Exterminate It! Antimalware

malpedia

Known threats:699,443 Last Update:August 10, 12:54

Testimonials

My computer worked insanely slow and I got all sorts of silly advertisement whenever I got onto the Internet. At a friend’s advice, I gave Exterminate-It a try and was glad that I did!

I scanned and kicked out all that adware that’d caused my PC to be so slow!

My PC is back to normal speed and I haven’t had trouble with unwanted ads ever since.

Keep up the good work!

Eric K.

File: settings.ini

Location of settings.ini and Associated Malware

Check whether settings.ini is present in the following locations:

settings.ini file locations that are Windows version independent:

  • C:\Program Files\WinAntiSpyware 2007\settings.ini

Windows 2000, Windows XP, Windows Server 2003 specific settings.ini file locations:

  • C:\Documents And Settings\USER_NAME\Application Data\CC\settings.ini
  • C:\Documents And Settings\USER_NAME\Application Data\CCntr\settings.ini
  • C:\Documents And Settings\USER_NAME\Application Data\C-Center\settings.ini
  • C:\Documents And Settings\USER_NAME\Application Data\Ctrl-Center\settings.ini
  • C:\Documents And Settings\USER_NAME\Application Data\CtrlCntr\settings.ini
  • C:\Documents And Settings\USER_NAME\Application Data\control-center\settings.ini
  • C:\Documents And Settings\USER_NAME\Application Data\CCenter\settings.ini
  • C:\Documents And Settings\USER_NAME\Application Data\pc\settings.ini
  • C:\Documents And Settings\USER_NAME\Local Settings\Temp\NI.UGES_0001_N122M2111\settings.ini
  • C:\Documents And Settings\USER_NAME\Local Settings\Temp\NI.UGDC_0001_N122M2610\settings.ini
  • C:\Documents And Settings\USER_NAME\Local Settings\Temp\NI.UWA6P_0001_N822M1605\settings.ini
  • C:\Documents And Settings\USER_NAME\Local Settings\Temp\NI.UGA6P_0001_N115M0110\settings.ini
  • C:\Documents And Settings\USER_NAME\Local Settings\Temp\NI.UGA6P_0001_N122M2210\settings.ini

Windows Vista, Windows Server 2008, Windows 7, Windows 8 specific settings.ini file locations:

  • C:\Users\USER_NAME\AppData\Roaming\CC\settings.ini
  • C:\Users\USER_NAME\AppData\Roaming\CCntr\settings.ini
  • C:\Users\USER_NAME\AppData\Roaming\C-Center\settings.ini
  • C:\Users\USER_NAME\AppData\Roaming\Ctrl-Center\settings.ini
  • C:\Users\USER_NAME\AppData\Roaming\CtrlCntr\settings.ini
  • C:\Users\USER_NAME\AppData\Roaming\control-center\settings.ini
  • C:\Users\USER_NAME\AppData\Roaming\CCenter\settings.ini
  • C:\Users\USER_NAME\AppData\Roaming\pc\settings.ini
  • C:\Users\USER_NAME\AppData\Local\Temp\NI.UGES_0001_N122M2111\settings.ini
  • C:\Users\USER_NAME\AppData\Local\Temp\NI.UGDC_0001_N122M2610\settings.ini
  • C:\Users\USER_NAME\AppData\Local\Temp\NI.UWA6P_0001_N822M1605\settings.ini
  • C:\Users\USER_NAME\AppData\Local\Temp\NI.UGA6P_0001_N115M0110\settings.ini
  • C:\Users\USER_NAME\AppData\Local\Temp\NI.UGA6P_0001_N122M2210\settings.ini

If you find settings.ini file in any of these locations, your computer is very likely to be infected with the following malware:

IMPORTANT: Malware files can be camouflaged with the same file names as legitimate files. The settings.ini file is associated with malware only if found in the locations listed above.

Notes:

Different Variations of settings.ini File^

File SizeFile Md5Last Seen
2378D5C949BCFA9FFA91D8BBA9942B6893Aug 8, 2011
23D29A41779C93E3C4D17209A0A45C1262Jan 25, 2010
18494455C655D32A52C983BC543BE6483C1Dec 17, 2009
14893C583B49ED860F2008D710DD82875A9Jan 29, 2010
1747A174B45422EF3E47AC89749885DA082Feb 15, 2010
1832918B6D1C9390A6163D4D3341A32A59DNov 28, 2010
157231089828BA0930B767EEAFC20794DA8Feb 27, 2011
15887E85D6D48B3E322E2816C7F58F0686FNov 19, 2011
21938D9ABAD6F4433DB2B68EF82F4D50AFFDec 16, 2009
241A6F06A26AF523C352279F4B313DDDF9ADec 18, 2009
21971551BE20160D6001D85D2D51CC0CAB1Dec 19, 2009
219FA9DC697E4E3816D160CFD7FBF0E9CE6Dec 20, 2009
242AFCA74FE3CB8D332AE2A9F6095A51776Dec 21, 2009
24291A652BB1F8F5B4AA28BF963F81B32CCDec 23, 2009
220D9B9153B077F88C53E59FC9D171F3035Dec 25, 2009
219697D174D785CE9E89CC4571468DC4A34Dec 25, 2009
2190D03AC2DB73BF0B300F4F39612C5804EDec 29, 2009
25566EDF63EFACF3CB3E63AD4EC33B76983Dec 29, 2009
2425C80F0823EBFFA85347F3044A18513E6Dec 30, 2009
232899FDA062B12A7AE18579EFE881EE0AFJan 1, 2010
23235BD3DCCE7CA1E51C194B3BDE8C8BC10Jan 2, 2010
241EAB8E3D914C68046265F0D231736A8E9Jan 11, 2010
257A841DB8D92777634251935B5807DD262Jan 13, 2010
230C9A9BCCDE0BFEAA30C84F43060625BC2Jan 17, 2010
23244CFE71054B3A81D912DAE7E44D2254FJan 28, 2010
246F254AFD873889E14149DD165C190A15AFeb 14, 2010
21927CD8EF847917236BA3024E0E1424533Apr 28, 2010
256879265912646BB5BA8CB1DDA96BDFB9FAug 16, 2010
2196D841B413786A4D87CF95E5B14E9BC8BNov 26, 2010
2333301409579CD1511236058E32D616FABFeb 2, 2011
2308F7AE8892708BEF87BA4AD3CA1353BDEMay 4, 2011
26905DA2637462A21F8F6775DE4DCEF06FCAug 4, 2011
168D37CD209773C3C3CC260AC0151D2B1BEMay 1, 2010
1691597FD0C883E74C02513923BA2925320Sep 3, 2010
180A724738AE4BB79BA42FBE86D9FB5CFF9Sep 30, 2010
1791C6434B797BF4CF92834CF4457147169Oct 4, 2010
1577083176B5E28A91D17484BAC09BD9DEDMay 2, 2010
168DF4A3E1F5D2A29765A3A87DE826D5060May 11, 2010
158E201927C77F2C0A3E0C3950AE931B6E6May 27, 2010
194DAF902E6997E7D28B28257988221C560Aug 5, 2010
119F51234107DF2142B90E4ACCE015A84C9Aug 23, 2010
1196848C115C7E7D6496567D0802A881ABFAug 28, 2010
119FB711FBE98EC01C887F99D974A5BEDFCSep 3, 2010
1193942515DFEEC0169396AE7BE4CDA4257Sep 25, 2010
147B211144A694985891DEE77A5F0007F37Oct 24, 2010
119021551928D8126D334A304FF2FB5CCB9Oct 28, 2010
119A5DF5DEDFE8585B70B866BE248A664F1Dec 29, 2010
119F5A302C79F61F89193F0A5F69424340AMar 12, 2011
18450A52C581A26850650E8D3562FB485CFJun 6, 2011
1194F5278F1590C22B156BA47629A151314May 10, 2012
194EE734C0BB5CD05442C38BD3E6BFEA743Aug 13, 2010
193380A3E0CD07BEE7AB71DAC835CBAFAD4May 3, 2012
180345D85B6FA7CAAF6C1363182F32A7956Apr 13, 2011
167CB92D3560B4845BE2D734DCF1D2DFA6CFeb 22, 2012

Why Is It Important to Remove Malware Files?^

It is imperative that you delete malware-associated files as soon as possible because they can be used - or are already being used - to inflict serious damage on your PC, including:

  • Disrupting the normal functioning of the operating system or rendering it completely useless.
  • Hijacking valuable private information (credit card numbers, passwords, PIN codes, etc.)
  • Directing all your Web searches to the same unwanted or malicious sites.
  • Dramatically slowing down your computer.
  • Gaining total control of your PC to spread viruses and trojans and send out spam.

How to Remove settings.ini^

  1. To enable deleting the settings.ini file, terminate the associated process in the Task Manager as follows:
    • Right-click in the Windows taskbar (a bar that appears along the bottom of the Windows screen) and select Task Manager on the menu.
    • In the Tasks Manager window, click the Processes tab.
    • On the Processes tab, select settings.ini and click End Process.
  2. Using your file explorer, browse to the file using the paths listed in Location of settings.ini and Associated Malware.
  3. Select the file and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. Repeat steps 2-4 for each location listed in Location of settings.ini and Associated Malware.
  6. Notes:

    • The deletion of settings.ini will fail if it is locked; that is, it is in use by some application (Windows will display a corresponding message). For instructions on deleting locked files, see Deleting Locked Files.
    • The deletion of settings.ini will fail if your Windows uses the NT File System (NTFS) and you have no write rights for the file. Request your system administrator to grant you write rights for the file.

Deleting Locked Files^

You can delete locked files with the RemoveOnReboot utility. You can install the RemoveOnReboot utility from here.

After you delete a locked file, you need to delete all the references to the file in Windows registry.

To delete a locked file:

  1. Right-click on the file and select Send To -> Remove on Next Reboot on the menu.
  2. Restart your computer.

The file will be deleted on restart.

Note: In the case of complex viruses that can replicate themselves, malware files can reappear in the same locations even after you have deleted those files and restarted your computer. Exterminate It! Antimalware can effectively eradicate such viruses from your computer.

To remove all registry references to a settings.ini malware file:

  1. On the Windows Start menu, click Run.
  2. In the Open box, type regedit and click OK. The Registry Editor window opens.
  3. On the Edit menu, select Find.
  4. In the Find dialog box, type settings.ini. The name of the first found registry value referencing settings.ini is highlighted in the right pane of the Registry Editor window.
  5. Right-click the registry value name and select Delete on the menu.
  6. Click Yes in the Confirm Value Delete dialog box.
  7. To delete all other references to settings.ini, repeat steps 4-6.
IMPORTANT: Malware files can masquerade as legitimate files by using the same file names. To avoid deleting a harmless file, ensure that the Value column for the registry value displays exactly one of the paths listed in Location of settings.ini and Associated Malware.