Threat Information for "Trojan.DownLoader.316"
| Summary | Top |
- Name: Trojan.DownLoader.316
- Aliases:Win32:Trojano-495 [Trj], TR/Drop.Small.GS.2, Downloader.Small.6.T, Trojan-Downloader.Win32.Small.ij, security risk or a "backdoor" program, Downloader-JU
- Date Discovered: 2006-01-13
- Protection Added: 2006-02-23
| Description | Top |
-- Ease of Removal 1: Consistently named 2: Consistent file contents 3: Creates new registry entries with consistent data -- Damage/Intrusion/Annoyance 1: Autoruns at startup without an option to be disabled -- Propagation/Saturation 1: Creates new files
| Technical Details | Top |
- Added Directory/File:
FilePath: %SYSTEMDIR%\dgsetup.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\gdiplus.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\irclass.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdit.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\localspl.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\mset_bbi80102.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\neth.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\rcbdyctl.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\tapiperf.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\wmadmod.exe - Added Directory/File:
FilePath: %WINDIR%\patchw32.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\asycfilt.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dsauth.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\iassam.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdbe.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\lfgif11n.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\mmcndmgr.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\mslbui.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\nvrsja.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\scripto.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\usrsdpia.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\zipfldr.exe - Added Directory/File:
FilePath: %WINDIR%\vmmreg32.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\comuid.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dbnmpntw.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\eventlog.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\ipv6mon.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdic.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\licwmi.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msdtclog.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msxbse35.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\psbase.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\srsvc.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\wiaservc.exe - Added Directory/File:
FilePath: %WINDIR%\msto32.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\adsnt.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dpnwsock.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\iaspolcy.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\jgpl400.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdsw.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\mciavi32.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msihnd.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\nvrsel.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\sccsccp.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\urlmon.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\wmsdmod.exe - Added Directory/File:
FilePath: %WINDIR%\twain.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\cmcfg32.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dbghelp.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dx7vb.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\inetcomm.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdfr.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\licdll.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\mscms.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\mstext40.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\panmap.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\shgina.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\webvw.exe - Added Directory/File:
FilePath: %WINDIR%\inres.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\activeds.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dmstyle.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\iasads.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\jet500.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdru1.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\lsasrv.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msftedit.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\ntlanui.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\resutils.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\toolhelp.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\wmpcore.exe - Added Directory/File:
FilePath: %WINDIR%\systb.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\cdintf.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\d3dxof.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dswave.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\ieakui.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdcz2.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\lftga13n.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msacm32.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msnsspc.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\odtext32.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\sfcfiles.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\version.exe - Added Directory/File:
FilePath: %WINDIR%\hcextoutput.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\diskcopy.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\hlinkprx.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\isrdbg32.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdlv1.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\lprmon.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\mset_b~2.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\netlogon.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\rdpsnd.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\tapiui.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\wmasf.exe - Added Directory/File:
FilePath: %WINDIR%\pcdlib32.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\avtapi.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dsound.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\iassdo.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdcz.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\lfras11n.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\mmcshext.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msltus40.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\nvwrssv.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\serialui.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\utildll.exe - Added Directory/File:
FilePath: %WINDIR%\bxxs5.exe - Added Directory/File:
FilePath: %WINDIR%\wildapp.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\cryptext.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\devmgr.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\fxsst.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\ipx32d56.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdir.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\loadperf.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msencode.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msxml.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\racpldlg.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\syntpcoi.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\winstrm.exe - Added Directory/File:
FilePath: %WINDIR%\nem216.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\adsnw.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dpvoice.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\iasrecst.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\jscript.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbduk.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\mdhcp.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msjter40.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\nvrseng.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\scredir.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\usrcoina.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\xpsp2res.exe - Added Directory/File:
FilePath: %WINDIR%\twain_32.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\comctl32.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dbmsrpcn.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dxtrans.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\ipsecsvc.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdhept.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\licmgr10.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msctf.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\mswmdm.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\profmap.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\snmpsnap.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\wiadss.exe - Added Directory/File:
FilePath: %WINDIR%\mshp.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\adsmsext.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dmusic.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\iasperf.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\jgdw400.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdsp.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\mag_hook.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msident.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\nv4_disp.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\samsrv.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\tscfgwmi.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\wmpui.exe - Added Directory/File:
FilePath: %WINDIR%\tmupdate.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\clbcatex.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dbgeng.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\duser.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\imeshare.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdfi.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\lfwfx80n.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\mscat32.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msrd3x40.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\oleaccrc.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\sfwuts20.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\webclnt.exe - Added Directory/File:
FilePath: %WINDIR%\hcexto~1.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dmband.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\hnetwiz.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\itircl.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdnec95.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\lprmonui.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msexch40.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\netrap.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\rend.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\tcpmonui.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\wmpcd.exe - Added Directory/File:
FilePath: %WINDIR%\poce98.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\cabview.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dsuiext.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\idleui.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\kbdcz1.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\lfsct13n.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msaatext.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\msnetobj.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\odbcji32.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\sfc_os.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\vdmredir.exe - Added Directory/File:
