Windows 8 was released on October 26, 2012, and introduced features such as the new Start screen, the Charms, apps, and touchscreen support for devices such as the new Surface tablet. Notably, this logo ditched the flag design that had been used since 2001, as well as the three-dimensional Aero theme, replacing it with a simple window tilted to the left, designed by Pentagram. This logo was unveiled on Windows 8 Consumer Preview, released in February 2012. UninstallString = "%System%\scan\svchost.Microsoft overhauled their logo again to fit in with the new Metro design language on Windows 8, which removed the colors to become all blue and introduced a slightly modified Segoe font.In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mIRC.In HKEY_LOCAL_MACHINE\SOFTWARE\The Silicon Realms Toolworks\Armadillo.C%%WINDOWS%system32%scan = "%System%\scan".In HKEY_CURRENT_USER\Software\WinRAR SFX.HKEY_LOCAL_MACHINE>Software>Classes>irc>Shell>open>ddeexec HKEY_LOCAL_MACHINE>Software>Classes>irc>Shell>open HKEY_CLASSES_ROOT>ChatFile>Shell>open>ddeexec HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>CurrentVersion>Uninstall Again Still in the left panel, locate and delete the key:.
HKEY_LOCAL_MACHINE>Software>The Silicon Realms Toolworks
In the left panel, double-click the following:.» For Windows 8, Windows 8.1, and Windows Server 2012 (R2) users, right-click on the lower left corner of the screen, click Run, type regedit in the text box provided, and then press Enter. » For Windows Vista, Windows 7, and Windows Server 2008 (R2) users, click the Start button, type regedit in the Search input field then press Enter. » For Windows 2000, Windows XP, and Windows Server 2003 users, click Start>Run, type regedit in the text box provided, and then press Enter. To delete the registry key this malware/grayware created: In HKEY_LOCAL_MACHINE\Software\Classes\irc\Shell\open\ddeexec.In HKEY_LOCAL_MACHINE\Software\Classes\irc\Shell\open.In HKEY_LOCAL_MACHINE\Software\Classes\irc.In HKEY_CLASSES_ROOT\ChatFile\Shell\open\ddeexec.In HKEY_CLASSES_ROOT\ChatFile\Shell\open.In HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall.In HKEY_LOCAL_MACHINE\Software\The Silicon Realms Toolworks.Else, check this Microsoft article first before modifying your computer's registry. Please do this step only if you know how or you can ask assistance from your system administrator. Important: Editing the Windows Registry incorrectly can lead to irreversible system malfunction. This report is generated via an automated analysis system. UninstallString = "%System%\scan\svchost.exe -uninstall" HKEY_LOCAL_MACHINE\SOFTWARE\The Silicon Realms Toolworks\ HKEY_LOCAL_MACHINE\Software\The Silicon Realms Toolworks\Ĭ%%WINDOWS%system32%scan = "%System%\scan" (Note: %System% is the Windows system folder, which is usually C:\Windows\System32.) This Trojan creates the following folders: This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. INITIAL SAMPLES RECEIVED DATE: 05 сентября 2014