%

Md5Hash :854b9cc38bdcb1b63ba538d2e576772a ( 28674 bytes)
The following Registry Values are added to the provided Registry Keys :-
Note:
Delete the added Values from the Key to remove Infection
|__ Value Added :
1 bullet barney.exe = "%windir%\temp\1 bullet barney.exe"
|__ Value Added :
afdx.exe = "%windir%\afdx.exe"
|__ Value Added :
bigbomb.exe = "%windir%\temp\bigbomb.exe"
|__ Value Added :
booter.exe = "%windir%\temp\booter.exe"
|__ Value Added :
chongsbong.exe = "%SYSTEMDRIVE%\chongsbong.exe"
|__ Value Added :
compressed.exe = "%windir%\system\compressed.exe"
|__ Value Added :
computer-life-sucks.exe = "%windir%\temp\computer-life-sucks.exe"
|__ Value Added :
danceclubvideo.exe = "%windir%\temp\danceclubvideo.exe"
|__ Value Added :
dancemodel.exe = "%windir%\temp\dancemodel.exe"
|__ Value Added :
dj_maryam.exe = "%windir%\dj_maryam.exe"
|__ Value Added :
dllsys.exe = "%windir%\system\dllsys.exe"
|__ Value Added :
downarockyroad.exe = "%windir%\temp\downarockyroad.exe"
|__ Value Added :
edit.exe = "%windir%\system\edit.exe"
|__ Value Added :
exploit.bat = "%windir%\temp\exploit.bat"
|__ Value Added :
exploit-dcv1.exe = "%windir%\exploit-dcv1.exe"
|__ Value Added :
exploited-dom.exe = "%windir%\temp\exploited-dom.exe"
|__ Value Added :
exploited-domination1.7.exe = "%windir%\temp\exploited-domination1.7.exe"
|__ Value Added :
explorer.exe = "%windir%\explorer.exe"
|__ Value Added :
gansta-clip1.exe = "%windir%\temp\gansta-clip1.exe"
|__ Value Added :
gir.jpg.exe = "%windir%\temp\gir.jpg.exe"
|__ Value Added :
install.exe = "%windir%\system\install.exe"
|__ Value Added :
intelmouse.exe = "%windir%\intelmouse.exe"
|__ Value Added :
ip.exe = "%windir%\temp\ip.exe"
|__ Value Added :
ip-relay.exe = "%windir%\temp\ip-relay.exe"
|__ Value Added :
j-aimbot.exe = "%windir%\j-aimbot.exe"
|__ Value Added :
kernel32.exe = "%windir%\temp\kernel32.exe"
|__ Value Added :
kill.exe = "%windir%\temp\kill.exe"
|__ Value Added :
killer.exe = "%windir%\system\killer.exe"
|__ Value Added :
killerbooter.exe = "%windir%\temp\killerbooter.exe"
|__ Value Added :
lastdance.exe = "%windir%\temp\lastdance.exe"
|__ Value Added :
lol.exe = "%windir%\temp\lol.exe"
|__ Value Added :
lostagain.exe = "%windir%\temp\lostagain.exe"
|__ Value Added :
ltm2 = "%windir%\litmus\msgsrv32.exe"
|__ Value Added :
modelclip3.exe = "%windir%\system\modelclip3.exe"
|__ Value Added :
mstwain32 = "%windir%\mstwain32.exe"
|__ Value Added :
mypic.exe = "%windir%\mypic.exe"
|__ Value Added :
mypic.jpg.exe = "%windir%\mypic.jpg.exe"
|__ Value Added :
ñòfmîn.exe = "%windir%\ñòfmîn.exe"
|__ Value Added :
op4 srvr.exe = "%windir%\system\op4 srvr.exe"
|__ Value Added :
patch.exe = "%windir%\system\patch.exe"
|__ Value Added :
pic1.bat = "%SYSTEMDRIVE%\pic1.bat"
|__ Value Added :
poisonhoney.exe = "%windir%\system\poisonhoney.exe"
|__ Value Added :
poisonhoneybee.exe = "%windir%\temp\poisonhoneybee.exe"
|__ Value Added :
poisonhoneybeeee.exe = "%SYSTEMDRIVE%\poisonhoneybeeee.exe"
|__ Value Added :
proconnective.exe = "%windir%\temp\proconnective.exe"
|__ Value Added :
server.exe = "%windir%\system\server.exe"
|__ Value Added :
server.scr = "%windir%\temp\server.scr"
|__ Value Added :
serwer.exe = "%windir%\system\serwer.exe"
|__ Value Added :
sitehack.bat = "%windir%\temp\sitehack.bat"
|__ Value Added :
smss.exe = "%windir%\temp\smss.exe"
|__ Value Added :
starlights.exe = "%windir%\starlights.exe"
|__ Value Added :
stupidmario.exe = "%windir%\temp\stupidmario.exe"
|__ Value Added :
sysbackup.exe = "%windir%\sysbackup.exe"
|__ Value Added :
thepic.jpg.scr = "%windir%\system\thepic.jpg.scr"
|__ Value Added :
trojanworm.exe = "%windir%\trojanworm.exe"
|__ Value Added :
upload.exe = "%windir%\system\upload.exe"
|__ Value Added :
userinit.exe = "%windir%\userinit.exe"
|__ Value Added :
videoclip2.exe = "%windir%\temp\videoclip2.exe"
|__ Value Added :
