Monday, November 10, 2008

SpyAxe Trojan

Removing SpyAxe
Categories: Trojan,Ransomware
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
The term ransomware is commonly used to describe such software,
although the field known as cryptovirology predates the term "ransomware".

This type of ransom attack can be accomplished by (for example) attaching
a specially crafted file/program to an e-mail message and sending this to the victim.
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\SALanguage.ini
[%SYSTEM%]\gtpbx.dll
[%SYSTEM%]\gwquvw.dll
[%SYSTEM%]\1024\ld4BC3.tmp.{693c6e81-eef2-4844-a8d3-08bad6f7ae0c}.QQQ
[%SYSTEM%]\1024\{ALL_FILES}}
[%SYSTEM%]\admparsek.dll
[%SYSTEM%]\appmagr.dll
[%SYSTEM%]\dxmpp.dll
[%SYSTEM%]\hvnwm.dll
[%SYSTEM%]\urroxtl.dll
[%SYSTEM%]\viruxz.dll
[%SYSTEM%]\xyxuic.dll
[%SYSTEM%]\ycfchhu.dll
[%SYSTEM%]\yephk.dll
[%WINDOWS%]\admparsek.dll
[%WINDOWS%]\g588100109.dll
[%WINDOWS%]\Prefetch\SPYAXE.EXE-1E39CDF6.pf
[%DESKTOP%]\spyaxe.lnk
[%DESKTOP%]\SpywareAxe.lnk
[%PROFILE%]\start menu\spyaxe 3.0.lnk
[%STARTMENU%]\SpyAxe 3.0.lnk
[%STARTMENU%]\SpywareAxe 3.0.lnk
[%SYSTEM%]\XENADOT.DLL
[%PROFILE_TEMP%]\SALanguage.ini
[%SYSTEM%]\gtpbx.dll
[%SYSTEM%]\gwquvw.dll
[%SYSTEM%]\1024\ld4BC3.tmp.{693c6e81-eef2-4844-a8d3-08bad6f7ae0c}.QQQ
[%SYSTEM%]\1024\{ALL_FILES}}
[%SYSTEM%]\admparsek.dll
[%SYSTEM%]\appmagr.dll
[%SYSTEM%]\dxmpp.dll
[%SYSTEM%]\hvnwm.dll
[%SYSTEM%]\urroxtl.dll
[%SYSTEM%]\viruxz.dll
[%SYSTEM%]\xyxuic.dll
[%SYSTEM%]\ycfchhu.dll
[%SYSTEM%]\yephk.dll
[%WINDOWS%]\admparsek.dll
[%WINDOWS%]\g588100109.dll
[%WINDOWS%]\Prefetch\SPYAXE.EXE-1E39CDF6.pf
[%DESKTOP%]\spyaxe.lnk
[%DESKTOP%]\SpywareAxe.lnk
[%PROFILE%]\start menu\spyaxe 3.0.lnk
[%STARTMENU%]\SpyAxe 3.0.lnk
[%STARTMENU%]\SpywareAxe 3.0.lnk
[%SYSTEM%]\XENADOT.DLL

How to detect SpyAxe:

Files:
[%PROFILE_TEMP%]\SALanguage.ini
[%SYSTEM%]\gtpbx.dll
[%SYSTEM%]\gwquvw.dll
[%SYSTEM%]\1024\ld4BC3.tmp.{693c6e81-eef2-4844-a8d3-08bad6f7ae0c}.QQQ
[%SYSTEM%]\1024\{ALL_FILES}}
[%SYSTEM%]\admparsek.dll
[%SYSTEM%]\appmagr.dll
[%SYSTEM%]\dxmpp.dll
[%SYSTEM%]\hvnwm.dll
[%SYSTEM%]\urroxtl.dll
[%SYSTEM%]\viruxz.dll
[%SYSTEM%]\xyxuic.dll
[%SYSTEM%]\ycfchhu.dll
[%SYSTEM%]\yephk.dll
[%WINDOWS%]\admparsek.dll
[%WINDOWS%]\g588100109.dll
[%WINDOWS%]\Prefetch\SPYAXE.EXE-1E39CDF6.pf
[%DESKTOP%]\spyaxe.lnk
