Troj/Sisron-K

Category: Viruses and Spyware Protection available since:22 Feb 2013 13:19:22 (GMT)
Type: Trojan Last Updated:22 Feb 2013 13:19:22 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Sisron-K exhibits the following characteristics:

File Information

File type
Windows executable

Runtime Analysis

Dropped Files
  • C:\Program Files\GoogleApp\GoogleApp.exe
    Size
    1.6M
    SHA-1
    cfcc9f44dd92c0721848ced2a3ca18179fa54f11
    MD5
    39a6621b6f7e0076d89c0f593161fa51
    CRC-32
    9dd3c7e3
    File type
    Windows executable
    First seen
    2012-12-22
  • c:\Documents and Settings\test user\Local Settings\Temp\nsv4.tmp\System.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\alexa.exe
    Size
    535K
    SHA-1
    4f4f4c7c68a249ec743165d15d1ffa9ae7c62128
    MD5
    687714e194114cbdfc342efbb6227bfa
    CRC-32
    8edcd491
    File type
    Windows executable
    First seen
    2011-07-23
  • C:\Program Files\Alexa Toolbar\AlexaToolbar.10.0.Uninstall.exe
    Size
    72K
    SHA-1
    778797be594fcf86b0d6ad0d6158492462e2dedd
    MD5
    3de08f02cd3150f87ab330490beb198b
    CRC-32
    68b139fe
    File type
    Windows executable
    First seen
    2011-07-23
  • c:\Documents and Settings\test user\Local Settings\Temp\nsv4.tmp\modern-header.bmp
    Size
    28K
    SHA-1
    1215c99b20b4d246b4afe9b443248e53adf601c1
    MD5
    49f76c8666341482e2c33bb83a472632
    CRC-32
    38da618e
    File type
    Device-independent bitmap (DIB) file
    First seen
    2011-11-03
  • c:\Documents and Settings\test user\Local Settings\Temp\nsv4.tmp\AlexaToolbar.dll
    Size
    89K
    SHA-1
    3d46312210b8a739f59948c1af96e3118dd2a2b9
    MD5
    d86cb3256d031f68ce38f909a824d161
    CRC-32
    e19b54a1
    File type
    Windows executable
    First seen
    2011-07-03
  • c:\Documents and Settings\test user\Local Settings\Temp\nsv4.tmp\FinishPage
    Size
    508
    SHA-1
    5b955f7f656a64593055a6bf05a2ba495b2f55c6
    MD5
    4a3f33aec478b686267754cac7cb122c
    CRC-32
    8f3e805a
    File type
    UTF-16/UCS-2 16-bit Unicode Transformation Format
    First seen
    2013-02-15
  • c:\Documents and Settings\test user\Local Settings\Temp\nsv4.tmp\modern-wizard.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsv4.tmp\ioSpecial.ini
    Size
    1.5K
    SHA-1
    c477f1272544fb43ea3b761507c89535a9e193b4
    MD5
    d4587d153c29d50deba054a1453d4f19
    CRC-32
    ebc5a352
    File type
    UTF-16/UCS-2 16-bit Unicode Transformation Format
    First seen
    2013-02-15
  • c:\Documents and Settings\test user\Local Settings\Temp\nsv4.tmp\notify.ini
    Size
    454
    SHA-1
    3196642997e6c6c200150e09a1ac6dfa6da8a4ec
    MD5
    67c329bb7224996a3f5072a7bf4e6ac5
    CRC-32
    cb4eaa94
    File type
    UTF-16/UCS-2 16-bit Unicode Transformation Format
    First seen
    2013-02-15
  • C:\Program Files\Alexa Toolbar\AlexaToolbarSSB.10.0.dll
    Size
    154K
    SHA-1
    132c80c3904ee2229bb5a41dc8f6c8a49109dbfe
    MD5
    4121a47161adc1830f3bac04b9c0d81d
    CRC-32
    e8a05189
    File type
    Windows executable
    First seen
    2011-07-23
  • c:\Documents and Settings\test user\Local Settings\Temp\nsv4.tmp\InstallOptions.dll
  • C:\Program Files\Alexa Toolbar\AlxSSBPS.dll
    Size
    48K
    SHA-1
    bb62ca930b2d1e62dbceb34d3ce8cc74836ece62
    MD5
    9cd3089b324152fd76582e5601f0ff8a
    CRC-32
    dadb47e4
    File type
    Windows executable
    First seen
    2011-07-23
  • C:\Program Files\Alexa Toolbar\AlexaToolbar.10.0.dll
    Size
    1.1M
    SHA-1
    72006ffe3f9f2f08d4edc056a89241861fc7a19f
    MD5
    8e7bd91d38f74838ddf3fdc932bb67d8
    CRC-32
    b8ef838b
    File type
    Windows executable
    First seen
    2011-06-15
Registry Keys Created
  • HKCR\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\AlxTB2.ToolBarProxy\CLSID
    (Default)
    {69A72A8A-84ED-4a75-8CE7-263DBEF3E5D3}
  • HKCR\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
    (Default)
    INavWnd
  • HKCR\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
    (Default)
    ISiteInformation
  • HKCR\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}\NumMethods
    (Default)
    9
  • HKCR\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\AlxTB2.ToolBarProxy
    (Default)
    ToolBarProxy Class
  • HKCR\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}\NumMethods
    (Default)
    5
  • HKCR\Component Categories\{00021493-0000-0000-C000-000000000046}\Enum
    (Default)
  • HKCR\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}\TypeLib
    Version
    1.0
  • HKCR\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}\ProgID
    (Default)
    AlxSSB.AlxTBSSB.1
  • HKCR\Interface\{292ECB89-350E-45D2-816F-52C15305B144}\TypeLib
    Version
    1.0
  • HKCR\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}\TypeLib
    Version
    1.0
  • HKCR\AlxTB2.ToolBarProxy\CurVer
    (Default)
    AlxTB2.ToolBarProxy.1
  • HKCR\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}\NumMethods
    (Default)
  • HKCR\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}\NumMethods
    (Default)
  • HKCR\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}\TypeLib
    Version
    1.0
  • HKCR\AlxSSB.AlxTBSSB.1
    (Default)
    AlxTBSSB Class
  • HKCR\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}\TypeLib
    (Default)
    {33D0AD98-3347-4A54-8929-5163EBEB9F72}
  • HKCR\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}\TypeLib
    Version
    1.0
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform
    Alexa Toolbar
  • HKCR\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
    (Default)
    IAlxTBSSB
  • HKCR\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
    (Default)
    IHTMLEventSink
  • HKCR\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}\TypeLib
    Version
    1.0
  • HKCR\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}\NumMethods
    (Default)
  • HKCR\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}\1.0\0\win32
    (Default)
    C:\Program Files\Alexa Toolbar\AlexaToolbarSSB.10.0.dll
  • HKCR\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}\NumMethods
    (Default)
    8
  • HKCR\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
    (Default)
    IPrivateHTMLWindowExternal
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Google Secure Surfing
    "C:\Program Files\GoogleApp\GoogleApp.exe"
  • HKCR\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
    (Default)
    IAlxWebBrowser2
  • HKCR\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}\NumMethods
    (Default)
    6
  • HKCR\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}\1.0
    (Default)
    AlxTB2 1.0 Type Library
  • HKCR\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}\NumMethods
    (Default)
    9
  • HKCR\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}\NumMethods
    (Default)
  • HKCR\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}\TypeLib
    Version
    1.0
  • HKCR\CLSID\{69A72A8A-84ED-4a75-8CE7-263DBEF3E5D3}\ToolboxBitmap32
    (Default)
    C:\Program Files\Alexa Toolbar\AlexaToolbar.10.0.dll, 111
  • HKCR\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}\ProxyStubClsid32
    (Default)
    {51F04BD6-3888-4849-864C-617FAE709CE0}
  • HKCR\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}\NumMethods
    (Default)
    B
  • HKCR\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}\NumMethods
    (Default)
    8
  • HKCR\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}\NumMethods
    (Default)
    7
  • HKCR\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}\NumMethods
    (Default)
    8
  • HKCR\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
    (Default)
    AlxSSB
  • HKCR\AlxSSB.AlxTBSSB
    (Default)
    AlxTBSSB Class
  • HKCR\CLSID\{69A72A8A-84ED-4a75-8CE7-263DBEF3E5D3}\Version
    (Default)
    1.0
  • HKCR\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
    (Default)
    IAlexaScriptHelper
  • HKCR\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}\LocalServer32
    (Default)
    C:\Program Files\Alexa Toolbar\AlexaToolbarSSB.10.0.dll
  • HKCR\Interface\{292ECB89-350E-45D2-816F-52C15305B144}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\AlxTB2.ToolBarProxy.1\CLSID
    (Default)
    {69A72A8A-84ED-4a75-8CE7-263DBEF3E5D3}
  • HKCR\AlxSSB.AlxTBSSB\CurVer
    (Default)
    AlxSSB.AlxTBSSB.1
  • HKCR\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}\TypeLib
    Version
    1.0
  • HKCR\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}\NumMethods
    (Default)
    7
  • HKCR\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}\VersionIndependentProgID
    (Default)
    AlxSSB.AlxTBSSB
  • HKCR\CLSID\{69A72A8A-84ED-4a75-8CE7-263DBEF3E5D3}\TypeLib
    (Default)
    {33D0AD98-3347-4A54-8929-5163EBEB9F72}
  • HKCR\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
    (Default)
    AlxTBSSB Class
  • HKCR\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}\NumMethods
    (Default)
  • HKCR\CLSID\{69A72A8A-84ED-4a75-8CE7-263DBEF3E5D3}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}\1.0\0\win32
    (Default)
    C:\Program Files\Alexa Toolbar\AlexaToolbar.10.0.dll
  • HKCR\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}\NumMethods
    (Default)
    s
  • HKCR\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{292ECB89-350E-45D2-816F-52C15305B144}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}\TypeLib
    Version
    1.0
  • HKCR\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}\1.0\HELPDIR
    (Default)
    C:\Program Files\Alexa Toolbar
  • HKCR\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}\TypeLib
    Version
    1.0
  • HKCR\CLSID\{69A72A8A-84ED-4a75-8CE7-263DBEF3E5D3}\MiscStatus
    (Default)
  • HKCR\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}\TypeLib
    Version
    1.0
  • HKCR\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
    (Default)
    IToolBarProxy
  • HKCR\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}\TypeLib
    Version
    1.0
  • HKCR\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
    (Default)
    IReadyStateChangeEventSink
  • HKCR\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
    (Default)
    IAlexaBHO
  • HKLM\SOFTWARE\Alexa Toolbar
    (Default)
    C:\Program Files\Alexa Toolbar
  • HKCR\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
    (Default)
    IHTMLWindow
  • HKCR\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
    (Default)
    IAlexaEvent
  • HKCR\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
    (Default)
    IAlexaXMLHTTP
  • HKCR\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\CLSID\{69A72A8A-84ED-4a75-8CE7-263DBEF3E5D3}\ProgID
    (Default)
    AlxTB2.ToolBarProxy.1
  • HKCR\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
    (Default)
    IHTMLWindowExternal
  • HKCR\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
    (Default)
    IAlexaToolBand
  • HKCR\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}\ProxyStubClsid32
    (Default)
    {51F04BD6-3888-4849-864C-617FAE709CE0}
  • HKCR\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
    (Default)
    IAlexaScriptWindow
  • HKCR\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}\TypeLib
    Version
    1.0
  • HKCR\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}\NumMethods
    (Default)
  • HKCR\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
    (Default)
    IFrameEnumerator
  • HKCR\AlxSSB.AlxTBSSB\CLSID
    (Default)
    {E57091A7-B5F0-4C42-9329-72ED3E59ED31}
  • HKCR\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}\NumMethods
    (Default)
    8
  • HKCR\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}\TypeLib
    Version
    1.0
  • HKCR\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
    (Default)
    ISystem
  • HKCR\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
    (Default)
    PSFactoryBuffer
  • HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
    CLSID
    {E57091A7-B5F0-4C42-9329-72ED3E59ED31}
  • HKCR\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Gom Player 7.00
    NoRepair
    0x00000001
  • HKCR\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}\1.0\HELPDIR
    (Default)
    C:\Program Files\Alexa Toolbar
  • HKCR\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\CLSID\{69A72A8A-84ED-4a75-8CE7-263DBEF3E5D3}\MiscStatus\1
    (Default)
    131473
  • HKCR\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}\TypeLib
    Version
    1.0
  • HKCR\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
    (Default)
    IAlxTBSSBEvents
  • HKCR\AlxTB2.ToolBarProxy.1
    (Default)
    ToolBarProxy Class
  • HKCR\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}\NumMethods
    (Default)
    8
  • HKCR\CLSID\{69A72A8A-84ED-4a75-8CE7-263DBEF3E5D3}\VersionIndependentProgID
    (Default)
    AlxTB2.ToolBarProxy
  • HKCR\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
    (Default)
    IWebBrowserEvents2Sink
  • HKCR\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}\TypeLib
    Version
    1.0
  • HKCR\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}\TypeLib
    Version
    1.0
  • HKCR\CLSID\{51F04BD6-3888-4849-864C-617FAE709CE0}
    (Default)
    PSFactoryBuffer
  • HKCR\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\AppID\AlxSSB.EXE
    AppID
    {1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
  • HKCU\Software\NullMine
    ComputerID
    68531719214753213452
  • HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
    {EA582743-9076-4178-9AA6-7393FDF4D5CE}
  • HKCR\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}\InProcServer32
    ThreadingModel
    Both
  • HKCR\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}\TypeLib
    Version
    1.0
  • HKCR\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}\TypeLib
    (Default)
    {DA9FC525-41ED-4C00-B046-946DA7CDD305}
  • HKCR\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
    (Default)
    IWebBrowserEventSink
  • HKCR\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}\1.0\FLAGS
    (Default)
  • HKCR\CLSID\{69A72A8A-84ED-4a75-8CE7-263DBEF3E5D3}
    (Default)
    ToolBarProxy Class
  • HKCR\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
    ToolTip
    Related
  • HKCR\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}\NumMethods
    (Default)
    6
  • HKCR\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\CLSID\{51F04BD6-3888-4849-864C-617FAE709CE0}\InProcServer32
    ThreadingModel
    Both
  • HKCR\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKCR\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}\NumMethods
    (Default)
  • HKCR\AlxSSB.AlxTBSSB.1\CLSID
    (Default)
    {E57091A7-B5F0-4C42-9329-72ED3E59ED31}
  • HKCR\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
    (Default)
    Alexa Toolbar
  • HKCR\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
    (Default)
    IIEEventSink
  • HKCR\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}\TypeLib
    Version
    1.0
  • HKCR\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}\ProxyStubClsid32
    (Default)
    {B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alexa Toolbar
    Publisher
    Alexa.com
  • HKCR\Interface\{292ECB89-350E-45D2-816F-52C15305B144}\NumMethods
    (Default)
  • HKCR\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}\1.0
    (Default)
    AlxSSBLib
  • HKCR\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}\1.0\FLAGS
    (Default)
Registry Keys Modified
  • HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\.Current
    (Default)
  • HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
    ITBarLayout
    11 00 00 00 4c 00 00 00 00 00 00 00 34 00 00 00 1f 00 01 00 70 00 00 00 01 00 00 00 20 07 00 00 a0 0f 00 00 05 00 00 00 62 05 00 00 26 00 00 00 02 00 00 00 21 07 00 00 a0 0f 00 00 04 00 00 00 21 01 00 00 a0 0f 00 00 03 00 00 00 20 03 00 00 00 00 00 00 06 00 00 00 61 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 43 27 58 ea 76 90 78 41 9a a6 73 93 fd f4 d5 ce 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Processes Created
  • c:\docume~1\support\locals~1\temp\alexa.exe
  • c:\program files\googleapp\googleapp.exe
  • c:\windows\system32\cmd.exe
  • c:\windows\system32\rundll32.exe
HTTP Requests
  • http://ad.reklamport.com/rpgetad.ashx
  • http://dahaiyiyasam.com//sg_sag.jpg
  • http://dahaiyiyasam.com//sg_sol.jpg
  • http://data.alexa.com/data/
  • http://fonts.googleapis.com/css
  • http://googleads.g.doubleclick.net/pagead/ads
  • http://googleads.g.doubleclick.net/pagead/drt/s
  • http://log.alexa.com/installer/
  • http://log.alexa.com/ping
  • http://pagead2.googlesyndication.com/pagead/abglogo/abg-tr-100c-ffffff.png
  • http://pagead2.googlesyndication.com/pagead/images/i.png
  • http://pagead2.googlesyndication.com/pagead/js/abg.js
  • http://pagead2.googlesyndication.com/pagead/js/graphics.js
  • http://pagead2.googlesyndication.com/pagead/js/r20130211/r20130206/show_ads_impl.js
  • http://pagead2.googlesyndication.com/pagead/osd.js
  • http://pagead2.googlesyndication.com/pagead/render_ads.js
  • http://pagead2.googlesyndication.com/pagead/show_ads.js
  • http://pagead2.googlesyndication.com/simgad/14134532148155988476
  • http://www.1d34mu83ghd63033nsdh.info/clientregister.php
  • http://www.1d34mu83ghd63033nsdh.info/krediekle10.php
  • http://www.1d34mu83ghd63033nsdh.info/kredixml10.php
  • http://www.1d34mu83ghd63033nsdh.info/status.php
  • http://www.aslanlar.tv/
  • http://www.aslanlar.tv//resimler/logo/a03e81eda764dafd7fd1a2ab56f7b9e6.png
  • http://www.aslanlar.tv//resimler/manset/buyuk/manset_5083b1b981a02.jpg
  • http://www.aslanlar.tv//resimler/manset/buyuk/manset_5106c3aa1797c.jpg
  • http://www.aslanlar.tv//resimler/manset/buyuk/manset_5113a91d32886.jpg
  • http://www.aslanlar.tv//resimler/manset/buyuk/manset_511caa03aabeb.jpg
  • http://www.aslanlar.tv//resimler/manset/kucuk/manset_5083b1f287ce2.jpg
  • http://www.aslanlar.tv//resimler/manset/kucuk/manset_511caa03aabeb.jpg
  • http://www.aslanlar.tv/resimler/resim/4c8fcb0e59f08ce15f938e72d04d0c03.png
  • http://www.aslanlar.tv/template/gs/css/reset.css
  • http://www.aslanlar.tv/template/gs/css/style.css
  • http://www.aslanlar.tv/template/gs/images/browser_bg.png
  • http://www.aslanlar.tv/template/gs/images/browser_chrome.png
  • http://www.aslanlar.tv/template/gs/images/browser_ie.png
  • http://www.aslanlar.tv/template/gs/images/browser_mozilla.png
  • http://www.aslanlar.tv/template/gs/images/header_bg.png
  • http://www.aslanlar.tv/template/gs/images/header_category.png
  • http://www.aslanlar.tv/template/gs/images/header_menu.png
  • http://www.aslanlar.tv/template/gs/images/login_down.png
  • http://www.aslanlar.tv/template/gs/images/login_downButon.png
  • http://www.aslanlar.tv/template/gs/images/login_downCross.png
  • http://www.aslanlar.tv/template/gs/images/login_icon.png
  • http://www.aslanlar.tv/template/gs/images/search_bg.png
  • http://www.aslanlar.tv/template/gs/images/search_button.png
  • http://www.aslanlar.tv/template/gs/js/Aller_400.font.js
  • http://www.aslanlar.tv/template/gs/js/Aller_700.font.js
  • http://www.aslanlar.tv/template/gs/js/content.js
  • http://www.aslanlar.tv/template/gs/js/cufon-yui.js
  • http://www.aslanlar.tv/template/gs/js/headline.js
  • http://www.aslanlar.tv/template/gs/js/jquery-1.7.2.min.js
  • http://www.aslanlar.tv/template/gs/js/jquery.tinyscrollbar.min.js
  • http://www.aslanlar.tv/template/gs/js/login.js
  • http://www.dahaiyiyasam.com/
  • http://www.dahaiyiyasam.com/wp-content/plugins/add-to-any/addtoany.min.css
  • http://www.dahaiyiyasam.com/wp-content/plugins/author-posts/style.css
  • http://www.dahaiyiyasam.com/wp-content/themes/sahifa/css/shortcodes.css
  • http://www.dahaiyiyasam.com/wp-content/themes/sahifa/css/style-red.css
  • http://www.dahaiyiyasam.com/wp-content/themes/sahifa/fonts/BebasNeue-webfont.eot
  • http://www.dahaiyiyasam.com/wp-content/themes/sahifa/images/logo.png
  • http://www.dahaiyiyasam.com/wp-content/themes/sahifa/images/patterns/body-bg7.png
  • http://www.dahaiyiyasam.com/wp-content/themes/sahifa/js/html5.js
  • http://www.dahaiyiyasam.com/wp-content/themes/sahifa/js/jquery.easing.1.3.js
  • http://www.dahaiyiyasam.com/wp-content/themes/sahifa/js/jquery.eislideshow.js
  • http://www.dahaiyiyasam.com/wp-content/themes/sahifa/js/jquery.tipsy.js
  • http://www.dahaiyiyasam.com/wp-content/themes/sahifa/js/scrolltopcontrol.js
  • http://www.dahaiyiyasam.com/wp-content/themes/sahifa/js/selectivizr-min.js
  • http://www.dahaiyiyasam.com/wp-content/themes/sahifa/js/tie-scripts.js
  • http://www.dahaiyiyasam.com/wp-content/themes/sahifa/style.css
  • http://www.dahaiyiyasam.com/wp-content/uploads/2013/02/seffaf.jpg
  • http://www.dahaiyiyasam.com/wp-includes/js/jquery/jquery.js
  • http://www.google-analytics.com/__utm.gif
  • http://www.google-analytics.com/ga.js
  • http://www.kadinlaralemi.com/
  • http://www.kadinlaralemi.com/wp-content/themes/kadin/js/colorbox/colorbox.css
  • http://www.kadinlaralemi.com/wp-content/themes/kadin/js/jquery.js
  • http://www.kadinlaralemi.com/wp-content/themes/kadin/style.css
  • http://www.robotikprostatameliyati.com/
  • http://www.robotikprostatameliyati.com/wp-content/themes/Instinct/lib/css/defaults.css
DNS Requests
  • ad.reklamport.com
  • dahaiyiyasam.com
  • data.alexa.com
  • fonts.googleapis.com
  • googleads.g.doubleclick.net
  • log.alexa.com
  • pagead2.googlesyndication.com
  • s3.amazonaws.com
  • www.1d34mu83ghd63033nsdh.info
  • www.aslanlar.tv
  • www.dahaiyiyasam.com
  • www.google-analytics.com
  • www.google.com
  • www.gstatic.com
  • www.kadinlaralemi.com
  • www.robotikprostatameliyati.com