Spyware
|
Spyware Aureate
Windows
C:\WINDOWS\SYSTEM\adimage.dll C:\WINDOWS\SYSTEM\advert.dll C:\WINDOWS\SYSTEM\htmdeng.exe C:\WINDOWS\SYSTEM\ipcclient.dll C:\WINDOWS\SYSTEM\msipcsv.exe advert.exe systemroot+\system\htmdeng.exe systemroot+\system\msipcsv.exe programfilesdir+\mediaring talk\advert.dll systemroot+\system\advert.dll systemroot+\system\ipclient.dll systemroot+\system\tfde.dll
Registry
HKEY_CLASSES_ROOT\clsid\{ebbfe288-bdf0-11d2-bbe5-00609419f467} HKEY_CLASSES_ROOT\clsid\{ebbfe289-bdf0-11d2-bbe5-00609419f467} HKEY_CLASSES_ROOT\interface\{ebbfe289-bdf0-11d2-bbe5-00609419f467} HKEY_CURRENT_USER\software\radiate HKEY_LOCAL_MACHINE\netscape starting\clsid\{ebbfe288-bdf0-11d2-bbe5-00609419f467} HKEY_LOCAL_MACHINE\netscape starting\curver\stub.netscapestart.1 HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls\c:\windows\system\advert.dll HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls\c:\windows\system\anadsc.ocx HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls\c:\windows\system32\adimage.dll HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls\c:\windows\system32\htmdeng.exe HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls\c:\windows\system32\ipcclient.dll HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls\c:\windows\system32\msipcsv.exe HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls\c:\windows\system32\tfde.dll
Spybotdestroy
AUREATEobj[0]=RegKey : .DEFAULT\Software\Aureateobj[1]=RegKey : CLSID\{EBBFE27C-BDF0-11D2-BBE5-00609419F467} obj[2]=RegKey : CLSID\{EBBFE288-BDF0-11D2-BBE5-00609419F467} obj[3]=RegKey : CLSID\{EBBFE28A-BDF0-11D2-BBE5-00609419F467} obj[4]=RegKey : Interface\{EBBFE27B-BDF0-11D2-BBE5-00609419F467} obj[5]=RegKey : Interface\{EBBFE287-BDF0-11D2-BBE5-00609419F467} obj[6]=RegKey : Interface\{EBBFE289-BDF0-11D2-BBE5-00609419F467} obj[7]=RegKey : Software\Aureate obj[8]=RegKey : Software\Aureate obj[9]=RegKey : Software\Aureate obj[10]=RegKey : Software\Microsoft\Windows\CurrentVersion\explorer \Browser Helper Objects\{EBBFE27C-BDF0-11D2-BBE5-00609419F467} obj[11]=RegKey : Stub.CIEStub obj[12]=RegKey : Stub.CIEStub.1 obj[13]=RegKey : Stub.NetscapeStop obj[14]=RegKey : Stub.NetscapeStop.1 obj[15]=RegKey : Typelib\{EBBFE26D-BDF0-11D2-BBE5-00609419F467} obj[16]=RegValue : .DEFAULT\Software\Netscape\Netscape Navigator\Automation Shutdown obj[17]=RegValue : .DEFAULT\Software\Netscape\Netscape Navigator\Automation Startup |
