bydvwqcdw.com

By Pig, October 4, 2009

Remote Host Port Number
bydvwqcdw.com 8090

Registry Modifications

* The newly created Registry Values are:
o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]
+ Taskman = “C:RECYCLERS-1-5-21-2344348871-565435639-736567348-2995azmit32.exe”

so that azmit32.exe runs every time Windows starts
o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
+ winprocsm = “C:RECYCLERS-1-5-21-2344348871-565435639-736567348-2995azmit32.exe”

so that azmit32.exe runs every time Windows starts
o [HKEY_CURRENT_USERSoftwareMicrosoftWindows NTCurrentVersionWinlogon]
+ Shell = “explorer.exe,C:RECYCLERS-1-5-21-2344348871-565435639-736567348-2995azmit32.exe”

so that azmit32.exe runs every time Windows starts

Categories: Uncategorized
Previous post
Next post