FilePath: %WINDIR%\glcv20dr.exe - Added Directory/File:
FilePath: %WINDIR%\wsem218.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\ctmp3lib.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\cabview.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dmband.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\hnetwiz.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\itircl.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdnec95.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\lprmonui.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msexch40.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\netrap.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\rend.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\tcpmonui.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\poce98.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\wmpcd.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\ctmp3lib.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dsuiext.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\idleui.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdcz1.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\lfsct13n.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msaatext.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msnetobj.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\odbcji32.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\sfc_os.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\vdmredir.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\wsem218.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\glcv20dr.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\asycfilt.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dgsetup.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\gdiplus.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\irclass.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdit.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\localspl.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\mset_bbi80102.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\neth.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\rcbdyctl.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\tapiperf.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\patchw32.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\wmadmod.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\comuid.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dsauth.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\iassam.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdbe.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\lfgif11n.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\mmcndmgr.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\mslbui.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\nvrsja.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\scripto.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\usrsdpia.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\vmmreg32.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\zipfldr.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\adsnt.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dbnmpntw.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\eventlog.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\ipv6mon.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdic.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\licwmi.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msdtclog.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msxbse35.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\psbase.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\srsvc.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\msto32.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\wiaservc.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\cmcfg32.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dpnwsock.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\iaspolcy.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\jgpl400.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdsw.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\mciavi32.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msihnd.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\nvrsel.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\sccsccp.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\urlmon.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\twain.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\wmsdmod.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dbghelp.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dx7vb.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\inetcomm.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdfr.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\licdll.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\mscms.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\mstext40.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\panmap.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\shgina.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\webvw.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\activeds.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\inres.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\cdintf.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dmstyle.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\iasads.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\jet500.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdru1.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\lsasrv.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msftedit.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\ntlanui.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\resutils.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\toolhelp.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\systb.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\wmpcore.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\d3dxof.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dswave.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\ieakui.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdcz2.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\lftga13n.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msacm32.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msnsspc.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\odtext32.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\sfcfiles.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\version.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\hcextoutput.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\avtapi.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\diskcopy.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\hlinkprx.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\isrdbg32.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdlv1.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\lprmon.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\mset_b~2.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\netlogon.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\rdpsnd.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\tapiui.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\pcdlib32.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\wmasf.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\cryptext.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dsound.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\iassdo.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdcz.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\lfras11n.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\mmcshext.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msltus40.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\nvwrssv.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\serialui.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\utildll.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\wildapp.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\bxxs5.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\adsnw.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\devmgr.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\fxsst.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\ipx32d56.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdir.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\loadperf.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msencode.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msxml.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\racpldlg.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\syntpcoi.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\nem216.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\winstrm.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\comctl32.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dpvoice.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\iasrecst.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\jscript.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbduk.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\mdhcp.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msjter40.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\nvrseng.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\scredir.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\usrcoina.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\twain_32.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\xpsp2res.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dbmsrpcn.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dxtrans.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\ipsecsvc.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdhept.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\licmgr10.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msctf.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\mswmdm.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\profmap.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\snmpsnap.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\adsmsext.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\wiadss.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\mshp.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\clbcatex.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dmusic.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\iasperf.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\jgdw400.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdsp.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\mag_hook.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msident.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\nv4_disp.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\samsrv.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\tscfgwmi.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\tmupdate.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\wmpui.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\dbgeng.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\duser.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\imeshare.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\kbdfi.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\lfwfx80n.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\mscat32.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\msrd3x40.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\oleaccrc.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\sfwuts20.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\webclnt.exe - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\hcexto~1.exe