[%DESKTOP%]\SpywareAxe.lnk
[%PROFILE%]\start menu\spyaxe 3.0.lnk
[%STARTMENU%]\SpyAxe 3.0.lnk
[%STARTMENU%]\SpywareAxe 3.0.lnk
[%SYSTEM%]\XENADOT.DLL
[%PROFILE_TEMP%]\SALanguage.ini
[%SYSTEM%]\gtpbx.dll
[%SYSTEM%]\gwquvw.dll
[%SYSTEM%]\1024\ld4BC3.tmp.{693c6e81-eef2-4844-a8d3-08bad6f7ae0c}.QQQ
[%SYSTEM%]\1024\{ALL_FILES}}
[%SYSTEM%]\admparsek.dll
[%SYSTEM%]\appmagr.dll
[%SYSTEM%]\dxmpp.dll
[%SYSTEM%]\hvnwm.dll
[%SYSTEM%]\urroxtl.dll
[%SYSTEM%]\viruxz.dll
[%SYSTEM%]\xyxuic.dll
[%SYSTEM%]\ycfchhu.dll
[%SYSTEM%]\yephk.dll
[%WINDOWS%]\admparsek.dll
[%WINDOWS%]\g588100109.dll
[%WINDOWS%]\Prefetch\SPYAXE.EXE-1E39CDF6.pf
[%DESKTOP%]\spyaxe.lnk
[%DESKTOP%]\SpywareAxe.lnk
[%PROFILE%]\start menu\spyaxe 3.0.lnk
[%STARTMENU%]\SpyAxe 3.0.lnk
[%STARTMENU%]\SpywareAxe 3.0.lnk
[%SYSTEM%]\XENADOT.DLL

Folders:
[%PROGRAM_FILES%]\SpyAxe
[%SYSTEM%]\1024
[%PROGRAMS%]\spyaxe
[%PROGRAMS%]\SpywareAxe
[%PROGRAM_FILES%]\spyaxe
[%PROGRAM_FILES%]\SpywareAxe

Registry Keys:
HKEY_CLASSES_ROOT\AppID\SpyAxe.EXE
HKEY_CLASSES_ROOT\CLSID\{957bab51-81ff-8195-f273-d7e286ea702f}
HKEY_CLASSES_ROOT\Engine.IgnoreList
HKEY_CLASSES_ROOT\Engine.IgnoreList.1
HKEY_CLASSES_ROOT\Engine.Threat
HKEY_CLASSES_ROOT\Engine.Threat.1
HKEY_CLASSES_ROOT\interface\{0f68a8aa-a9a8-4711-be36-ae363efa6443}
HKEY_CLASSES_ROOT\interface\{28420952-c82b-47d9-a042-fa2217d8a082}
HKEY_CLASSES_ROOT\interface\{3c099c83-8587-4b35-8af0-fc3a169ce14f}
HKEY_CLASSES_ROOT\interface\{3fe13f31-e890-4c37-8213-4b5f9a511c26}
HKEY_CLASSES_ROOT\interface\{4cad27dc-1b60-42f4-820e-316fe0a13512}
HKEY_CLASSES_ROOT\interface\{54874d12-c0c6-44cc-83fb-2c35202f881b}
HKEY_CLASSES_ROOT\interface\{54a3200b-d76e-48d1-b35c-d87eaf6d90bd}
HKEY_CLASSES_ROOT\interface\{663dfe59-032c-46fb-a09a-ffc2dc074f54}
HKEY_CLASSES_ROOT\interface\{69ce4fbc-4861-4206-8211-dd5a9ee79ad3}
HKEY_CLASSES_ROOT\interface\{afa9056f-aa11-4771-ae01-04ecfde18206}
HKEY_CLASSES_ROOT\interface\{b8f2487f-aa6a-4914-9a3f-db84e6868d66}
HKEY_CLASSES_ROOT\interface\{e4645720-e02f-4bb2-8e6d-be7653dd1bf2}
HKEY_CLASSES_ROOT\interface\{fa46b160-c9dd-4040-b9d9-ccf5d3db5438}
HKEY_CLASSES_ROOT\interface\{fc1f0c2c-8117-427d-816c-215b68524f74}
HKEY_CLASSES_ROOT\interface\{fd1eee96-8dc7-478d-be3b-7d06ac67fb66}
HKEY_CLASSES_ROOT\interface\{fd8e5ed7-0091-416f-a55b-1d072d58a24f}
