Permanent Download 071119
Released 16 years, 10 months ago. November 2007
Copyright © MegaSecurity
By ?
Informations
| From | China |
| Author | ? |
| Family | Permanent Download |
| Category | Webdownloader |
| Version | Permanent Download 071119 |
| Released Date | Nov 2007, 16 years, 10 months ago. |
Additional Information
Dropped Files:
c:\autorun.inf Size: 169 bytes
c:\pyxefde.exe Size: 27,361 bytes
c:\Program Files\meex.exe Size: 27,361 bytes
c:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe Size: 27,361 bytes
c:\Program Files\Common Files\Microsoft Shared\ghrmbva.inf Size: 169 bytes
c:\Program Files\Common Files\System\dosxame.exe Size: 27,361 bytes
c:\Program Files\Common Files\System\ghrmbva.inf Size: 169 bytes
Added to Registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache "C:\Documents and Settings\Kobayashi\Desktop\xzz.exe"
Data: xzz
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "ghrmbva"
Data: C:\Program Files\Common Files\System\dosxame.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "pyxefde"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adam.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AppSvc32.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ArSwp.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AST.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoruns.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvastU3.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrssvc.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.com "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EGHOST.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FileDsty.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FTCleanerShell.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FYFireWall.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ghost.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmo.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\irsetup.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\isPwdSvc.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KaScrScn.SCR "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPF.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSetup.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KISLnchr.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMFilter.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32X.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPfwSvc.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRepair.com "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KsLoader.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVCenter.kxp "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvDetect.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvfwMcl.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.kxp "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP_1.kxp "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvolself.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvReport.kxp "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVScan.kxp "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVStub.kxp "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvupload.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvwsc.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP.kxp "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP_1.kxp "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch9x.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchX.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\loaddll.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MagicSet.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcconsol.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmqczj.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapsvc.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapw32.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NPFMntor.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFW.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QHSET.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctor.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQKav.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQSC.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ras.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMon.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMonD.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavTask.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegClean.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwcfg.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwmain.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsAgent.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safelive.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shcfg32.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartUp.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREng.EXE "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysSafe.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.kxp "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UIHost.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAgent.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAttachment.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxCfg.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxFwHlp.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxPol.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upiea.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpLive.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\USBCleaner.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsstat.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webscanx.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WoptiClean.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zjb.exe "Debugger"
Data: C:\Program Files\Common Files\Microsoft Shared\drtwpbx.exe
Tested on Windows XP
November 13, 2008If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.