Wednesday, November 19, 2008

Adware.Ezula Adware

How To Remove Adware.Ezula?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Adware.Ezula is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.


Adware.Ezula It also known as:

[McAfee]Adware-Ezula;
[Panda]Adware/eZula

Adware.Ezula Symptoms:

Files:
[%PROGRAM_FILES%]\Go!Zilla\GoIEHlp.dll
[%SYSTEM%]\ezstub.exe
[%SYSTEM%]\stub.exe
[%WINDOWS%]\ezinstall.exe
[%WINDOWS%]\inetpal\m3tsp8.exe
[%DESKTOP%]\easy mp3 alarm clock.lnk
[%DESKTOP%]\great offers!.url
[%PROFILE%]\administrator\start menu\programs\earn\earn website.url
[%PROFILE%]\administrator\start menu\programs\toptext ilookup\feedback.url
[%PROFILE%]\administrator\start menu\programs\toptext ilookup\help.url
[%PROFILE%]\administrator\start menu\programs\toptext ilookup\my keywords.lnk
[%PROFILE%]\administrator\start menu\programs\toptext ilookup\my preferences.lnk
[%PROFILE%]\administrator\start menu\programs\toptext ilookup\readme.url
[%PROFILE%]\administrator\start menu\programs\toptext ilookup\toptext button show - hide.lnk
[%PROFILE%]\all users\start menu\easy mp3 alarm clock.lnk
[%PROGRAMS%]\filesubmit\install adaysdreamss.zip.lnk
[%PROGRAMS%]\filesubmit\uninstall adaysdreamss.zip.lnk
[%SYSTEM%]\eabh.dll
[%SYSTEM%]\ezstubtt.exe
[%SYSTEM%]\goiehlp.dll
[%WINDOWS%]\downloaded program files\ezstub.dll
[%WINDOWS%]\downloaded program files\ezstub.inf
[%WINDOWS%]\downloaded program files\ezug.dll
[%WINDOWS%]\downloaded program files\ezulaboot.dll
[%WINDOWS%]\downloaded program files\ezulaboot.inf
[%WINDOWS%]\ezulains.exe
[%WINDOWS%]\ezulastb.exe
[%WINDOWS%]\oleacc.dll
[%WINDOWS%]\system\eabh.dll
[%WINDOWS%]\system\ezstub.exe
[%WINDOWS%]\system\goiehlp.dll
[%WINDOWS%]\system\stub.exe
[%PROGRAM_FILES%]\Go!Zilla\GoIEHlp.dll
[%SYSTEM%]\ezstub.exe
[%SYSTEM%]\stub.exe
[%WINDOWS%]\ezinstall.exe
[%WINDOWS%]\inetpal\m3tsp8.exe
[%DESKTOP%]\easy mp3 alarm clock.lnk
[%DESKTOP%]\great offers!.url
[%PROFILE%]\administrator\start menu\programs\earn\earn website.url
[%PROFILE%]\administrator\start menu\programs\toptext ilookup\feedback.url
[%PROFILE%]\administrator\start menu\programs\toptext ilookup\help.url
[%PROFILE%]\administrator\start menu\programs\toptext ilookup\my keywords.lnk
[%PROFILE%]\administrator\start menu\programs\toptext ilookup\my preferences.lnk
[%PROFILE%]\administrator\start menu\programs\toptext ilookup\readme.url
[%PROFILE%]\administrator\start menu\programs\toptext ilookup\toptext button show - hide.lnk
[%PROFILE%]\all users\start menu\easy mp3 alarm clock.lnk
[%PROGRAMS%]\filesubmit\install adaysdreamss.zip.lnk
[%PROGRAMS%]\filesubmit\uninstall adaysdreamss.zip.lnk
[%SYSTEM%]\eabh.dll
[%SYSTEM%]\ezstubtt.exe
[%SYSTEM%]\goiehlp.dll
[%WINDOWS%]\downloaded program files\ezstub.dll
[%WINDOWS%]\downloaded program files\ezstub.inf
[%WINDOWS%]\downloaded program files\ezug.dll
[%WINDOWS%]\downloaded program files\ezulaboot.dll
[%WINDOWS%]\downloaded program files\ezulaboot.inf
[%WINDOWS%]\ezulains.exe
[%WINDOWS%]\ezulastb.exe
[%WINDOWS%]\oleacc.dll
[%WINDOWS%]\system\eabh.dll
[%WINDOWS%]\system\ezstub.exe
[%WINDOWS%]\system\goiehlp.dll
[%WINDOWS%]\system\stub.exe

