Support Forum Articles File Help Startup DB Tips Service DB Hijack This! Analyzer

 

HijackThis automated log analyzer! Submit a log and you will receive ALL the information we have in our DB's on everything on your system INSTANTLY!

pilif.exe


Click here to scan for pilif.exe Related Errors and Optimize PC performance

pilif.exe
What is it?
pilif.exe is a file associated with the w32.Fili@mm worm.

What does it do?
W32.Fili@mm is a generic Visual Basic worm that propagates via Microsoft Outlook and through peer-to-peer file-sharing networks. It can also spread via mIRC.

When W32.Fili@mm runs, it performs the following actions:
  1. Copies itself to %System%pilif.exe.

    Note: %System% is a variable that refers to the System folder. By default, this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).
  2. Adds the value:

    "Pilif" = "%System%pilif.exe"

    to the registry key:

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun

    so that the worm runs when Windows starts.
  3. Creates the following files:
    • %System%adrbook
    • mIRC folderManifesto Anti Censore Pilif.txt.exe
  4. Searches for KaZaA, Morpheus, eDonkey, Grokster, limewire, ICQ, and WinMX-shared directories and copies itself as:
    • Norton 2004 crack
    • Kasperky AV Universal Key
    • Dark Coderz Alliance
    • Anti-hacker Utility
    • Cracks mega warez collection
    • Sex - totally free porn
    • Easy credit card validation
    • Yahoo hacker
    • Webmail official hacker
    • Free porn sites accounts
  5. Adds the value:
"DisableTaskMgr" = "00000001"

To the registry key:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersion
PoliciesSystem

to disable the task manager.

More info and removal instructions
@symantec

Fix pilif.exe Errors: Free Scan

Recommended: Run a Free Performance Scan to automatically optimize memory, CPU and Internet Settings




pilif.exe is Spyware!

Startup DB Entries:
[pilif]"Added by the FILI WORM!" b

Service DB Entries:
Nothing Found

Disclaimer

Every attempt has been made to ensure the information about pilif.exe is accurate but alot of malware applications try to pose as valid applications. If it is something other than what was posted above please leave some feedback in the forum.
Printer Friendly

User Comments
Security Risks - Adware Spyware
sndconfg16.exe | salm.exe | isass.exe | se.dll | kazza.exe | backweb-7288971.exe | bridge.dll | wtoolsa.exe | tkbellexe.exe | dl.exe | newdot~1.dll | wupdt.exe | mwsoemon.exe | saie.exe | webrebates0.exe | bxxs5.dll | funny.exe | 180ax.exe | randreco.exe | mssearchnet.exe | service.exe | webrebates1.exe | saap.exe | sais.exe | wsup.exe | backweb-137903.exe | sed.exe | alcmtr.exe | wo.exe | ffisearch.exe | optimize.exe | iadhide4.dll | backweb-8876480.exe | cdaengine0400.dll | istsvc.exe | newdotnet6_38.dll | Fvprotect.exe | Winupdate.exe | java.exe | cmesys.exe |