HKEY_CLASSES_ROOT\TypeLib\{2BB3BCBF-411A-4C67-8E69-F4BB301DC333}
HKEY_CURRENT_USER\software\classes\clsid\{cd5e2ac9-25ce-a1c5-d1e2-dc6b28a6ed5a}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\menuorder\start menu2\programs\spyaxe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\spyaxe.exe
HKEY_CLASSES_ROOT\AppID\{70F17C8C-1744-41B6-9D07-575DB448DCC5}
HKEY_CLASSES_ROOT\CLSID\{03413bf7-e34c-445b-bfc0-a2b127255871}
HKEY_CLASSES_ROOT\CLSID\{05a91164-3c96-47d6-aa74-2c855791b2d0}
HKEY_CLASSES_ROOT\CLSID\{0B5F7FDF-0717-45BF-B49D-695F3168C7FE}
HKEY_CLASSES_ROOT\CLSID\{0c7416f0-dd23-420f-97f5-aae352ea2bf1}
HKEY_CLASSES_ROOT\CLSID\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}
HKEY_CLASSES_ROOT\CLSID\{210b4043-35ca-4aa0-8796-191f9663dfb3}
HKEY_CLASSES_ROOT\CLSID\{24E27EA9-FCF3-444F-BD80-20543BA5D946}
HKEY_CLASSES_ROOT\CLSID\{259BA022-2005-45E9-A965-10EDB9C00618}
HKEY_CLASSES_ROOT\CLSID\{2C1CD3D7-86AC-4068-93BC-A02304BB2236}
HKEY_CLASSES_ROOT\CLSID\{2C1CD3D7-86AC-4068-93BC-A02304BB2238}
HKEY_CLASSES_ROOT\CLSID\{2C1CD3D7-86AC-4068-93BC-A02304BB8C34}
HKEY_CLASSES_ROOT\CLSID\{35a88e51-b53d-43e9-b8a7-75d4c31b4676}
HKEY_CLASSES_ROOT\CLSID\{55059d4f-a1ac-4837-ae07-4859101f598d}
HKEY_CLASSES_ROOT\CLSID\{553858A7-4922-4e7e-B1C1-97140C1C16EF}
HKEY_CLASSES_ROOT\CLSID\{5839511e-ec1b-4f91-ace3-fb88e52f5239}
HKEY_CLASSES_ROOT\CLSID\{5aaf6542-f4ba-4df4-873d-4902ecbe794c}
HKEY_CLASSES_ROOT\CLSID\{5bc82bdb-bc03-4671-9a78-3ef2b68449de}
HKEY_CLASSES_ROOT\CLSID\{62eb0924-19d2-4226-b4b9-8ad1f70904c1}
HKEY_CLASSES_ROOT\CLSID\{64ba30a2-811a-4597-b0af-d551128be340}
HKEY_CLASSES_ROOT\CLSID\{6AC3806F-8B39-4746-9C38-6B01CB7331FF}
HKEY_CLASSES_ROOT\CLSID\{6af69c4d-420a-4c95-b34f-e4635f84f53b}
HKEY_CLASSES_ROOT\CLSID\{7b1eeccd-0a6d-4ad5-8ac1-4af5722b3885}
HKEY_CLASSES_ROOT\CLSID\{874443fe-aa33-4ebf-a6ac-73208787e62d}
HKEY_CLASSES_ROOT\CLSID\{89aef01d-d237-49c7-84dc-4e1904c1fd31}
HKEY_CLASSES_ROOT\CLSID\{89e4aaba-3b21-49b3-b922-8ca35193c68e}
HKEY_CLASSES_ROOT\CLSID\{8dc1f789-e073-4363-b40d-07376bc5ecc5}
HKEY_CLASSES_ROOT\CLSID\{93ac7c30-3878-4eaa-9420-7977285df5b1}
HKEY_CLASSES_ROOT\CLSID\{A1D9D3F0-8C2A-9A1D-A376-2CACFB10AB72}
HKEY_CLASSES_ROOT\CLSID\{A2C8F6B1-7C2A-3D1C-A3C6-A1FDA113B43F}
HKEY_CLASSES_ROOT\CLSID\{A4F94C0C-54A7-4DB1-9AF3-B22E63D00322}
HKEY_CLASSES_ROOT\CLSID\{AAA288BA-9A4C-45B0-95D7-94D524869DB5}
HKEY_CLASSES_ROOT\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}
HKEY_CLASSES_ROOT\CLSID\{af3fd9a8-1287-4159-9212-9a5b4494af70}
HKEY_CLASSES_ROOT\CLSID\{C1A2FDA2-1A5B-2A8F-F3A2-B22DA1A3C41D}
HKEY_CLASSES_ROOT\CLSID\{C1A2FDA2-2A5B-2C8A-F2A2-BA2DB3A2C31C}
HKEY_CLASSES_ROOT\CLSID\{C1A8B6A1-2C81-1C3D-A3C6-A1CCDB10B47F}
HKEY_CLASSES_ROOT\CLSID\{CA14EE13-ED15-C4A2-17FF-DA4D15C1BC5E}
HKEY_CLASSES_ROOT\CLSID\{CD5E2AC9-25CE-A1C5-D1E2-DC6B28A6ED5A}
HKEY_CLASSES_ROOT\CLSID\{D1A2E7CD-F5C1-21A8-CA2C-13D0AC72D19D}
HKEY_CLASSES_ROOT\CLSID\{D81E2FC4-B0A2-11D3-21AC-07C04C21A18A}
HKEY_CLASSES_ROOT\CLSID\{E2CA7CD1-1AD9-F1C4-3D2A-DC1A33E7AF9D}
HKEY_CLASSES_ROOT\CLSID\{e5b1e382-817e-4b74-8a96-ec78751e6acf}
HKEY_CLASSES_ROOT\CLSID\{e944d14a-03aa-43e3-9d0e-4f50c4d1b005}
HKEY_CLASSES_ROOT\CLSID\{EA26CE12-DE64-A1C5-9A4F-FC1A64E6AC2E}
HKEY_CLASSES_ROOT\CLSID\{ee2975b6-e8d5-405e-8448-8fe9590f6cfb}
HKEY_CLASSES_ROOT\CLSID\{f85e05f5-667e-41b0-ab8a-147337a99e65}
HKEY_CLASSES_ROOT\CLSID\{f8d02387-789a-4c0f-a1d8-8a93f33ee4df}
HKEY_CLASSES_ROOT\CLSID\{FB153DCE-822E-47ec-8D00-2706E7864B37}
HKEY_CLASSES_ROOT\CLSID\{}
HKEY_CLASSES_ROOT\appid\spyaxe.exe
HKEY_CLASSES_ROOT\clsid\{06506b3a-857d-431f-be0b-038b1ec386b3}
HKEY_CLASSES_ROOT\clsid\{0bff94f7-9748-43d1-bac4-d963351b63e7}
HKEY_CLASSES_ROOT\clsid\{0c580891-ca9d-4619-bdc9-85378eb65931}
HKEY_CLASSES_ROOT\clsid\{53525a6c-3774-4b47-b317-bc7dfe4fc7ed}
HKEY_CLASSES_ROOT\clsid\{5deb9a24-19e0-49e6-a6b2-110bc3e1062a}
HKEY_CLASSES_ROOT\clsid\{5e1ace2a-8638-4775-8aa9-5c187ad40a82}
HKEY_CLASSES_ROOT\clsid\{629c4fe9-b627-4905-af5b-ad652bb1b5c5}
HKEY_CLASSES_ROOT\clsid\{659f78ea-6ff2-40f8-8ea3-06f7418a209e}
HKEY_CLASSES_ROOT\clsid\{7616a7f7-df99-432f-870d-4afea0d079f4}
HKEY_CLASSES_ROOT\clsid\{7eb22f36-2ccd-4003-89ee-6cf40ebc4282}
HKEY_CLASSES_ROOT\clsid\{957bab51-81ff-8195-f273-d7e286ea702f}
HKEY_CLASSES_ROOT\clsid\{a0d06aa3-499b-4156-9ffd-0be236f0d4e5}
HKEY_CLASSES_ROOT\clsid\{b6610f1d-da77-42c4-8300-721d9da9d70b}
HKEY_CLASSES_ROOT\engine.ignorelist
HKEY_CLASSES_ROOT\engine.ignorelist.1
HKEY_CLASSES_ROOT\engine.threat
HKEY_CLASSES_ROOT\engine.threat.1
HKEY_CLASSES_ROOT\interface\{20fb94dc-67d8-4811-b090-7137d0dd8b9c}
HKEY_CLASSES_ROOT\interface\{250cb705-b9f5-4c77-a8c0-8d9d436fcff4}
HKEY_CLASSES_ROOT\interface\{3bb3ddaf-7867-44b1-90fc-ac425344724d}
HKEY_CLASSES_ROOT\interface\{44b2f61f-7081-4b93-ae50-cd568548e4a7}
HKEY_CLASSES_ROOT\interface\{47fbd835-e417-48f6-a04d-7b702c5052c5}
HKEY_CLASSES_ROOT\interface\{627aeb80-5854-4436-bb57-79e51c7491c1}
HKEY_CLASSES_ROOT\interface\{707b19e6-4207-4d3f-b0a8-319dba2e6b93}
HKEY_CLASSES_ROOT\interface\{78ab494d-026f-43a5-8071-e4411fd7859b}
HKEY_CLASSES_ROOT\interface\{7c987433-cab4-499a-a0ce-a518f3c54e96}
HKEY_CLASSES_ROOT\interface\{9ad637ef-97f0-4f13-aa24-e84aa5c0e1ce}
HKEY_CLASSES_ROOT\interface\{b7f4f12c-aa9d-421a-a9a6-cc5ff952a4a4}
HKEY_CLASSES_ROOT\interface\{bcfd6185-8c88-45db-9a5f-3659b05e8bd5}
HKEY_CLASSES_ROOT\interface\{c74d1fc2-a047-44fd-b1d1-2e7f193f1762}
HKEY_CLASSES_ROOT\interface\{da8da181-7b27-475c-b872-1a77751cc10a}
HKEY_CLASSES_ROOT\interface\{dea859d7-abb8-4239-b454-6731f4891560}
HKEY_CLASSES_ROOT\interface\{fcf0a3dd-9231-4625-84c6-4810bbe5f54b}
HKEY_CLASSES_ROOT\spyaxe.backup
HKEY_CLASSES_ROOT\spyaxe.backup.1
HKEY_CLASSES_ROOT\spyaxe.enginelistener
HKEY_CLASSES_ROOT\spyaxe.enginelistener.1
HKEY_CLASSES_ROOT\spyaxe.log
HKEY_CLASSES_ROOT\spyaxe.log.1
HKEY_CLASSES_ROOT\spyaxe.logrecord
HKEY_CLASSES_ROOT\spyaxe.logrecord.1
HKEY_CLASSES_ROOT\spyaxe.paths
HKEY_CLASSES_ROOT\spyaxe.paths.1
HKEY_CLASSES_ROOT\spyaxe.quarantine
HKEY_CLASSES_ROOT\spyaxe.quarantine.1
HKEY_CLASSES_ROOT\spyaxe.runas
HKEY_CLASSES_ROOT\spyaxe.runas.1
HKEY_CLASSES_ROOT\spyaxe.scanner
HKEY_CLASSES_ROOT\spyaxe.scanner.1
HKEY_CLASSES_ROOT\spyaxe.searchitem
HKEY_CLASSES_ROOT\spyaxe.searchitem.1
HKEY_CLASSES_ROOT\spyaxe.threatcollection
HKEY_CLASSES_ROOT\spyaxe.threatcollection.1
HKEY_CLASSES_ROOT\typelib\{2bb3bcbf-411a-4c67-8e69-f4bb301dc333}
HKEY_CLASSES_ROOT\typelib\{6d42e870-6d15-4c82-8c78-ecd53ff5b6f0}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\spyaxe.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\spywareaxe.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spyaxe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareaxe
HKEY_LOCAL_MACHINE\software\spyaxe
HKEY_LOCAL_MACHINE\software\spywareaxe

Registry Values:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\software\licenses
HKEY_LOCAL_MACHINE\software\licenses
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing SpyAxe:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)