Folders:
[%PROGRAMS%]\toptext ilookup
[%PROGRAM_FILES%]\easy mp3 alarm clock
[%PROGRAM_FILES%]\ezula
[%PROGRAM_FILES%]\go!zilla\ezula
[%STARTMENU%]\programs\toptext ilookup
[%PROFILE%]\start menu\programs\toptext ilookup
[%PROGRAMS%]\easy mp3 alarm clock
[%PROGRAM_FILES%]\twister\partner\ezstttub.exe
[%WINDOWS%]\start menu\programs\toptext ilookup

Registry Keys:
HKEY_CLASSES_ROOT\appid\ezulabootexe.exe
HKEY_CLASSES_ROOT\appid\ezulamain.exe
HKEY_CLASSES_ROOT\appid\{8a044397-5da2-11d4-b185-0050dab79376}
HKEY_CLASSES_ROOT\appid\{c0335198-6755-11d4-8a73-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{2babd334-5c3f-11d4-b184-0050dab79376}
HKEY_CLASSES_ROOT\clsid\{b1dd8a69-1b96-11d4-b175-0050dab79376}
HKEY_CLASSES_ROOT\clsid\{c03351a4-6755-11d4-8a73-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{cd4c3cf0-4b15-11d1-abed-709549c10000}
HKEY_CLASSES_ROOT\ezulabootexe.installctrl
HKEY_CLASSES_ROOT\ezulabootexe.installctrl.1
HKEY_CLASSES_ROOT\ezulamain.ezulasearchpipe
HKEY_CLASSES_ROOT\ezulamain.ezulasearchpipe.1
HKEY_CLASSES_ROOT\ezulamain.trayiconm
HKEY_CLASSES_ROOT\ezulamain.trayiconm.1
HKEY_CLASSES_ROOT\interface\{07f0a542-47ba-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\interface\{07f0a544-47ba-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\interface\{1823bc4b-a253-4767-9cfc-9aca62a6b136}
HKEY_CLASSES_ROOT\interface\{19dfb2ca-9b27-11d4-b192-0050dab79376}
HKEY_CLASSES_ROOT\interface\{27bc6871-4d5a-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\interface\{3d7247f1-5db8-11d4-8a72-0050da2ee1be}
HKEY_CLASSES_ROOT\interface\{4fd8645f-9b3e-46c1-9727-9837842a84ab}
HKEY_CLASSES_ROOT\interface\{58359012-bf36-11d3-99a2-0050da2ee1be}
HKEY_CLASSES_ROOT\interface\{8a0443a2-5da2-11d4-b185-0050dab79376}
HKEY_CLASSES_ROOT\typelib\{8a044396-5da2-11d4-b185-0050dab79376}
HKEY_CLASSES_ROOT\typelib\{c0335197-6755-11d4-8a73-0050da2ee1be}
HKEY_CURRENT_USER\software\ezula
HKEY_LOCAL_MACHINE\software\classes\appid\ezulabootexe.exe
HKEY_LOCAL_MACHINE\software\classes\appid\ezulamain.exe
HKEY_LOCAL_MACHINE\software\classes\appid\{8a044397-5da2-11d4-b185-0050dab79376}
HKEY_LOCAL_MACHINE\software\classes\appid\{c0335198-6755-11d4-8a73-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\clsid\{2babd334-5c3f-11d4-b184-0050dab79376}
HKEY_LOCAL_MACHINE\software\classes\clsid\{3c368c4a-827f-4f25-9c52-371bdf049912}
HKEY_LOCAL_MACHINE\software\classes\clsid\{b1dd8a69-1b96-11d4-b175-0050dab79376}
HKEY_LOCAL_MACHINE\software\classes\clsid\{c03351a4-6755-11d4-8a73-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\clsid\{cd4c3cf0-4b15-11d1-abed-709549c10000}
HKEY_LOCAL_MACHINE\software\classes\ezulabootexe.installctrl
HKEY_LOCAL_MACHINE\software\classes\ezulabootexe.installctrl.1
HKEY_LOCAL_MACHINE\software\classes\ezulamain.ezulasearchpipe
HKEY_LOCAL_MACHINE\software\classes\ezulamain.ezulasearchpipe.1
HKEY_LOCAL_MACHINE\software\classes\ezulamain.trayiconm
HKEY_LOCAL_MACHINE\software\classes\ezulamain.trayiconm.1
HKEY_LOCAL_MACHINE\software\classes\interface\{07f0a542-47ba-11d4-8a6d-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\interface\{07f0a544-47ba-11d4-8a6d-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\interface\{1823bc4b-a253-4767-9cfc-9aca62a6b136}
HKEY_LOCAL_MACHINE\software\classes\interface\{19dfb2ca-9b27-11d4-b192-0050dab79376}
HKEY_LOCAL_MACHINE\software\classes\interface\{27bc6871-4d5a-11d4-8a6d-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\interface\{3d7247f1-5db8-11d4-8a72-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\interface\{4fd8645f-9b3e-46c1-9727-9837842a84ab}
HKEY_LOCAL_MACHINE\software\classes\interface\{58359012-bf36-11d3-99a2-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\interface\{7edc96e1-5dd3-11d4-b185-0050dab79376}
HKEY_LOCAL_MACHINE\software\classes\interface\{8a0443a2-5da2-11d4-b185-0050dab79376}
HKEY_LOCAL_MACHINE\software\classes\interface\{8ebb1743-9a2f-11d4-8a7e-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\interface\{c03351a3-6755-11d4-8a73-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\interface\{c4fee4a6-4b8b-11d4-8a6d-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\interface\{ef0372dc-f552-11d3-8528-0050dab79376}
HKEY_LOCAL_MACHINE\software\classes\interface\{ef0372de-f552-11d3-8528-0050dab79376}
