Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows 7 activator.exe' = '<Full path to virus>'
- %HOMEPATH%\Start Menu\Programs\Startup\svchost .exe
- <Drive name for removable media>:\Xilisoft Apple TV Video Converter v5 1 26 1030 Inc.exe
- <Drive name for removable media>:\Xilisoft AVI MPEG Converter v5 1 26 1030 Keyg.exe
- <Drive name for removable media>:\Xilisoft AVI MPEG Joiner v1 0 34 1012 Keygen.exe
- <Drive name for removable media>:\Xilisoft 3GP Video Converter v5 1 26 1231 Key.exe
- <Drive name for removable media>:\LimeWire.Pro.v5.4.6.1.Multilingual.Retail-ZWT.exe
- <Drive name for removable media>:\DiceRoller2 0.exe
- <Drive name for removable media>:\SEXY WHORE VIDEOS.exe
- <Drive name for removable media>:\EXCLUSIVE BARRACK OBAMA PORN LEAK.exe
- <Drive name for removable media>:\MY PICTURES.exe
- <Drive name for removable media>:\MY MUSIC.exe
- <Drive name for removable media>:\Xilisoft CD Ripper v1 0 47 0904 Keygen.exe
- <Drive name for removable media>:\BIBLE.exe
- <Drive name for removable media>:\Xilisoft Blu Ray Ripper v5 2 4 0108 Keygen.exe
- <Drive name for removable media>:\Xilisoft Burn Pro v1 0 64 0112 Keygen.exe
- <Drive name for removable media>:\MS Office 2007 Activation KeyGen.exe
- <Drive name for removable media>:\Babylon 8 - Instant translation tool.exe
- <Drive name for removable media>:\Recover Keys v3 0 3 7-MAZE.exe
- <Drive name for removable media>:\Uniture Memory Booster v6 1 0 5158-MESMERiZE.exe
- <Drive name for removable media>:\cute dogs screensaver.exe
- <Drive name for removable media>:\Microsoft Windows Home Server 2010 Build 7360.exe
- <Drive name for removable media>:\3delite MP3 Stream Editor v3 4 4 1980 WinALL.exe
- <Drive name for removable media>:\Error Repair Professional 4 1 3 AT4RE DM999.exe
- <Drive name for removable media>:\Adobe Photoshop CS4 Extended + Keygen + Activation.exe
- <Drive name for removable media>:\Setup OneCare for Windows 7.exe
- <Drive name for removable media>:\YouTube Downloader all Access.exe
- <Drive name for removable media>:\LimeWire Pro.exe
- <Drive name for removable media>:\MY GAMES.exe
- <Drive name for removable media>:\WinRAR-3 91 Full + Keymaker.exe
- <Drive name for removable media>:\Sony Vegas Pro 9.0 Full.exe
- <Drive name for removable media>:\Microsoft Office 2010 Enterprise Corporate Edition.exe
- <Drive name for removable media>:\Microsoft Office Accounting Professional 2009.exe
- <Drive name for removable media>:\Miscrosoft Office Ultimate 2007.exe
- <Drive name for removable media>:\facebook for dummies.exe
- <Drive name for removable media>:\Microsoft AutoCollage 2008.exe
- <Drive name for removable media>:\1 MY PROJECTS.exe
- <Drive name for removable media>:\FUCKING HOT VIDEOS.exe
- <Drive name for removable media>:\America's got talent.exe
- <Drive name for removable media>:\Windows 7 activator.exe
- <Drive name for removable media>:\MS Office 2007 Activation KeyGen.exe.exe
- <Drive name for removable media>:\autorun.inf
- <Drive name for removable media>:\ultimate porn .exe
- <Drive name for removable media>:\avast setup.exe
- <Drive name for removable media>:\Microsoft Virus Remover-setup.exe
- <Drive name for removable media>:\FACEBOOK HACKER.exe
- <Drive name for removable media>:\1 MY MUSIC.exe
- <Drive name for removable media>:\Diskeeper 2010 Pro Premier v14 0 900.exe
- <Drive name for removable media>:\Website X5 Designer v7.7 WYSIWYG Website Creator.exe
- <Drive name for removable media>:\Windows 7 Toolkit v1.8 activations+full suite.exe
- <Drive name for removable media>:\BEST MUSIC VIDEOS OF 2013.exe
- <Drive name for removable media>:\EASY FACEBOOK HACKER.exe
- <Drive name for removable media>:\HOW TO HACK TWITTER.exe
- <Drive name for removable media>:\BEST MUSIC VIDEOS OF 2014.exe
- <Drive name for removable media>:\Ultimate porno.exe
- <Drive name for removable media>:\Sexy whores naked.exe
- <Drive name for removable media>:\Loaris Trojan Remover 1.2.0 Patch.exe
- <Drive name for removable media>:\DesktopCalendar.exe
- <Drive name for removable media>:\Microsoft Office Professional Plus x32 x64 2010.exe
- <Drive name for removable media>:\Adobe Photoshop CS4 KeyGen.exe
- <Drive name for removable media>:\My sister naked.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\rqwxz53263.exe' = '%TEMP%\rqwxz53263.exe:*:Enabled:enable'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<Full path to virus>' = '<Full path to virus>:*:Enabled:enable'
- '%TEMP%\rqwxz53263.exe'
- '<SYSTEM32>\netsh.exe' firewall set allowedprogram "%TEMP%\rqwxz53263.exe" enable
- '<SYSTEM32>\netsh.exe' firewall set allowedprogram "<Full path to virus>" enable
- %HOMEPATH%\Start Menu\Ultimate Porn Downloader.exe
- <Current directory>\Microsoft Virus Remover-setup.exe
- %TEMP%\rqwxz53263.exe
- <Drive name for removable media>:\Xilisoft Apple TV Video Converter v5 1 26 1030 Inc.exe
- <Drive name for removable media>:\Xilisoft AVI MPEG Converter v5 1 26 1030 Keyg.exe
- <Drive name for removable media>:\Xilisoft AVI MPEG Joiner v1 0 34 1012 Keygen.exe
- <Drive name for removable media>:\Xilisoft 3GP Video Converter v5 1 26 1231 Key.exe
- <Drive name for removable media>:\LimeWire.Pro.v5.4.6.1.Multilingual.Retail-ZWT.exe
- <Drive name for removable media>:\DiceRoller2 0.exe
- <Drive name for removable media>:\SEXY WHORE VIDEOS.exe
- <Drive name for removable media>:\EXCLUSIVE BARRACK OBAMA PORN LEAK.exe
- <Drive name for removable media>:\MY PICTURES.exe
- <Drive name for removable media>:\MY MUSIC.exe
- <Drive name for removable media>:\Xilisoft CD Ripper v1 0 47 0904 Keygen.exe
- <Drive name for removable media>:\BIBLE.exe
- <Drive name for removable media>:\Xilisoft Blu Ray Ripper v5 2 4 0108 Keygen.exe
- <Drive name for removable media>:\Xilisoft Burn Pro v1 0 64 0112 Keygen.exe
- <Drive name for removable media>:\MS Office 2007 Activation KeyGen.exe
- <Drive name for removable media>:\Babylon 8 - Instant translation tool.exe
- <Drive name for removable media>:\Recover Keys v3 0 3 7-MAZE.exe
- <Drive name for removable media>:\Uniture Memory Booster v6 1 0 5158-MESMERiZE.exe
- <Drive name for removable media>:\cute dogs screensaver.exe
- <Drive name for removable media>:\Microsoft Windows Home Server 2010 Build 7360.exe
- <Drive name for removable media>:\3delite MP3 Stream Editor v3 4 4 1980 WinALL.exe
- <Drive name for removable media>:\Error Repair Professional 4 1 3 AT4RE DM999.exe
- <Drive name for removable media>:\Adobe Photoshop CS4 Extended + Keygen + Activation.exe
- <Drive name for removable media>:\Setup OneCare for Windows 7.exe
- <Drive name for removable media>:\YouTube Downloader all Access.exe
- <Drive name for removable media>:\LimeWire Pro.exe
- <Drive name for removable media>:\MY GAMES.exe
- <Drive name for removable media>:\WinRAR-3 91 Full + Keymaker.exe
- <Drive name for removable media>:\Sony Vegas Pro 9.0 Full.exe
- <Drive name for removable media>:\Microsoft AutoCollage 2008.exe
- <Drive name for removable media>:\Microsoft Office Accounting Professional 2009.exe
- <Drive name for removable media>:\Miscrosoft Office Ultimate 2007.exe
- <Drive name for removable media>:\America's got talent.exe
- <Drive name for removable media>:\1 MY MUSIC.exe
- <Drive name for removable media>:\1 MY PROJECTS.exe
- <Drive name for removable media>:\FUCKING HOT VIDEOS.exe
- <Drive name for removable media>:\ultimate porn .exe
- <Drive name for removable media>:\Windows 7 activator.exe
- <Drive name for removable media>:\MS Office 2007 Activation KeyGen.exe.exe
- <Drive name for removable media>:\FACEBOOK HACKER.exe
- <Drive name for removable media>:\facebook for dummies.exe
- <Drive name for removable media>:\avast setup.exe
- <Drive name for removable media>:\Microsoft Virus Remover-setup.exe
- <Drive name for removable media>:\Loaris Trojan Remover 1.2.0 Patch.exe
- <Drive name for removable media>:\BEST MUSIC VIDEOS OF 2013.exe
- <Drive name for removable media>:\Diskeeper 2010 Pro Premier v14 0 900.exe
- <Drive name for removable media>:\Website X5 Designer v7.7 WYSIWYG Website Creator.exe
- <Drive name for removable media>:\BEST MUSIC VIDEOS OF 2014.exe
- <Drive name for removable media>:\Microsoft Office 2010 Enterprise Corporate Edition.exe
- <Drive name for removable media>:\EASY FACEBOOK HACKER.exe
- <Drive name for removable media>:\HOW TO HACK TWITTER.exe
- <Drive name for removable media>:\DesktopCalendar.exe
- <Drive name for removable media>:\Ultimate porno.exe
- <Drive name for removable media>:\Sexy whores naked.exe
- <Drive name for removable media>:\My sister naked.exe
- <Drive name for removable media>:\Windows 7 Toolkit v1.8 activations+full suite.exe
- <Drive name for removable media>:\Microsoft Office Professional Plus x32 x64 2010.exe
- <Drive name for removable media>:\Adobe Photoshop CS4 KeyGen.exe
- 'localhost':6667