Worm.Win32.AutoRun.bkxp
Worm.Win32.AutoRun.bkxp is a computer worm that can replicate across existing networks. Worm.Win32.AutoRun.bkxp is able to infect and overwrite files with its own body in order to execute malicious activities. The presence of Worm.Win32.AutoRun.bkxp will cause a system to deteriorate in performance therefore it is best to remove this threat upon detection.
File System Details
Worm.Win32.AutoRun.bkxp may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %ProgramFiles%\Changetech | |
| 2. | %ProgramFiles%\Changetech\iSpeak6.5\cache | |
| 3. | %ProgramFiles%\Changetech\iSpeak6.5\cache\urlver | |
| 4. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal | |
| 5. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\button\hover | |
| 6. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\button\pushedoff | |
| 7. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\FrameWindow | |
| 8. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\FrameWindow\TitleBar\active | |
| 9. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\FrameWindow\TitleBar\MiniButton | |
| 10. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\Ime\CandidateBox | |
| 11. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\Ime\ImeWindow\Shape | |
| 12. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\MultiColumnList | |
| 13. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\MultiLineEditbox\ThinBorder | |
| 14. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\scrollbar\MiniVert | |
| 15. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\ScrollPane\Vert | |
| 16. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\slider\vert | |
| 17. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button | |
| 18. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button\bottom\normal | |
| 19. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button\top | |
| 20. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button\top\normal | |
| 21. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button\top\selected\ThinBorder | |
| 22. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\ContentPane | |
| 23. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\Tree | |
| 24. | %ProgramFiles%\Changetech\iSpeak6.5\face | |
| 25. | %CommonPrograms%\iSpeak6.5 | |
| 26. | %ProgramFiles%\Changetech\iSpeak6.5\0 | |
| 27. | %ProgramFiles%\Changetech\iSpeak6.5\cache\tv | |
| 28. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs | |
| 29. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\button | |
| 30. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\button\pushed | |
| 31. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\Editbox | |
| 32. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\FrameWindow\TitleBar | |
| 33. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\FrameWindow\TitleBar\deactive | |
| 34. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\Ime | |
| 35. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\Ime\ImeWindow | |
| 36. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\mousecursor | |
| 37. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\MultiLineEditbox | |
| 38. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\scrollbar\MiniHorz | |
| 39. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\ScrollPane\Horz | |
| 40. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\slider\horz | |
| 41. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl | |
| 42. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button\bottom\hover | |
| 43. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button\bottom\selectedhover | |
| 44. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button\top\hover\ThinBorder | |
| 45. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button\top\selected | |
| 46. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button\top\selectedhover\ThinBorder | |
| 47. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\ToolTip | |
| 48. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\errinfo | |
| 49. | %ProgramFiles%\Changetech\iSpeak6.5\skin | |
| 50. | %CommonAppData%\iSpeak | |
| 51. | %ProgramFiles%\Changetech\iSpeak6.5 | |
| 52. | %ProgramFiles%\Changetech\iSpeak6.5\cache\Ad | |
| 53. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles | |
| 54. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images | |
| 55. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\button\normal | |
| 56. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\Checkbox | |
| 57. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\FrameWindow\ThinBorder | |
| 58. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\FrameWindow\TitleBar\CloseButton | |
| 59. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\FrameWindow\TitleBar\ThinBorder | |
| 60. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\Ime\CompositionBox | |
| 61. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\Ime\ImeWindow\Symbole | |
| 62. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\MultiColumnList\Header | |
| 63. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\scrollbar | |
| 64. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\ScrollPane | |
| 65. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\slider | |
| 66. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\static | |
| 67. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button\bottom | |
| 68. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button\bottom\selected | |
| 69. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button\top\hover | |
| 70. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button\top\normal\ThinBorder | |
| 71. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\button\top\selectedhover | |
| 72. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal\images\TabControl\ContentPane\ThinBorder | |
| 73. | %ProgramFiles%\Changetech\iSpeak6.5\datafiles\configs\QinHeIS-skin-normal-SP | |
| 74. | %ProgramFiles%\Changetech\iSpeak6.5\Images |
Registry Details
Worm.Win32.AutoRun.bkxp may create the following registry entry or registry entries:
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2933BF81-7B36-11D2-B20E-00C04F983E60}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2933BF84-7B36-11D2-B20E-00C04F983E60}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2933BF87-7B36-11D2-B20E-00C04F983E60}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2933BF8A-7B36-11D2-B20E-00C04F983E60}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2933BF8F-7B36-11D2-B20E-00C04F983E60}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44EC0535-400F-11D0-9DCD-00A0C90391D3}\1.0\0\win32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}\InprocServer32]
Version =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2933BF83-7B36-11D2-B20E-00C04F983E60}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2933BF86-7B36-11D2-B20E-00C04F983E60}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2933BF89-7B36-11D2-B20E-00C04F983E60}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2933BF8E-7B36-11D2-B20E-00C04F983E60}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3EFAA426-272F-11D2-836F-0000F87A7782}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2933BF90-7B36-11d2-B20E-00C04F983E60}\SideBySide]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2933BF80-7B36-11D2-B20E-00C04F983E60}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2933BF82-7B36-11D2-B20E-00C04F983E60}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2933BF85-7B36-11D2-B20E-00C04F983E60}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2933BF88-7B36-11D2-B20E-00C04F983E60}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2933BF8B-7B36-11D2-B20E-00C04F983E60}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3EFAA413-272F-11D2-836F-0000F87A7782}\TypeLib]
