Blockdefense

Blockdefense

Found: 
2009-08-31
Known system changes: 

Created Files

  • %Desktop%BlockDefense.lnk
  • %Temp%ewx0az47.exe
  • %Windir%1z25py5409.ocx
  • %Windir%2z754worm3495.ocx
  • %Windir%3e1bsp95sz2427.ocx
  • %Windir%4c08downloade9563z.ocx
  • %Windir%4c69b5ckdoor229z.ocx
  • %Windir%5bc29hreaz10325.ocx
  • %Windir%7a9c5hrea924z52.ocx
  • %Windir%7b3edow9loadez1575.ocx
  • %Windir%7e07azdware19475.ocx
  • %Windir%11z38t9oj575.ocx
  • %Windir%12z5ddware2309.ocx
  • %Windir%26f0zpyw5re2980.ocx
  • %Windir%35a5stea5912z.ocx
  • %Windir%35c9zteal663.ocx
  • %Windir%38z1b5c9door2557.ocx
  • %Windir%39b5downloaz5r2134.ocx
  • %Windir%39e4thzef5708.ocx
  • %Windir%49fzsp95are3210.ocx
  • %Windir%49zdspar5e709.ocx
  • %Windir%59c4viz5558.ocx
  • %Windir%59e3thrza959569.ocx
  • %Windir%62bzth5ea918055.ocx
  • %Windir%65z7backdoor3197.ocx
  • %Windir%73z8viru57759.ocx
  • %Windir%359zspars551.ocx
  • %Windir%511zworm3695.ocx
  • %Windir%553ead9wzre2556.ocx
  • %Windir%587ezpyware9636.ocx
  • %Windir%659zhief592.ocx
  • %Windir%685faddw95e19z4.ocx
  • %Windir%1138z9orm53.ocx
  • %Windir%1956vir2104z.ocx
  • %Windir%1957zspambotea.ocx
  • %Windir%2099zir5s186.ocx
  • %Windir%2576back9oo546z.ocx
  • %Windir%3693thzef2995.ocx
  • %Windir%4551spzwar59443.ocx
  • %Windir%4579sparse141z.ocx
  • %Windir%5219zspy43.ocx
  • %Windir%5355virzs7459.ocx
  • %Windir%5513worm69z.ocx
  • %Windir%5518vz9us25f.ocx
  • %Windir%5816troz92b.ocx
  • %Windir%6550zh9ef252.ocx
  • %Windir%7619tzoj9d15.ocx
  • %Windir%7865t5oj2zd9.ocx
  • %Windir%7892noz-a-virus5d4.ocx
  • %Windir%8455spamboz59.ocx
  • %Windir%11039wor540az.ocx
  • %Windir%12549troj925z.ocx
  • %Windir%14245hack9zol430.ocx
  • %Windir%16924t95jz54.ocx
  • %Windir%17459vi5us5za.ocx
  • %Windir%17792tr9j55z.ocx
  • %Windir%18154spamzot592.ocx
  • %Windir%18291n9tza-virus53f5.ocx
  • %Windir%18598viz5s3539.ocx
  • %Windir%18839tr593z6.ocx
  • %Windir%22541vi9us3ze.ocx
  • %Windir%25705sza9bot728.ocx
  • %Windir%27123spamb951z2.ocx
  • %Windir%29929hacktoo55aaz.ocx
  • %Windir%29943hacktool26z5.ocx
  • %Windir%30765not-5-virusz679.ocx
  • %Windir%49159dd5zre1491.ocx
  • %Windir%54546spzmbot951.ocx
  • %Windir%95483tzoj194.ocx
  • %Windir%97901zp51aa.ocx
  • %Windir%134005ot-a-vi9zs622.ocx
  • %Windir%z76downloade5980.ocx
  • %Windir%z97dv5r2912.ocx
  • %Windir%z192spyware536.ocx
  • %Windir%z239v9r3157.ocx
  • %Windir%z318th5e91731.ocx
  • %Windir%z622s9e5l332.ocx
  • %Windir%z920sp5mbot627.ocx
  • %Windir%z3967t5oj993.ocx
  • %Windir%z3974spy7a95.ocx
  • %Windir%z59919py455.ocx

Created Folders

  • %ProgramFiles%BlockDefense Software
  • %CommonPrograms%BlockDefense

Registry Entries

  • Key: HKEY_CURRENT_USER\software\BlockDefense
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BlockDefense
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BLOCKDEFENSESVC
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BlockDefenseSvc
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BLOCKDEFENSESVC
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BlockDefenseSvc
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: 50nr6324.exe
  • Data: C:\Temp\50nr6324.exe
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: BlockDefense
  • Data: C:\Program Files\BlockDefense Software\BlockDefense\BlockDefense.exe -min