When run, this program copies itself as HOOKDUMP.EXE file to Windows System folder and then creates a startup key for that file in the Registry:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Intel system tool"="%WinSysDir%\hookdump.exe"
where %WinSysDir% represents Windows System folder name. Then the program extracts and HTML file called SCREEN.HTML and puts it on Windows Desktop. As a result the desktop will look like that:
Disinfection & Removal
In addition the program creates an icon in System Tray and periodically displays a popup there:
All the claims that the program does using the webpage and a popup are false and are only aimed to make a user click on "Removal Instructions" link. The link points to the www.antivirus-gold.com website.
Description Created: Alexey Podrezov; July 14th, 2005;