Trojan.DownLoader39.30169

Technical Information

To ensure autorun and distribution

Modifies the following registry keys

[<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'Network Sub Spooler' = '<SYSTEM32>\Com\SERVICES.EXE'

Malicious functions

Executes the following

'%WINDIR%\syswow64\taskkill.exe' /F /FI "USERNAME eq user" /IM spoolsv.exe /T
'%WINDIR%\syswow64\net.exe' stop Norton AntiVirus Server
'%WINDIR%\syswow64\net.exe' stop Norton Internet Security
'%WINDIR%\syswow64\net.exe' stop Norton Personal Firewall 2001
'%WINDIR%\syswow64\net.exe' stop Nupgrade.exe
'%WINDIR%\syswow64\net.exe' stop NVC95
'%WINDIR%\syswow64\net.exe' stop Nvc95.exe
'%WINDIR%\syswow64\net.exe' stop Outpost.exe
'%WINDIR%\syswow64\net.exe' stop Padmin.exe
'%WINDIR%\syswow64\net.exe' stop PGP Gauntlet
'%WINDIR%\syswow64\net.exe' stop NORTON
'%WINDIR%\syswow64\net.exe' stop Normist.exe
'%WINDIR%\syswow64\net.exe' stop Pc firewall
'%WINDIR%\syswow64\net.exe' stop PC Viper
'%WINDIR%\syswow64\net.exe' stop PCCIOMON
'%WINDIR%\syswow64\net.exe' stop PCCMAIN
'%WINDIR%\syswow64\net.exe' stop PCCWIN98
'%WINDIR%\syswow64\net.exe' stop Pccwin98.exe
'%WINDIR%\syswow64\net.exe' stop Pcfwallicon.exe
'%WINDIR%\syswow64\net.exe' stop Persfw.exe
'%WINDIR%\syswow64\net.exe' stop Pavcl.exe
'%WINDIR%\syswow64\net.exe' stop Pavw.exe
'%WINDIR%\syswow64\net.exe' stop MCAFEE
'%WINDIR%\syswow64\net.exe' stop Pavsched.exe
'%WINDIR%\syswow64\net.exe' stop Navnt.exe
'%WINDIR%\syswow64\net.exe' stop McAfee Internet Guard Dog Pro
'%WINDIR%\syswow64\net.exe' stop Moolive.exe
'%WINDIR%\syswow64\net.exe' stop Mpftray.exe
'%WINDIR%\syswow64\net.exe' stop N32scanw.exe
'%WINDIR%\syswow64\net.exe' stop NAVAPSVC
'%WINDIR%\syswow64\net.exe' stop NAVAPW32
'%WINDIR%\syswow64\net.exe' stop Navapw32.exe
'%WINDIR%\syswow64\net.exe' stop NAVLU32
'%WINDIR%\syswow64\net.exe' stop NMAIN
'%WINDIR%\syswow64\net.exe' stop Norman Personal Firewall
'%WINDIR%\syswow64\net.exe' stop Nmain.exe
'%WINDIR%\syswow64\net.exe' stop NAVW32
'%WINDIR%\syswow64\net.exe' stop Navw32.exe
'%WINDIR%\syswow64\net.exe' stop NAVWNT
'%WINDIR%\syswow64\net.exe' stop Navwnt.exe
'%WINDIR%\syswow64\net.exe' stop NeoWatch
'%WINDIR%\syswow64\net.exe' stop NISSERV
'%WINDIR%\syswow64\net.exe' stop NISUM
'%WINDIR%\syswow64\net.exe' stop Nisum.exe
'%WINDIR%\syswow64\net.exe' stop Navlu32.exe
'%WINDIR%\syswow64\net.exe' stop NAVRUNR
'%WINDIR%\syswow64\net.exe' stop McAfee Firewall
'%WINDIR%\syswow64\net.exe' stop POP3TRAP
'%WINDIR%\syswow64\net.exe' stop Rav7win.exe
'%WINDIR%\syswow64\net.exe' stop TermiNET
'%WINDIR%\syswow64\net.exe' stop TGB:BOB
'%WINDIR%\syswow64\net.exe' stop Tiny Personal Firewall
'%WINDIR%\syswow64\net.exe' stop Vet95.exe
'%WINDIR%\syswow64\net.exe' stop Vettray.exe
'%WINDIR%\syswow64\net.exe' stop Vscan40.exe
'%WINDIR%\syswow64\net.exe' stop Vsecomr.exe
'%WINDIR%\syswow64\net.exe' stop VSHWIN32
'%WINDIR%\syswow64\net.exe' stop Tds2-98.exe
'%WINDIR%\syswow64\net.exe' stop Tds2-Nt.exe
'%WINDIR%\syswow64\net.exe' stop Vshwin32.exe
'%WINDIR%\syswow64\net.exe' stop WEBSCANX
'%WINDIR%\syswow64\net.exe' stop Webscanx.exe
'%WINDIR%\syswow64\net.exe' stop WEBTRAP
'%WINDIR%\syswow64\net.exe' stop Wfindv32.exe
'%WINDIR%\syswow64\net.exe' stop Wingate
'%WINDIR%\syswow64\net.exe' stop WinProxy
'%WINDIR%\syswow64\net.exe' stop WinRoute
'%WINDIR%\syswow64\net.exe' stop WyvernWorks Firewall
'%WINDIR%\syswow64\net.exe' stop VSSTAT
'%WINDIR%\syswow64\net.exe' stop Vsstat.exe
'%WINDIR%\syswow64\net.exe' stop PVIEW95
'%WINDIR%\syswow64\net.exe' stop Proxy +
'%WINDIR%\syswow64\net.exe' stop SYMPROXYSVC
'%WINDIR%\syswow64\net.exe' stop Rescue.exe
'%WINDIR%\syswow64\net.exe' stop RESCUE32
'%WINDIR%\syswow64\net.exe' stop SAFEWEB
'%WINDIR%\syswow64\net.exe' stop Safeweb.exe
'%WINDIR%\syswow64\net.exe' stop Scan32.exe
'%WINDIR%\syswow64\net.exe' stop Scan95.exe
'%WINDIR%\syswow64\net.exe' stop Scanpm.exe
'%WINDIR%\syswow64\net.exe' stop Tbscan.exe
'%WINDIR%\syswow64\net.exe' stop Rav7.exe
'%WINDIR%\syswow64\net.exe' stop Tca.exe
'%WINDIR%\syswow64\net.exe' stop Scrscan.exe
'%WINDIR%\syswow64\net.exe' stop Snort - Win32 GUI
'%WINDIR%\syswow64\net.exe' stop Snort (Intrusion Detection System)
'%WINDIR%\syswow64\net.exe' stop Sphinx.exe
'%WINDIR%\syswow64\net.exe' stop Sphinxwall
'%WINDIR%\syswow64\net.exe' stop Sweep95.exe
'%WINDIR%\syswow64\net.exe' stop Sybergen Secure Desktop
'%WINDIR%\syswow64\net.exe' stop Sybergen SyGate
'%WINDIR%\syswow64\net.exe' stop Serv95.exe
'%WINDIR%\syswow64\net.exe' stop Smc.exe
'%WINDIR%\syswow64\net.exe' stop SMCSERVICE
'%WINDIR%\syswow64\net.exe' stop LUCOMSERVER
'%WINDIR%\syswow64\net.exe' stop Luall.exe
'%WINDIR%\syswow64\net.exe' stop LUALL
'%WINDIR%\syswow64\net.exe' stop Avpcc.exe
'%WINDIR%\syswow64\net.exe' stop Avpdos32.exe
'%WINDIR%\syswow64\net.exe' stop Avpm.exe
'%WINDIR%\syswow64\net.exe' stop Avptc32.exe
'%WINDIR%\syswow64\net.exe' stop Avpupd.exe
'%WINDIR%\syswow64\net.exe' stop Avsched32.exe
'%WINDIR%\syswow64\net.exe' stop AVSync Manager
'%WINDIR%\syswow64\net.exe' stop AVSYNMGR
'%WINDIR%\syswow64\net.exe' stop AVP32
'%WINDIR%\syswow64\net.exe' stop CFINET32
'%WINDIR%\syswow64\net.exe' stop Avp.exe
'%WINDIR%\syswow64\net.exe' stop BLACKICE
'%WINDIR%\syswow64\net.exe' stop BlackICE Defender
'%WINDIR%\syswow64\net.exe' stop Blackice.exe
'%WINDIR%\syswow64\net.exe' stop CA Sessionwall-3
'%WINDIR%\syswow64\net.exe' stop Cfiadmin.exe
'%WINDIR%\syswow64\net.exe' stop Cfiaudit.exe
'%WINDIR%\syswow64\net.exe' stop CFINET
'%WINDIR%\syswow64\net.exe' stop Cfinet.exe
'%WINDIR%\syswow64\net.exe' stop Avwupd32.exe
'%WINDIR%\syswow64\net.exe' stop Avwin95.exe
'%WINDIR%\syswow64\net.exe' stop Blackd.exe
'%WINDIR%\syswow64\net.exe' stop Avkserv.exe
'%WINDIR%\syswow64\net.exe' stop Anti-Trojan.exe
'%WINDIR%\syswow64\net.exe' stop wscsvc
'%WINDIR%\syswow64\net.exe' stop SNDSrvc
'%WINDIR%\syswow64\net.exe' stop SENS
'%WINDIR%\syswow64\net.exe' stop NPFNMntor
'%WINDIR%\syswow64\net.exe' stop PGPsdkService
'%WINDIR%\syswow64\net.exe' stop _Avp32.exe
'%WINDIR%\syswow64\net.exe' stop _Avpcc.exe
'%WINDIR%\syswow64\net.exe' stop _Avpm.exe
'%WINDIR%\syswow64\net.exe' stop Avnt.exe
'%WINDIR%\syswow64\net.exe' stop Cfinet32.exe
'%WINDIR%\syswow64\net.exe' stop SharedAccess
'%WINDIR%\syswow64\net.exe' stop ANTIVIR
'%WINDIR%\syswow64\net.exe' stop Apvxdwin.exe
'%WINDIR%\syswow64\net.exe' stop ATRACK
'%WINDIR%\syswow64\net.exe' stop Autodown.exe
'%WINDIR%\syswow64\net.exe' stop AVCONSOL
'%WINDIR%\syswow64\net.exe' stop Avconsol.exe
'%WINDIR%\syswow64\net.exe' stop Ave32.exe
'%WINDIR%\syswow64\net.exe' stop Avgctrl.exe
'%WINDIR%\syswow64\net.exe' stop Agnitum Outpost Firewall
'%WINDIR%\syswow64\net.exe' stop Ackwin32.exe
'%WINDIR%\syswow64\net.exe' stop Avp32.exe
'%WINDIR%\syswow64\net.exe' stop Claw95.exe
'%WINDIR%\syswow64\net.exe' stop Iamapp.exe
'%WINDIR%\syswow64\net.exe' stop Ibmasn.exe
'%WINDIR%\syswow64\net.exe' stop Ibmavsp.exe
'%WINDIR%\syswow64\net.exe' stop Icload95.exe
'%WINDIR%\syswow64\net.exe' stop Icloadnt.exe
'%WINDIR%\syswow64\net.exe' stop ICMON
'%WINDIR%\syswow64\net.exe' stop Icmon.exe
'%WINDIR%\syswow64\net.exe' stop Icsupp95.exe
'%WINDIR%\syswow64\net.exe' stop IAMAPP
'%WINDIR%\syswow64\net.exe' stop F-Stopw.exe
'%WINDIR%\syswow64\net.exe' stop Iamserv.exe
'%WINDIR%\syswow64\net.exe' stop Icsuppnt.exe
'%WINDIR%\syswow64\net.exe' stop Iomon98.exe
'%WINDIR%\syswow64\net.exe' stop Jedi.exe
'%WINDIR%\syswow64\net.exe' stop LOCKDOWN2000
'%WINDIR%\syswow64\net.exe' stop Lockdown2000.exe
'%WINDIR%\syswow64\net.exe' stop Look'n'Stop
'%WINDIR%\syswow64\net.exe' stop Look'n'Stop Lite
'%WINDIR%\syswow64\net.exe' stop Lookout.exe
'%WINDIR%\syswow64\net.exe' stop Iface.exe
'%WINDIR%\syswow64\net.exe' stop Internet Alert 99
'%WINDIR%\syswow64\net.exe' stop IOMON98
'%WINDIR%\syswow64\net.exe' stop GNAT Box Lite
'%WINDIR%\syswow64\net.exe' stop F-STOPW
'%WINDIR%\syswow64\net.exe' stop Claw95cf.exe
'%WINDIR%\syswow64\net.exe' stop Cleaner3.exe
'%WINDIR%\syswow64\net.exe' stop Defwatch
'%WINDIR%\syswow64\net.exe' stop Defwatch.exe
'%WINDIR%\syswow64\net.exe' stop Dvp95.exe
'%WINDIR%\syswow64\net.exe' stop Dvp95_0.exe
'%WINDIR%\syswow64\net.exe' stop Ecengine.exe
'%WINDIR%\syswow64\net.exe' stop eSafe Protect Desktop
'%WINDIR%\syswow64\net.exe' stop Esafe.exe
'%WINDIR%\syswow64\net.exe' stop Espwatch.exe
'%WINDIR%\syswow64\net.exe' stop Cleaner.exe
'%WINDIR%\syswow64\net.exe' stop eTrust EZ Firewall
'%WINDIR%\syswow64\net.exe' stop Findviru.exe
'%WINDIR%\syswow64\net.exe' stop Fprot.exe
'%WINDIR%\syswow64\net.exe' stop F-Prot.exe
'%WINDIR%\syswow64\net.exe' stop F-PROT95
'%WINDIR%\syswow64\net.exe' stop F-Prot95.exe
'%WINDIR%\syswow64\net.exe' stop FP-WIN
'%WINDIR%\syswow64\net.exe' stop Fp-Win.exe
'%WINDIR%\syswow64\net.exe' stop Freedom 2
'%WINDIR%\syswow64\net.exe' stop Frw.exe
'%WINDIR%\syswow64\net.exe' stop F-Agnt95.exe
'%WINDIR%\syswow64\net.exe' stop Zonealarm
'%WINDIR%\syswow64\net.exe' stop Zonealarm.exe

Modifies file system

Creates the following files

%WINDIR%\fonts\verdanaj.ttf
%WINDIR%\syswow64\com\services.exe

Network activity

Connects to

'ca####g-arena.com':80
'to####sketball.com':80
'so####learning.com':80

UDP

DNS ASK ca####g-arena.com
DNS ASK to####sketball.com
DNS ASK so####learning.com

Miscellaneous

Searches for the following windows

ClassName: '' WindowName: ''

Creates and executes the following

'%WINDIR%\syswow64\taskkill.exe' /F /FI "USERNAME eq user" /IM spoolsv.exe /T' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop NVC95' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Nvc95.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Outpost.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Padmin.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Pavcl.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Pavsched.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Pavw.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Norton Internet Security' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Pc firewall' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Nupgrade.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop PCCIOMON' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop PCCWIN98' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Pccwin98.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Pcfwallicon.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Persfw.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop PGP Gauntlet' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop POP3TRAP' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Proxy +' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop PC Viper' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop PVIEW95' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop PCCMAIN' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Norton Personal Firewall 2001' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Norton AntiVirus Server' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop NORTON' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop N32scanw.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop NAVAPSVC' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop NAVAPW32' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Navapw32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop NAVLU32' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Navlu32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Navnt.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop NAVRUNR' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Moolive.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop NAVW32' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop NAVWNT' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Navwnt.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop NeoWatch' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop NISSERV' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop NISUM' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Nisum.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop NMAIN' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Nmain.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Norman Personal Firewall' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Navw32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Normist.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop McAfee Internet Guard Dog Pro' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Mpftray.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Rav7.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop SAFEWEB' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Vettray.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Vscan40.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Vsecomr.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop VSHWIN32' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Vshwin32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop VSSTAT' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Vsstat.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop WEBSCANX' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Tiny Personal Firewall' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Vet95.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Webscanx.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Wingate' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop WinProxy' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop WinRoute' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop WyvernWorks Firewall' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Zonealarm' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Zonealarm.exe' (with hidden window)
'%WINDIR%\syswow64\ipconfig.exe' /all' (with hidden window)
'%WINDIR%\syswow64\net.exe' user' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop WEBTRAP' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Wfindv32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop TGB:BOB' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Tds2-Nt.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop GNAT Box Lite' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Safeweb.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Scan32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Scan95.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Scanpm.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Scrscan.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Serv95.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Smc.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop SMCSERVICE' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Snort - Win32 GUI' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Snort (Intrusion Detection System)' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Sphinx.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Sphinxwall' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Sweep95.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Sybergen Secure Desktop' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Sybergen SyGate' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop SYMPROXYSVC' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Tbscan.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Tca.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Tds2-98.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Rav7win.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop RESCUE32' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Rescue.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop McAfee Firewall' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop MCAFEE' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop LUCOMSERVER' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Avpm.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Avptc32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Avpupd.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Avsched32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop AVSync Manager' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop AVSYNMGR' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Avwin95.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Avp32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Avwupd32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Avpdos32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop BLACKICE' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Blackice.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop CA Sessionwall-3' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Cfiadmin.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Cfiaudit.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop CFINET' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Cfinet.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop CFINET32' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Blackd.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop AVP32' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop BlackICE Defender' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Avp.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Avnt.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop SharedAccess' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop SNDSrvc' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop SENS' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop NPFNMntor' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop PGPsdkService' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop _Avp32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop _Avpcc.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop _Avpm.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Ackwin32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Agnitum Outpost Firewall' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop wscsvc' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Anti-Trojan.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Apvxdwin.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop ATRACK' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Autodown.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop AVCONSOL' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Avconsol.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Ave32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Avgctrl.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Avkserv.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Cfinet32.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop ANTIVIR' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Claw95.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Avpcc.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Claw95cf.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Iamserv.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Ibmavsp.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Icload95.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Icloadnt.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop ICMON' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Icmon.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Icsupp95.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Icsuppnt.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Iface.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Internet Alert 99' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop IOMON98' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Iomon98.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Jedi.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop LOCKDOWN2000' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Lockdown2000.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Look'n'Stop' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Look'n'Stop Lite' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Lookout.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop LUALL' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Luall.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Iamapp.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Cleaner.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Ibmasn.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop TermiNET' (with hidden window)
'%WINDIR%\syswow64\net.exe' share' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop F-Stopw.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Defwatch' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Defwatch.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Dvp95.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Dvp95_0.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Ecengine.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop eSafe Protect Desktop' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Esafe.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Espwatch.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop eTrust EZ Firewall' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Cleaner3.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop F-Agnt95.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Fprot.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop F-Prot.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop F-PROT95' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop F-Prot95.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop FP-WIN' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Fp-Win.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Freedom 2' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Frw.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop F-STOPW' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop Findviru.exe' (with hidden window)
'%WINDIR%\syswow64\net.exe' stop IAMAPP' (with hidden window)
'%WINDIR%\syswow64\tasklist.exe' ' (with hidden window)

Executes the following

'%WINDIR%\syswow64\net1.exe' stop wscsvc
'%WINDIR%\syswow64\net1.exe' stop Cleaner3.exe
'%WINDIR%\syswow64\net1.exe' stop Cleaner.exe
'%WINDIR%\syswow64\net1.exe' stop Claw95cf.exe
'%WINDIR%\syswow64\net1.exe' stop Claw95.exe
'%WINDIR%\syswow64\net1.exe' stop Cfinet32.exe
'%WINDIR%\syswow64\net1.exe' stop Avwupd32.exe
'%WINDIR%\syswow64\net1.exe' stop Blackd.exe
'%WINDIR%\syswow64\net1.exe' stop BLACKICE
'%WINDIR%\syswow64\net1.exe' stop Defwatch.exe
'%WINDIR%\syswow64\net1.exe' stop Defwatch
'%WINDIR%\syswow64\net1.exe' stop BlackICE Defender
'%WINDIR%\syswow64\net1.exe' stop Cfiadmin.exe
'%WINDIR%\syswow64\net1.exe' stop Cfiaudit.exe
'%WINDIR%\syswow64\net1.exe' stop Cfinet.exe
'%WINDIR%\syswow64\net1.exe' stop Avwin95.exe
'%WINDIR%\syswow64\net1.exe' stop AVSync Manager
'%WINDIR%\syswow64\net1.exe' stop Avsched32.exe
'%WINDIR%\syswow64\net1.exe' stop Avpupd.exe
'%WINDIR%\syswow64\net1.exe' stop Avptc32.exe
'%WINDIR%\syswow64\net1.exe' stop Blackice.exe
'%WINDIR%\syswow64\net1.exe' stop CA Sessionwall-3
'%WINDIR%\syswow64\net1.exe' stop Espwatch.exe
'%WINDIR%\syswow64\net1.exe' stop Esafe.exe
'%WINDIR%\syswow64\net1.exe' stop eSafe Protect Desktop
'%WINDIR%\syswow64\net1.exe' stop TermiNET
'%WINDIR%\syswow64\net1.exe' stop Tds2-Nt.exe
'%WINDIR%\syswow64\net1.exe' stop Tds2-98.exe
'%WINDIR%\syswow64\net1.exe' stop Tca.exe
'%WINDIR%\syswow64\net1.exe' stop Tbscan.exe
'%WINDIR%\syswow64\net1.exe' stop Sybergen SyGate
'%WINDIR%\syswow64\net1.exe' stop Sybergen Secure Desktop
'%WINDIR%\syswow64\net1.exe' stop _Avp32.exe
'%WINDIR%\syswow64\net1.exe' stop Smc.exe
'%WINDIR%\syswow64\net1.exe' stop TGB:BOB
'%WINDIR%\syswow64\net1.exe' stop SMCSERVICE
'%WINDIR%\syswow64\net1.exe' stop Snort (Intrusion Detection System)
'%WINDIR%\syswow64\net1.exe' stop Sphinx.exe
'%WINDIR%\syswow64\net1.exe' stop Sphinxwall
'%WINDIR%\syswow64\net1.exe' stop Sweep95.exe
'%WINDIR%\syswow64\net1.exe' stop SNDSrvc
'%WINDIR%\syswow64\net1.exe' stop eTrust EZ Firewall
'%WINDIR%\syswow64\net1.exe' stop Dvp95.exe
'%WINDIR%\syswow64\net1.exe' stop Dvp95_0.exe
'%WINDIR%\syswow64\net1.exe' stop Ecengine.exe
'%WINDIR%\syswow64\net1.exe' stop Snort - Win32 GUI
'%WINDIR%\syswow64\net1.exe' stop Avpm.exe
'%WINDIR%\syswow64\net1.exe' stop Avpdos32.exe
'%WINDIR%\syswow64\net1.exe' stop Avpcc.exe
'%WINDIR%\syswow64\net1.exe' stop Avp32.exe
'%WINDIR%\syswow64\net1.exe' stop Icmon.exe
'%WINDIR%\syswow64\net1.exe' stop Icsupp95.exe
'%WINDIR%\syswow64\net1.exe' stop Icsuppnt.exe
'%WINDIR%\syswow64\net1.exe' stop Freedom 2
'%WINDIR%\syswow64\net1.exe' stop Frw.exe
'%WINDIR%\syswow64\net1.exe' stop F-Stopw.exe
'%WINDIR%\syswow64\net1.exe' stop GNAT Box Lite
'%WINDIR%\syswow64\net1.exe' stop Iamapp.exe
'%WINDIR%\syswow64\net1.exe' stop Iamserv.exe
'%WINDIR%\syswow64\net1.exe' stop Ibmasn.exe
'%WINDIR%\syswow64\net1.exe' stop Fp-Win.exe
'%WINDIR%\syswow64\net1.exe' stop Ibmavsp.exe
'%WINDIR%\syswow64\net1.exe' stop F-Prot95.exe
'%WINDIR%\syswow64\net1.exe' stop F-Prot.exe
'%WINDIR%\syswow64\net1.exe' stop Fprot.exe
'%WINDIR%\syswow64\net1.exe' stop Findviru.exe
'%WINDIR%\syswow64\net1.exe' stop F-Agnt95.exe
'%WINDIR%\syswow64\ipconfig.exe' /all
'%WINDIR%\syswow64\net.exe' user
'%WINDIR%\syswow64\net1.exe' user
'%WINDIR%\syswow64\net.exe' share
'%WINDIR%\syswow64\net1.exe' stop Icloadnt.exe
'%WINDIR%\syswow64\net1.exe' stop Iface.exe
'%WINDIR%\syswow64\net1.exe' stop Icload95.exe
'%WINDIR%\syswow64\net1.exe' stop Internet Alert 99
'%WINDIR%\syswow64\net1.exe' stop Avnt.exe
'%WINDIR%\syswow64\net1.exe' stop Avkserv.exe
'%WINDIR%\syswow64\net1.exe' stop Anti-Trojan.exe
'%WINDIR%\syswow64\net1.exe' stop Apvxdwin.exe
'%WINDIR%\syswow64\net1.exe' stop Autodown.exe
'%WINDIR%\syswow64\net1.exe' stop Avconsol.exe
'%WINDIR%\syswow64\net1.exe' stop Ave32.exe
'%WINDIR%\syswow64\net1.exe' stop Avgctrl.exe
'%WINDIR%\syswow64\net1.exe' stop Agnitum Outpost Firewall
'%WINDIR%\syswow64\net1.exe' stop Ackwin32.exe
'%WINDIR%\syswow64\net1.exe' stop _Avpm.exe
'%WINDIR%\syswow64\net1.exe' stop _Avpcc.exe
'%WINDIR%\syswow64\net1.exe' stop Lockdown2000.exe
'%WINDIR%\syswow64\net1.exe' stop Look'n'Stop
'%WINDIR%\syswow64\net1.exe' stop Look'n'Stop Lite
'%WINDIR%\syswow64\net1.exe' stop Lookout.exe
'%WINDIR%\syswow64\net1.exe' stop Luall.exe
'%WINDIR%\syswow64\net1.exe' stop Serv95.exe
'%WINDIR%\syswow64\net1.exe' stop Scrscan.exe
'%WINDIR%\syswow64\net1.exe' stop Jedi.exe
'%WINDIR%\syswow64\net1.exe' stop Iomon98.exe
'%WINDIR%\syswow64\net1.exe' share
'%WINDIR%\syswow64\net1.exe' stop Tiny Personal Firewall
'%WINDIR%\syswow64\net1.exe' stop Vet95.exe
'%WINDIR%\syswow64\net1.exe' stop Rav7.exe
'%WINDIR%\syswow64\net1.exe' stop SAFEWEB
'%WINDIR%\syswow64\net1.exe' stop ANTIVIR
'%WINDIR%\syswow64\net1.exe' stop MCAFEE
'%WINDIR%\syswow64\net1.exe' stop NORTON
'%WINDIR%\syswow64\net1.exe' stop NVC95
'%WINDIR%\syswow64\net1.exe' stop FP-WIN
'%WINDIR%\syswow64\net1.exe' stop IOMON98
'%WINDIR%\syswow64\net1.exe' stop PCCWIN98
'%WINDIR%\syswow64\net1.exe' stop CFINET
'%WINDIR%\syswow64\net1.exe' stop ICMON
'%WINDIR%\syswow64\net1.exe' stop F-PROT95
'%WINDIR%\syswow64\net1.exe' stop NAVWNT
'%WINDIR%\syswow64\net1.exe' stop NAVRUNR
'%WINDIR%\syswow64\net1.exe' stop NAVLU32
'%WINDIR%\syswow64\net1.exe' stop NAVAPSVC
'%WINDIR%\syswow64\net1.exe' stop NISUM
'%WINDIR%\syswow64\net1.exe' stop SYMPROXYSVC
'%WINDIR%\syswow64\net1.exe' stop RESCUE32
'%WINDIR%\syswow64\net1.exe' stop NISSERV
'%WINDIR%\syswow64\net1.exe' stop F-STOPW
'%WINDIR%\syswow64\net1.exe' stop PVIEW95
'%WINDIR%\syswow64\net1.exe' stop CFINET32
'%WINDIR%\syswow64\net1.exe' stop AVP.EXE
'%WINDIR%\syswow64\net1.exe' stop LOCKDOWN2000
'%WINDIR%\syswow64\net1.exe' stop Vsecomr.exe
'%WINDIR%\syswow64\net1.exe' stop Vscan40.exe
'%WINDIR%\syswow64\net1.exe' stop Vettray.exe
'%WINDIR%\syswow64\net1.exe' stop PGPsdkService
'%WINDIR%\syswow64\net1.exe' stop SENS
'%WINDIR%\syswow64\net1.exe' stop WinProxy
'%WINDIR%\syswow64\net1.exe' stop Wingate
'%WINDIR%\syswow64\net1.exe' stop Wfindv32.exe
'%WINDIR%\syswow64\net1.exe' stop WEBTRAP
'%WINDIR%\syswow64\net1.exe' stop SharedAccess
'%WINDIR%\syswow64\net1.exe' stop Webscanx.exe
'%WINDIR%\syswow64\net1.exe' stop Vsstat.exe
'%WINDIR%\syswow64\net1.exe' stop VSSTAT
'%WINDIR%\syswow64\net1.exe' stop Vshwin32.exe
'%WINDIR%\syswow64\net1.exe' stop VSHWIN32
'%WINDIR%\syswow64\net1.exe' stop WinRoute
'%WINDIR%\syswow64\net1.exe' stop WyvernWorks Firewall
'%WINDIR%\syswow64\net1.exe' stop Zonealarm
'%WINDIR%\syswow64\net1.exe' stop Zonealarm.exe
'%WINDIR%\syswow64\net1.exe' stop AVP32
'%WINDIR%\syswow64\net1.exe' stop WEBSCANX
'%WINDIR%\syswow64\net1.exe' stop ATRACK
'%WINDIR%\syswow64\net1.exe' stop IAMAPP
'%WINDIR%\syswow64\net1.exe' stop LUCOMSERVER
'%WINDIR%\syswow64\net1.exe' stop LUALL
'%WINDIR%\syswow64\net1.exe' stop Norton Internet Security
'%WINDIR%\syswow64\net1.exe' stop Norton Personal Firewall 2001
'%WINDIR%\syswow64\net1.exe' stop Nupgrade.exe
'%WINDIR%\syswow64\net1.exe' stop PC Viper
'%WINDIR%\syswow64\net1.exe' stop Pc firewall
'%WINDIR%\syswow64\net1.exe' stop Pavw.exe
'%WINDIR%\syswow64\net1.exe' stop Pavsched.exe
'%WINDIR%\syswow64\net1.exe' stop Pavcl.exe
'%WINDIR%\syswow64\net1.exe' stop Padmin.exe
'%WINDIR%\syswow64\net1.exe' stop Outpost.exe
'%WINDIR%\syswow64\net1.exe' stop Nvc95.exe
'%WINDIR%\syswow64\net1.exe' stop Pccwin98.exe
'%WINDIR%\syswow64\net1.exe' stop Pcfwallicon.exe
'%WINDIR%\syswow64\net1.exe' stop Persfw.exe
'%WINDIR%\syswow64\net1.exe' stop PGP Gauntlet
'%WINDIR%\syswow64\net1.exe' stop Proxy +
'%WINDIR%\syswow64\net1.exe' stop Scanpm.exe
'%WINDIR%\syswow64\net1.exe' stop Scan95.exe
'%WINDIR%\syswow64\net1.exe' stop Scan32.exe
'%WINDIR%\syswow64\net1.exe' stop Safeweb.exe
'%WINDIR%\syswow64\net1.exe' stop Rescue.exe
'%WINDIR%\syswow64\net1.exe' stop Norton AntiVirus Server
'%WINDIR%\syswow64\net1.exe' stop Norman Personal Firewall
'%WINDIR%\syswow64\net1.exe' stop Normist.exe
'%WINDIR%\syswow64\net1.exe' stop Nmain.exe
'%WINDIR%\syswow64\net1.exe' stop NMAIN
'%WINDIR%\syswow64\net1.exe' stop NAVW32
'%WINDIR%\syswow64\net1.exe' stop NAVAPW32
'%WINDIR%\syswow64\net1.exe' stop NPFNMntor
'%WINDIR%\syswow64\net1.exe' stop PCCIOMON
'%WINDIR%\syswow64\net1.exe' stop PCCMAIN
'%WINDIR%\syswow64\net1.exe' stop POP3TRAP
'%WINDIR%\syswow64\net1.exe' stop AVCONSOL
'%WINDIR%\syswow64\net1.exe' stop AVSYNMGR
'%WINDIR%\syswow64\net1.exe' stop McAfee Firewall
'%WINDIR%\syswow64\net1.exe' stop McAfee Internet Guard Dog Pro
'%WINDIR%\syswow64\net1.exe' stop Moolive.exe
'%WINDIR%\syswow64\net1.exe' stop Mpftray.exe
'%WINDIR%\syswow64\net1.exe' stop N32scanw.exe
'%WINDIR%\syswow64\net1.exe' stop Navapw32.exe
'%WINDIR%\syswow64\net1.exe' stop Navlu32.exe
'%WINDIR%\syswow64\net1.exe' stop Navnt.exe
'%WINDIR%\syswow64\net1.exe' stop Navw32.exe
'%WINDIR%\syswow64\net1.exe' stop Navwnt.exe
'%WINDIR%\syswow64\net1.exe' stop NeoWatch
'%WINDIR%\syswow64\net1.exe' stop Nisum.exe
'%WINDIR%\syswow64\net1.exe' stop Rav7win.exe
'%WINDIR%\syswow64\tasklist.exe'

Tecnologías

Términos

Formación y educación

Mitos

Technical Information

Curing recommendations

Free trial