Categories: Trojan,Adware
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
[Kaspersky]Trojan-Downloader.Win32.Small.ctb,Trojan.Win32.BHO.ab,AdWare.Win32.TTC.a;
[McAfee]Generic.dx;
[F-Prot]W32/Trojan.AEMD;
[Other]Adware.ZQuest,W32/BHO.PO,TROJ_BHO.FD,Trojan.Win32.BHO.ab,Win32/Zquest.G,Trojan.DropperVisible Symptoms:
Files in system folders:
[%INTERNET_CACHE%]\Content.IE5\43WDGVE3\acdt-pid67N[1].exe
[%INTERNET_CACHE%]\Content.IE5\4PY3CHMF\83122[1].exe
[%INTERNET_CACHE%]\Content.IE5\8XMRW96J\TTC-4444[1].exe
[%INTERNET_CACHE%]\content.ie5\GFES34KZ\vsl02[1].ini
[%INTERNET_CACHE%]\Content.IE5\MRMHS18Z\acdt-pid67N[1].exe
[%INTERNET_CACHE%]\Content.IE5\SDQZGTYN\TTC-4444[1].exe
[%INTERNET_CACHE%]\Content.IE5\SPAFK567\83122[1].exe
[%INTERNET_CACHE%]\Content.IE5\SPAFK567\TTC-4444[1].exe
[%PROFILE_TEMP%]\CEMG555077.exe
[%PROGRAM_FILES%]\ComPlus Applications\honewafep4444.dll
[%PROGRAM_FILES%]\ComPlus Applications\honewafep83122.dll
[%PROGRAM_FILES%]\ComPlus Applications\qubomys4444.dll
[%PROGRAM_FILES%]\ComPlus Applications\qubomys555077.dll
[%PROGRAM_FILES%]\ComPlus Applications\qubomys83122.dll
[%PROGRAM_FILES%]\CONEXANT\niqysew.dll
[%PROGRAM_FILES%]\Internet Explorer\merote4444.dll
[%PROGRAM_FILES%]\Internet Explorer\merote555077.dll
[%PROGRAM_FILES%]\Internet Explorer\merote83122.dll
[%PROGRAM_FILES%]\Internet Explorer\tevoh4444.dll
[%PROGRAM_FILES%]\Internet Explorer\tevoh83122.dll
[%PROGRAM_FILES%]\Internet Explorer\texobajiq4444.dll
[%PROGRAM_FILES%]\iPod\safehutag4444.dll
[%PROGRAM_FILES%]\iPod\safehutag83122.dll
[%PROGRAM_FILES%]\Messenger\rtemem.html
[%PROGRAM_FILES%]\Movie Maker\hokemoqy4444.dll
[%PROGRAM_FILES%]\Movie Maker\hokemoqy83122.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mevo4444.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mevo83122.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mewof4444.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mewof83122.dll
[%PROGRAM_FILES%]\MSN\holemupy83122.dll
[%PROGRAM_FILES%]\MSN\meqoca4444.dll
[%PROGRAM_FILES%]\MSN\meqoca83122.dll
[%PROGRAM_FILES%]\MSN\qubo4444.dll
[%PROGRAM_FILES%]\MSN\qubo83122.dll
[%PROGRAM_FILES%]\MSN\tehonev4444.dll
[%PROGRAM_FILES%]\MSN\tehonev83122.dll
[%PROGRAM_FILES%]\NetMeeting\meno4444.dll
[%PROGRAM_FILES%]\NetMeeting\meno83122.dll
[%PROGRAM_FILES%]\NetMeeting\qurocupaz4444.dll
[%PROGRAM_FILES%]\NetMeeting\tevoh4444.dll
[%PROGRAM_FILES%]\OfficeUpdate11\hoke4444.dll
[%PROGRAM_FILES%]\Online Services\hokemoqy4444.dll
[%PROGRAM_FILES%]\Online Services\hokemoqy83122.dll
[%PROGRAM_FILES%]\Online Services\hoseduga4444.dll
[%PROGRAM_FILES%]\Online Services\hoseduga83122.dll