videoclip3.exe = "%windir%\temp\videoclip3.exe"
|__ Value Added :
videoclip4.exe = "%windir%\temp\videoclip4.exe"
|__ Value Added :
videoclips.exe = "%windir%\temp\videoclips.exe"
|__ Value Added :
virusworm.exe = "%SYSTEMDRIVE%\virusworm.exe"
|__ Value Added :
whiteboys.exe = "%windir%\whiteboys.exe"
|__ Value Added :
winbot.exe = "%windir%\winbot.exe"
|__ Value Added :
windows.bat = "%windir%\windows.bat"
|__ Value Added :
winlog = "%windir%\winlog.exe"
|__ Value Added :
winlogon = "%windir%\winlogon.exe"
|__ Value Added :
winstart.bat = "%windir%\winstart.bat"
|__ Value Added :
winupdate.bat = "%windir%\temp\winupdate.bat"
|__ Value Added :
*winlog = "%windir%\winlog.exe"
|__ Value Added :
aziuu769 = "%systemroot%\agbiehfuck.bat"
|__ Value Added :
stubpath = "%windir%\system\sservice.exe"
|__ Value Added :
activexnr = "[reg_expand_sz, value: 26588]"
|__ Value Added :
activexpath = "[reg_expand_sz, value: %TEMP%\install.key]"
|__ Value Added :
activexpw = "[reg_expand_sz, value: 741852963]"
|__ Value Added :
activexurl = "[reg_expand_sz, value: somebodyweb.info]"
|__ Value Added :
activexuser = "[reg_expand_sz, value: u39357158-cs]"
|__ Value Added :
directx for microsoft® windows = "%windir%\system32\fservice.exe"
|__ Value Added :
bpk = "%windir%\system32\bpk.exe"
|__ Value Added :
cftmon = "%windir%\system32\cftmon.exe"
|__ Value Added :
configuration loader = "sys2.exe"
|__ Value Added :
csrss = "%windir%\system32\csrss.exe"
|__ Value Added :
defaultprofile = "%windir%\system32\logictech.exe"
|__ Value Added :
explorer = "expl0rer.exe"
|__ Value Added :
fkg = "%windir%\system32\fkg.exe"
|__ Value Added :
microsoft windows = "%windir%\cmd.dll"
|__ Value Added :
microsoft windows = "%windir%\explorer1.bat"
|__ Value Added :
mshost = "%windir%\system32\mshost.exe"
|__ Value Added :
ntsecurity = "ntsecurity.exe"
|__ Value Added :
playandprotect service = "playandprotect.exe"
|__ Value Added :
rundll = "%windir%\system32\kill.exe"
|__ Value Added :
runprog = "%windir%\wini.exe"
|__ Value Added :
session manager = "%windir%\sessmngr.exe"
|__ Value Added :
system = "%windir%\temp\system.exe"
|__ Value Added :
video driver = "%windir%\locproxy1.exe"
|__ Value Added :
winlog = "%windir%\winlog.exe"
|__ Value Added :
winvxd = "%windir%\winvxd.exe"
|__ Value Added :
*winlog = "%windir%\winlog.exe"
|__ Value Added :
configuration loader = "sys2.exe"
|__ Value Added :
defaultprofile = "%windir%\system32\logictech.exe"
|__ Value Added :
ntsecurity = "ntsecurity.exe"
|__ Value Added :
playandprotect service = "playandprotect.exe"

NOTE:

1. %allusersprofile% Refers to the windows all users profile folder. By default it is 'C:\Documents and Settings\All Users'
2. %programfiles% Refers to the program files folder. By default it is 'C:\Program Files'
3. %systemdrive% Refers to the windows System drive folder. By default it is 'C:\'
4. %temp% Refers to the windows temp folder. By default it is 'C:\Documents and Settings\[user]\Local Settings\Temp'
5. %userprofile% Refers to the windows current user's profile folder. By default it is 'C:\Documents and Settings\[user]'
6. %windir% Refers to the windows root folder. By default it is 'C:\Windows'
7. %workingdir% Refers to the current directory in which user is working.

Important: We strongly recommend that you backup the Registry before making any changes to it. Incorrect changes to the Registry can result in permanent data loss or corrupted Files. Modify the malicious\suspicious Subkeys only.

Click Here for more spywarelib.com recommended PC Security and Optimization Tools

To modify registry entries in Windows Operating System:
Follow Steps:
1. Click Start > Run
2. Type “regedit” : to open registry editor
3. Navigate to required registry Key from the Left Tree control and modify accordingly.


Microsoft Gold Certified Partner

© Systweak Inc., 1999-2011 All rights reserved.