Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

windows\system32\soft.exe


  • This topic is locked This topic is locked

#1
dkstrader

dkstrader

    New Member

  • Member
  • Pip
  • 1 posts
I the isearch desktop bar and other malware on my computer. I finally got rid of all of it, however I deleted a file : windows\system32\soft.exe. Can anyone tell me where I can get this again? I searched my XP disks, but came up with nothing. Any help would be appreciated.

thanks
  • 0

Advertisements


#2
Guest_thatman_*

Guest_thatman_*
  • Guest
Hi dkstrader

Now why would you want to put Malware onto your system.

%sysdir%\soft.exe
Trojan Admincash.
Disables Widnows security settings.
Download additional adware components.
Adds "run" = "%System%\soft.exe" to Windows startup registry keys.
Adds the value:
"Web Service" = "%System%\[random file name].exe"
to Active Setup registry keys.
Adds the value:
"DisableSR" = "0x00000001"
to the registry subkeys:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
SystemRestore
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
SystemRestore
to disable System Restore.
Adds the value:
"EnableFirewall" = "0x00000001"
to the registry subkeys:
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\WindowsFirewall\
DomainProfile
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\
DomainProfile
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\WindowsFirewall\
StandardProfile
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\
StandardProfile
to disable Windows security features.

"NoAutoUpdate" = "0x00000001"
"AUOptions" = "0x00000001"
to the registry subkeys:
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\
WindowsUpdate\AU
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\
WindowsUpdate\AU
to disable Windows Auto Update.

You Must Read This Before Posting A Hijackthis Log

Please post a new HJT.Log

Kc :tazz:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP