Support Forum Articles File Help Startup DB Tips Service DB Hijack This! Analyzer


HijackThis automated log analyzer! Submit a log and you will receive ALL the information we have in our DB's on everything on your system INSTANTLY!


Click here to Run a Free Scan for pilif.exe Related Errors

What is it?
pilif.exe is a file associated with the w32.Fili@mm worm.

What does it do?
W32.Fili@mm is a generic Visual Basic worm that propagates via Microsoft Outlook and through peer-to-peer file-sharing networks. It can also spread via mIRC.

When W32.Fili@mm runs, it performs the following actions:
  1. Copies itself to %System%pilif.exe.

    Note: %System% is a variable that refers to the System folder. By default, this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).
  2. Adds the value:

    "Pilif" = "%System%pilif.exe"

    to the registry key:


    so that the worm runs when Windows starts.
  3. Creates the following files:
    • %System%adrbook
    • mIRC folderManifesto Anti Censore Pilif.txt.exe
  4. Searches for KaZaA, Morpheus, eDonkey, Grokster, limewire, ICQ, and WinMX-shared directories and copies itself as:
    • Norton 2004 crack
    • Kasperky AV Universal Key
    • Dark Coderz Alliance
    • Anti-hacker Utility
    • Cracks mega warez collection
    • Sex - totally free porn
    • Easy credit card validation
    • Yahoo hacker
    • Webmail official hacker
    • Free porn sites accounts
  5. Adds the value:
"DisableTaskMgr" = "00000001"

To the registry key:

to disable the task manager.

More info and removal instructions

Fix pilif.exe Errors: Free Scan

Recommended: Run a Free Performance Scan to automatically optimize memory, CPU and Internet Settings

pilif.exe is Spyware!

Startup DB Entries:
[pilif]"Added by the FILI WORM!" b

Service DB Entries:
Nothing Found


Every attempt has been made to ensure the information about pilif.exe is accurate but alot of malware applications try to pose as valid applications. If it is something other than what was posted above please leave some feedback in the forum.
Printer Friendly

User Comments
Security Risks - Adware Spyware
sndconfg16.exe | salm.exe | isass.exe | se.dll | kazza.exe | backweb-7288971.exe | bridge.dll | wtoolsa.exe | tkbellexe.exe | dl.exe | newdot~1.dll | wupdt.exe | mwsoemon.exe | saie.exe | webrebates0.exe | bxxs5.dll | funny.exe | 180ax.exe | randreco.exe | mssearchnet.exe | service.exe | webrebates1.exe | saap.exe | sais.exe | wsup.exe | backweb-137903.exe | sed.exe | alcmtr.exe | wo.exe | ffisearch.exe | optimize.exe | iadhide4.dll | backweb-8876480.exe | cdaengine0400.dll | istsvc.exe | newdotnet6_38.dll | Fvprotect.exe | Winupdate.exe | java.exe | cmesys.exe |