HKEY_LOCAL_MACHINE\software\classes\typelib\{c0335197-6755-11d4-8a73-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\typelib\{ef100007-f409-426a-9e7c-cb211f2a9786}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CD4C3CF0-4B15-11D1-ABED-709549C10000}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ezula
HKEY_CLASSES_ROOT\clsid\{07f0a536-47ba-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{07f0a542-47ba-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{07f0a543-47ba-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{07f0a544-47ba-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{07f0a545-47ba-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{083fa8f4-84f4-11d4-8a77-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{1823bc4b-a253-4767-9cfc-9aca62a6b136}
HKEY_CLASSES_ROOT\clsid\{19dfb2cb-9b27-11d4-b192-0050dab79376}
HKEY_CLASSES_ROOT\clsid\{2079884b-6ef3-11d4-8a74-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{2306abe4-4d42-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{27bc6871-4d5a-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{3d7247de-5db8-11d4-8a72-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{3d7247e8-5db8-11d4-8a72-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{3d7247f1-5db8-11d4-8a72-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{4fd8645f-9b3e-46c1-9727-9837842a84ab}
HKEY_CLASSES_ROOT\clsid\{55910916-8b4e-4c1e-9253-cce296ea71eb}
HKEY_CLASSES_ROOT\clsid\{58359010-bf36-11d3-99a2-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{58359011-bf36-11d3-99a2-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{58359012-bf36-11d3-99a2-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{7edc96e1-5dd3-11d4-b185-0050dab79376}
HKEY_CLASSES_ROOT\clsid\{8a044396-5da2-11d4-b185-0050dab79376}
HKEY_CLASSES_ROOT\clsid\{8a044397-5da2-11d4-b185-0050dab79376}
HKEY_CLASSES_ROOT\clsid\{8a0443a2-5da2-11d4-b185-0050dab79376}
HKEY_CLASSES_ROOT\clsid\{8ebb1743-9a2f-11d4-8a7e-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{a041b850-57ad-493f-8fdc-4f1b15c0d16f}
HKEY_CLASSES_ROOT\clsid\{c0335197-6755-11d4-8a73-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{c0335198-6755-11d4-8a73-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{c03351a3-6755-11d4-8a73-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{c4fee4a6-4b8b-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{c4fee4a7-4b8b-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\clsid\{d290d6e7-bf9d-42f0-9c1b-3bc8ae769b57}
HKEY_CLASSES_ROOT\clsid\{ef0372dc-f552-11d3-8528-0050dab79376}
HKEY_CLASSES_ROOT\clsid\{ef0372de-f552-11d3-8528-0050dab79376}
HKEY_CLASSES_ROOT\clsid\{ezula toptext}
HKEY_CLASSES_ROOT\ezulaagent.ezulactrlhost
HKEY_CLASSES_ROOT\ezulaagent.ezulactrlhost.1
HKEY_CLASSES_ROOT\ezulaagent.ieobject
HKEY_CLASSES_ROOT\ezulaagent.ieobject.1
HKEY_CLASSES_ROOT\ezulaagent.plugprot
HKEY_CLASSES_ROOT\ezulaagent.plugprot.1
HKEY_CLASSES_ROOT\ezulaagent.toolbarband
HKEY_CLASSES_ROOT\ezulaagent.toolbarband.1
HKEY_CLASSES_ROOT\ezulaboot.installctrl
HKEY_CLASSES_ROOT\ezulaboot.installctrl.1
HKEY_CLASSES_ROOT\ezulafsearcheng.ezulacode
HKEY_CLASSES_ROOT\ezulafsearcheng.ezulacode.1
HKEY_CLASSES_ROOT\ezulafsearcheng.ezulahash
HKEY_CLASSES_ROOT\ezulafsearcheng.ezulahash.1
HKEY_CLASSES_ROOT\ezulafsearcheng.ezulasearch
HKEY_CLASSES_ROOT\ezulafsearcheng.ezulasearch.1
HKEY_CLASSES_ROOT\ezulafsearcheng.popupdisplay
HKEY_CLASSES_ROOT\ezulafsearcheng.popupdisplay.1
HKEY_CLASSES_ROOT\ezulafsearcheng.resulthelper
HKEY_CLASSES_ROOT\ezulafsearcheng.resulthelper.1
HKEY_CLASSES_ROOT\ezulafsearcheng.searchhelper
HKEY_CLASSES_ROOT\ezulafsearcheng.searchhelper.1
HKEY_CLASSES_ROOT\interface\{03022430-abc4-11d0-bde2-00aa00a11953}
HKEY_CLASSES_ROOT\interface\{3d7247dd-5db8-11d4-8a72-0050da2ee1be}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{58359010-bf36-11d3-99a2-0050da2ee1be}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{cd4c3cf0-4b15-11d1-abed-709549c10000}
HKEY_CLASSES_ROOT\typelib\{07f0a536-47ba-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\typelib\{083fa8f4-84f4-11d4-8a77-0050da2ee1be}
HKEY_CLASSES_ROOT\typelib\{3d7247d1-5db8-11d4-8a72-0050da2ee1be}
HKEY_CLASSES_ROOT\typelib\{4a954c6b-6946-40cf-b211-62385cdb85f9}
