The file WINDOWSSYS.EXE can destroy your system, thus making the computer to work abnormally.
WINDOWSSYS.EXE is a dangerous file.
Remove WINDOWSSYS.EXE from your computer immediately.
Kill the process WINDOWSSYS.EXE and remove WINDOWSSYS.EXE from the Windows startup.
Malware Analysis of WINDOWSSYS.EXE
Full path on a computer: %Personal%\MSDCSC\WindowsSys.exe
Detected by UnHackMe:
WINDOWSSYS.EXE
Default location: %Personal%\MSDCSC\WindowsSys.exe
Removal Results: Success
Number of reboot: 1
WINDOWSSYS.EXE is known as:
Trojan.DarkKomet.sxcsu, Backdoor.Krademok, DelfInject.EU, Win32.Delf.APM, Trojan.Delf-10848, Backdoor.DarkKomet.lpm, HackTool.DarkKomet.TAHR3WzBHR8, Trojan.Agent.Gen-DelfInject, Backdoor.DarkC.~A, Trojan.AdSubscribe.308, Backdoor.Fynloski.A (v), SPR.KeyLogger.98874, Mal.Behav-058, HackTool.DarkKomet.a.(kcloud), Backdoor.A.Delf.395776, Backdoor.Graybird, Backdoor.DarkKomet, Backdoor.Krademok.rem, Win32.Delf.ODP, Trojan.Spy.KL.Delf.495A, Trojan.CDur, W32.Delf.ABL.tr
WINDOWSSYS.EXE hash:
- MD5: 8db59f2b2c7900f2c7fc8a34c49a087c
Registry:- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\WindowsSys: “%Personal%\MSDCSC\WindowsSys.exe”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: “%SysDir%\userinit.exe,%Personal%\MSDCSC\WindowsSys.exe”
Folders:- %Personal%\MSDCSC
Files:- %Appdata%\server Port 4672.exe
- %Personal%\MSDCSC\WindowsSys.exe