[%PROGRAM_FILES%]\Online Services\nizycij4444.dll
[%PROGRAM_FILES%]\Online Services\nizycij555077.dll
[%PROGRAM_FILES%]\Online Services\nizycij83122.dll
[%PROGRAM_FILES%]\Outlook Express\mepow4444.dll
[%PROGRAM_FILES%]\Outlook Express\mepow83122.dll
[%PROGRAM_FILES%]\Outlook Express\qurocupaz4444.dll
[%PROGRAM_FILES%]\Outlook Express\qurocupaz83122.dll
[%PROGRAM_FILES%]\TTC.dll
[%PROGRAM_FILES%]\Windows Media Player\mesofigy4444.dll
[%PROGRAM_FILES%]\Windows Media Player\mesofigy83122.dll
[%PROGRAM_FILES%]\Windows NT\hokeno4444.dll
[%PROGRAM_FILES%]\Windows NT\hokeno83122.dll
[%PROGRAM_FILES%]\Windows NT\hokepot83122.dll
[%PROGRAM_FILES%]\Windows NT\hoxeni
[%PROGRAM_FILES%]\Windows NT\menoru83122.dll
[%PROGRAM_FILES%]\Windows NT\mexoca4444.dll
[%PROGRAM_FILES%]\Windows NT\mexoca83122.dll
[%PROGRAM_FILES%]\Windows NT\nipyra4444.dll
[%PROGRAM_FILES%]\Windows NT\nipyra83122.dll
[%PROGRAM_FILES%]\WindowsUpdate\hokemoqy4444.dll
[%PROGRAM_FILES%]\WindowsUpdate\mesofigy4444.dll
[%PROGRAM_FILES_COMMON%]\holen4444.dll
[%PROGRAM_FILES_COMMON%]\holen555077.dll
[%PROGRAM_FILES_COMMON%]\holen83122.dll
[%PROGRAM_FILES_COMMON%]\hote4444.dll
[%PROGRAM_FILES_COMMON%]\hote83122.dll
[%PROGRAM_FILES_COMMON%]\metoc24418.dll
[%PROGRAM_FILES_COMMON%]\metoc83122.dll
[%PROGRAM_FILES_COMMON%]\sabe4444.dll
[%PROGRAM_FILES_COMMON%]\sabe83122.dll
[%SYSTEM%]\0ce8rglo.dll
[%SYSTEM%]\DH9013.exe
[%SYSTEM%]\e1\caws83122.exe
[%SYSTEM%]\e2\caws83122.exe
[%SYSTEM%]\g2\caws83122.exe
[%SYSTEM%]\h2\jumper83122.exe
[%SYSTEM%]\hdrv2\jumper83122.exe
[%SYSTEM%]\i2\mper83122.exe
[%SYSTEM%]\k1\jumper83122.exe
[%SYSTEM%]\m2\caws83122.exe
[%SYSTEM%]\uie1\aded83122.exe
[%SYSTEM%]\uu2\mper83122.exe
[%SYSTEM%]\v2\swdrv83122.exe
[%SYSTEM%]\VSL03.exe
[%SYSTEM%]\VSL05.exe
[%WINDOWS%]\83122.exe
[%WINDOWS%]\KVTE66.exe
[%WINDOWS%]\RDFX4.exe
[%WINDOWS%]\TEMP\CEMG555077.exe
[%WINDOWS%]\TTC-4444.exe
[%WINDOWS%]\VTTC.exe
[%WINDOWS%]\wallp2.exe
[%PROGRAM_FILES%]\Internet Explorer\quzotufi
[%PROGRAM_FILES%]\Internet Explorer\quzotufi.dll
[%PROGRAM_FILES%]\Internet Explorer\tedaxejy
[%PROGRAM_FILES%]\Internet Explorer\tedaxejy.dll
[%PROGRAM_FILES%]\Messenger\sahohi.html
[%PROGRAM_FILES%]\MSN Gaming Zone\qufefati.html
[%PROGRAM_FILES%]\Windows NT\qurofu.dll
[%WINDOWS%]\qwr67.exe
[%WINDOWS%]\vcttc012.exe
[%INTERNET_CACHE%]\Content.IE5\43WDGVE3\acdt-pid67N[1].exe
[%INTERNET_CACHE%]\Content.IE5\4PY3CHMF\83122[1].exe
[%INTERNET_CACHE%]\Content.IE5\8XMRW96J\TTC-4444[1].exe
[%INTERNET_CACHE%]\content.ie5\GFES34KZ\vsl02[1].ini
[%INTERNET_CACHE%]\Content.IE5\MRMHS18Z\acdt-pid67N[1].exe
[%INTERNET_CACHE%]\Content.IE5\SDQZGTYN\TTC-4444[1].exe
[%INTERNET_CACHE%]\Content.IE5\SPAFK567\83122[1].exe
[%INTERNET_CACHE%]\Content.IE5\SPAFK567\TTC-4444[1].exe
[%PROFILE_TEMP%]\CEMG555077.exe
[%PROGRAM_FILES%]\ComPlus Applications\honewafep4444.dll
[%PROGRAM_FILES%]\ComPlus Applications\honewafep83122.dll
[%PROGRAM_FILES%]\ComPlus Applications\qubomys4444.dll
[%PROGRAM_FILES%]\ComPlus Applications\qubomys555077.dll
[%PROGRAM_FILES%]\ComPlus Applications\qubomys83122.dll
[%PROGRAM_FILES%]\CONEXANT\niqysew.dll
[%PROGRAM_FILES%]\Internet Explorer\merote4444.dll
[%PROGRAM_FILES%]\Internet Explorer\merote555077.dll
[%PROGRAM_FILES%]\Internet Explorer\merote83122.dll
[%PROGRAM_FILES%]\Internet Explorer\tevoh4444.dll
[%PROGRAM_FILES%]\Internet Explorer\tevoh83122.dll
[%PROGRAM_FILES%]\Internet Explorer\texobajiq4444.dll
[%PROGRAM_FILES%]\iPod\safehutag4444.dll
[%PROGRAM_FILES%]\iPod\safehutag83122.dll
[%PROGRAM_FILES%]\Messenger\rtemem.html
[%PROGRAM_FILES%]\Movie Maker\hokemoqy4444.dll
[%PROGRAM_FILES%]\Movie Maker\hokemoqy83122.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mevo4444.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mevo83122.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mewof4444.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mewof83122.dll
[%PROGRAM_FILES%]\MSN\holemupy83122.dll
[%PROGRAM_FILES%]\MSN\meqoca4444.dll
[%PROGRAM_FILES%]\MSN\meqoca83122.dll
[%PROGRAM_FILES%]\MSN\qubo4444.dll
[%PROGRAM_FILES%]\MSN\qubo83122.dll
[%PROGRAM_FILES%]\MSN\tehonev4444.dll
[%PROGRAM_FILES%]\MSN\tehonev83122.dll
[%PROGRAM_FILES%]\NetMeeting\meno4444.dll
[%PROGRAM_FILES%]\NetMeeting\meno83122.dll
[%PROGRAM_FILES%]\NetMeeting\qurocupaz4444.dll
[%PROGRAM_FILES%]\NetMeeting\tevoh4444.dll
[%PROGRAM_FILES%]\OfficeUpdate11\hoke4444.dll
[%PROGRAM_FILES%]\Online Services\hokemoqy4444.dll
[%PROGRAM_FILES%]\Online Services\hokemoqy83122.dll
[%PROGRAM_FILES%]\Online Services\hoseduga4444.dll
[%PROGRAM_FILES%]\Online Services\hoseduga83122.dll
[%PROGRAM_FILES%]\Online Services\nizycij4444.dll
[%PROGRAM_FILES%]\Online Services\nizycij555077.dll
[%PROGRAM_FILES%]\Online Services\nizycij83122.dll
[%PROGRAM_FILES%]\Outlook Express\mepow4444.dll
[%PROGRAM_FILES%]\Outlook Express\mepow83122.dll
[%PROGRAM_FILES%]\Outlook Express\qurocupaz4444.dll
[%PROGRAM_FILES%]\Outlook Express\qurocupaz83122.dll
[%PROGRAM_FILES%]\TTC.dll
[%PROGRAM_FILES%]\Windows Media Player\mesofigy4444.dll
[%PROGRAM_FILES%]\Windows Media Player\mesofigy83122.dll
[%PROGRAM_FILES%]\Windows NT\hokeno4444.dll
[%PROGRAM_FILES%]\Windows NT\hokeno83122.dll
[%PROGRAM_FILES%]\Windows NT\hokepot83122.dll
[%PROGRAM_FILES%]\Windows NT\hoxeni
[%PROGRAM_FILES%]\Windows NT\menoru83122.dll
[%PROGRAM_FILES%]\Windows NT\mexoca4444.dll
[%PROGRAM_FILES%]\Windows NT\mexoca83122.dll
[%PROGRAM_FILES%]\Windows NT\nipyra4444.dll
[%PROGRAM_FILES%]\Windows NT\nipyra83122.dll
[%PROGRAM_FILES%]\WindowsUpdate\hokemoqy4444.dll
[%PROGRAM_FILES%]\WindowsUpdate\mesofigy4444.dll
[%PROGRAM_FILES_COMMON%]\holen4444.dll
[%PROGRAM_FILES_COMMON%]\holen555077.dll
[%PROGRAM_FILES_COMMON%]\holen83122.dll
[%PROGRAM_FILES_COMMON%]\hote4444.dll
[%PROGRAM_FILES_COMMON%]\hote83122.dll
[%PROGRAM_FILES_COMMON%]\metoc24418.dll
[%PROGRAM_FILES_COMMON%]\metoc83122.dll
[%PROGRAM_FILES_COMMON%]\sabe4444.dll
[%PROGRAM_FILES_COMMON%]\sabe83122.dll
[%SYSTEM%]\0ce8rglo.dll
[%SYSTEM%]\DH9013.exe
[%SYSTEM%]\e1\caws83122.exe
[%SYSTEM%]\e2\caws83122.exe
[%SYSTEM%]\g2\caws83122.exe
[%SYSTEM%]\h2\jumper83122.exe
[%SYSTEM%]\hdrv2\jumper83122.exe
[%SYSTEM%]\i2\mper83122.exe
[%SYSTEM%]\k1\jumper83122.exe
[%SYSTEM%]\m2\caws83122.exe
[%SYSTEM%]\uie1\aded83122.exe
[%SYSTEM%]\uu2\mper83122.exe
[%SYSTEM%]\v2\swdrv83122.exe
[%SYSTEM%]\VSL03.exe
[%SYSTEM%]\VSL05.exe
[%WINDOWS%]\83122.exe
[%WINDOWS%]\KVTE66.exe
[%WINDOWS%]\RDFX4.exe
[%WINDOWS%]\TEMP\CEMG555077.exe
[%WINDOWS%]\TTC-4444.exe
[%WINDOWS%]\VTTC.exe
[%WINDOWS%]\wallp2.exe
[%PROGRAM_FILES%]\Internet Explorer\quzotufi
[%PROGRAM_FILES%]\Internet Explorer\quzotufi.dll
[%PROGRAM_FILES%]\Internet Explorer\tedaxejy
[%PROGRAM_FILES%]\Internet Explorer\tedaxejy.dll
[%PROGRAM_FILES%]\Messenger\sahohi.html
[%PROGRAM_FILES%]\MSN Gaming Zone\qufefati.html
[%PROGRAM_FILES%]\Windows NT\qurofu.dll
[%WINDOWS%]\qwr67.exe
[%WINDOWS%]\vcttc012.exe How to detect ZQuest:
Files:
[%INTERNET_CACHE%]\Content.IE5\43WDGVE3\acdt-pid67N[1].exe
[%INTERNET_CACHE%]\Content.IE5\4PY3CHMF\83122[1].exe
[%INTERNET_CACHE%]\Content.IE5\8XMRW96J\TTC-4444[1].exe
[%INTERNET_CACHE%]\content.ie5\GFES34KZ\vsl02[1].ini
[%INTERNET_CACHE%]\Content.IE5\MRMHS18Z\acdt-pid67N[1].exe
[%INTERNET_CACHE%]\Content.IE5\SDQZGTYN\TTC-4444[1].exe
[%INTERNET_CACHE%]\Content.IE5\SPAFK567\83122[1].exe
[%INTERNET_CACHE%]\Content.IE5\SPAFK567\TTC-4444[1].exe
[%PROFILE_TEMP%]\CEMG555077.exe
[%PROGRAM_FILES%]\ComPlus Applications\honewafep4444.dll
[%PROGRAM_FILES%]\ComPlus Applications\honewafep83122.dll
[%PROGRAM_FILES%]\ComPlus Applications\qubomys4444.dll
[%PROGRAM_FILES%]\ComPlus Applications\qubomys555077.dll
[%PROGRAM_FILES%]\ComPlus Applications\qubomys83122.dll
[%PROGRAM_FILES%]\CONEXANT\niqysew.dll
[%PROGRAM_FILES%]\Internet Explorer\merote4444.dll
[%PROGRAM_FILES%]\Internet Explorer\merote555077.dll
[%PROGRAM_FILES%]\Internet Explorer\merote83122.dll
[%PROGRAM_FILES%]\Internet Explorer\tevoh4444.dll
[%PROGRAM_FILES%]\Internet Explorer\tevoh83122.dll
[%PROGRAM_FILES%]\Internet Explorer\texobajiq4444.dll
[%PROGRAM_FILES%]\iPod\safehutag4444.dll
[%PROGRAM_FILES%]\iPod\safehutag83122.dll
[%PROGRAM_FILES%]\Messenger\rtemem.html
[%PROGRAM_FILES%]\Movie Maker\hokemoqy4444.dll
[%PROGRAM_FILES%]\Movie Maker\hokemoqy83122.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mevo4444.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mevo83122.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mewof4444.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mewof83122.dll
[%PROGRAM_FILES%]\MSN\holemupy83122.dll
[%PROGRAM_FILES%]\MSN\meqoca4444.dll
[%PROGRAM_FILES%]\MSN\meqoca83122.dll
[%PROGRAM_FILES%]\MSN\qubo4444.dll
[%PROGRAM_FILES%]\MSN\qubo83122.dll
[%PROGRAM_FILES%]\MSN\tehonev4444.dll
[%PROGRAM_FILES%]\MSN\tehonev83122.dll
[%PROGRAM_FILES%]\NetMeeting\meno4444.dll
[%PROGRAM_FILES%]\NetMeeting\meno83122.dll
[%PROGRAM_FILES%]\NetMeeting\qurocupaz4444.dll
[%PROGRAM_FILES%]\NetMeeting\tevoh4444.dll
[%PROGRAM_FILES%]\OfficeUpdate11\hoke4444.dll
[%PROGRAM_FILES%]\Online Services\hokemoqy4444.dll
[%PROGRAM_FILES%]\Online Services\hokemoqy83122.dll
[%PROGRAM_FILES%]\Online Services\hoseduga4444.dll
[%PROGRAM_FILES%]\Online Services\hoseduga83122.dll
[%PROGRAM_FILES%]\Online Services\nizycij4444.dll
[%PROGRAM_FILES%]\Online Services\nizycij555077.dll
[%PROGRAM_FILES%]\Online Services\nizycij83122.dll
[%PROGRAM_FILES%]\Outlook Express\mepow4444.dll
[%PROGRAM_FILES%]\Outlook Express\mepow83122.dll
[%PROGRAM_FILES%]\Outlook Express\qurocupaz4444.dll
[%PROGRAM_FILES%]\Outlook Express\qurocupaz83122.dll
[%PROGRAM_FILES%]\TTC.dll
[%PROGRAM_FILES%]\Windows Media Player\mesofigy4444.dll
[%PROGRAM_FILES%]\Windows Media Player\mesofigy83122.dll
[%PROGRAM_FILES%]\Windows NT\hokeno4444.dll
[%PROGRAM_FILES%]\Windows NT\hokeno83122.dll
[%PROGRAM_FILES%]\Windows NT\hokepot83122.dll
[%PROGRAM_FILES%]\Windows NT\hoxeni
[%PROGRAM_FILES%]\Windows NT\menoru83122.dll
[%PROGRAM_FILES%]\Windows NT\mexoca4444.dll
[%PROGRAM_FILES%]\Windows NT\mexoca83122.dll
[%PROGRAM_FILES%]\Windows NT\nipyra4444.dll
[%PROGRAM_FILES%]\Windows NT\nipyra83122.dll
[%PROGRAM_FILES%]\WindowsUpdate\hokemoqy4444.dll
[%PROGRAM_FILES%]\WindowsUpdate\mesofigy4444.dll
[%PROGRAM_FILES_COMMON%]\holen4444.dll
[%PROGRAM_FILES_COMMON%]\holen555077.dll
[%PROGRAM_FILES_COMMON%]\holen83122.dll
[%PROGRAM_FILES_COMMON%]\hote4444.dll
[%PROGRAM_FILES_COMMON%]\hote83122.dll
[%PROGRAM_FILES_COMMON%]\metoc24418.dll
[%PROGRAM_FILES_COMMON%]\metoc83122.dll
[%PROGRAM_FILES_COMMON%]\sabe4444.dll
[%PROGRAM_FILES_COMMON%]\sabe83122.dll
[%SYSTEM%]\0ce8rglo.dll
[%SYSTEM%]\DH9013.exe
[%SYSTEM%]\e1\caws83122.exe
[%SYSTEM%]\e2\caws83122.exe
[%SYSTEM%]\g2\caws83122.exe
[%SYSTEM%]\h2\jumper83122.exe
[%SYSTEM%]\hdrv2\jumper83122.exe
[%SYSTEM%]\i2\mper83122.exe
[%SYSTEM%]\k1\jumper83122.exe
[%SYSTEM%]\m2\caws83122.exe
[%SYSTEM%]\uie1\aded83122.exe
[%SYSTEM%]\uu2\mper83122.exe
[%SYSTEM%]\v2\swdrv83122.exe
[%SYSTEM%]\VSL03.exe
[%SYSTEM%]\VSL05.exe
[%WINDOWS%]\83122.exe
[%WINDOWS%]\KVTE66.exe
[%WINDOWS%]\RDFX4.exe
[%WINDOWS%]\TEMP\CEMG555077.exe
[%WINDOWS%]\TTC-4444.exe
[%WINDOWS%]\VTTC.exe
[%WINDOWS%]\wallp2.exe
[%PROGRAM_FILES%]\Internet Explorer\quzotufi
[%PROGRAM_FILES%]\Internet Explorer\quzotufi.dll
[%PROGRAM_FILES%]\Internet Explorer\tedaxejy
[%PROGRAM_FILES%]\Internet Explorer\tedaxejy.dll
[%PROGRAM_FILES%]\Messenger\sahohi.html
[%PROGRAM_FILES%]\MSN Gaming Zone\qufefati.html
[%PROGRAM_FILES%]\Windows NT\qurofu.dll
[%WINDOWS%]\qwr67.exe
[%WINDOWS%]\vcttc012.exe
[%INTERNET_CACHE%]\Content.IE5\43WDGVE3\acdt-pid67N[1].exe
[%INTERNET_CACHE%]\Content.IE5\4PY3CHMF\83122[1].exe
[%INTERNET_CACHE%]\Content.IE5\8XMRW96J\TTC-4444[1].exe
[%INTERNET_CACHE%]\content.ie5\GFES34KZ\vsl02[1].ini
[%INTERNET_CACHE%]\Content.IE5\MRMHS18Z\acdt-pid67N[1].exe
[%INTERNET_CACHE%]\Content.IE5\SDQZGTYN\TTC-4444[1].exe
[%INTERNET_CACHE%]\Content.IE5\SPAFK567\83122[1].exe
[%INTERNET_CACHE%]\Content.IE5\SPAFK567\TTC-4444[1].exe
[%PROFILE_TEMP%]\CEMG555077.exe
[%PROGRAM_FILES%]\ComPlus Applications\honewafep4444.dll
[%PROGRAM_FILES%]\ComPlus Applications\honewafep83122.dll
[%PROGRAM_FILES%]\ComPlus Applications\qubomys4444.dll
[%PROGRAM_FILES%]\ComPlus Applications\qubomys555077.dll
[%PROGRAM_FILES%]\ComPlus Applications\qubomys83122.dll
[%PROGRAM_FILES%]\CONEXANT\niqysew.dll
[%PROGRAM_FILES%]\Internet Explorer\merote4444.dll
[%PROGRAM_FILES%]\Internet Explorer\merote555077.dll
[%PROGRAM_FILES%]\Internet Explorer\merote83122.dll
[%PROGRAM_FILES%]\Internet Explorer\tevoh4444.dll
[%PROGRAM_FILES%]\Internet Explorer\tevoh83122.dll
[%PROGRAM_FILES%]\Internet Explorer\texobajiq4444.dll
[%PROGRAM_FILES%]\iPod\safehutag4444.dll
[%PROGRAM_FILES%]\iPod\safehutag83122.dll
[%PROGRAM_FILES%]\Messenger\rtemem.html
[%PROGRAM_FILES%]\Movie Maker\hokemoqy4444.dll
[%PROGRAM_FILES%]\Movie Maker\hokemoqy83122.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mevo4444.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mevo83122.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mewof4444.dll
[%PROGRAM_FILES%]\MSN Gaming Zone\mewof83122.dll
[%PROGRAM_FILES%]\MSN\holemupy83122.dll
[%PROGRAM_FILES%]\MSN\meqoca4444.dll
[%PROGRAM_FILES%]\MSN\meqoca83122.dll
[%PROGRAM_FILES%]\MSN\qubo4444.dll
[%PROGRAM_FILES%]\MSN\qubo83122.dll
[%PROGRAM_FILES%]\MSN\tehonev4444.dll
[%PROGRAM_FILES%]\MSN\tehonev83122.dll
[%PROGRAM_FILES%]\NetMeeting\meno4444.dll
[%PROGRAM_FILES%]\NetMeeting\meno83122.dll
[%PROGRAM_FILES%]\NetMeeting\qurocupaz4444.dll
[%PROGRAM_FILES%]\NetMeeting\tevoh4444.dll
[%PROGRAM_FILES%]\OfficeUpdate11\hoke4444.dll
[%PROGRAM_FILES%]\Online Services\hokemoqy4444.dll
[%PROGRAM_FILES%]\Online Services\hokemoqy83122.dll
[%PROGRAM_FILES%]\Online Services\hoseduga4444.dll
[%PROGRAM_FILES%]\Online Services\hoseduga83122.dll
[%PROGRAM_FILES%]\Online Services\nizycij4444.dll
[%PROGRAM_FILES%]\Online Services\nizycij555077.dll
[%PROGRAM_FILES%]\Online Services\nizycij83122.dll
[%PROGRAM_FILES%]\Outlook Express\mepow4444.dll
[%PROGRAM_FILES%]\Outlook Express\mepow83122.dll
[%PROGRAM_FILES%]\Outlook Express\qurocupaz4444.dll
[%PROGRAM_FILES%]\Outlook Express\qurocupaz83122.dll
[%PROGRAM_FILES%]\TTC.dll
[%PROGRAM_FILES%]\Windows Media Player\mesofigy4444.dll
[%PROGRAM_FILES%]\Windows Media Player\mesofigy83122.dll
[%PROGRAM_FILES%]\Windows NT\hokeno4444.dll
[%PROGRAM_FILES%]\Windows NT\hokeno83122.dll
[%PROGRAM_FILES%]\Windows NT\hokepot83122.dll
[%PROGRAM_FILES%]\Windows NT\hoxeni
[%PROGRAM_FILES%]\Windows NT\menoru83122.dll
[%PROGRAM_FILES%]\Windows NT\mexoca4444.dll
[%PROGRAM_FILES%]\Windows NT\mexoca83122.dll
[%PROGRAM_FILES%]\Windows NT\nipyra4444.dll
[%PROGRAM_FILES%]\Windows NT\nipyra83122.dll
[%PROGRAM_FILES%]\WindowsUpdate\hokemoqy4444.dll
[%PROGRAM_FILES%]\WindowsUpdate\mesofigy4444.dll
[%PROGRAM_FILES_COMMON%]\holen4444.dll
[%PROGRAM_FILES_COMMON%]\holen555077.dll
[%PROGRAM_FILES_COMMON%]\holen83122.dll
[%PROGRAM_FILES_COMMON%]\hote4444.dll
[%PROGRAM_FILES_COMMON%]\hote83122.dll
[%PROGRAM_FILES_COMMON%]\metoc24418.dll
[%PROGRAM_FILES_COMMON%]\metoc83122.dll
[%PROGRAM_FILES_COMMON%]\sabe4444.dll
[%PROGRAM_FILES_COMMON%]\sabe83122.dll
[%SYSTEM%]\0ce8rglo.dll
[%SYSTEM%]\DH9013.exe
[%SYSTEM%]\e1\caws83122.exe
[%SYSTEM%]\e2\caws83122.exe
[%SYSTEM%]\g2\caws83122.exe
[%SYSTEM%]\h2\jumper83122.exe
[%SYSTEM%]\hdrv2\jumper83122.exe
[%SYSTEM%]\i2\mper83122.exe
[%SYSTEM%]\k1\jumper83122.exe
[%SYSTEM%]\m2\caws83122.exe
[%SYSTEM%]\uie1\aded83122.exe
[%SYSTEM%]\uu2\mper83122.exe
[%SYSTEM%]\v2\swdrv83122.exe
[%SYSTEM%]\VSL03.exe
[%SYSTEM%]\VSL05.exe
[%WINDOWS%]\83122.exe
[%WINDOWS%]\KVTE66.exe
[%WINDOWS%]\RDFX4.exe
[%WINDOWS%]\TEMP\CEMG555077.exe
[%WINDOWS%]\TTC-4444.exe
[%WINDOWS%]\VTTC.exe
[%WINDOWS%]\wallp2.exe
[%PROGRAM_FILES%]\Internet Explorer\quzotufi
[%PROGRAM_FILES%]\Internet Explorer\quzotufi.dll
[%PROGRAM_FILES%]\Internet Explorer\tedaxejy
[%PROGRAM_FILES%]\Internet Explorer\tedaxejy.dll
[%PROGRAM_FILES%]\Messenger\sahohi.html
[%PROGRAM_FILES%]\MSN Gaming Zone\qufefati.html
[%PROGRAM_FILES%]\Windows NT\qurofu.dll
[%WINDOWS%]\qwr67.exe
[%WINDOWS%]\vcttc012.exe
Registry Keys:
HKEY_CLASSES_ROOT\clsid\{22d82699-94cb-4cae-a1ef-bbae81cb35b5}
HKEY_CLASSES_ROOT\clsid\{527dd198-69ce-4181-e180-d722cff6afdb}
HKEY_CLASSES_ROOT\clsid\{562b10e6-d18d-4c11-849a-00a4b270800d}
HKEY_CLASSES_ROOT\clsid\{58550639-8019-4d31-969a-19d239f81e2a}
HKEY_CLASSES_ROOT\clsid\{619244ae-b6a9-4dc8-800c-a132b9e28347}
HKEY_CLASSES_ROOT\clsid\{793c1352-9291-4b06-da94-b45fce07645d}\inprocserver32
HKEY_CLASSES_ROOT\clsid\{9374a8ae-9a96-46b8-91bb-16c6d5ec5360}
HKEY_CLASSES_ROOT\clsid\{9c902576-5453-4c84-ae07-53a91272b467}
HKEY_CLASSES_ROOT\clsid\{af39041d-c020-4d75-b196-44ccce6c6011}
HKEY_CLASSES_ROOT\clsid\{dd55b751-bb09-4009-ba49-149cfdf72e03}
HKEY_CLASSES_ROOT\clsid\{e4294230-2313-4b1b-7681-2012e5ca700d}
HKEY_CLASSES_ROOT\clsid\{f61cdc11-6889-44df-e3a5-22b82c5e5522}
HKEY_CLASSES_ROOT\clsid\{f8497707-34bf-4842-8f8c-ad473cb4cdb5}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{22d82699-94cb-4cae-a1ef-bbae81cb35b5}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{527dd198-69ce-4181-e180-d722cff6afdb}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{562b10e6-d18d-4c11-849a-00a4b270800d}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{58550639-8019-4d31-969a-19d239f81e2a}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{619244ae-b6a9-4dc8-800c-a132b9e28347}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9374a8ae-9a96-46b8-91bb-16c6d5ec5360}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9c902576-5453-4c84-ae07-53a91272b467}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{af39041d-c020-4d75-b196-44ccce6c6011}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{dd55b751-bb09-4009-ba49-149cfdf72e03}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{e4294230-2313-4b1b-7681-2012e5ca700d}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{f61cdc11-6889-44df-e3a5-22b82c5e5522}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{f8497707-34bf-4842-8f8c-ad473cb4cdb5}
Registry Values:
HKEY_CLASSES_ROOT\clsid\{f3627f12-b4d8-4f4a-8fa0-a5baa780a975}\inprocserver32
HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0
HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1
Removing ZQuest:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
Remove Win32.SubSearch Trojan
Remove Bandok.ad Backdoor
FakeAlert.Adobepnl Trojan Removal
No comments:
Post a Comment