Scan Spyware on Twitter
Sunday, April 30, 2017

Bookmark and Share



begin2search


        Download

Description: Begin2Search is a Toolbar that brings ads to your screen frequently. If you browse the Web when the toolbar is enabled, certain URLs can trigger the display of pop-up ads.

begin2search

Warning: A spy-ware removal software uses certain rules for detection and removal of spy-ware, malware, ad-ware and trojan from your PC. ScanSpyware.Net provides this information "AS IS" without warranty of any kind. Your use of this information is at your own risk. We strictly restrict you from using this information if you are not sure about what you are doing.


Recommendation 1: We recommend you to take a backup of Windows Registry before following these manual spyware removal instructions to fix your PC. You can do this by either creating a Restore Point using System Restore Utility in Windows System Tools or using the Export feature of regedit.exe.


Recommendation 2: By trying to remove spy-ware from your PC without getting any help from an expert may produce unexpected results. In case you suspect that your PC is infected with some spy-ware, ad-ware, malware or virus, just follow the instructions available at http://how-to.scanspyware.net/diagnose-and-fix.html to contact us for abolutely FREE help.


Directories

  • C:\Windows\System32\b2s_cache
  • C:\Windows\System32\cache32_trgen
  • C:\Windows\System32\cache32_dsktptr

Files

  • C:\Windows\System32\AdPop.dll
  • C:\Windows\System32\ke612.ico
  • C:\Windows\System32\gpstool.dll
  • C:\Windows\System32\winb2s33.dll
  • C:\Windows\System32\winb2s32.dll
  • C:\Windows\System32\killinternetpops.ico
  • C:\Windows\System32\download-music-now.ico
  • C:\Windows\System32\kill all spyware2123.ico
  • C:\Windows\Downloaded Program Files\winb2s32.dll
  • C:\Windows\Downloaded Program Files\winb2s32.ini
  • C:\Windows\Downloaded Program Files\winb2s32.inf
  • C:\Windows\System32\kxp312.ico
  • C:\Documents and Settings\user-account-name\Desktop\ke612.lnk
  • C:\Documents and Settings\user-account-name\Desktop\kxp312.lnk
  • C:\Documents and Settings\user-account-name\Desktop\YAHOOOOO!.url
  • C:\Documents and Settings\user-account-name\Desktop\Party Poker.url
  • C:\Windows\System32\creditcard12.ico
  • C:\Documents and Settings\user-account-name\Desktop\Kill Spyware.url
  • C:\Documents and Settings\user-account-name\Desktop\Kill Viruses.url
  • C:\Documents and Settings\user-account-name\Desktop\Rate My Body.url
  • C:\Documents and Settings\user-account-name\Desktop\Record Music.url
  • C:\Documents and Settings\user-account-name\Desktop\creditcard12.lnk
  • C:\Documents and Settings\user-account-name\Desktop\Popup Killer.url
  • C:\Documents and Settings\user-account-name\Desktop\Virus Hunter.url
  • C:\Documents and Settings\user-account-name\Desktop\Download MP3s.url
  • C:\Documents and Settings\user-account-name\Desktop\Gamblingboard.url
  • C:\Documents and Settings\user-account-name\Desktop\Gambling Board.url
  • C:\Documents and Settings\user-account-name\Desktop\Hot Sexy Mamma.url
  • C:\Documents and Settings\user-account-name\Desktop\Free IBM Laptop.url
  • C:\Documents and Settings\user-account-name\Desktop\Download Movies.url
  • C:\Documents and Settings\user-account-name\Desktop\Spyware Remover.url
  • C:\Documents and Settings\user-account-name\Desktop\Kill All Spyware.url
  • C:\Documents and Settings\user-account-name\Desktop\download-music-now.lnk
  • C:\Documents and Settings\user-account-name\Desktop\Download Free Music.url
  • C:\Documents and Settings\user-account-name\Desktop\kill all spyware2123.lnk
  • C:\Documents and Settings\user-account-name\Desktop\Download Free Movies.url
  • C:\Windows\Install.cab
  • C:\Windows\Qpydatcj.dll
  • C:\Windows\System32\dsktrf.dll
  • C:\Windows\System32\prktect.exe
  • C:\Windows\System32\reg6523.exe
  • C:\Windows\System32\ic2_win.dll
  • C:\Documents and Settings\user-account-name\Desktop\Rate Me.url
  • C:\Install.cab
  • C:\Windows\System32\b2s_cache\web.bmp
  • C:\Windows\System32\b2s_cache\but.bin
  • C:\Windows\System32\b2s_cache\100.bin
  • C:\Windows\System32\b2s_cache\msg.bin
  • C:\Windows\System32\b2s_cache\poker.bmp
  • C:\Windows\System32\b2s_cache\disk 1.bmp
  • C:\Windows\System32\b2s_cache\football.bmp
  • C:\Windows\System32\b2s_cache\weather21.bmp
  • C:\Windows\System32\b2s_cache\computer1.bmp
  • C:\Windows\System32\b2s_cache\peoples 1.bmp
  • C:\Windows\System32\b2s_cache\creditcard.bmp
  • C:\Windows\System32\b2s_cache\search find 2.bmp
  • C:\Windows\System32\b2s_cache\mail unreaded.bmp
  • C:\Windows\System32\b2s_cache\yellow folder closed.bmp
  • C:\Documents and Settings\user-account-name\Local Settings\Temp\II301.tmp
  • C:\Documents and Settings\user-account-name\Local Settings\Temp\h2r15.tmp
  • C:\Windows\ouexqrc.exe
  • C:\Windows\DCFEEKJP.ini
  • C:\Windows\System32\trgen.dll
  • C:\Windows\System32\rtneg.dll
  • C:\Windows\System32\wknmma.exe
  • C:\Windows\System32\dice21.ico
  • C:\Windows\System32\trgen*.dll
  • C:\Windows\System32\rtneg*.dll
  • C:\Windows\System32\winbbb.dat
  • C:\Windows\System32\hotbod.ico
  • C:\Windows\System32\dsktrf1.dll
  • C:\Windows\System32\ndhjdej.exe
  • C:\Windows\System32\poker11212.ico
  • C:\Windows\System32\greenmovie2311.ico
  • C:\Windows\System32\virushunter1231.ico
  • C:\Windows\System32\kill all spyware4.ico
  • C:\Windows\System32\ico_bikini49_gif_32x32.ico
  • %temporaryinternetfilesdir%\polall2c.exe

Registry Keys

  • HKEY_CLASSES_ROOT\\trfdsk.amo
  • HKEY_CLASSES_ROOT\\trfdsk.amo.1
  • HKEY_CLASSES_ROOT\\trfdsk.iiittt
  • HKEY_CLASSES_ROOT\\trfdsk.iiittt.1
  • HKEY_CLASSES_ROOT\\trfdsk.momo
  • HKEY_CLASSES_ROOT\\trfdsk.momo.1
  • HKEY_CLASSES_ROOT\\trfdsk.ohb
  • HKEY_CLASSES_ROOT\\trfdsk.ohb.1
  • HKEY_CLASSES_ROOT\\winb2s.omoc.1
  • HKEY_CLASSES_ROOT\\winb2s.omoc
  • HKEY_CLASSES_ROOT\\winb2s.cmod.1
  • HKEY_CLASSES_ROOT\\winb2s.cmod
  • HKEY_CLASSES_ROOT\\winb2s.amo.1
  • HKEY_CLASSES_ROOT\\winb2s.amo
  • HKEY_CLASSES_ROOT\\winb2s.ohb.1
  • HKEY_CLASSES_ROOT\\winb2s.ohb
  • HKEY_CLASSES_ROOT\\winb2s.momo.1
  • HKEY_CLASSES_ROOT\\winb2s.momo
  • HKEY_CLASSES_ROOT\\winb2s.iiittt.1
  • HKEY_CLASSES_ROOT\\winb2s.iiittt
  • HKEY_CLASSES_ROOT\\winb2s.dbi.1
  • HKEY_CLASSES_ROOT\\winb2s.dbi
  • HKEY_CLASSES_ROOT\\trgen.amo
  • HKEY_CLASSES_ROOT\\trgen.amo.1
  • HKEY_CLASSES_ROOT\\trgen.iiittt
  • HKEY_CLASSES_ROOT\\trgen.iiittt.1
  • HKEY_CLASSES_ROOT\\trgen.momo
  • HKEY_CLASSES_ROOT\\trgen.momo.1
  • HKEY_CLASSES_ROOT\\trgen.ohb
  • HKEY_CLASSES_ROOT\\trgen.ohb.1
  • HKEY_LOCAL_MACHINE\Software\Classes\trfdsk.amo
  • HKEY_LOCAL_MACHINE\Software\Classes\trfdsk.amo.1
  • HKEY_LOCAL_MACHINE\Software\Classes\trfdsk.iiittt
  • HKEY_LOCAL_MACHINE\Software\Classes\trfdsk.iiittt.1
  • HKEY_LOCAL_MACHINE\Software\Classes\trfdsk.momo
  • HKEY_LOCAL_MACHINE\Software\Classes\trfdsk.momo.1
  • HKEY_LOCAL_MACHINE\Software\Classes\trfdsk.ohb
  • HKEY_LOCAL_MACHINE\Software\Classes\trfdsk.ohb.1
  • HKEY_LOCAL_MACHINE\Software\Classes\winb2s.omoc.1
  • HKEY_LOCAL_MACHINE\Software\Classes\winb2s.omoc
  • HKEY_LOCAL_MACHINE\Software\Classes\winb2s.cmod.1
  • HKEY_LOCAL_MACHINE\Software\Classes\winb2s.cmod
  • HKEY_LOCAL_MACHINE\Software\Classes\winb2s.amo.1
  • HKEY_LOCAL_MACHINE\Software\Classes\winb2s.amo
  • HKEY_LOCAL_MACHINE\Software\Classes\winb2s.ohb.1
  • HKEY_LOCAL_MACHINE\Software\Classes\winb2s.ohb
  • HKEY_LOCAL_MACHINE\Software\Classes\winb2s.momo.1
  • HKEY_LOCAL_MACHINE\Software\Classes\winb2s.momo
  • HKEY_LOCAL_MACHINE\Software\Classes\winb2s.iiittt.1
  • HKEY_LOCAL_MACHINE\Software\Classes\winb2s.iiittt
  • HKEY_LOCAL_MACHINE\Software\Classes\winb2s.dbi.1
  • HKEY_LOCAL_MACHINE\Software\Classes\winb2s.dbi
  • HKEY_LOCAL_MACHINE\Software\Classes\trgen.amo
  • HKEY_LOCAL_MACHINE\Software\Classes\trgen.amo.1
  • HKEY_LOCAL_MACHINE\Software\Classes\trgen.iiittt
  • HKEY_LOCAL_MACHINE\Software\Classes\trgen.iiittt.1
  • HKEY_LOCAL_MACHINE\Software\Classes\trgen.momo
  • HKEY_LOCAL_MACHINE\Software\Classes\trgen.momo.1
  • HKEY_LOCAL_MACHINE\Software\Classes\trgen.ohb
  • HKEY_LOCAL_MACHINE\Software\Classes\trgen.ohb.1
  • HKEY_CLASSES_ROOT\CLSID\{1DB3B8DD-5801-443F-B2D5-9BF8912B980E}
  • HKEY_CLASSES_ROOT\CLSID\{746455FE-D059-47e7-AF0E-140E03F5A447}
  • HKEY_CLASSES_ROOT\CLSID\{98640C3B-0699-4D51-ADB4-A6FC48ACB966}
  • HKEY_CLASSES_ROOT\CLSID\{8037F7F0-80B6-453A-A7CB-5371A4A09BB8}
  • HKEY_CLASSES_ROOT\CLSID\{2A611133-1C57-4DFB-A05C-07EE3BFE6D34}
  • HKEY_CLASSES_ROOT\CLSID\{23FB5ADD-DA37-4a40-9FC0-B0E2384CDE92}
  • HKEY_CLASSES_ROOT\CLSID\{22DFEAE8-9AD2-4FC6-9CBA-A6566CA3B6EB}
  • HKEY_CLASSES_ROOT\CLSID\{0962DA67-DB64-465C-8CD7-CBB357CAF825}
  • HKEY_CLASSES_ROOT\CLSID\{356B2BD0-D206-4E21-8C85-C6F49409C6A9}
  • HKEY_CLASSES_ROOT\CLSID\{52ADD86D-9561-4C40-B561-4204DBC139D1}
  • HKEY_CLASSES_ROOT\CLSID\{52FE5233-367C-4EFB-BDD7-0BE4D212C107}
  • HKEY_CLASSES_ROOT\CLSID\{07E9CDF4-20D2-46B1-B681-663968F527CE}
  • HKEY_CLASSES_ROOT\CLSID\{7C5E5671-7A1D-4AE8-91F0-496ADF2825F7}
  • HKEY_CLASSES_ROOT\CLSID\{4D568F0F-8AC9-40AB-88B7-415134C78777}
  • HKEY_CLASSES_ROOT\CLSID\{09C14745-90FD-42D1-9276-4924D7DBC274}
  • HKEY_CLASSES_ROOT\CLSID\{A8BB1898-24FA-4957-A12D-015A1A45E65C}
  • HKEY_CLASSES_ROOT\CLSID\{BC622BEB-F0CD-4A14-B134-6B4CE442DAB1}
  • HKEY_CLASSES_ROOT\CLSID\{CB5B2BC6-F957-4D8A-BE67-83F3EC58BA01}
  • HKEY_CLASSES_ROOT\CLSID\{988CAFC4-DC0D-4D8C-A35E-5028ABE9E641}
  • HKEY_CLASSES_ROOT\CLSID\{207AEF46-0596-4966-A7BF-098F247E85BB}
  • HKEY_CLASSES_ROOT\CLSID\{6024fcd5-91fc-4dc7-8481-63eabd5051d8}
  • HKEY_CLASSES_ROOT\CLSID\{e4776f3a-6936-4a9c-b2da-e57c239fd2f8}
  • HKEY_CLASSES_ROOT\CLSID\{ff81672f-13ff-401f-8662-6e895c564cc4}
  • HKEY_CLASSES_ROOT\CLSID\{22B720C7-5FA6-40A8-9F8F-8584BF669690}
  • HKEY_CLASSES_ROOT\CLSID\{999A06FF-10EF-4A29-8640-69E99882C26B}
  • HKEY_CLASSES_ROOT\CLSID\{F31B3634-12AA-41ca-B021-0685C3B3E4CA}
  • HKEY_CLASSES_ROOT\TypeLib\{081DE2F6-927B-4AA9-88C1-F531C9387383}
  • HKEY_CLASSES_ROOT\TypeLib\{64440e59-a0dd-421c-aa4b-268141d764bb}
  • HKEY_CLASSES_ROOT\Interface\{018C5406-AEE6-4A68-980F-2CEB1E9416FB}
  • HKEY_CLASSES_ROOT\Interface\{0A7FC040-F84A-4AD7-9439-798B6C0F861E}
  • HKEY_CLASSES_ROOT\Interface\{A797A41D-F9F0-4A32-B9B5-AF927CB5AE54}
  • HKEY_CLASSES_ROOT\Interface\{B12508AD-CA55-4238-8DB3-55808BA6915A}
  • HKEY_CLASSES_ROOT\Interface\{F912C325-5B26-4AD6-BF39-84370833E972}
  • HKEY_CLASSES_ROOT\Interface\{BF7CB2C3-55B6-44C1-9615-920D004C27F7}
  • HKEY_CLASSES_ROOT\Interface\{6FE4AADF-EDAC-4037-9164-0B60179A4F12}
  • HKEY_CLASSES_ROOT\Interface\{17973BD7-959C-4D8A-8B2F-AB200E20A75E}
  • HKEY_CLASSES_ROOT\Interface\{de53fa5d-11cc-4cb5-8d8e-eb5aa59c1e5a}
  • HKEY_CLASSES_ROOT\Interface\{42f58f60-9299-4564-9abd-8e9324844560}
  • HKEY_CLASSES_ROOT\Interface\{696d1af8-d0ff-42fd-bd8d-d0b20d64f508}
  • HKEY_CLASSES_ROOT\Interface\{e38924f7-f290-4c13-beec-e8c587f58128}
  • HKEY_CLASSES_ROOT\Interface\{fa82a7ec-2afc-4ee0-8f83-3229f7c6437e}
  • HKEY_CLASSES_ROOT\Interface\{8fc08358-3634-44c7-a8f2-96dc7f39acd2}
  • HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{1DB3B8DD-5801-443F-B2D5-9BF8912B980E}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{746455FE-D059-47e7-AF0E-140E03F5A447}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{98640C3B-0699-4D51-ADB4-A6FC48ACB966}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8037F7F0-80B6-453A-A7CB-5371A4A09BB8}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{2A611133-1C57-4DFB-A05C-07EE3BFE6D34}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{23FB5ADD-DA37-4a40-9FC0-B0E2384CDE92}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{22DFEAE8-9AD2-4FC6-9CBA-A6566CA3B6EB}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0962DA67-DB64-465C-8CD7-CBB357CAF825}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{356B2BD0-D206-4E21-8C85-C6F49409C6A9}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{52ADD86D-9561-4C40-B561-4204DBC139D1}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{52FE5233-367C-4EFB-BDD7-0BE4D212C107}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{07E9CDF4-20D2-46B1-B681-663968F527CE}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{7C5E5671-7A1D-4AE8-91F0-496ADF2825F7}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4D568F0F-8AC9-40AB-88B7-415134C78777}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{09C14745-90FD-42D1-9276-4924D7DBC274}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A8BB1898-24FA-4957-A12D-015A1A45E65C}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{BC622BEB-F0CD-4A14-B134-6B4CE442DAB1}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{CB5B2BC6-F957-4D8A-BE67-83F3EC58BA01}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{988CAFC4-DC0D-4D8C-A35E-5028ABE9E641}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{207AEF46-0596-4966-A7BF-098F247E85BB}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{17973BD7-959C-4D8A-8B2F-AB200E20A75E}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{6024fcd5-91fc-4dc7-8481-63eabd5051d8}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{e4776f3a-6936-4a9c-b2da-e57c239fd2f8}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ff81672f-13ff-401f-8662-6e895c564cc4}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{22B720C7-5FA6-40A8-9F8F-8584BF669690}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{999A06FF-10EF-4A29-8640-69E99882C26B}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{F31B3634-12AA-41ca-B021-0685C3B3E4CA}
  • HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{081DE2F6-927B-4AA9-88C1-F531C9387383}
  • HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{64440e59-a0dd-421c-aa4b-268141d764bb}
  • HKEY_LOCAL_MACHINE\Software\Classes\Interface\{018C5406-AEE6-4A68-980F-2CEB1E9416FB}
  • HKEY_LOCAL_MACHINE\Software\Classes\Interface\{0A7FC040-F84A-4AD7-9439-798B6C0F861E}
  • HKEY_LOCAL_MACHINE\Software\Classes\Interface\{A797A41D-F9F0-4A32-B9B5-AF927CB5AE54}
  • HKEY_LOCAL_MACHINE\Software\Classes\Interface\{B12508AD-CA55-4238-8DB3-55808BA6915A}
  • HKEY_LOCAL_MACHINE\Software\Classes\Interface\{F912C325-5B26-4AD6-BF39-84370833E972}
  • HKEY_LOCAL_MACHINE\Software\Classes\Interface\{BF7CB2C3-55B6-44C1-9615-920D004C27F7}
  • HKEY_LOCAL_MACHINE\Software\Classes\Interface\{6FE4AADF-EDAC-4037-9164-0B60179A4F12}
  • HKEY_LOCAL_MACHINE\Software\Classes\Interface\{17973BD7-959C-4D8A-8B2F-AB200E20A75E}
  • HKEY_LOCAL_MACHINE\Software\Classes\Interface\{de53fa5d-11cc-4cb5-8d8e-eb5aa59c1e5a}
  • HKEY_LOCAL_MACHINE\Software\Classes\Interface\{42f58f60-9299-4564-9abd-8e9324844560}
  • HKEY_LOCAL_MACHINE\Software\Classes\Interface\{696d1af8-d0ff-42fd-bd8d-d0b20d64f508}
  • HKEY_LOCAL_MACHINE\Software\Classes\Interface\{e38924f7-f290-4c13-beec-e8c587f58128}
  • HKEY_LOCAL_MACHINE\Software\Classes\Interface\{fa82a7ec-2afc-4ee0-8f83-3229f7c6437e}
  • HKEY_LOCAL_MACHINE\Software\Classes\Interface\{8fc08358-3634-44c7-a8f2-96dc7f39acd2}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{746455FE-D059-47e7-AF0E-140E03F5A447}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98640C3B-0699-4D51-ADB4-A6FC48ACB966}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8037F7F0-80B6-453A-A7CB-5371A4A09BB8}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A611133-1C57-4DFB-A05C-07EE3BFE6D34}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23FB5ADD-DA37-4a40-9FC0-B0E2384CDE92}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22DFEAE8-9AD2-4FC6-9CBA-A6566CA3B6EB}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CB5B2BC6-F957-4D8A-BE67-83F3EC58BA01}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D568F0F-8AC9-40AB-88B7-415134C78777}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{988CAFC4-DC0D-4D8C-A35E-5028ABE9E641}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22B720C7-5FA6-40A8-9F8F-8584BF669690}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{999A06FF-10EF-4A29-8640-69E99882C26B}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07E9CDF4-20D2-46B1-B681-663968F527CE}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{52FE5233-367C-4EFB-BDD7-0BE4D212C107}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE1A240F-B247-4E06-A600-30E28F5AF3A0}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{207AEF46-0596-4966-A7BF-098F247E85BB}
  • HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1DB3B8DD-5801-443F-B2D5-9BF8912B980E}
  • HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{F31B3634-12AA-41ca-B021-0685C3B3E4CA}
  • HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{1DB3B8DD-5801-443F-B2D5-9BF8912B980E}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{746455FE-D059-47e7-AF0E-140E03F5A447}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{98640C3B-0699-4D51-ADB4-A6FC48ACB966}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8037F7F0-80B6-453A-A7CB-5371A4A09BB8}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A611133-1C57-4DFB-A05C-07EE3BFE6D34}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23FB5ADD-DA37-4a40-9FC0-B0E2384CDE92}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22DFEAE8-9AD2-4FC6-9CBA-A6566CA3B6EB}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB5B2BC6-F957-4D8A-BE67-83F3EC58BA01}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D568F0F-8AC9-40AB-88B7-415134C78777}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{988CAFC4-DC0D-4D8C-A35E-5028ABE9E641}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22B720C7-5FA6-40A8-9F8F-8584BF669690}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{999A06FF-10EF-4A29-8640-69E99882C26B}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F31B3634-12AA-41ca-B021-0685C3B3E4CA}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ad Pop
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{07E9CDF4-20D2-46B1-B681-663968F527CE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{FE1A240F-B247-4E06-A600-30E28F5AF3A0}
  • HKEY_CURRENT_USER\software\aaa_soft
  • HKEY_USERS\.Default\software\aaa_soft
  • HKEY_USERS\.Default\software\_dsktptr
  • HKEY_CURRENT_USER\software\_dsktptr
  • HKEY_LOCAL_MACHINE\software\_dsktptr
  • HKEY_USERS\.Default\software\_trgen
  • HKEY_CURRENT_USER\software\_trgen
  • HKEY_LOCAL_MACHINE\software\_trgen
  • HKEY_USERS\.Default\software\_rtneg2
  • HKEY_CURRENT_USER\software\_rtneg2
  • HKEY_CURRENT_USER\software\_rtneg
  • HKEY_LOCAL_MACHINE\software\_rtneg2
  • HKEY_LOCAL_MACHINE\software\Classes\Software\_rtneg
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\%systemdir%\winb2s32.dll

Registry Values

  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{52FE5233-367C-4EFB-BDD7-0BE4D212C107}
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{207AEF46-0596-4966-A7BF-098F247E85BB}
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\{52FE5233-367C-4EFB-BDD7-0BE4D212C107}
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\{207AEF46-0596-4966-A7BF-098F247E85BB}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\%systemdir%\winb2s32.dll
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prktect
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pfzkud

Clsids

  • {F31B3634-12AA-41ca-B021-0685C3B3E4CA}
  • {746455FE-D059-47e7-AF0E-140E03F5A447}
  • {98640C3B-0699-4D51-ADB4-A6FC48ACB966}
  • {8037F7F0-80B6-453A-A7CB-5371A4A09BB8}
  • {2A611133-1C57-4DFB-A05C-07EE3BFE6D34}
  • {23FB5ADD-DA37-4a40-9FC0-B0E2384CDE92}
  • {22DFEAE8-9AD2-4FC6-9CBA-A6566CA3B6EB}
  • {CB5B2BC6-F957-4D8A-BE67-83F3EC58BA01}
  • {4D568F0F-8AC9-40AB-88B7-415134C78777}
  • {988CAFC4-DC0D-4D8C-A35E-5028ABE9E641}
  • {22B720C7-5FA6-40A8-9F8F-8584BF669690}
  • {999A06FF-10EF-4A29-8640-69E99882C26B}
  • {FE1A240F-B247-4E06-A600-30E28F5AF3A0}
  • {07E9CDF4-20D2-46B1-B681-663968F527CE}
  • {1DB3B8DD-5801-443F-B2D5-9BF8912B980E}
  • {207AEF46-0596-4966-A7BF-098F247E85BB}
  • {52FE5233-367C-4EFB-BDD7-0BE4D212C107}