Exterminate It! Antimalware

malpedia

Known threats:699,443 Last Update:August 10, 12:54

Testimonials

Dear Exterminate It,
I just wanted to take a moment to say thank you.
Your response and the update has fixed my problem.
I have spent several weeks fiddling around trying to resolve it, and could not and my previous Anti-Virus program could find it but not fix it.

THANK YOU, THANK YOU, THANK YOU!!!

Sincerely yours,
Bountiful, Utah

David S. B.

Refpron- Registry Values List

This is a complete list of Refpron registry values collected by Exterminate It!. If you find any of these registry values on your PC, your computer is very likely to be infected with the Refpron - trojan.

IMPORTANT: Because the registry is a core component of your Windows system, it is strongly recommended that you back up the registry before you begin deleting keys and values. For information about backing up the Windows registry, refer to the Registry Editor online help.
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]buildw=axCkSbYiW3h/5pH
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=eNv8YK7pndfGoB
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=c4WhdvS7ZzP
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=Z1v/cc52Wm/JXD
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]buildw=PlAdkM3dDgnvV+L
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EQ19UQNSHPBKoB
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=c4WhdvS7ZjP
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=FFQv
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN+BxBu9I+NYnLEmA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=PtxuKR/9
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=js02
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]buildw=KNQSSeYHDFwmQMB
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=bb090621
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=bb090719
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EMFO7myTApA5bC
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=Z1v/cUZf
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=ucsp0416
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=aIPygslX+yE
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]buildw=d9bTjNwo6cvKYA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EA1o0oS+yDAN5D
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=dh6nwptN
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=Pth7xHQ3
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EclCtbavDysdnA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=ahDo/bPEfS1AXB
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]buildw=ZNOvzoFJALtT
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=sy1
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=bb090720
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EUlqQqZg1zrMwC
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=Z1//En4Bn20HqA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=UB+WhIzv1A
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=dh6nwhNVX2D5bC
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/E4l1kOktTy/A+D
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=bb1025
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]buildw=PNxciry9BiL
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZamo5wSQThwQJSLZVSqDc216G
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=dh6nwhdVClC
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=MBndapYWZZG
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EclCpPlGOonCh+P
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=Nt4xcB
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/E4l0oxZEHUA/UC
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/Ec1CYiYdlXppVgA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=dh6n7lvkW8I5RD
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=aIPygslX+yk0
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EUlrQfZ4w+CqeB
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EIlCnrKlcKDGJC
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EcVC/8o/FpWWsGO
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=PthuYOCPY7TXXC
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=kl1
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]muser=nc0728x
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=ahDo/b/FjhQVfD
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN+BRBO6IXp0CymlB
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EA1o2kpQXaJwnB
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=ahDo/bPEe2K
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=oa
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/E8FmdIkIkvFoJA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=eN/8OB0dibjDVC
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EUVqpXerAYWQsA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EclCqDw4K1u/5kB
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=PthuZGNzGYmYVD
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/E8VnCUYzFwJcIB
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=Z1//PbaBi02d6B
  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run]tcyz46=[%PROFILE_TEMP%]\l84alx.exe
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZamo5wSQTh0QEVrD4KJ6xQqfK
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EEFXiRKuSlNMyD
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=PtxuBVrvYey6LC
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=tt1
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN+BRhPtfgiWGJ44B
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=Z1//M3h2
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalg35urZzBCetDB+L8ZbrynnvnhfH/bq32CA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=ahDo/bPEeGqhJA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN+BhxffabAc2UOUC
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/E411RxRCmy48VC
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=dh6nxhYTNTN
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EIVB83LRLo071D
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=cZZo/jJ+1PRrdA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=KFRDCT4gEA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=Z1//En4Bm650oD
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]buildw=BdU9Nc3qmVpBlJF
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EE1VkpReeJaxnC
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/E8FmY0F58Zz1ZA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]buildw=+xwu0L9dgCXlQYai
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/E4F2XIcY1FLSeB
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EUFr053gBLkkVA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=Z1//EnICV1cG9C
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/E4l1mWitwEcvZD
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=c4WhdvC7rgN
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EQF+GTjN2O3IoC
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/Ec1Cd2IYQQ9G6xM
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=dhqnDZDXH4ANNA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EIFBPTpMSODURB
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=Z1//Ev4+7qAPJB
  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run]tcyz46=[%SYSTEM_DRIVE%]\Temp\l84alx.exe
  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run]tcyz46=[%PROFILE_TEMP%]\1\l84alx.exe
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalg35urZzBCetDB+L8Zbry33+FXW+aIRL0C
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=Z1//EvI+twdP5D
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EUlpXp3pf2g4rC
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=DFrcPg/Gw7G+mA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=[%USER_RECYCLE_BIN%]\
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN/EE1UhkIWG/sRjA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=DF7c78+mHdvzCA
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=N1YO
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=Z1v/fMyH6bjaHD
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=d5bX
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=diwc0323
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]uid=MBndRlUrgHM
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]udaf=tRZalgV9DvmAx30bWO0VyJN+Bpx1kDIFjcGj+B
  • [HKEY_LOCAL_MACHINE\software\microsoft\wbem]m=dh6nwhdULoG