HKEY_CLASSES_ROOT\typelib\{58359011-bf36-11d3-99a2-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\clsid\{07f0a543-47ba-11d4-8a6d-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\clsid\{07f0a545-47ba-11d4-8a6d-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\clsid\{19dfb2cb-9b27-11d4-b192-0050dab79376}
HKEY_LOCAL_MACHINE\software\classes\clsid\{2079884b-6ef3-11d4-8a74-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\clsid\{2306abe4-4d42-11d4-8a6d-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\clsid\{3d7247de-5db8-11d4-8a72-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\clsid\{3d7247e8-5db8-11d4-8a72-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\clsid\{55910916-8b4e-4c1e-9253-cce296ea71eb}
HKEY_LOCAL_MACHINE\software\classes\clsid\{58359010-bf36-11d3-99a2-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\clsid\{c4fee4a7-4b8b-11d4-8a6d-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\clsid\{d290d6e7-bf9d-42f0-9c1b-3bc8ae769b57}
HKEY_LOCAL_MACHINE\software\classes\ezulaagent.ezulactrlhost
HKEY_LOCAL_MACHINE\software\classes\ezulaagent.ezulactrlhost.1
HKEY_LOCAL_MACHINE\software\classes\ezulaagent.ieobject
HKEY_LOCAL_MACHINE\software\classes\ezulaagent.ieobject.1
HKEY_LOCAL_MACHINE\software\classes\ezulaagent.plugprot
HKEY_LOCAL_MACHINE\software\classes\ezulaagent.plugprot.1
HKEY_LOCAL_MACHINE\software\classes\ezulaagent.toolbarband
HKEY_LOCAL_MACHINE\software\classes\ezulaagent.toolbarband.1
HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.ezulacode
HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.ezulacode.1
HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.ezulahash
HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.ezulahash.1
HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.ezulasearch
HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.ezulasearch.1
HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.popupdisplay
HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.popupdisplay.1
HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.resulthelper
HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.resulthelper.1
HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.searchhelper
HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.searchhelper.1
HKEY_LOCAL_MACHINE\software\classes\interface\{3d7247dd-5db8-11d4-8a72-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\typelib\{07f0a536-47ba-11d4-8a6d-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\typelib\{083fa8f4-84f4-11d4-8a77-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\typelib\{3d7247d1-5db8-11d4-8a72-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\classes\typelib\{58359011-bf36-11d3-99a2-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{3d7247de-5db8-11d4-8a72-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{a041b850-57ad-493f-8fdc-4f1b15c0d16f}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\web3000 network
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{58359010-bf36-11d3-99a2-0050da2ee1be}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{cd4c3cf0-4b15-11d1-abed-709549c10000}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]\downloaded program files\ezstub.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]\downloaded program files\ezulaboot.dll
HKEY_USERS\.default\software\ezula

Registry Values:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software/web3000.com/w3knet
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\classes\mime\database\content type
HKEY_LOCAL_MACHINE\software\classes\mime\database\content type
HKEY_LOCAL_MACHINE\software\classes\mime\database\content type
HKEY_LOCAL_MACHINE\software\microsoft\directdraw\mostrecentappl
HKEY_LOCAL_MACHINE\software\microsoft\directdraw\mostrecentappl
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\mo
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\se
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls\[%WINDOWS%]\downloaded program files
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\un
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\un
HKEY_USERS\.default\software


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
SillyDl.CAI Trojan Cleaner
Quick.Launch Spyware Symptoms

No comments: