WinAntiSpyware

Lavasoft Malware Lab's Rogue Gallery
What's a Rogue?
Latest - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z - Submit a Rogue

WinAntiSpyware

Found: 
2006-02-08
Known system changes: 

Created Files

  • %ApplicationData%\microsoft\internet explorer\quick launch\winantispyware 2006 scanner.lnk
  • %Desktop%\winantispyware 2006 scanner.lnk
  • %System%\drivers\uwasfsd.sys
  • %ApplicationData%\microsoft\internet explorer\quick launch\winantispyware 2005.lnk
  • %Desktop%\winantispyware 2005.lnk
  • %Desktop%\winantispyware 2007.lnk
  • %Temp%\winantispyware2007setup.exe
  • %Temp%~DF50F9.tmp
  • %ProgramFiles%WinAntiSpyware 2007 Free\msvcp71.dll
  • %ProgramFiles%WinAntiSpyware 2007 Free\shellext.dll

Created Folders

  • %CommonPrograms%\winantispyware 2006 scanner
  • %ProgramFiles%\winantispyware 2006 scanner
  • %Temp%\ni.uwas6_0001_n68m2301
  • %CommonPrograms%\winantispyware 2005
  • %ProgramFiles%\winantispyware 2005
  • %CommonProgramFiles%\winsoftware
  • %ProgramFiles%\winantispyware
  • %ApplicationData%\winantispyware
  • %CommonPrograms%\winantispyware
  • %ProgramFiles%\winantispyware 2006
  • %ProgramFiles%\common files\winantispyware 2006
  • %Temp%\temp.fr940a
  • %Temp%\ni.uwas7_0001_n91m1112
  • %ProgramFiles%WinAntiSpyware 2007
  • %CommonProgramFiles%WinAntiSpyware 2007
  • %ApplicationData%SalesMonitor
  • %ApplicationData%WinAntiSpyware 2007
  • %ProgramFiles%WinAntiSpyware 2007 Free
  • %ProgramFiles%Common Files\WinAntiSpyware 2007 Free
  • %ProgramFiles%Common Files\WinAntiSpyware 2007

Registry Entries

  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: salestart
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: DC6_check
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{1230649b-b980-44a5-b259-9b09ebea6331}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{1236de55-eded-4675-af10-ba15eddb4d7a}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{943137b1-d72d-430c-877a-6cb20bbaa4b7}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{abcd4567-76b5-4bc7-aac5-396d70925b11}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\interface\{4567ab12-a884-4ca6-b739-cedb12fef096}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\interface\{abcd4567-4d73-43e9-85e5-53a2dbd95411}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\interface\{abcd4567-d8e8-4df1-a3ea-d0aa72f42611}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\typelib\{12398a44-7dfc-4c46-bd8f-41259d169a0d}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\typelib\{4567ab12-ae24-4fd6-b479-e2b464f32da6}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\typelib\{abcd4567-7437-43ef-ab74-4ab1d3a37411}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\uwas6.uwas6
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\uwasfsd.creationnotifier
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\uwasfsd.creationnotifier.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\uwashellext.shellhook
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\uwashellext.shellhook.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\uwashellext.wascontextmenu
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\uwashellext.wascontextmenu.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{6fa2d090-630c-49cf-be48-031c38cb3995}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\appid\{4d05a335-1a1c-46b3-bcff-7f25b326895c}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\appid\{8c65aef6-e413-4314-815b-82717a3f1603}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\appid\{c7bece44-7803-49ce-8cae-49ca56ec8dcf}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\appid\checkproduct2.dll
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\appid\filecreationfilter.dll
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\appid\monitoragents.exe
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\checkproduct2.checkproduct
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\checkproduct2.checkproduct.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{328ba26a-1619-47ee-a37d-7d7a6ab1b000}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{8576de55-eded-4675-af10-ba15eddb4d7a}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{d4c0649b-b980-44a5-b259-9b09ebea6331}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{e69f0d6a-1c69-4a04-8709-5eac2019d9be}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\interface\{27967fbc-694b-41a6-8cce-30e59292350e}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\interface\{2de308a0-a884-4ca6-b739-cedb12fef096}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\interface\{4f79d1c5-24f9-4e59-8022-604d4b41d5ca}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\interface\{c0a3779c-3345-4150-bd63-c399eb32661e}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\monitoragents.washellexecutecheck
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\monitoragents.washellexecutecheck.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\shellext.shellhook
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\shellext.shellhook.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\shellext.wascontextmenu
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\shellext.wascontextmenu.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\typelib\{2b798a44-7dfc-4c46-bd8f-41259d169a0d}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\typelib\{4d05a335-1a1c-46b3-bcff-7f25b326895c}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\typelib\{fc0b8eb8-ae24-4fd6-b479-e2b464f32da6}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\vapfm.creationnotifier
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\vapfm.creationnotifier.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{c029d2d2-a58f-43f2-9426-0443c3194508}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{_clsid_washellexecutecheck}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\*\shellex\contextmenuhandlers\exploreruwas
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\directory\shellex\contextmenuhandlers\exploreruwas
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\drive\shellex\contextmenuhandlers\exploreruwas
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{9c651b8a-7d9e-41ec-bb66-a70bd87f601e}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{4567ab12-b980-44a5-b259-9b09ebea6331}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{abcd4567-76b5-4bc7-aac5-396d70925b22}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{f1b89ee4-274e-4d05-9e6d-bb5c4ab9efc0}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\interface\{abcd4567-4d73-43e9-85e5-53a2dbd95422}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\typelib\{abcd4567-7437-43ef-ab74-4ab1d3a37422}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\wasfsd.creationnotifier
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\wasfsd.creationnotifier.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\washellext.shellhook
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\washellext.shellhook.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\washellext.wascontextmenu
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\washellext.wascontextmenu.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\waspchk.waspchk
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{c8e8a367-fb73-463c-9bd6-48025f9e6bfd}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{3960581e-4f06-4a3e-a67f-9b448ac97b43}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{4567ab12-eded-4675-af10-ba15eddb4d7a}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\typelib\{4567ab12-7dfc-4c46-bd8f-41259d169a0d}
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\software\winantispyware 2006 scanner
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\software\winsoftware\winantispyware 2005
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\software\winantispyware 2007 free
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\software\winantispyware 2006
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\winantispyware 2006 scanner_is1
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\winantispyware 2006 scanner
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\system\controlset001\services\uwasfsd
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\system\currentcontrolset\services\uwasfsd
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks
  • Value: {1230649B-B980-44A5-B259-9B09EBEA6331}
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: WinAntiSpyware 2006 Scanner
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\was5_is1
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\winsoftware\winantispyware 2005
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks
  • Value: {D4C0649B-B980-44A5-B259-9B09EBEA6331}
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: WinAntiSpyware 2005
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\winantispyware 2007 free_is1
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\winantispyware 2007 free
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: ERS_check
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: uwas7cw
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: winantispyware 2007 free
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\winantispyware 2006
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\system\controlset001\services\wasfsd
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\system\currentcontrolset\services\wasfsd
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\was7_is1
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\winantispyware 2007
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\system\controlset001\services\apimon
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\system\currentcontrolset\services\apimon
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks
  • Value: {4567ab12-b980-44a5-b259-9b09ebea6331}
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls
  • Value: C:\Program Files\WinAntiSpyware 2006 Scanner\uwasffNT.exe
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls
  • Value: C:\WINNT\System32\drivers\uwasfsd.sys
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls
  • Value: C:\Program Files\Common Files\WinSoftware\PCheck.dll
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls
  • Value: C:\Program Files\Common Files\WinSoftware\WFF.exe
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls
  • Value: C:\WINNT\System32\drivers\WFF.sys
  • Data:
  • Key: HKEY_CURRENT_USER\software\winantispyware 2007
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\winantispyware 2007
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\system\controlset001\enum\root\legacy_fopn
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\system\controlset001\services\fopn
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_fopn
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\system\currentcontrolset\services\fopn
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\*\shellex\contextmenuhandlers\explorerwas
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\ExplorerWAS
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\ExplorerWAS
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\clsid\{1f68b870-78bd-4574-a341-cdd75e43bb51}
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: dc6_check
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: ers_check
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: uwas7cw
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: wasmonitor
  • Data:
  • Key: HKEY_CLASSES_ROOT\Interface\{4567AB12-A884-4CA6-B739-CEDB12FEF096}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\TypeLib\{4567AB12-AE24-4FD6-B479-E2B464F32DA6}
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Mirabilis
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\setup
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\policies\microsoft\internet explorer\restrictions
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\CLSID\{4567AB12-EDED-4675-AF10-BA15EDDB4D7A}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\TypeLib\{4567AB12-7DFC-4C46-BD8F-41259D169A0D}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\washellext.WASContextMenu
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\washellext.WASContextMenu.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\CLSID\{_CLSID_WAShellExecuteCheck}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\CLSID\{4567AB12-B980-44A5-B259-9B09EBEA6331}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\washellext.ShellHook
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\washellext.ShellHook.1
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WAS7_is1
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ApiMon
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ApiMon
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
  • Value: {4567AB12-B980-44A5-B259-9B09EBEA6331}
  • Data: WinAntiSpyware Shell Hook
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Value: was7cw
  • Data: C:\Program Files\Common Files\WinAntiSpyware 2007\was7cw.exe -c
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Value: WinAntiSpyware 2007
  • Data: "C:\Program Files\WinAntiSpyware 2007\was7.exe" /min

Lavasoft is the maker of Ad-Aware, the world's most popular anti-malware software with over 450 million downloads.
© 2024 Lavasoft. All rights reserved.
Terms Of Use |   Privacy Policy


x

Our best antivirus yet!

Fresh new look. Faster scanning. Better protection.

Enjoy unique new features, lightning fast scans and a simple yet beautiful new look in our best antivirus yet!

For a quicker, lighter and more secure experience, download the all new adaware antivirus 12 now!

Download adaware antivirus 12
No thanks, continue to lavasoft.com
close x

Discover the new adaware antivirus 12

Our best antivirus yet

Download Now