Main Menu
Home
Bookmark
Contact Us

Categories
  Adware
  Adware Bundler
  AOL Exploit
  Backdoor
  Browser Hijacker
  Browser Plug-in
  Commercial Key Logger
  Commercial Remote Control
  Cookie
  Dialer
  E-Mail Flooder
  Hostile ActiveX Control
  ICQ Exploit
  Joke Program
  Key Logger
  Loader
  Low Risk Adware
  Misc
  Nuker
  P2P
  Password Hijacker
  Potential Privacy Risk
  Potentially Dangerous Tools
  RAT
  Search Hijacker
  Security Disabler
  Spyware
  Stealth Notifier
  Surveillance
  Toolbar
  Trojan
  Trojan Downloader
  Trojan FTP
  Trojan Telnet
  Viruses
  Worm
 


 
WinTools Trojan Information

Name: WinTools
Category: Trojan
Alias: - Alias: WORM_GAMQOWI.A
Advice: Remove
Risk: High Risk High risk threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction. May open up communication ports, use polymorphic tactics, stealth installations, and/or anti-spy counter measures. May use a security flaw in the operating system to gain access to your computer.
Description: Bubba WinTools purpose is currently unknown. Bubba.wintools installs a Browser Helper Object, a URLSearchHook and drops several files in Common filesWinTools. Bubba.wintools runs at startup

WinTools is most commonly installed with the WebSearch Toolbar spyware threat.

Files called wtoolsa.exe, wtoolsb.exe, wtoolss.exe, wsup.exe, and wtoolsb.dll install with an adware program called "WinTools". Wintools installs itself as a service or "legacy service" that runs on system startup. It acts as a search page and home page hijacker. This program may have been intentionally downloaded or it could have stealth installed along with other adware.

WinTools uses driver level methods to create it process making removal quite difficult. Simply terminating the WinTools processes will in no manner kill the process. Even terminating the entire WinTools processes tree will not allow this making manual removal quite difficult. Once the WinTools process tree is terminated it recreates itself by attaching to any running Windows process. Since it is a low level process the execution of WinTools in most cases bypasses the Windows Shell.

In addition to the driver level processes WinTools installs a Windows service. However the reason for this service has yet to be identified, as it does not make a connection to the Internet to send data.

WinTools also installs a BHO in Internet Explorer. The use of this BHO integration is unknown however if the WinTools processes are terminated opening Internet Explorer with the BHO enabled will restart the services.

WinTools has not been seen unstalled without some kind of bundle from various thrid party spyware/adware providers. Indications of this shows that WinTools may be used as a software enabler to help other spyware applications to run. However this has not yet been proven.

There are some indications that it is a variant of HuntBar.

From the IBIS/MyWebSearch EULA and privacy policies:

From the EULA:
"By installing the Service you understand and agree that the following changes may be made to your Internet Explorer browser and that the following functions may be performed by the Service: install a Search Toolbar in your browser which may (i) block certain pop-up ads and pages; (ii) display links to related websites and keywords based on the information you view and the websites you visit; (iii) store non-personally identifiable statistics of the websites you have visited; (iv) redirect certain URL's including your browser default address bar search, DNS error page and Search Button page to or through the Service and; (v) automatically update the Service and install added features or functionality conveniently without your input or interaction unless you have chose to be notified of such update in advance."

From the privacy policy:
"What information does IBIS collect, and does this include personally identifiable information?

IBIS SERVICE MAY COLLECT AND STORE INFORMATION ABOUT THE WEB PAGES YOU VIEW, THE DATA YOU ENTER IN ONLINE FORMS AND SEARCH FIELDS, THE "CLICKS" YOU MAKE, THE IP ADDRESS, URL AND COUNTRY OF THE SITES YOU VISIT, YOUR IP ADDRESS, INFORMATION ABOUT YOUR BROWSER AND OPERATING SYSTEM, AND THE PRODUCTS YOU PURCHASE ONLINE WHILE USING THE SERVICE. ALTHOUGH IBIS DOES NOT ATTEMPT TO ANALYZE WEB USAGE DATA TO DETERMINE THE IDENTITY OF ANY IBIS USER, SOME INFORMATION COLLECTED BY THE SERVICE IS PERSONALLY IDENTIFIABLE. IBIS AGGREGATES AND ANALYZES THE INFORMATION IT COLLECTS TO IMPROVE ITS SERVICE AND TO PREPARE REPORTS ABOUT AGGREGATE WEB USAGE AND SHOPPING HABITS.

If you are visiting the IBIS website (http://www.IBIS.com), we collect the followin
Signatures: process: WToolsA.exe: MD5 Hash: ... process: WSup.exe: MD5 Hash: ... process: WToolsS.exe: MD5 Hash: ... process: WSup.exe: MD5 Hash: ec34676f040e2c4d526... process: WToolsA.exe: MD5 Hash: ec34676f040e2c4d526... process: WToolsS.exe: MD5 Hash: 5a8e4155e2279457e93... process: wsup.exe: MD5 Hash: 199e1050c80f012f4c8... process: wtoolss.exe: MD5 Hash: 5b257cf6f81d1abb532... process: wtoolsa.exe: MD5 Hash: 6aa42bf18116067260e... process: tb_setup.exe: MD5 Hash: c68719c80c138508a14... process: wtoolsa.exe: MD5 Hash: bf96d2fe1e131ab838f... process: wtoolsa.exe: MD5 Hash: 9f354a063b807a85e11... process: wtoolsa.exe: MD5 Hash: 6f7c92566ee48bfe74c... process: tb_setup.exe: MD5 Hash: d9f9086f50b2e416341... process: wtoolsa.exe: MD5 Hash: cf8e2cb85f0445c7daa... process: wtoolsa.exe: MD5 Hash: 70f62def5c576e27d69... process: wtoolss.exe: MD5 Hash: d1aa64e25c49425b23f... process: wtoolss.exe: MD5 Hash: 98fd7fed70f010aba4c... process: wtoolsa.exe: MD5 Hash: ... process: wtoolsa.exe: MD5 Hash: 642de789a5c30f5df2b... process: wtoolsa.exe: MD5 Hash: 4571af1f145c241c25b... process: wtoolsa.exe: MD5 Hash: c3a7c1aad9128dd6d7a... process: wsup.exe: MD5 Hash: cdfeae3b4d43c669de9... process: wsup.exe: MD5 Hash: 84fb24988b908ca2ad8... process: tb_setup.exe: MD5 Hash: 20dc1835180e6a1730a... process: WToolsA.exe: MD5 Hash: f13af4d8a10eb63bd4d... process: wsup.exe: MD5 Hash: 49f885dc6f27345dd2d... process: wtoolsa.exe: MD5 Hash: a7070aadada94f8ef99... process: wtoolss.exe: MD5 Hash: 50cc5a1c855ccfb3dd6... process: wtoolss.exe: MD5 Hash: b3531825bc89675cab6... process: wtoolsa.exe: MD5 Hash: 8dd85380481608a1724... process: tb_setup.exe: MD5 Hash: ... process: wtoolsa.exe: MD5 Hash: 5070240e7f3f4a5afd4... process: wsup.exe: MD5 Hash: 7fda2b71eeb09687d98... process: wtoolsa.exe: MD5 Hash: 674fe4504f737d60c0b... process: wtoolsa.exe: MD5 Hash: 325f000adc1bfdb8423... process: wtoolss.exe: MD5 Hash: 6c075640c9d73c61234... process: wtoolss.exe: MD5 Hash: 5bedde7d676569af9f6... process: tb_setup.exe: MD5 Hash: ... process: wtoolss.exe: MD5 Hash: b060d323ddaef4f052f... process: wsup.exe: MD5 Hash: 39f4cf7710e791dd9ff... process: wtoolss.exe: MD5 Hash: dad57aed864a059b7d0... process: WToolsS.exe: MD5 Hash: 25082e0784e7c5bdfc1... process: wsup.exe: MD5 Hash: 15c92d1a97830ae9f09... process: pib.exe: MD5 Hash: 0e0009977ba16f9c17c... process: wtoolsa.exe: MD5 Hash: 1a7a9317e6520407ae4... process: wtoolsa.exe: MD5 Hash: f1fddd9f139ef0a2529... process: wtoolsa.exe: MD5 Hash: b08e3e2d99711320dd7... process: tb_setup.exe: MD5 Hash: a4c012b012cf6fdfe68... process: wtoolsa.exe: MD5 Hash: 6a1c4398cf1767dba16... process: wsup.exe: MD5 Hash: a611039e9ea91993bf3... process: wsup.exe: MD5 Hash: 30c29d9e3665a303442... process: wtoolss.exe: MD5 Hash: d106f7791acb9844616... process: wsup.exe: MD5 Hash: c55180df9b8a686560a... process: wtoolss.exe: MD5 Hash: b5cb8d7d53f0c97c057... process: webrebates_auto_installsilent.exe: MD5 Hash: 5952382cf83ee434d05... process: wtoolsa.exe: MD5 Hash: 8c423835f884b60ef2c... process: wtoolsa.exe: MD5 Hash: 84af4cef8871a58f34a... process: wtoolsa.exe: MD5 Hash: 47ac7faf6e96edc3efe... process: wtoolsa.exe: MD5 Hash: 32579e45bf0a8153dc0... process: wtoolsa.exe: MD5 Hash: 6da07915d82d3eb433a... process: wtoolsa.exe: MD5 Hash: d2218ba0c2f7a1d7bd9... process: wtoolsa.exe: MD5 Hash: 251bc4996441dd3a7e5... process: wtoolsa.exe: MD5 Hash: 33cf23d62b8b9e7f382... process: wtoolsa.exe: MD5 Hash: 94451274498bae9ef1f... process: wtoolsa.exe: MD5 Hash: 2c7d7e062094984e325... process: wtoolsa.exe: MD5 Hash: 28d10e5f38c9a253300... process: wtoolsa.exe: MD5 Hash: 24d2f3b6e3faefbbe86... process: wtoolsa.exe: MD5 Hash: a06d9660953e3430612... process: wtoolsa.exe: MD5 Hash: 2f207e19bbbaafd2757... process: wtoolsa.exe: MD5 Hash: 6026e7ebbfaadc2becc... process: wtoolsa.exe: MD5 Hash: 2372811a0b9bdb3a1a8... process: wtoolsa.exe: MD5 Hash: 4eed96e47cb52baa95b... process: wtoolsa.exe: MD5 Hash: 4671d219b4d009226ed... process: wtoolsa.exe: MD5 Hash: aad7b4e745a3c6857fc... process: wtoolsa.exe: MD5 Hash: f334eb68469ddd988e2... process: wtoolsa.exe: MD5 Hash: deb6c42c3ffa341395f... process: wtoolsa.exe: MD5 Hash: 1f172e8c8e2c33190ba... process: wtoolsa.exe: MD5 Hash: 5b790809c608a1b4011... process: wtoolsa.exe: MD5 Hash: a11b7b1652a13ea5c2e... process: wtoolsa.exe: MD5 Hash: 264ead739ffbcd11964... process: wtoolsa.exe: MD5 Hash: b7536dff5128c3d019c... process: wtoolsa.exe: MD5 Hash: 08bcf3f8bf1a7873f81... process: wtoolsa.exe: MD5 Hash: e9c2efa2441faaecaf0... process: wtoolsa.exe: MD5 Hash: 10c8193a2d0becdbdbe... process: wtoolsa.exe: MD5 Hash: 6161e60cdf578863e8e... process: wtoolsa.exe: MD5 Hash: bdb380dad375c5a398f... process: wtoolsa.exe: MD5 Hash: 90accc8e570d69193a0... process: wtoolsa.exe: MD5 Hash: 05f282dddb5edc6dbea... process: wtoolsa.exe: MD5 Hash: 1e16bedb6c23d3a4d90... process: wtoolsa.exe: MD5 Hash: 343a72ee1272ada4102... process: wtoolsa.exe: MD5 Hash: 0cc0daa6c62e3110cbc... process: wtoolsa.exe: MD5 Hash: fa71c941c48d13c6d5d... process: wtoolsa.exe: MD5 Hash: ec7326efd382724fbc4... process: wtoolsa.exe: MD5 Hash: cb4f8e354604ae94a19... process: wtoolsa.exe: MD5 Hash: 946a8088e59119b1675... process: wtoolsa.exe: MD5 Hash: 397ebc115736444cc1a... process: wtoolsa.exe: MD5 Hash: 66428cfc46d93177828... process: wtoolsa.exe: MD5 Hash: e61b77b06d26da18d24... process: wtoolsa.exe: MD5 Hash: 82ff484aa2d45e29dfe... process: wtoolsa.exe: MD5 Hash: e6ebd2a094278442e32... process: wtoolsa.exe: MD5 Hash: 26428ae1bdc949143c9... process: wtoolsa.exe: MD5 Hash: 76f4d1dbc248e1e178f... process: wtoolsa.exe: MD5 Hash: 54a21129cbe00a70e3a... process: wtoolsa.exe: MD5 Hash: 693f53461f091843f6b... process: wtoolsa.exe: MD5 Hash: 7bb6b3203bf664a08bb... process: wtoolsa.exe: MD5 Hash: 8b5eed10286f1230d03... process: wtoolsa.exe: MD5 Hash: aa6c95b446bd936a57c... process: wtoolsa.exe: MD5 Hash: 7b6bb2704084a4efc1f... process: wtoolsa.exe: MD5 Hash: d58915bf42ea40856ea... process: wtoolsa.exe: MD5 Hash: 9a512b918f49d347508... process: wtoolsa.exe: MD5 Hash: 97253e731ae2fbdd3cf... process: edow.exe: MD5 Hash: 84db0e85d17e48534ca... process: edow.exe: MD5 Hash: b26e277f6f278dc8a69... process: wtoolss.exe: MD5 Hash: 0b968ee867f60833b78... process: wtoolss.exe: MD5 Hash: 2a1fa635bfaeb3b3496... process: wtoolsa.exe: MD5 Hash: 08cd4b0c49ce607dac5... process: wtoolsa.exe: MD5 Hash: 08cd4b0c49ce607dac5... process: wsup.exe: MD5 Hash: 08cd4b0c49ce607dac5... process: wtoolss.exe: MD5 Hash: d2610f2b57892d5c8ce... process: edow_as2.exe: MD5 Hash: 8294078018e9f2d5072... process: wtoolsa.exe: MD5 Hash: e3000a4d153a6ca073c... process: wtoolsa.exe: MD5 Hash: 2bad3e2aa8eefbb211f... process: wtoolsa.exe: MD5 Hash: 08897fe9193a42304c1... process: wtoolsa.exe: MD5 Hash: ea2e814be7e87a28f16... process: wtoolsa.exe: MD5 Hash: e9436ce1c2d48abbafc... process: wtoolsa.exe: MD5 Hash: cc4dc325fa9c8c48f84... process: wtoolsa.exe: MD5 Hash: 5db5d26cd1e615c04fe... process: wtoolsa.exe: MD5 Hash: 91db09e2762781dcb38... process: wtoolsa.exe: MD5 Hash: 43cf34944f89dad05c8... process: wtoolsa.exe: MD5 Hash: 23b0a2aef4a828d7ae2... process: wtoolsa.exe: MD5 Hash: 756be777da1840b6d07... process: wtoolsa.exe: MD5 Hash: 5771a9f981e312be554... process: wtoolsa.exe: MD5 Hash: e2a6ac258d3fc1f745e... process: wtoolsa.exe: MD5 Hash: e31bdf427f5f7a24ca3... process: wtoolsa.exe: MD5 Hash: 90fda138e2f2b9adae7... process: wtoolsa.exe: MD5 Hash: 70a88640f4480b1b578... process: wtoolsa.exe: MD5 Hash: 736b5fe803ed0a1f26b... process: wtoolsa.exe: MD5 Hash: e4359ca16d88942839b... process: wtoolsa.exe: MD5 Hash: 07e16ec8e4c38d5087f... process: wtoolsa.exe: MD5 Hash: e18a24f9c8de3b1bc4c... process: wtoolsa.exe: MD5 Hash: 941446d527d9e35f873... process: wtoolsa.exe: MD5 Hash: 6416f6e2f336e2eced8... process: wtoolsa.exe: MD5 Hash: eba9f7c869d2dc17da4... process: wtoolsa.exe: MD5 Hash: 59c5593a35593ec2bfa... process: wtoolsa.exe: MD5 Hash: ceb3ee69e53f9592b29... process: wtoolsa.exe: MD5 Hash: 97271543bedc42344ad... process: wtoolsa.exe: MD5 Hash: 8ae2acce679622ab5bb... process: wtoolsa.exe: MD5 Hash: 85dac46df697a284fa4... process: wtoolsa.exe: MD5 Hash: 1adb2927acfb7cd0258... process: wtoolsa.exe: MD5 Hash: a183e374961a200ed74... process: wtoolsa.exe: MD5 Hash: 7cba3f23709fa2de1f5... process: wtoolsa.exe: MD5 Hash: 0d3a06fe81120105d48... process: wsup.exe: MD5 Hash: ed55b02fec5e1f70118... process: wtoolss.exe: MD5 Hash: 8cd5b0d21983390547a... process: wtoolsa.exe: MD5 Hash: 837d1b862979e1a8d56... process: wtoolsa.exe: MD5 Hash: cc5db7e6730b02d3fb2... process: wtoolsa.exe: MD5 Hash: 48f8e259b66358c7e2f... process: wtoolsa.exe: MD5 Hash: 139a76520535f0ecfa8... process: wtoolsa.exe: MD5 Hash: b8d59de41cb86bfe6b6... process: wtoolsa.exe: MD5 Hash: 051a8d7ae2a6d012b2c... process: wtoolsa.exe: MD5 Hash: a1462f7d63a6f4ca432... process: wtoolsa.exe: MD5 Hash: a4586662413c1b655b2... process: wtoolsa.exe: MD5 Hash: 46b7e4edfdeb09a0d3f... process: wtoolsa.exe: MD5 Hash: d93bff6d07eaf2b5ff4... process: wtoolsa.exe: MD5 Hash: b851a4a2dfc725aa62a... process: wtoolsa.exe: MD5 Hash: 6551586a07f66e70bc5... process: wtoolsa.exe: MD5 Hash: 151d02ef12dc0f50c6c... process: wtoolsa.exe: MD5 Hash: 8ec2cc5ff14aa4b0285... process: wtoolsa.exe: MD5 Hash: f43c8204462053ac781... process: wtoolsa.exe: MD5 Hash: 98c08a7a88c61cc92d6... process: wtoolsa.exe: MD5 Hash: a28dcbaec218da4dcd5... process: wtoolsa.exe: MD5 Hash: e2bcbbedbfa2adf96da... process: wtoolsa.exe: MD5 Hash: c08566bb4a09c100789... process: wtoolsa.exe: MD5 Hash: 5cb02dc31ef88484f66... process: wtoolsa.exe: MD5 Hash: d389c6f3c60203c9954... process: wtoolsa.exe: MD5 Hash: 16365743846f47489c3... process: wtoolsa.exe: MD5 Hash: e452e04df2fc16ecbd2... process: wtoolsa.exe: MD5 Hash: 893d364626f37bafde6... process: wtoolsa.exe: MD5 Hash: b97145111eb3b73ef03... process: wtoolsa.exe: MD5 Hash: 507952696cdd170f017... process: wtoolsa.exe: MD5 Hash: 96216d4a5fa1f2683b8... process: wtoolsa.exe: MD5 Hash: cee39a509702301ecb3... process: wtoolsa.exe: MD5 Hash: 1c9a87b506bb1a420ec... process: wtoolsa.exe: MD5 Hash: 1504797e775a57ace3f... process: wtoolsa.exe: MD5 Hash: 46fced1af002dd2eba2... process: wtoolsa.exe: MD5 Hash: 26b247669656f2efbcb... process: wtoolsa.exe: MD5 Hash: 010d254085324ab6f9c... process: wtoolsa.exe: MD5 Hash: 55a095019dbf0a2d8bd... process: wtoolsa.exe: MD5 Hash: 4ebb0ff3d2075e71398... process: wtoolsa.exe: MD5 Hash: d73cbf87b0066afb3d3... process: wtoolsa.exe: MD5 Hash: 478cc069d3dee51d2a6... process: wtoolsa.exe: MD5 Hash: 22d14bdc82ece1c1545... process: wtoolss.exe: MD5 Hash: e7c87b390b8ca6c2e57... process: wtoolsa.exe: MD5 Hash: e45265168de40b83e4b... process: WSup.exe: MD5 Hash: ed55b02fec5e1f70118... process: WToolsA.exe: MD5 Hash: ed55b02fec5e1f70118... process: WToolsS.exe: MD5 Hash: 385d3b687fa303fa743... process: WToolsS.exe: MD5 Hash: 5be0b3b1733e0ed5f5e... process: WToolsS.exe: MD5 Hash: f1a59fb1243d27fd81a... process: WToolsS.exe: MD5 Hash: d945c19ef9b4193810c... process: WToolsS.exe: MD5 Hash: 2949751bfc0881e41de... process: WToolsS.exe: MD5 Hash: c72a0b097523164f274... process: wtoolsa.exe: MD5 Hash: 5dc646856c0e85a3c0d... process: wtoolsa.exe: MD5 Hash: 09951a75c4895c6d4c2... process: wtoolsa.exe: MD5 Hash: ff28ec7cdb2c0ce90d8... process: wtoolsa.exe: MD5 Hash: afc0da9ac094c58d313... process: wtoolsa.exe: MD5 Hash: e6bff68fc6aa62ac2a9... process: wtoolsa.exe: MD5 Hash: 2d7f1daef6604fc7d03... process: wtoolsa.exe: MD5 Hash: f48594177b7e4fefa4b... process: wtoolsa.exe: MD5 Hash: 69ba7fe9a2726c4942b... process: wtoolsa.exe: MD5 Hash: 9305ac9ffcaa12cf3c5... process: wtoolsa.exe: MD5 Hash: 9c112d068a202342d22... process: wtoolsa.exe: MD5 Hash: a041bb53b6d91a2f1f5... process: wtoolsa.exe: MD5 Hash: e3e64f6a0bfe6d8d702... process: wtoolsa.exe: MD5 Hash: 46885616b42915670e0... process: wtoolsa.exe: MD5 Hash: aa3aa0bcc82d4929b12... process: wtoolsa.exe: MD5 Hash: 3bc4b91d11b8cfbbb31... process: wtoolsa.exe: MD5 Hash: 564b70e678121b1fabb... process: wtoolsa.exe: MD5 Hash: 1c9b96c7f090c336d35... process: wtoolsa.exe: MD5 Hash: 8100593dc32ec4db3be... process: wtoolsa.exe: MD5 Hash: 3d4b2143b2314c11efa... process: wtoolsa.exe: MD5 Hash: 04f910bd7da156f8a40... process: wtoolsa.exe: MD5 Hash: c41a29f9ba5431da9ba... process: wtoolsa.exe: MD5 Hash: 84b235a81ee048029d5... process: wtoolsa.exe: MD5 Hash: 2cd856f49d5988738d2... process: wtoolsa.exe: MD5 Hash: 3bfe88515e4a67dc132... process: wtoolsa.exe: MD5 Hash: c5f4cc85b7d9fdc2ed6... process: wtoolsa.exe: MD5 Hash: 2d4cea48b59698c3b53... process: edow.exe: MD5 Hash: 91fb23852339b186729... process: edowpack.exe: MD5 Hash: f8010458e6074c45918... process: wtoolss.exe: MD5 Hash: ec6876259ac522c3861... process: wtoolsa.exe: MD5 Hash: a007b0d781a340a7e0b... process: wtoolsa.exe: MD5 Hash: 798c1666edbfccc680c... process: wtoolss.exe: MD5 Hash: 0b86400e41ff1c606d7... process: wtoolsa.exe: MD5 Hash: ad263abe3a024e4cfd4... process: wtoolss.exe: MD5 Hash: 16376839cad5c69e147... process: wtoolss.exe: MD5 Hash: ... process: wtoolsa.exe: MD5 Hash: 9bfcb05eca81e71f91b... process: wtoolsa.exe: MD5 Hash: 08f52c63295bb179544... process: wtoolsa.exe: MD5 Hash: 10eebf230b9b638002a... process: wtoolsa.exe: MD5 Hash: be04bd6be0cbeee0fa5... process: wtoolsa.exe: MD5 Hash: be5caeb1477f116a83d... process: wtoolsa.exe: MD5 Hash: c3f1c64911493721880... process: wtoolsa.exe: MD5 Hash: 9eb831c6f4cc2ae8164... process: wtoolsa.exe: MD5 Hash: 16f9087f624d03c7e91... process: wtoolsa.exe: MD5 Hash: 2106b04d39965cef514... process: wtoolsa.exe: MD5 Hash: ae28602732ecaae771b... process: wtoolsa.exe: MD5 Hash: 39715654efb131f1ec2... process: wtoolsa.exe: MD5 Hash: 749105e12b4d8e595e8... process: wtoolsa.exe: MD5 Hash: 97819be587666a13d3f... process: wtoolsa.exe: MD5 Hash: b58c2b5d5d8f1163a4e... process: wtoolsa.exe: MD5 Hash: e9a4ff744c2cf6fde4f... process: wtoolsa.exe: MD5 Hash: bd6d4b2c5bf5b944fed... process: wtoolsa.exe: MD5 Hash: eb1f52a1b8a6bfc224d... process: wtoolsa.exe: MD5 Hash: e7b6cdda0b22bd67341... process: wtoolsa.exe: MD5 Hash: b2423d626a5770025d2... process: wtoolsa.exe: MD5 Hash: 7cd50edeb49c021502c... process: wtoolsa.exe: MD5 Hash: 7a8a021d519439b99dd... process: wtoolsa.exe: MD5 Hash: 36720cef8d7f2a8a070... process: wtoolsa.exe: MD5 Hash: 612224046580f715f63... process: wtoolsa.exe: MD5 Hash: 024819e2cefdc6de5f3... process: wtoolsa.exe: MD5 Hash: ccd9996cc7666a2812f... process: wtoolsa.exe: MD5 Hash: 49634cd9b0f3f55d865... process: wtoolsa.exe: MD5 Hash: ed94a5f65851ac83425... process: wtoolsa.exe: MD5 Hash: f9ddb1a7b1a3a50d3da... process: wtoolsa.exe: MD5 Hash: 11527cab65b40e9d0bd... process: wtoolsa.exe: MD5 Hash: e2efc1cf828c54c4c9c... process: wtoolsa.exe: MD5 Hash: 26b512ef67816e8ae5d... process: wtoolsa.exe: MD5 Hash: 16a120e5f4bae127df3... process: wtoolsa.exe: MD5 Hash: d974388c209d9d82d7d... process: wtoolsa.exe: MD5 Hash: 1785cd07b8d108b5745... process: wtoolsa.exe: MD5 Hash: 8a87efa48d68b77e60a... process: wtoolsa.exe: MD5 Hash: 4f1aedeff1a65589df7... process: wtoolsa.exe: MD5 Hash: dd4a8a6503676d76fba... process: wtoolsa.exe: MD5 Hash: 8679c5189f309c11599... process: wtoolsa.exe: MD5 Hash: 0e6c562451efa0f56b0... process: wtoolsa.exe: MD5 Hash: 5e4608e2a1ab51a52f9... process: wtoolsa.exe: MD5 Hash: 327be5f211aff15a895... process: wtoolsa.exe: MD5 Hash: 318b6c1ecc48cb05a0c... process: wtoolsa.exe: MD5 Hash: e3c16860f24ec45c5be... process: wtoolsa.exe: MD5 Hash: b952f888fa10d09ec93... process: wtoolsa.exe: MD5 Hash: 2d329e24851e68980dd... process: wtoolsa.exe: MD5 Hash: d792f1a5abd099e5dd2... process: wtoolsa.exe: MD5 Hash: b0c5eb760c476fe5f30... process: wtoolsa.exe: MD5 Hash: d24117baf24db5890a5... process: wtoolsa.exe: MD5 Hash: b8816d33d818e790837... process: wtoolsa.exe: MD5 Hash: ac403b602703c770aac... process: wtoolsa.exe: MD5 Hash: 80bf274e11da6d03d13... process: wtoolsa.exe: MD5 Hash: fa8d3e68bac13a22908... process: wtoolsa.exe: MD5 Hash: 592ae81c0683eb17b29... process: wtoolsa.exe: MD5 Hash: e8374c0bd1395d10be5... process: wtoolsa.exe: MD5 Hash: f1aee923f732951aa21... process: wtoolsa.exe: MD5 Hash: e60c15f31e3064ac9ea... process: wtoolsa.exe: MD5 Hash: 2e879b7a6edcf6ca233... process: wtoolsa.exe: MD5 Hash: 6a318d5af40959bcb90... process: wtoolsa.exe: MD5 Hash: cb2eaed84dfb0bca0de... process: wtoolsa.exe: MD5 Hash: 8ed0aa7ace424678b39... process: wtoolsa.exe: MD5 Hash: f19b51d6afe7c4d53ae... process: wtoolsa.exe: MD5 Hash: affff1c4282351bd5f8... process: wtoolsa.exe: MD5 Hash: 29ca6b895b8910b8dfb... process: wtoolsa.exe: MD5 Hash: 401a6dd1fa97bfb4095... process: wtoolsa.exe: MD5 Hash: 55530d5fb94292d32ff... process: WToolsA.exe: MD5 Hash: ed55b02fec5e1f70118... process: WSup.exe: MD5 Hash: 3bfe88515e4a67dc132... process: WToolsS.exe: MD5 Hash: 9e761cba1be9a57e6a2... process: RemoveDisplayUtility.exe: MD5 Hash: b2978c470aa2cd7990c... process: wtoolsa.exe: MD5 Hash: 8eb37155bb29425bf3e... process: wtoolsa.exe: MD5 Hash: bb550bfd462b4ba2921... process: wtoolsa.exe: MD5 Hash: 3c59c32577ae7cefa73... process: wtoolsa.exe: MD5 Hash: e5ac78df5a3c1bb7da5... process: wtoolsa.exe: MD5 Hash: 3a21fcda69662a9a941... process: edow_as2.exe: MD5 Hash: 27811ec33b972f60b2b... process: wtoolss.exe: MD5 Hash: 9e761cba1be9a57e6a2... process: wtoolss.exe: MD5 Hash: f56ad4a9226b66b810b... process: wtoolsa.exe: MD5 Hash: e2724d285e6bb5bef77... process: wtoolsa.exe: MD5 Hash: aacea6525d11dbbdaca... process: wsup.exe: MD5 Hash: aacea6525d11dbbdaca... process: WSup.exe: MD5 Hash: 2f2d1024619090326e5... process: WToolsA.exe: MD5 Hash: 2f2d1024619090326e5... process: WToolss.exe: MD5 Hash: 72134b39dff91a448d0... process: bfmnlnft.exe: MD5 Hash: 1dc360e345fd8039e3a... process: bmhncm.exe: MD5 Hash: e3df308253dd58440de... process: qrxbvy.exe: MD5 Hash: 84211fb64e6478cea18... process: v4p118b9.exe: MD5 Hash: 20f3bd2493f4e690684... process: wtoolsa.exe: MD5 Hash: 921d092060a1c08eb7f... process: wtoolss.exe: MD5 Hash: 0b86400e41ff1c606d7... process: rifvlxmcj.exe: MD5 Hash: 9af14289b7ba6c374a9... process: 0tkrn0td.exe: MD5 Hash: 0b94b441d7eaef811a1... process: 7r7pnf19.exe: MD5 Hash: c1d1c05bc464c0833ba... process: umqltg4cl_.exe: MD5 Hash: 20f3bd2493f4e690684... process: weather.exe: MD5 Hash: d9620397bf221675950... process: WSG.exe: MD5 Hash: 4c3fce2377719b8cfc7... process: IExploreSkins.exe: MD5 Hash: 3c549ac942aaabfe9d7... process: PIB.exe: MD5 Hash: a7527f7c7433b09ac93... process: WToolsS.exe: MD5 Hash: 7ab24ad4d8198086b7d... process: wtoolsa.exe: MD5 Hash: 67f1ce887d4a7ca15dc... process: wtoolsa.exe: MD5 Hash: c79cc17682f9ac8c512... process: wtoolsa.exe: MD5 Hash: 0de67370cfce28f5812... process: wtoolsa.exe: MD5 Hash: c481da6817c2fd08666... process: wtoolsa.exe: MD5 Hash: 2bd2bcd4a1dbb670439... process: wtoolsa.exe: MD5 Hash: b4f0a947c67b379c21c... process: wtoolsa.exe: MD5 Hash: 8bfad8d7227cf014d09... process: wsup.exe: MD5 Hash: 3d1b54f50ad295de9b1... process: wtoolsa.exe: MD5 Hash: 3d1b54f50ad295de9b1... process: wtoolss.exe: MD5 Hash: 1b5766e4fc7cf51c477... process: wvqfpk.exe: MD5 Hash: e3df308253dd58440de... process: wtoolsa.exe: MD5 Hash: 43524ccdaf9f1041b6c... process: edow_as2.exe: MD5 Hash: 9df77cfb2ff9200609e... process: wtoolsa.exe: MD5 Hash: 971651506794a0a1ac5... process: wtoolss.exe: MD5 Hash: 4a746de2fba768d8d57... process: wtoolsa.exe: MD5 Hash: 00057837710a4f5ce9b... process: wtoolsa.exe: MD5 Hash: 29763e4d894e3f9f1de... process: wtoolsa.exe: MD5 Hash: 61171c819ea1a807d74... process: WToolsS.exe: MD5 Hash: 4f894bf2c5c2f55e4c7... process: wtoolsa.exe: MD5 Hash: e242657dcd3795782e4... process: wtoolsa.exe: MD5 Hash: 6b3ba59e14d0e18d25b... process: wtoolsa.exe: MD5 Hash: 8b6842b5aaefe6327af... process: wtoolsa.exe: MD5 Hash: e130619b62244197fdd... process: WToolsS.exe: MD5 Hash: 14bc53b8e0d9544285e... process: WToolsS.exe: MD5 Hash: c9b69cc6b99ffb5cfe8... process: WToolsS.exe: MD5 Hash: 5ca7ca2493be1772d56... process: wtoolsa.exe: MD5 Hash: 52a72bb5f59bd47784a... process: wtoolsa.exe: MD5 Hash: 5c02095c8c26acb31c4... process: WToolsS.exe: MD5 Hash: 96f0db3124deb877372... process: WToolsS.exe: MD5 Hash: aaaadb4ef18231a9bf0... process: WToolsS.exe: MD5 Hash: bf6c05a023c4311bbe2... process: wtoolsa.exe: MD5 Hash: 34192307dac0172d249... process: wtoolsa.exe: MD5 Hash: 418a7a4195a872430b0... process: wtoolsa.exe: MD5 Hash: dd236d4fda73b0eb237... process: wtoolsa.exe: MD5 Hash: 2df386cf076d6afb286... process: wtoolsa.exe: MD5 Hash: 79874d864d8f16f3a41... process: wtoolsa.exe: MD5 Hash: 8ce8fb5bab140c0853b... process: wsup.exe: MD5 Hash: 070bc7691b999d4e200... process: wtoolsa.exe: MD5 Hash: 070bc7691b999d4e200... process: wtoolss.exe: MD5 Hash: 20edddb7059bbbec908... process: wtoolsa.exe: MD5 Hash: dbb275da1ea3502ed57... process: wtoolsa.exe: MD5 Hash: e42242a4ae5d8bfdc48... process: wtoolsa.exe: MD5 Hash: a5f73ee7912dfba7e76... process: wtoolsa.exe: MD5 Hash: 9c40b0ab28e73dc7d86... process: wtoolsa.exe: MD5 Hash: 026e5f6fb78808e5987... process: wtoolsa.exe: MD5 Hash: 4dbc77b7cae62a288a2... process: wtoolss.exe: MD5 Hash: c6333bca9d358cec6ae... process: wtoolss.exe: MD5 Hash: 7e9c749835b3c09ad02... process: wtoolss.exe: MD5 Hash: a2f659acbbedef267a9... process: wtoolss.exe: MD5 Hash: 37c23b81b7cfe9ee73e... process: wtoolss.exe: MD5 Hash: 0570c74445c9a347797... process: wtoolss.exe: MD5 Hash: 79c2943f1d3254ed5d9... process: wintools.exe: MD5 Hash: 558a054a4057aadde93... process: wtoolss.exe: MD5 Hash: 88cc68d1b835100df96... process: wtoolss.exe: MD5 Hash: 6737f40e5621bd5b9fa... process: wtoolss.exe: MD5 Hash: 43901ab6dd57a932694... process: wtoolss.exe: MD5 Hash: 5dcc05a84a628948719... process: wtoolss.exe: MD5 Hash: fc23af4b147430b3119... process: wtoolss.exe: MD5 Hash: e6156aac7006c2632b5... process: wtoolss.exe: MD5 Hash: 3ae4ae70a3ffe2a67fa... process: wtoolss.exe: MD5 Hash: 6c6d4ea8b482e79cb00... process: wtoolss.exe: MD5 Hash: abc6ed6c2536628fd2b... process: wtoolss.exe: MD5 Hash: 8e0aee49634a6610b61... process: wtoolss.exe: MD5 Hash: 19204bc068992ee1612... process: wtoolss.exe: MD5 Hash: c59c2e2c0a663e68ead... process: wtoolss.exe: MD5 Hash: 1dffd094dcdec9c325f... process: wtoolss.exe: MD5 Hash: 097494722299f35581a... process: wtoolss.exe: MD5 Hash: 804c0483faa1c8073c0... process: wtoolss.exe: MD5 Hash: 0769351026d85e6a61b... process: wtoolss.exe: MD5 Hash: d4334cb420ddb79a44c... process: wtoolss.exe: MD5 Hash: 50bbff4a64ea67421e9... process: wsup.exe: MD5 Hash: 204462f5c12c8c557ad... process: wtoolss.exe: MD5 Hash: bd94ae89fb8b0957efc... process: wtoolss.exe: MD5 Hash: 7abe9c2cdbe988bf192... process: wtoolss.exe: MD5 Hash: e5173f4aac0c7317a61... process: wtoolss.exe: MD5 Hash: 14b2ec2c577749837f7... process: wtoolss.exe: MD5 Hash: 3a922acbca36780af7f... process: wtoolss.exe: MD5 Hash: 895808bd65c3727b852... process: wtoolss.exe: MD5 Hash: bb60f961d2960fd0e76... process: wtoolss.exe: MD5 Hash: c2a165f00a38506fcdb... process: wtoolss.exe: MD5 Hash: 96d068d80cf8e33aa6c... process: wtoolss.exe: MD5 Hash: 3c87fdc4c02cdb8bc7f... process: wtoolss.exe: MD5 Hash: 5a76b63322ae805b1c9... process: wtoolss.exe: MD5 Hash: 15539ef4a70aa4bbd94... process: wtoolss.exe: MD5 Hash: 6e501ec79808acd49ae... process: wtoolss.exe: MD5 Hash: fcbd511da8e89a5cbcc... process: wtoolsa.exe: MD5 Hash: ba6fc4b4d1314435248... process: wtoolsa.exe: MD5 Hash: 2a77f5a052d264cbdec... process: wtoolsa.exe: MD5 Hash: be1a433ecaa40346d5d... process: wtoolsa.exe: MD5 Hash: 1308bea70e765d9364f... process: wtoolsa.exe: MD5 Hash: 7999a34f92df1d3a48a... process: wtoolsa.exe: MD5 Hash: 66dad58439321878d31... process: wtoolsa.exe: MD5 Hash: 070bc7691b999d4e200... process: wtoolsa.exe: MD5 Hash: 1f36aca918b81acfb41... process: wtoolsa.exe: MD5 Hash: 9d4052bdd304b668f36... process: wtoolsa.exe: MD5 Hash: 8341266f5082868f72d..
Type: Trojan - A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy.



Top Trojan Visited Pages:
Tro.Downloader.loadadv - 411 visits
Enable Regedit - 195 visits
Java.ClassLoader.Dummy.d - 186 visits
Trojan.BankerSpy - 179 visits
RBot.steam - 86 visits
Startup.NameShifter.Xgtray - 77 visits
Tro.Bagle.SP - 59 visits
LRPatch Trojan - 58 visits
Trojan.BHO.NameShifter.EZ - 55 visits
Tro.YourStartingPage - 54 visits

Random Trojan Pages:
Startup.NameShifter.ME
Trojan.Startup.NameShifter.ipho
Startup.NameShifter.OT
Trojan.Proxy.Atiup - Alias: Trojan.Jupillites (Symantec)
Trojan.Banker.FO - Alias: TrojanSpy:Win32/Banker.FO
Trojan.Startup.NameShifter.GM
Tro.PcClien
Startup.NameShifter.MO
Startup.NameShifter.MU
Gamqowi - Alias: WORM_GAMQOWI.A


 

© 2006-2008 spyware32.com - Privacy Policy