Top 10 Alerts
Latest 10 Malware Files
Testimonials
I got to say that so far I'm very please with your service. This is my first experience with your company. I have used in the past SpyHunter,Malwarebytes,SpyBlaster, for my detection with Mcafee antivirus/firewall.
Don L.
Searched as:
FakeAlert
Aliases of FakeAlert (AKA):
[Kaspersky] Hoax.Win32.Renos.eq, Trojan-Clicker.Win32.Agent.is
[McAfee] FakeAlert-D, FakeAlert-H, FakeAlert-U
[F-Prot] W32/FakeAlert.DS
[Other] Win32.Cadux.AU, Trojan.Fakealert.196, TR/SpyCleaner.A, Win32/Vaxkat, Downloader, W32/Agent.BRAT, Troj/Clicker-EF
How to Remove FakeAlert from Your Computer
To completely purge FakeAlert from your computer, you need to delete the files, folders, and Windows registry keys, and registry values associated with FakeAlert. These files, folders, and registry keys are respectively listed in the Files, Folders, Registry Keys, and Registry Values sections on this page.
For instructions on deleting the FakeAlert registry keys and registry values, see How to Remove FakeAlert from the Windows Registry.
For instructions on deleting the FakeAlert files and folders,
see How to Delete FakeAlert Files (.exe, .dll, etc.)
How to Delete FakeAlert Files (.exe, .dll, etc.)
The files and folders associated with FakeAlert are listed in the Files and Folders sections on this page.
To delete the FakeAlert files and folders:
- Using your file explorer, browse to each file and folder listed in the Folders and Files sections.Note: The paths use certain conventions such as [%PROGRAM_FILES%]. These conventions are explained here.
- Select the file or folder and press SHIFT+Delete on the keyboard.
- Click Yes in the confirm deletion dialog box.
IMPORTANT: If a file is locked (in use by some application), its deletion will fail (the Windows will display a corresponding message).You can delete such locked files with the RemoveOnReboot utility. To delete a locked file, right-click on the file, select Send To->Remove on Next Reboot on the menu, and restart your computer. You can install the RemoveOnReboot utility from here.
Files:
[%APPDATA%]\svhost.exe
[%LOCAL_APPDATA%]\VirtualStore\Windows\System32\phcruuj0ea97.bmp
[%SYSTEM%]\hxiwlgpm.dat
[%SYSTEM%]\hxiwlgpm.exe
[%SYSTEM%]\mssecu.exe
[%SYSTEM%]\mwin32.exe
[%SYSTEM%]\netode.exe
[%SYSTEM%]\newsd32.exe
[%SYSTEM%]\ps1.exe
[%SYSTEM%]\psoft1.exe
[%SYSTEM%]\Rundl1.exe
[%SYSTEM%]\taack.dat
[%SYSTEM%]\taack.exe
[%SYSTEM%]\VBIEWER.OCX
[%SYSTEM%]\winlogonpc.exe
[%SYSTEM%]\winsystem.exe
[%SYSTEM%]\WINWGPX.EXE
[%WINDOWS%]\iTunesMusic.exe
[%SYSTEM%]\psof1.exe
[%PROFILE%]\Downloads\ToolbarBrowser.exe
[%WINDOWS%]\System32hxiwlgpm.dat
[%WINDOWS%]\System32taack.dat
[%WINDOWS%]\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
[%WINDOWS%]\a.bat
[%WINDOWS%]\base64.tmp
[%WINDOWS%]\zip1.tmp
[%WINDOWS%]\zip2.tmp
[%WINDOWS%]\zip3.tmp
[%WINDOWS%]\zipped.tmp
[%PROFILE_TEMP%]\jZZU.exe
[%WINDOWS%]\time.exe
[%SYSTEM_DRIVE%]\Documents and Settings\Michael\Local Settings\Temp\nso19E.tmp\MachineKey.dll
[%COMMON_DESKTOPDIRECTORY%]\nudetube.com.lnk
[%COMMON_DESKTOPDIRECTORY%]\pornotube.com.lnk
[%COMMON_DESKTOPDIRECTORY%]\youporn.com.lnk
[%SYSTEM%]\test.ttt
[%SYSTEM%]\uniq.tll
[%SYSTEM%]\akttzn.exe
[%SYSTEM%]\vbsys2.dll
[%SYSTEM_DRIVE%]\copia\Documents\Downloads\Quick-Recovery-Pendrive.exe
[%SYSTEM%]\smwin32.dll
[%PERSONAL%]\My Software 4.84 G\Downloads 1.47 G\navicat8_mysql_en.exe
[%SYSTEM%]\resdll.dll
[%SYSTEM%]\winhelper86.dll
[%PROFILE_TEMP%]\t.exe
[%PROFILE_TEMP%]\x.exe
[%PROFILE_TEMP%]\k.exe
[%PROFILE_TEMP%]\m.exe
[%PROFILE_TEMP%]\~TMB63C.tmp
[%SYSTEM%]\SrN6Uu6V.exe
[%PROFILE_TEMP%]\1.exe
[%PROFILE_TEMP%]\3.exe
[%PROFILE_TEMP%]\5.exe
[%PROFILE_TEMP%]\7.exe
[%PROFILE_TEMP%]\i.exe
[%PROFILE_TEMP%]\o.exe
[%PROFILE_TEMP%]\q.exe
[%PROFILE_TEMP%]\s.exe
[%PROFILE_TEMP%]\v.exe
[%PROFILE_TEMP%]\z.exe
[%SYSTEM%]\s5vYdP04.exe
[%SYSTEM%]\winscenter.exe
[%PROFILE%]\Desktopblackbird.jpg
[%PROFILE_TEMP%]\tdsE3.tmp
[%SYSTEM%]\InternetExplorer.dll
[%WINDOWS%]\Ybazaqe.dll
[%WINDOWS%]\astctl32.ocx
[%WINDOWS%]\ctfmon32.exe
[%WINDOWS%]\directx32.exe
[%WINDOWS%]\dnsrelay.dll
[%WINDOWS%]\explorer32.exe
[%WINDOWS%]\funniest.exe
[%WINDOWS%]\gfmnaaa.dll
[%WINDOWS%]\helpcvs.exe
[%WINDOWS%]\inetinf.exe
[%WINDOWS%]\msspi.dll
[%WINDOWS%]\mswsc10.dll
[%WINDOWS%]\mswsc20.dll
[%WINDOWS%]\rundll32.vbe
[%WINDOWS%]\searchword.dll
[%WINDOWS%]\svcinit.exe
[%WINDOWS%]\users32.exe
[%WINDOWS%]\cpan.dll
[%WINDOWS%]\accesss.exe
[%WINDOWS%]\clrssn.exe
[%WINDOWS%]\funny.exe
[%WINDOWS%]\notepad32.exe
[%WINDOWS%]\systeem.exe
[%WINDOWS%]\systemcritical.exe
[%WINDOWS%]\win32e.exe
[%WINDOWS%]\win64.exe
[%WINDOWS%]\winajbm.dll
[%WINDOWS%]\window.exe
[%WINDOWS%]\xplugin.dll
[%WINDOWS%]\y.exe
[%PROFILE%]\DesktopEditorFKWP1.5.exe
[%PROFILE%]\DesktopEditorFKWP2.0.exe
[%PROFILE%]\Desktopfilemanagerclient.exe
[%PROFILE%]\Desktopfkwp1.5.exe
[%PROFILE%]\Desktopfkwp2.0.exe
[%LOCAL_APPDATA%]\VirtualStore\Windows\System32\phcruuj0ea97.bmp
[%SYSTEM%]\hxiwlgpm.dat
[%SYSTEM%]\hxiwlgpm.exe
[%SYSTEM%]\mssecu.exe
[%SYSTEM%]\mwin32.exe
[%SYSTEM%]\netode.exe
[%SYSTEM%]\newsd32.exe
[%SYSTEM%]\ps1.exe
[%SYSTEM%]\psoft1.exe
[%SYSTEM%]\Rundl1.exe
[%SYSTEM%]\taack.dat
[%SYSTEM%]\taack.exe
[%SYSTEM%]\VBIEWER.OCX
[%SYSTEM%]\winlogonpc.exe
[%SYSTEM%]\winsystem.exe
[%SYSTEM%]\WINWGPX.EXE
[%WINDOWS%]\iTunesMusic.exe
[%SYSTEM%]\psof1.exe
[%PROFILE%]\Downloads\ToolbarBrowser.exe
[%WINDOWS%]\System32hxiwlgpm.dat
[%WINDOWS%]\System32taack.dat
[%WINDOWS%]\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
[%WINDOWS%]\a.bat
[%WINDOWS%]\base64.tmp
[%WINDOWS%]\zip1.tmp
[%WINDOWS%]\zip2.tmp
[%WINDOWS%]\zip3.tmp
[%WINDOWS%]\zipped.tmp
[%PROFILE_TEMP%]\jZZU.exe
[%WINDOWS%]\time.exe
[%SYSTEM_DRIVE%]\Documents and Settings\Michael\Local Settings\Temp\nso19E.tmp\MachineKey.dll
[%COMMON_DESKTOPDIRECTORY%]\nudetube.com.lnk
[%COMMON_DESKTOPDIRECTORY%]\pornotube.com.lnk
[%COMMON_DESKTOPDIRECTORY%]\youporn.com.lnk
[%SYSTEM%]\test.ttt
[%SYSTEM%]\uniq.tll
[%SYSTEM%]\akttzn.exe
[%SYSTEM%]\vbsys2.dll
[%SYSTEM_DRIVE%]\copia\Documents\Downloads\Quick-Recovery-Pendrive.exe
[%SYSTEM%]\smwin32.dll
[%PERSONAL%]\My Software 4.84 G\Downloads 1.47 G\navicat8_mysql_en.exe
[%SYSTEM%]\resdll.dll
[%SYSTEM%]\winhelper86.dll
[%PROFILE_TEMP%]\t.exe
[%PROFILE_TEMP%]\x.exe
[%PROFILE_TEMP%]\k.exe
[%PROFILE_TEMP%]\m.exe
[%PROFILE_TEMP%]\~TMB63C.tmp
[%SYSTEM%]\SrN6Uu6V.exe
[%PROFILE_TEMP%]\1.exe
[%PROFILE_TEMP%]\3.exe
[%PROFILE_TEMP%]\5.exe
[%PROFILE_TEMP%]\7.exe
[%PROFILE_TEMP%]\i.exe
[%PROFILE_TEMP%]\o.exe
[%PROFILE_TEMP%]\q.exe
[%PROFILE_TEMP%]\s.exe
[%PROFILE_TEMP%]\v.exe
[%PROFILE_TEMP%]\z.exe
[%SYSTEM%]\s5vYdP04.exe
[%SYSTEM%]\winscenter.exe
[%PROFILE%]\Desktopblackbird.jpg
[%PROFILE_TEMP%]\tdsE3.tmp
[%SYSTEM%]\InternetExplorer.dll
[%WINDOWS%]\Ybazaqe.dll
[%WINDOWS%]\astctl32.ocx
[%WINDOWS%]\ctfmon32.exe
[%WINDOWS%]\directx32.exe
[%WINDOWS%]\dnsrelay.dll
[%WINDOWS%]\explorer32.exe
[%WINDOWS%]\funniest.exe
[%WINDOWS%]\gfmnaaa.dll
[%WINDOWS%]\helpcvs.exe
[%WINDOWS%]\inetinf.exe
[%WINDOWS%]\msspi.dll
[%WINDOWS%]\mswsc10.dll
[%WINDOWS%]\mswsc20.dll
[%WINDOWS%]\rundll32.vbe
[%WINDOWS%]\searchword.dll
[%WINDOWS%]\svcinit.exe
[%WINDOWS%]\users32.exe
[%WINDOWS%]\cpan.dll
[%WINDOWS%]\accesss.exe
[%WINDOWS%]\clrssn.exe
[%WINDOWS%]\funny.exe
[%WINDOWS%]\notepad32.exe
[%WINDOWS%]\systeem.exe
[%WINDOWS%]\systemcritical.exe
[%WINDOWS%]\win32e.exe
[%WINDOWS%]\win64.exe
[%WINDOWS%]\winajbm.dll
[%WINDOWS%]\window.exe
[%WINDOWS%]\xplugin.dll
[%WINDOWS%]\y.exe
[%PROFILE%]\DesktopEditorFKWP1.5.exe
[%PROFILE%]\DesktopEditorFKWP2.0.exe
[%PROFILE%]\Desktopfilemanagerclient.exe
[%PROFILE%]\Desktopfkwp1.5.exe
[%PROFILE%]\Desktopfkwp2.0.exe
Folders:
[%PROFILE%]\Desktopvirii
[%WINDOWS%]\System32smp
[%WINDOWS%]\System32smp
Scan your File System for FakeAlert
How to Remove FakeAlert from the Windows Registry
The Windows registry stores important system information such as system preferences, user settings, and installed programs details as well as the information about the applications that are automatically run at start-up. Because of this, spyware, malware, and adware often store references to their own files in your Windows registry so that they can automatically launch every time you start up your computer.
To effectively remove FakeAlert from your Windows registry, you must delete all the registry keys and values associated with FakeAlert, which are listed in the Registry Keys and Registry Values sections on this page.
IMPORTANT: Because the registry is a core component of your Windows system, it is strongly recommended that you back up the registry before you begin deleting keys and values. For information about backing up the Windows registry, refer to the Registry Editor online help.
To remove the FakeAlert registry keys and values:
- On the Windows Start menu, click Run.
- In the Open box, type regedit and click OK.
The Registry Editor window opens. This window consists of two panes. The left pane displays folders that represent the registry keys arranged in hierarchical order. The right one lists the registry values of the currently selected registry key. - To delete each registry key listed in the Registry Keys section, do the following:
- Locate the key in the left pane of the Registry Editor window by sequentially expanding the folders according to the path indicated in the Registry Keys section. For example, if the path of a registry key is HKEY_LOCAL_MACHINE\software\FolderA\FolderB\KeyName1, sequentially expand the HKEY_LOCAL_MACHINE, software, FolderA, and FolderB folders.
- Select the key name indicated at the end of the path (KeyName1 in the example above).
- Right-click the key name and select Delete on the menu.
- Click Yes in the Confirm Key Delete dialog box.
- To delete each registry value listed in the Registry Values section, do the following:
- Display the value in the right pane of the Registry Editor window by sequentially expanding the folders in the left pane according to the path indicated in the Registry Values section and selecting the specified key name. For example, if the path of a registry value is HKEY_LOCAL_MACHINE\software\FolderA\FolderB\KeyName2\,valueC=, sequentially expand the HKEY_LOCAL_MACHINE, software, FolderA, and FolderB folders and select the KeyName2 key to display the valueC value in the right pane.
- In the right pane, select the value name indicated after a comma at the end of the path (valueC in the example above).
- Right-click the value name and select Delete on the menu.
- Click Yes in the Confirm Value Delete dialog box.
Registry Keys:
HKEY_CURRENT_USER\software\mwc
HKEY_LOCAL_MACHINE\software\mozilla\msfox
HKEY_LOCAL_MACHINE\software\classes\typelib\{a8954909-1f0f-41a5-a7fa-3b376d69e226}
HKEY_LOCAL_MACHINE\software\classes\bhonew.bhoapp
HKEY_LOCAL_MACHINE\software\classes\bhonew.bhoapp.1
HKEY_LOCAL_MACHINE\software\classes\interface\{967a494a-6aec-4555-9caf-fa6eb00acf91}
HKEY_LOCAL_MACHINE\software\classes\interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5}
HKEY_LOCAL_MACHINE\software\classes\clsid\{0cb66ba8-5e1f-4963-93d1-e1d6b78fe9a2}
HKEY_LOCAL_MACHINE\software\microsoft\psrv
HKEY_CLASSES_ROOT\clsid\{35a5b43b-cb8a-49ca-a9f4-d3b308d2e3cc}
HKEY_CURRENT_USER\software\yvibbbha8c
HKEY_CURRENT_USER\software\wek9emdhi9
HKEY_CLASSES_ROOT\clsid\{0b682cc1-fb40-4006-a5dd-99edd3c9095d}
HKEY_CURRENT_USER\software\classes\clsid\{0b682cc1-fb40-4006-a5dd-99edd3c9095d}
HKEY_LOCAL_MACHINE\software\classes\typelib\{e24211b3-a78a-c6a9-d317-70979ace5058}
HKEY_CURRENT_USER\system\currentcontrolset\services\itunesmusic
HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\winlogon\notify\logons
HKEY_CURRENT_USER\hol5_vxiewer.full.1
HKEY_CURRENT_USER\software\classes\applications\accessdiver.exe
HKEY_CURRENT_USER\software\dpcproxy
HKEY_CURRENT_USER\software\fwbd
HKEY_CURRENT_USER\software\hollol
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\uninstall\golden palace casino new
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\uninstall\inet delivery
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\uninstall\mslagent
HKEY_CURRENT_USER\system\currentcontrolset\services\rdriv
HKEY_CURRENT_USER\typelib\{d7987436-78bf-4a81-915f-4879287d2234}
HKEY_CURRENT_USER\typelib\{daef1007-f409-426a-9e7c-cb211f2a9786}
HKEY_CURRENT_USER\software\invictus
HKEY_CLASSES_ROOT\clsid\{54645654-2225-4455-44a1-9f4543d34545}
HKEY_CLASSES_ROOT\clsid\{5c7f15e1-f31a-44fd-aa1a-2ec63aaffd3a}
HKEY_CURRENT_USER\software\cognac
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\tdssdata
HKEY_LOCAL_MACHINE\software\tdss
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\csbdll
HKEY_CLASSES_ROOT\{020487cc-fc04-4b1e-863f-d9801796230b}
HKEY_CLASSES_ROOT\clsid\{2e59498d-7e44-4452-9044-0973b080b9e8}
HKEY_CURRENT_USER\software\classes\hol5_vxiewer.full.1
HKEY_LOCAL_MACHINE\software\classes\typelib\{5d2631e5-8696-7543-50b2-f674cd4308eb}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\ext\stats\{d5bf49a2-94f1-42bd-f434-3604812c807d}
HKEY_CLASSES_ROOT\aplsj2.bho
HKEY_CLASSES_ROOT\monamia2
HKEY_CURRENT_USER\software\microsoft\internet explorertoolbar
HKEY_CLASSES_ROOT\typelib\{10026069-7a5f-4531-811e-c8df20643bee}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{95e9bcc0-2e84-4500-8a9c-0b7a96769124}
HKEY_CURRENT_USER\software\inet delivery
HKEY_CLASSES_ROOT\clsid\{020487cc-fc04-4b1e-863f-d9801796230b}
HKEY_CLASSES_ROOT\interface\{86d2bfbb-b16c-4287-9755-31aa01730c29}
HKEY_CLASSES_ROOT\typelib\{b366cf39-52fb-4d7f-85c8-a678a61c9bad}
HKEY_CLASSES_ROOT\clsid\{bbd4551a-9b23-41cd-9bcd-818aa2da7b63}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{bbd4551a-9b23-41cd-9bcd-818aa2da7b63}
HKEY_CLASSES_ROOT\clsid\{ba934431-76af-4c99-93c2-c3d21944a72e}
HKEY_CURRENT_USER\software\extra antivir
HKEY_LOCAL_MACHINE\software\classes\clsid\{d5bf4552-94f1-42bd-f434-3604812c807d}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d5bf4552-94f1-42bd-f434-3604812c807d}
HKEY_LOCAL_MACHINE\software\classes\clsid\{abd45510-9b22-41cd-9acd-8182a2da7c63}
HKEY_CLASSES_ROOT\svshost12.varh
HKEY_CLASSES_ROOT\svshost13.fpol
HKEY_CLASSES_ROOT\svshost14.knbs
HKEY_CLASSES_ROOT\svshost15.kbns
HKEY_CLASSES_ROOT\lsksaq.bho
HKEY_CLASSES_ROOT\clsid\{abc42510-9b22-41c1-9dcd-8182a2d07c63}
HKEY_CLASSES_ROOT\lospn
HKEY_CLASSES_ROOT\clsid\{32131238-5434-4234-4234-432432423432}
HKEY_LOCAL_MACHINE\software\classes\clsid\{95e9bcc0-2e84-4500-8a9c-0b7a96769124}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{b6b571fb-b71d-449c-ad70-82e966328795}
HKEY_LOCAL_MACHINE\software\classes\clsid\{b6b571fb-b71d-449c-ad70-82e966328795}
HKEY_CLASSES_ROOT\smwin32.mdr
HKEY_CLASSES_ROOT\interface\{268706f0-841c-446a-b757-8c1ef84527dc}
HKEY_CLASSES_ROOT\clsid\{32fd16dc-537c-4186-9bd6-c718a308342b}
HKEY_CLASSES_ROOT\typelib\{a0442dfa-1f7e-4dce-b75c-a90993d6e7fc}\1.0
HKEY_CLASSES_ROOT\nimo
HKEY_CLASSES_ROOT\interface\{17bdf3b4-073f-48f8-b6f1-9ee85efbdb82}
HKEY_CLASSES_ROOT\interface\{230ea602-72e2-4512-9ef7-c989c8d7eb7a}
HKEY_CLASSES_ROOT\typelib\{cefa8c3b-f692-43e8-96ec-005a0e9d0a17}
HKEY_CLASSES_ROOT\clsid\{3c3b4135-e1e1-4ecb-86d5-3dc50533a271}
HKEY_CLASSES_ROOT\clsid\{c420cf9f-d9d6-421f-958f-aa59906c2b12}
HKEY_CLASSES_ROOT\typelib\{2ec351c6-b28f-42c7-8494-d054f4193638}
HKEY_CLASSES_ROOT\clsid\{67fe3efe-2915-4d08-8af9-21723c19b0e4}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{b8301af7-d00e-4ea4-87c1-5ff4644fbba1}
HKEY_CLASSES_ROOT\typelib\{a2aa1df5-6e92-4d92-90ea-c8739016e923}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{abd45510-9b22-41cd-9acd-8182a2da7c63}
HKEY_CLASSES_ROOT\appid\{2482e52b-2324-4619-89c0-5c7a2eb286ab}
HKEY_CLASSES_ROOT\clsid\{5e986219-d37c-4509-a4e4-d33c14033aa3}
HKEY_LOCAL_MACHINE\software\classes\clsid\{d5bf49a2-94f1-42bd-f434-3604812c807d}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d5bf49a2-94f1-42bd-f434-3604812c807d}
HKEY_CLASSES_ROOT\650ef38e.axb8
HKEY_CLASSES_ROOT\650ef38f.ds45
HKEY_CLASSES_ROOT\6fa10094.vcsd
HKEY_CLASSES_ROOT\767960fa.ccas
HKEY_CLASSES_ROOT\767960fb.2345
HKEY_CLASSES_ROOT\7fe62cc2.bctp
HKEY_CLASSES_ROOT\877faba2.2dfh
HKEY_CLASSES_ROOT\8dcb614a.afbs
HKEY_CLASSES_ROOT\94ad4b18.3hpo
HKEY_CLASSES_ROOT\adfghost.cli
HKEY_CLASSES_ROOT\bprintinghost.serv
HKEY_CLASSES_ROOT\c5621605.dhcp
HKEY_CLASSES_ROOT\svshost1.dhcp
HKEY_CLASSES_ROOT\svshost10.3hpo
HKEY_LOCAL_MACHINE\software\mozilla\msfox
HKEY_LOCAL_MACHINE\software\classes\typelib\{a8954909-1f0f-41a5-a7fa-3b376d69e226}
HKEY_LOCAL_MACHINE\software\classes\bhonew.bhoapp
HKEY_LOCAL_MACHINE\software\classes\bhonew.bhoapp.1
HKEY_LOCAL_MACHINE\software\classes\interface\{967a494a-6aec-4555-9caf-fa6eb00acf91}
HKEY_LOCAL_MACHINE\software\classes\interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5}
HKEY_LOCAL_MACHINE\software\classes\clsid\{0cb66ba8-5e1f-4963-93d1-e1d6b78fe9a2}
HKEY_LOCAL_MACHINE\software\microsoft\psrv
HKEY_CLASSES_ROOT\clsid\{35a5b43b-cb8a-49ca-a9f4-d3b308d2e3cc}
HKEY_CURRENT_USER\software\yvibbbha8c
HKEY_CURRENT_USER\software\wek9emdhi9
HKEY_CLASSES_ROOT\clsid\{0b682cc1-fb40-4006-a5dd-99edd3c9095d}
HKEY_CURRENT_USER\software\classes\clsid\{0b682cc1-fb40-4006-a5dd-99edd3c9095d}
HKEY_LOCAL_MACHINE\software\classes\typelib\{e24211b3-a78a-c6a9-d317-70979ace5058}
HKEY_CURRENT_USER\system\currentcontrolset\services\itunesmusic
HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\winlogon\notify\logons
HKEY_CURRENT_USER\hol5_vxiewer.full.1
HKEY_CURRENT_USER\software\classes\applications\accessdiver.exe
HKEY_CURRENT_USER\software\dpcproxy
HKEY_CURRENT_USER\software\fwbd
HKEY_CURRENT_USER\software\hollol
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\uninstall\golden palace casino new
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\uninstall\inet delivery
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\uninstall\mslagent
HKEY_CURRENT_USER\system\currentcontrolset\services\rdriv
HKEY_CURRENT_USER\typelib\{d7987436-78bf-4a81-915f-4879287d2234}
HKEY_CURRENT_USER\typelib\{daef1007-f409-426a-9e7c-cb211f2a9786}
HKEY_CURRENT_USER\software\invictus
HKEY_CLASSES_ROOT\clsid\{54645654-2225-4455-44a1-9f4543d34545}
HKEY_CLASSES_ROOT\clsid\{5c7f15e1-f31a-44fd-aa1a-2ec63aaffd3a}
HKEY_CURRENT_USER\software\cognac
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\tdssdata
HKEY_LOCAL_MACHINE\software\tdss
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\csbdll
HKEY_CLASSES_ROOT\{020487cc-fc04-4b1e-863f-d9801796230b}
HKEY_CLASSES_ROOT\clsid\{2e59498d-7e44-4452-9044-0973b080b9e8}
HKEY_CURRENT_USER\software\classes\hol5_vxiewer.full.1
HKEY_LOCAL_MACHINE\software\classes\typelib\{5d2631e5-8696-7543-50b2-f674cd4308eb}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\ext\stats\{d5bf49a2-94f1-42bd-f434-3604812c807d}
HKEY_CLASSES_ROOT\aplsj2.bho
HKEY_CLASSES_ROOT\monamia2
HKEY_CURRENT_USER\software\microsoft\internet explorertoolbar
HKEY_CLASSES_ROOT\typelib\{10026069-7a5f-4531-811e-c8df20643bee}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{95e9bcc0-2e84-4500-8a9c-0b7a96769124}
HKEY_CURRENT_USER\software\inet delivery
HKEY_CLASSES_ROOT\clsid\{020487cc-fc04-4b1e-863f-d9801796230b}
HKEY_CLASSES_ROOT\interface\{86d2bfbb-b16c-4287-9755-31aa01730c29}
HKEY_CLASSES_ROOT\typelib\{b366cf39-52fb-4d7f-85c8-a678a61c9bad}
HKEY_CLASSES_ROOT\clsid\{bbd4551a-9b23-41cd-9bcd-818aa2da7b63}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{bbd4551a-9b23-41cd-9bcd-818aa2da7b63}
HKEY_CLASSES_ROOT\clsid\{ba934431-76af-4c99-93c2-c3d21944a72e}
HKEY_CURRENT_USER\software\extra antivir
HKEY_LOCAL_MACHINE\software\classes\clsid\{d5bf4552-94f1-42bd-f434-3604812c807d}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d5bf4552-94f1-42bd-f434-3604812c807d}
HKEY_LOCAL_MACHINE\software\classes\clsid\{abd45510-9b22-41cd-9acd-8182a2da7c63}
HKEY_CLASSES_ROOT\svshost12.varh
HKEY_CLASSES_ROOT\svshost13.fpol
HKEY_CLASSES_ROOT\svshost14.knbs
HKEY_CLASSES_ROOT\svshost15.kbns
HKEY_CLASSES_ROOT\lsksaq.bho
HKEY_CLASSES_ROOT\clsid\{abc42510-9b22-41c1-9dcd-8182a2d07c63}
HKEY_CLASSES_ROOT\lospn
HKEY_CLASSES_ROOT\clsid\{32131238-5434-4234-4234-432432423432}
HKEY_LOCAL_MACHINE\software\classes\clsid\{95e9bcc0-2e84-4500-8a9c-0b7a96769124}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{b6b571fb-b71d-449c-ad70-82e966328795}
HKEY_LOCAL_MACHINE\software\classes\clsid\{b6b571fb-b71d-449c-ad70-82e966328795}
HKEY_CLASSES_ROOT\smwin32.mdr
HKEY_CLASSES_ROOT\interface\{268706f0-841c-446a-b757-8c1ef84527dc}
HKEY_CLASSES_ROOT\clsid\{32fd16dc-537c-4186-9bd6-c718a308342b}
HKEY_CLASSES_ROOT\typelib\{a0442dfa-1f7e-4dce-b75c-a90993d6e7fc}\1.0
HKEY_CLASSES_ROOT\nimo
HKEY_CLASSES_ROOT\interface\{17bdf3b4-073f-48f8-b6f1-9ee85efbdb82}
HKEY_CLASSES_ROOT\interface\{230ea602-72e2-4512-9ef7-c989c8d7eb7a}
HKEY_CLASSES_ROOT\typelib\{cefa8c3b-f692-43e8-96ec-005a0e9d0a17}
HKEY_CLASSES_ROOT\clsid\{3c3b4135-e1e1-4ecb-86d5-3dc50533a271}
HKEY_CLASSES_ROOT\clsid\{c420cf9f-d9d6-421f-958f-aa59906c2b12}
HKEY_CLASSES_ROOT\typelib\{2ec351c6-b28f-42c7-8494-d054f4193638}
HKEY_CLASSES_ROOT\clsid\{67fe3efe-2915-4d08-8af9-21723c19b0e4}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{b8301af7-d00e-4ea4-87c1-5ff4644fbba1}
HKEY_CLASSES_ROOT\typelib\{a2aa1df5-6e92-4d92-90ea-c8739016e923}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{abd45510-9b22-41cd-9acd-8182a2da7c63}
HKEY_CLASSES_ROOT\appid\{2482e52b-2324-4619-89c0-5c7a2eb286ab}
HKEY_CLASSES_ROOT\clsid\{5e986219-d37c-4509-a4e4-d33c14033aa3}
HKEY_LOCAL_MACHINE\software\classes\clsid\{d5bf49a2-94f1-42bd-f434-3604812c807d}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d5bf49a2-94f1-42bd-f434-3604812c807d}
HKEY_CLASSES_ROOT\650ef38e.axb8
HKEY_CLASSES_ROOT\650ef38f.ds45
HKEY_CLASSES_ROOT\6fa10094.vcsd
HKEY_CLASSES_ROOT\767960fa.ccas
HKEY_CLASSES_ROOT\767960fb.2345
HKEY_CLASSES_ROOT\7fe62cc2.bctp
HKEY_CLASSES_ROOT\877faba2.2dfh
HKEY_CLASSES_ROOT\8dcb614a.afbs
HKEY_CLASSES_ROOT\94ad4b18.3hpo
HKEY_CLASSES_ROOT\adfghost.cli
HKEY_CLASSES_ROOT\bprintinghost.serv
HKEY_CLASSES_ROOT\c5621605.dhcp
HKEY_CLASSES_ROOT\svshost1.dhcp
HKEY_CLASSES_ROOT\svshost10.3hpo
View all FakeAlert registry keys...
Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CAAE3E63C10A22
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CAF1DE43DEC6AC
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=1329876553
HKEY_CURRENT_USER\software\microsoft\windows, aim=0000000000004683
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Dvw.exe
HKEY_CURRENT_USER\software, 2a422c91-6984-47e4-94be-04c4fad5f8d8=1
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=15
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=0
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=100
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=3
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=49
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run, brastk=brastk.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, wek9emdhi9=[%WINDOWS%]\Xdyhea.exe
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=304
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CB94338DF07982
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Hjg.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C962BA74F16AEC
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CB70E3E71F28
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=5
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C97F55F7F897E0
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, wek9emdhi9=[%WINDOWS%]\Fxicaa.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Fgh.exe
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=58
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler, {020487cc-fc04-4b1e-863f-d9801796230b}=Windows Installer Class
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=65
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CA7B9B9E5E8F68
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC24835DB6E5DC
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC70E1B7F72362
HKEY_CURRENT_USER\software\microsoft\windows, vrsin=1219924622
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Pw1.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CB709742B755B8
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C9C8D8FC3489C4
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=266
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC873F2A849CB3
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, msfox=[%PROFILE_TEMP%]\a.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run, framework windows=frmwrk32.exe
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=7
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=802840
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, msfox=[%PROFILE_TEMP%]\video1019.cfg.exe
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=82
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, msfox=[%PROFILE_TEMP%]\xxx9275.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Lc1.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC632083E07872
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC5C6F5AB514A6
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Drl.exe
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=275
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Npd.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBD742FA6CE3C7
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=131
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=100
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC38917A0515CE
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C75D6719A1EFEA
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC324D2144728A
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C919ABB8268DEA
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Kz1.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C9D341730E670
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, asus32="[%APPDATA%]\Google\mupd1_2_12916358.exe"
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC2466925BCF3A
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C9710EC5AAE744
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=0
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF0D2287866AE
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC18A1646523F4
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C9B8B028EB4252
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBC086F7484F5
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C95ECE41B9F670
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=2530504
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=70
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC0A7611CF6548
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CB456DC3298F21
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC0365EDCD1F08
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF53AE7C8192F
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF550C2C4E124
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF95085D440F5
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF50388A28390
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBD26192D4114
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Owl.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF60F435AF9D1
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF5684C60C76B
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF6216FC4684C
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF4395943E0C8
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF3CD6765A130
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Pfx.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Szz.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=101
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBE97AD7714E00
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBECD512DDCD8A
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBED61FE07374C
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C99DF688E0C94
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBEDBDF9326F28
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Ozd.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBEBE790B02370
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Eqr.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CB8802CF2ABBAC
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBE2A6F836A0B4
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CB6016EADB5F93
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBE35CEADA7E97
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBE4135C46057E
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, msfox=[%PROFILE_TEMP%]\xxx6014.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=696
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Fph.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CAF1DE43DEC6AC
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=1329876553
HKEY_CURRENT_USER\software\microsoft\windows, aim=0000000000004683
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Dvw.exe
HKEY_CURRENT_USER\software, 2a422c91-6984-47e4-94be-04c4fad5f8d8=1
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=15
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=0
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=100
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=3
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=49
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run, brastk=brastk.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, wek9emdhi9=[%WINDOWS%]\Xdyhea.exe
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=304
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CB94338DF07982
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Hjg.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C962BA74F16AEC
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CB70E3E71F28
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=5
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C97F55F7F897E0
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, wek9emdhi9=[%WINDOWS%]\Fxicaa.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Fgh.exe
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=58
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler, {020487cc-fc04-4b1e-863f-d9801796230b}=Windows Installer Class
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=65
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CA7B9B9E5E8F68
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC24835DB6E5DC
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC70E1B7F72362
HKEY_CURRENT_USER\software\microsoft\windows, vrsin=1219924622
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Pw1.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CB709742B755B8
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C9C8D8FC3489C4
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=266
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC873F2A849CB3
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, msfox=[%PROFILE_TEMP%]\a.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run, framework windows=frmwrk32.exe
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=7
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=802840
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, msfox=[%PROFILE_TEMP%]\video1019.cfg.exe
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=82
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, msfox=[%PROFILE_TEMP%]\xxx9275.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Lc1.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC632083E07872
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC5C6F5AB514A6
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Drl.exe
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=275
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Npd.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBD742FA6CE3C7
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=131
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=100
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC38917A0515CE
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C75D6719A1EFEA
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC324D2144728A
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C919ABB8268DEA
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Kz1.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C9D341730E670
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, asus32="[%APPDATA%]\Google\mupd1_2_12916358.exe"
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC2466925BCF3A
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C9710EC5AAE744
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=0
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF0D2287866AE
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC18A1646523F4
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C9B8B028EB4252
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBC086F7484F5
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C95ECE41B9F670
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=2530504
HKEY_CURRENT_USER\software, 1099ce4a-ff51-4a8d-ab3c-c74b9c06e46f=70
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC0A7611CF6548
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CB456DC3298F21
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CC0365EDCD1F08
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF53AE7C8192F
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF550C2C4E124
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF95085D440F5
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF50388A28390
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBD26192D4114
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Owl.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF60F435AF9D1
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF5684C60C76B
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF6216FC4684C
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF4395943E0C8
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBF3CD6765A130
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Pfx.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Szz.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=101
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBE97AD7714E00
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBECD512DDCD8A
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBED61FE07374C
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1C99DF688E0C94
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBEDBDF9326F28
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Ozd.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBEBE790B02370
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Eqr.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CB8802CF2ABBAC
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBE2A6F836A0B4
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CB6016EADB5F93
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBE35CEADA7E97
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer, idstrf=1-1CBE4135C46057E
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, msfox=[%PROFILE_TEMP%]\xxx6014.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shellserviceobjectdelayload, systemcheck2=696
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run, yvibbbha8c=[%PROFILE_TEMP%]\Fph.exe
View all FakeAlert registry values...
Scan your Windows Registry for FakeAlert
FakeAlert Categorized as:
Trojan
A trojan is a program that is disguised as legitimate software but is designed to carry out some harmful actions on the infected computer.
Unlike viruses and worms, trojans don’t replicate but they can be just as destructive.
These days trojans are very common. Trojans are divided into a number different categories based on their function or type of damage.
Downloader
A type of trojan. The primary purpose of downloaders is to install malicious code on a user’s computer. However, they can enable other malicious uses. For example, they can be used to continually download new versions of malicious code, adware, or “pornware.” They are also used frequently used to exploit the vulnerabilities of Internet Explorer.
Downloaders are typically written in script languages such as VBS or JavaScript.
Hoax
A hoax is a fake warning about presence of viruses or other malware on a user’s computer. Typically, a hoax is spread in the form of an e-mail message warning the reader of new dangerous viruses and inducing the recipient to forward the message to others. Hoaxes themselves do little harm, but their distribution often causes fear and uncertainty among users.
How Did My PC Get Infected with FakeAlert?
The following are the most likely reasons why your computer got infected with FakeAlert:
- Your operating system and Web browser's security settings are too lax.
- You are not following safe Internet surfing and PC practices.
Downloading and Installing Freeware or Shareware
Small-charge or free software applications may come bundled with spyware, adware, or programs like FakeAlert. Sometimes adware is attached to free software to enable the developers to cover the overhead involved in created the software. Spyware frequently piggybacks on free software into your computer to damage it and steal valuable private information.
Using Peer-to-Peer Software
The use of peer-to-peer (P2P) programs or other applications using a shared network exposes your system to the risk of unwittingly downloading infected files, including malicious programs like FakeAlert.
Visiting Questionable Web Sites
When you visit sites with dubious or objectionable content, trojans-including FakeAlert-, spyware, and adware, may well be automatically downloaded and installed onto your computer.
Detecting FakeAlert
The following symptoms signal that your computer is very likely to be infected with FakeAlert.
PC is working very slowly
FakeAlert can seriously slow down your computer. If your PC takes a lot longer than normal to restart or your Internet connection is extremely slow, your computer may well be infected with FakeAlert.
New desktop shortcuts have appeared or the home page has changed
FakeAlert can tamper with your Internet settings or redirect your default home page to unwanted web sites. FakeAlert may even add new shortcuts to your PC desktop.
Annoying popups keep appearing on your PC
FakeAlert may swamp your computer with pestering popup ads, even when you're not connected to the Internet, while secretly tracking your browsing habits and gathering your personal information.
E-mails that you didn't write are being sent from your mailbox
FakeAlert may gain complete control of your mailbox to generate and send e-mail with virus attachments, e-mail hoaxes, spam, and other types of unsolicited e-mail to other people.
Check now if your PC is infected with FakeAlert
Also Be Aware of the Following Threats:
Download ExterminateIt!
to instantly get rid of FakeAlert!
![[%LOCAL_APPDATA%]\VirtualStore\Windows\System32\phcruuj0ea97.bmp](file/phcruuj0ea97.bmp){kind=link}
![[%PROFILE%]\Desktopblackbird.jpg](file/Desktopblackbird.jpg){kind=link}
CURIOLAB S.M.B.A., Amagertorv 15, 2, 1160 Copenhagen K, Denmark, +45.36965533