ProAntispyware2009

ProAntispyware2009

Found: 
2008-11-11
Known system changes: 

Created Files

  • %System%mebocolekhero.exe
  • %System%ylyqsgufeely.dll
  • %System%cont_mxlivemedia-remove.exe
  • %ProgramFiles%Mozilla Firefox\components\nsmxlivemedia.dll
  • %System%nsz1C.dll

Created Folders

  • C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009
  • %allusersprofile%\Application Data\Solt Lake Software
  • C:\Documents and Settings\All Users\Application Data\Solt Lake Software
  • %ApplicationData%Solt Lake Software
  • %ApplicationData%CrucialSoft Ltd
  • c:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd

Registry Entries

  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Drivers\Video\Options
  • Value: 4E8D9EBF-122C-42BD-A8CB-7E59C9CC08BA
  • Data:
  • Key: HKEY_CURRENT_USER\Software\AppDataLow
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\software\solt lake software
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
  • Value: pro antispyware 2009
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: wracbkwexsk
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ulhnszeviacnmxbo
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: hxkjbbgyji
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\cont_mxlivemedia
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{83b02fa0-64cd-da23-5fb6-9836afe987c0}
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mebocolekhero
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\uninstall\MS AntiSpyware 2009 5.7
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\uninstall\Pro Antispyware 2009 4.6
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: Pro Antispyware 2009
  • Data: "C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\proas2009.exe" /autorun
  • Key: HKEY_CURRENT_USER\Software\CrucialSoft Ltd
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: InstallProgram
  • Data: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\a53202c197dc3c05efc882a7b3094099.exe
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: MS AntiSpyware 2009
  • Data: "C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\e3641e3e512bfaf5b9e664bea5290a2f.exe" /autorun
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\uninstall\Pro Antispyware 2009 4.7
  • Value:
  • Data: