this is just some stuff i found about it. i don't know if you need it or not. it is obviously allowing anything to connect to my computer.


winsys32 info

Windows errors related to winsys32.exe?

winsys32.exe is a process which is registered as a trojan. This Trojan allows attackers to access your computer from remote locations, stealing passwords, Internet banking and personal data. This process is a security risk and should be removed from your system. We strongly recommend that you run a FREE registry scan to identify winsys32.exe related errors

winsys32.exe file information
The process RZ7tLty belongs to the software TatkVCS14h by GZ93YnT8K.

Description: File winsys32.exe is located in the folder C:\Windows\System32. The file size on Windows 7/XP is 66,048 bytes. 
There is no file information. The program has no visible window. File winsys32.exe is located in the Windows folder, but it is not a Windows core file. File winsys32.exe is not a Windows core file. Therefore the technical security rating is 81% dangerous, however also read the users reviews.

Recommended: Identify winsys32.exe related errors

If winsys32.exe is located in the folder C:\Windows\System32\drivers then the security rating is 80% dangerous. File size is 45,056 bytes. There is no file information. The program has no visible window. The file is an unknown file in the Windows folder. The process is loaded during the Windows boot process (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run). The file is not a Windows system file. 

If winsys32.exe is located in a subfolder of C:\Windows then the security rating is 100% dangerous. File size is 66,048 bytes. There is no information about the maker of the file. The program has no visible window. The file is located in the Windows folder, but it is not a Windows core file. The program starts when Windows starts (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run). File winsys32.exe is not a Windows core file. 

If winsys32.exe is located in a subfolder of C:\Windows\System32 then the security rating is 36% dangerous. File size is 864,256 bytes. 

External information from Paul Collins:
There are different files with the same name:

•"Config Loadr" definitely not required. Added by the AGOBOT-HN WORM!
•"Microsoft Update" definitely not required. Added by a variant of the RBOT WORM!
•"Windows Networking" definitely not required. Added by the GAOBOT.FL WORM!
•"WinSys32" definitely not required. Added by the CIGIVIP TROJAN or RECKUS WORM!
•"winsys32 Driver" definitely not required. Added by the LOONY-O TROJAN!

Important: Some malware camouflage themselves as winsys32.exe, particularly if they are located in c:\windows or c:\windows\system32 folder. Thus check the winsys32.exe process on your pc whether it is pest. We recommend Security Task Manager for verifying your computer's security. It was one of the Top Download Picks of The Washington Post and PC World. 

File "winsys32.exe" has the following statistics: 
Total number of reports analysed 611,932 
Number of cases that involved the file "winsys32.exe" 47 
Number of incidents when this file was found to be a threat 43 
Statistical volume of cases when "winsys32.exe" was a threat 91% 
 Please enable javascript to display the chart. 
Notes: 
•Please note that the name of the file should NOT be used to define if it is legitimate or not. Such determination can only be made by observing its dynamic behaviour.
•In order to check a file, please submit it to ThreatExpert.
•For a comprehensive pro-active protection against threats, please consider ThreatFire - our behavioral antivirus solution.
 
 
The file "winsys32.exe" is known to be created under the following filenames: 
%CommonPrograms%\startup\winsys32.exe 
%System%\1025\5201.exe 
%System%\1028\8201.exe 
%System%\1031\1301.exe 
%System%\1033\3301.exe 
%System%\1037\7301.exe 
%System%\1041\1401.exe 
%System%\1042\2401.exe 
%System%\1054\4501.exe 
%System%\2052\2502.exe 
%System%\3076\6703.exe 
%System%\3com_dmi\imd_moc3.exe 
%System%\catroot\toortac.exe 
%System%\catroot2\2toortac.exe 
%System%\com\moc.exe 
%System%\dfgaert.dll 
%System%\dhcp\pchd.exe 
%System%\directx\xtcerid.exe 
%System%\drivers\srevird.exe 
%System%\drivers\winsys32.exe 
%System%\export\tropxe.exe 
%System%\ias\sai.exe 
%System%\icsxml\lmxsci.exe 
%System%\ime\emi.exe 
%System%\inetsrv\vrsteni.exe 
%System%\krnl32.dll 
%System%\macromed\demorcam.exe 
%System%\microsoft\tfosorcim.exe 
%System%\msdtc\ctdsm.exe 
%System%\mssvmdll.dll 
%System%\mui\ium.exe 
%System%\npp\ppn.exe 
%System%\oobe\eboo.exe 
%System%\posterm.dll 
%System%\ras\sar.exe 
%System%\regdll32.exe 
%System%\reinstallbackups\spukcabllatsnier.exe 
%System%\restore\erotser.exe 
%System%\setup\putes.exe 
%System%\shellext\txellehs.exe 
%System%\spool\loops.exe 
%System%\sthbdm32.dll 
%System%\stubext.dll 
%System%\svhc32.dll 
%System%\systerm.exe 
%System%\uncwqs.dll 
%System%\usmt\tmsu.exe 
%System%\wbem\mebw.exe 
%System%\windowsprotection.exe 
%System%\winhid64.dll 
%System%\wins\sniw.exe 
%System%\winsys32.exe 
%System%\xircom\mocrix.exe 
%Temp%\1234.exe 
%Temp%\krnl32.dll 
%Temp%\mssvmdll.dll 
%Temp%\mstsk32.dll 
%Temp%\mxcrtp.dll 
%Temp%\posterm.dll 
%Temp%\regdll32.exe 
%Temp%\sthbdm32.dll 
%Temp%\stubext.dll 
%Temp%\svhc32.dll 
%Temp%\systerm.exe 
%Temp%\uncwqs.dll 
%Temp%\winsys32.exe 
%Temp%\wintst.dll 
%UserProfile%\dfgaert.dll 
%UserProfile%\mxcrtp.dll 
%UserProfile%\posterm.dll 
%UserProfile%\regdll32.exe 
%UserProfile%\sthbdm32.dll 
%UserProfile%\stubext.dll 
%UserProfile%\systerm.exe 
%UserProfile%\uncwqs.dll 
%UserProfile%\winhid64.dll 
%UserProfile%\winsys32.exe 
%UserProfile%\wintst.dll 
%Windir%\inf\winsys32.exe 
%Windir%\monitorsetup.exe 
%Windir%\runrunrun.exe 
%Windir%\sysa.exe 
%Windir%\sysb.exe 
%Windir%\systemmonitor64.exe 
%Windir%\windows.exe 
%Windir%\winsys32.exe 
%Windir%\winsystem.exe 
c:\bootex.exe 
c:\log.exe 
 


winsys32_061230.dllwinsys32.exewinsys.dllwinsys.exewinsyslog.exewinsyst32.exewinsystem16.exewinsystem.exewintab32.dllwintab32.exewintaskad.exewintask.exewintasks.exewintbp.exewintcp.dllwinteg.exewintegsm.exewintellect.threading.dllwintems.exewintems.exewinter_1.dllwinters.rdpwinthusiasm.htmleditor.dllwintidy.exewintime.exewintimer.exewinting.dllwintkeys.dllwintl32v.dllwintmcshadow.exewintmr32.dllwintmr.exewintoolsa.dllwintoolsa.exewintools.exewintopmost.exewintray.exewintrims.exewintrust32.exewintrust.dllwintrv.exewintsk32.exewintsvcc.exewintsvtr.exewintt.exewintv2k.exewintv6.espwintvacc.dllwintv.exewinu4.dllwinu5.dllwinuae_french.dllwinuae_german.dllwinuodps.exewin_upd2.exewinupdate.exewinupdates.exewin_upd.exewinupd.exewinupdgm.exewinupdsdgm.exewinupdt.exewinupdtl.exewinupie.exewinupsvc.exewinusb.dllwinuserapplauncher.exewinutil5.dllwinutils.dllwinvcoll.dllwinventa.exewinver.exewinview.dllwinvnc4.exewinvncev.exewinvnc.exewinvocon.dllwinvolume.dllwinvq1.dllwinvq2.dll