MultiPlug

Category: Adware and PUAs Protection available since:09 Oct 2013 12:19:29 (GMT)
Type: Adware Last Updated:03 Jul 2014 02:17:36 (GMT)

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of MultiPlug include:

Example 1

File Information

Size
1.5M
SHA-1
00003316482c3e25ba6d59c1555131421204c499
MD5
488120011aaf4d6686cb486e79624349
CRC-32
8bcbd0e2
File type
Windows executable
First seen
2007-08-27

Runtime Analysis

Dropped Files
  • C:\Documents and Settings\All Users\Application Data\5d5d60c3d6235bf2\{C1A27135-69EB-8D44-7358-34727DD7B820}
  • C:\Program Files\DoWNLoaD, keeper\0k5uDnR.dll
    Size
    417K
    SHA-1
    86c7cf982e18ca23f8ef30718417903dc010b00a
    MD5
    aabcede5b824bd00717350b6b7474c46
    CRC-32
    5b50655c
    File type
    Windows executable
    First seen
    2013-12-03
  • C:\Documents and Settings\All Users\Application Data\DoWNLoaD, keeper\AYlFVw68.dat
  • c:\Documents and Settings\test user\AppData\LocalLow\{2FB6CC18-5C3E-A17E-2DB7-34B250599632}\DoWNLoaD, keeper.2.7.dat
    Size
    148
    SHA-1
    18cb987ecf883726d135b50239b093340b84112a
    MD5
    868c21b68a279f35b601e60e9cb7b84e
    CRC-32
    57a8c7e3
    File type
    UTF-16/UCS-2 16-bit Unicode Transformation Format
    First seen
    2013-12-03
  • C:\Program Files\DoWNLoaD, keeper\0k5uDnR.dat
  • C:\Program Files\DoWNLoaD, keeper\0k5uDnR.tlb
  • C:\Documents and Settings\All Users\Application Data\DoWNLoaD, keeper\AYlFVw68.exe
  • C:\Program Files\DoWNLoaD, keeper\0k5uDnR.x64.dll
Registry Keys Created
  • HKCR\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
    (Default)
    IIEPluginMain
  • HKCR\KeePeer\CLSID
    (Default)
    {2FB6CC18-5C3E-A17E-2DB7-34B250599632}
  • HKCR\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\KeePeer\CurVer
    (Default)
    DDOwnLooaada KeePeer.1.6
  • HKCR\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0\FLAGS
    (Default)
  • HKCR\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}\TypeLib
    Version
    1.0
  • HKCU\Software\RegisteredApplicationsEx
    4b58cf866f1c57a54a7e1e93674e349f
    1□□□
  • HKCR\CLSID\{2FB6CC18-5C3E-A17E-2DB7-34B250599632}\ProgID
    (Default)
    DDOwnLooaada KeePeer.1.6
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2FB6CC18-5C3E-A17E-2DB7-34B250599632}
    NoExplorer
    0x00000001
  • HKCR\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}\TypeLib
    Version
    1.0
  • HKCR\KeePeer.1.6\CLSID
    (Default)
    {2FB6CC18-5C3E-A17E-2DB7-34B250599632}
  • HKCR\KeePeer
    (Default)
    DoWNLoaD, keeper
  • HKCR\CLSID\{2FB6CC18-5C3E-A17E-2DB7-34B250599632}\VersionIndependentProgID
    (Default)
    DDOwnLooaada KeePeer
  • HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0
    (Default)
    IEPluginLib
  • HKCR\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    (Default)
    IRegistry
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID
    {2FB6CC18-5C3E-A17E-2DB7-34B250599632}
    1
  • HKCR\CLSID\{2FB6CC18-5C3E-A17E-2DB7-34B250599632}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}\TypeLib
    Version
    1.0
  • HKCR\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\KeePeer.1.6
    (Default)
    DoWNLoaD, keeper
  • HKCR\CLSID\{2FB6CC18-5C3E-A17E-2DB7-34B250599632}
    (Default)
    DoWNLoaD, keeper
  • HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0\0\win32
    (Default)
    C:\Program Files\DoWNLoaD, keeper\0k5uDnR.tlb
  • HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0\HELPDIR
    (Default)
    C:\Program Files\DoWNLoaD, keeper
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1A27135-69EB-8D44-7358-34727DD7B820}
    _In
    20131207
  • HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
    (Default)
    ILocalStorage
Processes Created
  • c:\docume~1\support\locals~1\temp\3c612fff\aylfvw68.exe
  • c:\windows\system32\regsvr32.exe

Example 2

File Information

Size
1.6M
SHA-1
0000730b724bab077eb7111b7867e5f3fe13a139
MD5
32d436b2c9d8ed70c700ff5438a90e9b
CRC-32
242a6f84
File type
application/x-ms-dos-executable
First seen
2007-09-18

Runtime Analysis

Dropped Files
  • C:\Documents and Settings\All Users\Application Data\DOwenLoad akeeepero\00eqaqQUf6n.exe
    Size
    678K
    SHA-1
    187a8ae8cd6496fdebcc10ece69be366b311e9bd
    MD5
    f82dc144bfd813a8d5389171d9ce92f0
    CRC-32
    990d23e1
    File type
    Windows executable
    First seen
    2014-06-03
  • C:\Program Files\DOwenLoad akeeepero\scBqoW03O6.dll
    Size
    365K
    SHA-1
    1792d3cfa3ad872da38e4d49f057c52b4de27c74
    MD5
    245122d7462e68afaceb0c55a2258b41
    CRC-32
    a7d6c067
    File type
    application/x-ms-dos-executable
    First seen
    2014-06-03
  • C:\Documents and Settings\All Users\Application Data\DOwenLoad akeeepero\00eqaqQUf6n.dat
    Size
    3.5K
    SHA-1
    48914e8eb349f5908d53c7ecbe124b82f85b1234
    MD5
    705356a733b40d772767889e119ef758
    CRC-32
    2c979411
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-06-04
  • C:\Program Files\DOwenLoad akeeepero\scBqoW03O6.tlb
    Size
    3.8K
    SHA-1
    4c6a07680e543a8abd2dba0cc816b27d735cdeb8
    MD5
    3f4cd108952dbbe9423f81dc40c5694b
    CRC-32
    27a5a469
    File type
    application/octet-stream
    First seen
    2014-06-03
  • C:\Program Files\DOwenLoad akeeepero\scBqoW03O6.x64.dll
    Size
    399K
    SHA-1
    2ee1661d8a5d538e386fd838914c625a16e32abd
    MD5
    53741c25bb1fa2487df29e2607f86268
    CRC-32
    18df209f
    File type
    application/x-ms-dos-executable
    First seen
    2014-06-03
  • C:\Program Files\DOwenLoad akeeepero\scBqoW03O6.dat
    Size
    3.5K
    SHA-1
    48914e8eb349f5908d53c7ecbe124b82f85b1234
    MD5
    705356a733b40d772767889e119ef758
    CRC-32
    2c979411
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-06-04
  • c:\Documents and Settings\test user\AppData\LocalLow\{8A8E4B5F-D4CE-D1B2-897F-36759B11D218}\DOwenLoad akeeepero.2.9.dat
    Size
    120
    SHA-1
    58e6780a534f3420433db6ca2523500a0088df3b
    MD5
    d570e26f745b816eb2dc8e08d5ac5f43
    CRC-32
    9b8f0ffa
    File type
    UTF-16/UCS-2 16-bit Unicode Transformation Format
    First seen
    2014-04-30
  • C:\Documents and Settings\All Users\Application Data\5d5d60c3d6235bf2\{C1A27135-69EB-8D44-7358-34727DD7B820}
    Size
    11K
    SHA-1
    d479130983585a17bfba007295d38b6eeeb7068e
    MD5
    711baed0bd4a2f83987462226ba5b8c7
    CRC-32
    b13f1760
    File type
    UTF-16/UCS-2 16-bit Unicode Transformation Format
    First seen
    2014-06-04
Registry Keys Created
  • HKCR\Interface\{9B41579A-1996-42F9-8F84-7B7786818CEF}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\CLSID\{8A8E4B5F-D4CE-D1B2-897F-36759B11D218}
    (Default)
    DOwenLoad akeeepero
  • HKCR\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}\TypeLib
    Version
    1.0
  • HKCR\keeeperr.1.6
    (Default)
    DOwenLoad akeeepero
  • HKCR\CLSID\{8A8E4B5F-D4CE-D1B2-897F-36759B11D218}\VersionIndependentProgID
    (Default)
    DoweNload keeeperr
  • HKCR\Interface\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}
    (Default)
    ILocalStorage
  • HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0\HELPDIR
    (Default)
    C:\Program Files\DOwenLoad akeeepero
  • HKCR\Interface\{9B41579A-1996-42F9-8F84-7B7786818CEF}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCU\Software\RegisteredApplicationsEx
    c9ac633d08059ed085a5430611eafd95
    1
  • HKCR\Interface\{9B41579A-1996-42F9-8F84-7B7786818CEF}
    (Default)
    IPlaghinMein
  • HKCR\CLSID\{8A8E4B5F-D4CE-D1B2-897F-36759B11D218}\ProgID
    (Default)
    DoweNload keeeperr.1.6
  • HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0\FLAGS
    (Default)
  • HKCR\keeeperr\CLSID
    (Default)
    {8A8E4B5F-D4CE-D1B2-897F-36759B11D218}
  • HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0
    (Default)
    IEPluginLib
  • HKCR\Interface\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{9B41579A-1996-42F9-8F84-7B7786818CEF}\TypeLib
    Version
    1.0
  • HKCR\CLSID\{8A8E4B5F-D4CE-D1B2-897F-36759B11D218}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\keeeperr
    (Default)
    DOwenLoad akeeepero
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1A27135-69EB-8D44-7358-34727DD7B820}
    _In
    20140604
  • HKCR\keeeperr\CurVer
    (Default)
    DoweNload keeeperr.1.6
  • HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0\0\win32
    (Default)
    C:\Program Files\DOwenLoad akeeepero\scBqoW03O6.tlb
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID
    {8A8E4B5F-D4CE-D1B2-897F-36759B11D218}
    1
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A8E4B5F-D4CE-D1B2-897F-36759B11D218}
    NoExplorer
    0x00000001
  • HKCR\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    (Default)
    IRegistry
  • HKCR\Interface\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}\TypeLib
    Version
    1.0
  • HKCR\keeeperr.1.6\CLSID
    (Default)
    {8A8E4B5F-D4CE-D1B2-897F-36759B11D218}
  • HKCR\Interface\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
Processes Created
  • c:\docume~1\support\locals~1\temp\5c28189c\00eqaqquf6n.exe
  • c:\windows\system32\regsvr32.exe

Example 3

File Information

Size
1.4M
SHA-1
0000add64d46dca829c294042712a31e0529713f
MD5
0ccb404332074ef5f8ab3d1ac701f65e
CRC-32
47fe056c
File type
Windows executable
First seen
2007-09-10

Runtime Analysis

Dropped Files
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Program Files\Downnload keeperr\fnLYw.dll
    Size
    363K
    SHA-1
    b094f3cc200f06e4f8d23d804eacf874c082a2a9
    MD5
    8d81c99e1855cc7b4b78f2ee47b4fdd4
    CRC-32
    b466aa74
    File type
    Windows executable
    First seen
    2014-03-19
  • C:\Documents and Settings\All Users\Application Data\Downnload keeperr\nFsbhb.dat
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\All Users\Application Data\Downnload keeperr\nFsbhb.exe
    Size
    452K
    SHA-1
    92a8bdfc5ea9153758922396a99edc8cf62dad75
    MD5
    b1f78e265f3fad9524cef2ba33a612c9
    CRC-32
    c25eb993
    File type
    Windows executable
    First seen
    2014-04-02
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Program Files\Downnload keeperr\fnLYw.dat
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • c:\Documents and Settings\test user\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Program Files\Downnload keeperr\fnLYw.x64.dll
  • c:\Documents and Settings\test user\AppData\LocalLow\{ABD990B0-3518-3BFE-AD4B-7865BB746975}\Downnload keeperr.2.9.dat
  • c:\Documents and Settings\test user\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • c:\Documents and Settings\test user\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • c:\Documents and Settings\test user\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\All Users\Application Data\5d5d60c3d6235bf2\{C1A27135-69EB-8D44-7358-34727DD7B820}
  • c:\Documents and Settings\test user\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • c:\Documents and Settings\test user\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • c:\Documents and Settings\test user\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • c:\Documents and Settings\test user\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • c:\Documents and Settings\test user\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • c:\Documents and Settings\test user\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\eKmiOBs.js
    Size
    6.6K
    SHA-1
    f988b43baa2b48020dfdb780fa962c5fd3368373
    MD5
    a62ee0c404ba425feaf885d47958b0e6
    CRC-32
    fd9bae71
    File type
    JavaScript
    First seen
    2014-04-05
  • C:\Documents and Settings\ASPNET\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Program Files\Downnload keeperr\fnLYw.tlb
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\Guest\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\manifest.json
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Torch\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\background.html
  • C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
  • C:\Documents and Settings\SophosSAUPC0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\content.js
  • C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\caheepbabhgknpgeakffconocieicfga\1.6\lsdb.js
Registry Keys Created
  • HKCR\Interface\{9B41579A-1996-42F9-8F84-7B7786818CEF}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0
    (Default)
    IEPluginLib
  • HKCR\Interface\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{9B41579A-1996-42F9-8F84-7B7786818CEF}\TypeLib
    Version
    1.0
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID
    {ABD990B0-3518-3BFE-AD4B-7865BB746975}
    1
  • HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0\0\win32
    (Default)
    C:\Program Files\Downnload keeperr\fnLYw.tlb
  • HKCR\keepER.1.6\CLSID
    (Default)
    {ABD990B0-3518-3BFE-AD4B-7865BB746975}
  • HKCR\CLSID\{ABD990B0-3518-3BFE-AD4B-7865BB746975}\ProgID
    (Default)
    Downlloiad keepER.1.6
  • HKCR\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    (Default)
    IRegistry
  • HKCR\Interface\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}\TypeLib
    Version
    1.0
  • HKCR\CLSID\{ABD990B0-3518-3BFE-AD4B-7865BB746975}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\keepER
    (Default)
    Downnload keeperr
  • HKCR\CLSID\{ABD990B0-3518-3BFE-AD4B-7865BB746975}
    (Default)
    Downnload keeperr
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1A27135-69EB-8D44-7358-34727DD7B820}
    _In
    20140405
  • HKCR\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0\FLAGS
    (Default)
  • HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0\HELPDIR
    (Default)
    C:\Program Files\Downnload keeperr
  • HKCR\Interface\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}
    (Default)
    ILocalStorage
  • HKCR\Interface\{9B41579A-1996-42F9-8F84-7B7786818CEF}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\keepER\CurVer
    (Default)
    Downlloiad keepER.1.6
  • HKCR\keepER\CLSID
    (Default)
    {ABD990B0-3518-3BFE-AD4B-7865BB746975}
  • HKCR\keepER.1.6
    (Default)
    Downnload keeperr
  • HKCU\Software\RegisteredApplicationsEx
    449cc61018c573f6c087357db6ecf8b1
    1
  • HKCR\CLSID\{ABD990B0-3518-3BFE-AD4B-7865BB746975}\VersionIndependentProgID
    (Default)
    Downlloiad keepER
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABD990B0-3518-3BFE-AD4B-7865BB746975}
    NoExplorer
    0x00000001
  • HKCR\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}\TypeLib
    Version
    1.0
  • HKCR\Interface\{9B41579A-1996-42F9-8F84-7B7786818CEF}
    (Default)
    IPlaghinMein
  • HKCR\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
Processes Created
  • c:\docume~1\support\locals~1\temp\71f46a57\nfsbhb.exe

download Try Sophos products for free
Download now