What is this folder C:\Windows\KJ having KJ.exe leading to KJvvv.Kr ?

It was found by Avast but no actionable information about it is to be found.

It looks very dicey with many sub-folders, many having those ever-friendly and helpful names.

What IS this folder and why is it there?
http://i178.photobucket.com/albums/w267/rahul_does/Sort/KJ.png

What do you mean by “found by avast” ?

What date does that folder have ? Also what does the readme text tell you ?

seems to be 7-zip related

process checker http://processchecker.com/file/K.J_12.exe.html

List of software(s) that Oleg N. Scherbakov has built: http://processchecker.com/developers_info/582/Oleg%20N.%20Scherbakov

Found by avast to be malicious. The KJ.exe was in “found” in boot time virus scan and was moved to the vault. Thence, I looked into the location and found all these folders and files.

I am not near that computer and shall get there only next month. The PC is off ever since I posted this on the forum so no harm being done.

Sorry for the late response as I was not online for all this while.

Shall get back once I have the information.

Thanks.

Attached are sreenshots of the contents of folders.

Here is the Readme.txt.


  •                            ¹öÀü ¾È³»                               *
    

Information

Product: K.J
Version: 121105
Web Site: http://kjvvv.kr

Introduction

1.Å䷱Ʈ ´Ù¿î·Îµå ±â´ÉÃß°¡

W8=À©µµ¿ìÁî 8
WS2012=¼­¹ö 2012
W8in1=x86.x64 ÄÚ¾î,ÇÁ·Î,¹Ìµð¾î¼¾ÅÍ,¿£ÅÍÇÁ¶óÀÌÁî
W8 WMCX64 64ºñÆ® º£À̽ºÀÇ ¹Ìµð¾î¼¾ÅÍ ´Üµ¶¹öÀü
S4in1=ÄÚ¾î.GUIÆ÷ÇÔ ½ºÅٴٵå,µ¥ÀÌÅͼ¾ÅÍ
W8S2012=À©µµ¿ìÁî 8 & ¼­¹ö 2012 ÅëÇÕ¹öÀü
Enterprise=¿£ÅÍÇÁ¶óÀÌÁî ¼ø¼ö¹öÀü
NetFW3.5=³ÝÇÁ·¹ÀÓ¿öÅ© 3.5 Æ÷ÇÔ
RM=º¹±¸¸ðµå Æ÷ÇÔ
VL=º¼·ý¹öÀü
PE=PE Æ÷ÇÔ
EN=¿µ¹®¹öÀü
VHDX=VHDX Æ÷ÇÔ
VM KMS=VM¿¡¼­ ±¸µ¿µÇ´Â KMS ÀÎÁõ¼­¹ö
Office 2013=º¼·ý ¿ÀÇǽº ÅëÇÕ¹öÀü ÇÑ±Û ¿µ¹® °â¿ë
DVD=DVD ½Ì±Û·¹À̾ µé¾î°¡´Â ¿ë·®
USB=USB ¶Ç´Â DVD ´õºí·¹À̾ µé¾î°¡´Â ¿ë·®

2.K.J ¹Ù·Î°¡±â ¸µÅ© ¾ÆÀÌÄÜ ¼³Ä¡¿É¼ÇÃß°¡
¹Ù·Î°¡±â ¸µÅ©¸¦ ¼³Ä¡ÇÏ¸é ½ÃÀÛ¸Þ´º¿Í ¹ÙÅÁÈ­¸é¿¡ ¹Ù·Î°¡±â ¾ÆÀÌÄÜÀÌ ¸¸µé¾î Áý´Ï´Ù.
K.J¸¦ ¿ÏÀüÈ÷ »èÁ¦ÇÒ °æ¿ì´Â K.J ¸ÞÀÎâÀÇ K.J »èÁ¦ ¹öÆ°À» ´©¸£½Ã¸é µË´Ï´Ù.

3.ÅäÅ«¹é¾÷ À©µµ¿ìÁî 8 & ¼­¹ö2012 & ¿ÀÇǽº2013 Áö¿ø
¹ÙÅÁÈ­¸é¿¡ ÅäÅ«ÀÌ ÀÚµ¿ ¹é¾÷ µË´Ï´Ù. º¹¿øÀº ¼öµ¿À¸·Î º¹¿øÇÕ´Ï´Ù.
¼öµ¿ º¹¿ø ±â´É ¹öÆ°À» ´©¸£¸é ÅäÅ«À» º¹¿øÇÒ¼ö ÀÖµµ·Ï ¼­ºñ½º°¡ Á¤ÁöµÇ¸ç ÅäÅ« À§Ä¡°¡ ¿­¸³´Ï´Ù.
ÅäÅ« º¹¿øÈÄ ÀÎÁõ¿¡ »ç¿ëÇß´ø Á¦Ç°Å°¸¦ ÀÔ·ÂÇϸé ÀÎÁõÀÌ µË´Ï´Ù.

4.¹Ìµð¾î¼¾ÅÍ ¹«·áÅ°´Ù¿î·Îµå ¸µÅ©¿Í ÀÎÁõ±â´É Ãß°¡
¸ÕÀú ¹«·áÅ°¸¦ ½ÅûÇÏ¿© ¹ÞÀº´ÙÀ½ Å°°¡ ¿À¸é ´ÙÀ½¼ø¼­·Î ÁøÇàÇÕ´Ï´Ù.
Å°°¡ ¹è´ÞµÇ¸é ¹Ìµð¾î¼¾ÅÍ ÀÎÁõ±â´É ¹öÆ°À» ½ÇÇàÇÑÈÄ Å°ÀÔ·ÂÇϴ â¿¡ ¹ÞÀºÅ°¸¦ ÀÔ·ÂÇϸéµË´Ï´Ù.

5.¸¶¿ì½º ¿À¸¥ÂÊ ¹öÆ°¿¡ °ü¸®ÀÚ ±ÇÇÑÀ¸·Î ¸í·Éâ°ú ¸Þ¸ðÀå ½ÇÇà ±â´ÉÃß°¡
ÃÖÀûÈ­-¸¶¿ì½º ¿À¸¥ÂÊ ¹öÆ° ¸Þ´º

Version:121101 º¯°æ»çÇ×

1.ÀÎÅÍ³Ý ÀͽºÇ÷η¯ °ü¸®ÀÚ ±ÇÇÑÀ¸·Î ½ÇÇà ¹ÙÅÁÈ­¸é¿¡ ¹Ù·Î°¡±â ¾ÆÀÌÄÜ ¼³Ä¡
¸¶¿ì½º ¿À¸¦ÂÊ ¹öÆ°¿¡ °ü¸®ÀÚ ±ÇÇÑ IE Ãß°¡-¹ÙÅÁÈ­¸é¿¡¼­ ¸¶¿ì½º ¿ìŬ¸¯½Ã º¸ÀÓ
ÃÖÀûÈ­-°ü¸®ÀÚ ±ÇÇÑ ¼³Á¤-°ü¸®ÀÚ ±ÇÇÑÀ¸·Î IE ½ÇÇà ¹Ù·Î°¡±â ¼³Ä¡

2.ÀÓ½ÃÆÄÀÏ Ã»¼Ò±â ºÎÆýà ÀÚµ¿À¸·Î û¼ÒÇÏ°í û¼Ò°úÁ¤Àº º¸ÀÌÁö ¾Êµµ·Ï ¼öÁ¤
ÃÖÀûÈ­-À©µµ¿ìÁî ÀÓ½ÃÆÄÀÏ Ã»¼Ò±â ¼³Ä¡

3.¿ÀÇǽº ÅäÅ«¹é¾÷ ¹ö±×¼öÁ¤
¿ÀÇǽº ¹öÀü °Ë»ç½Ã ¼³Ä¡µÈ °æ·Î·Î °Ë»çÇÏÁö ¾Ê°í
·¹Áö½ºÅ©¸®¿¡¼­ ¼³Ä¡µÈ ¹öÀüÀ» °Ë»çÇÏ´Â ¹æ½ÄÀ¸·Î º¯°æ

Version:121103 º¯°æ»çÇ×

1.¸¶¿ì½º ¿À¸¥ÂÊ ¹öÆ°¿¡ ¸í·Éâ °ü¸®ÀÚ ±ÇÇÑÀ¸·Î ½ÇÇà ¹ö±×¼öÁ¤

64ºñÆ®¿¡¼­ ¸í·ÉâÀÌ SysWOW64¿¡¼­ ¿­¸®´Â ¹®Á¦ ¼öÁ¤

2.´Ù¿î·Îµå À©µµ¿ìÁî À̹ÌÁö ¿µ¹®¹öÀü Ãß°¡

3.USB¿ë ÇÑ±Û ¿µ¹® ¸ðµÎ À©µµ¿ìÁî 8°ú ¼­¹ö 2012 ÅëÇÕ

4.À©µµ¿ìÁî 8 ¿£ÅÍÇÁ¶óÀÌÁî ¿µ¹®¹öÀü°ú Á¾ÇÕ¾ð¾îÆÑ ´Ù¿î·Îµå Ãß°¡

5.VM KMS Activation Server V6 KMS ¼­¹ö ÃæÀü½Ã ¿ÀÇǽº 2013 ÀÎÁõÇ®¸®Áö ¾Êµµ·Ï ¼öÁ¤

Version:121105 º¯°æ»çÇ×

1.¿µ¹®¹öÀü W8 8In1 NetFW3.5 RM EN DVD 32ºñÆ® º¹±¸¸ðµå Ãß°¡

2.¿µ¹®¹öÀü W8 WMCX64 NetFW3.5 RM EN DVD º¹±¸¸ðµå ¹ö±×¼öÁ¤

3.Çѱ۹öÀü W8 8in1 NetFW3.5 RM PE DVD ÆÄÀÏ¸í º¯°æ

4.Çѱ۹öÀü W8S2012 14In1 NetFW3.5 RM PE USB ºÎÆüø¼­ º¯°æ

==========================================================================
OS: XP//Vista/2008/7/R2/8/2012

Enjoy it!

I tried to be over-smart and opened the C:\Windows\KJ folder via Run command and it launched the program. Unfortunate as it were on my part, it gave me an opportunity to capture its various screens.

The Utilities page is attached. I shall update all other screens once I get some response to this one.

And, Pondus, this PC does not have 7Zip.

follow instructions http://forum.avast.com/index.php?topic=53253.0

attach Malwarebytes / OTL / aswMBR logs then essexboy will have a look when he is online

hello it looks like a nice list of cracks :smiley:

Here you go, Sirs.

What are ok cracks?

sorry I Edit my post

KJ_Starter http://www.youtube.com/watch?v=GjTBz0w4jj4

What do I do now? I am sure some visitor must have downloaded it.

So, I just delete the folder?

:slight_smile:

Yes, delete the folder, that programme will use a false licence to activate propriety software and is illegal

Thanks a tonne. How do I close this thread? Or mark it resolved?