ProAntispyware2009
ProAntispyware2009
Found:
2008-11-11
Known system changes:
Created Files
- %System%mebocolekhero.exe
- %System%ylyqsgufeely.dll
- %System%cont_mxlivemedia-remove.exe
- %ProgramFiles%Mozilla Firefox\components\nsmxlivemedia.dll
- %System%nsz1C.dll
Created Folders
- C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009
- %allusersprofile%\Application Data\Solt Lake Software
- C:\Documents and Settings\All Users\Application Data\Solt Lake Software
- %ApplicationData%Solt Lake Software
- %ApplicationData%CrucialSoft Ltd
- c:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd
Registry Entries
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Drivers\Video\Options
- Value: 4E8D9EBF-122C-42BD-A8CB-7E59C9CC08BA
- Data:
- Key: HKEY_CURRENT_USER\Software\AppDataLow
- Value:
- Data:
- Key: HKEY_CURRENT_USER\software\solt lake software
- Value:
- Data:
- Key: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
- Value: pro antispyware 2009
- Data:
- Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
- Value: wracbkwexsk
- Data:
- Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ulhnszeviacnmxbo
- Value:
- Data:
- Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
- Value: hxkjbbgyji
- Data:
- Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\cont_mxlivemedia
- Value:
- Data:
- Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{83b02fa0-64cd-da23-5fb6-9836afe987c0}
- Value:
- Data:
- Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mebocolekhero
- Value:
- Data:
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\uninstall\MS AntiSpyware 2009 5.7
- Value:
- Data:
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\uninstall\Pro Antispyware 2009 4.6
- Value:
- Data:
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- Value: Pro Antispyware 2009
- Data: "C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\proas2009.exe" /autorun
- Key: HKEY_CURRENT_USER\Software\CrucialSoft Ltd
- Value:
- Data:
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- Value: InstallProgram
- Data: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\a53202c197dc3c05efc882a7b3094099.exe
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- Value: MS AntiSpyware 2009
- Data: "C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\e3641e3e512bfaf5b9e664bea5290a2f.exe" /autorun
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\uninstall\Pro Antispyware 2009 4.7
- Value:
- Data: