Remove Malware and Viruses: Ezula Adware

Ezula Adware

Ezula malware description and removal detail
Categories:Adware,Hijacker,Toolbar
Also known as:
[Panda]Adware/eZula,Adware/SearchExe,Dialer.US
Visible Symptoms:
Files in system folders:[%COMMON_FAVORITES%]\amazon.com.url [%COMMON_FAVORITES%]\ebay.url [%COMMON_FAVORITES%]\links\ebay.url [%DESKTOP%]\amazon.com.url [%DESKTOP%]\amazon.url [%DESKTOP%]\ebay.url [%FAVORITES%]\amazon.com.url [%FAVORITES%]\amazon.url [%FAVORITES%]\ebay.com.url [%FAVORITES%]\ebay.url [%FAVORITES%]\expedia.com.url [%FAVORITES%]\links\amazon.com.url [%FAVORITES%]\links\amazon.url [%FAVORITES%]\links\ebay.com.url [%FAVORITES%]\links\ebay.url [%FAVORITES%]\links\expedia.url [%INTERNET_CACHE%]\content.ie5\RYS371KD\upgrade[1].vrn [%FAVORITES%]\links\amazon.com.url [%PROFILE_TEMP%]\aupd.exe [%PROFILE_TEMP%]\~nsu.tmp\Au_.exe [%PROGRAM_FILES%]\sed\uninst.exe [%PROGRAM_FILES%]\Web Offer\gendis.ez [%PROGRAM_FILES%]\Web Offer\paramp.ez [%PROGRAM_FILES%]\Web Offer\rwdsp.rst [%SYSTEM%]\antispy.exe [%SYSTEM%]\book.dll [%SYSTEM%]\cdcore.dll [%SYSTEM%]\cdrules.dll [%SYSTEM%]\cdsync.dll [%SYSTEM%]\ezpopstub.exe [%SYSTEM%]\justin.exe [%SYSTEM%]\msrev23.dll [%SYSTEM%]\msrev43.dll [%SYSTEM%]\nsb6.dll [%SYSTEM%]\nsdD8.dll [%SYSTEM%]\nse260A.dll [%SYSTEM%]\nsjD4.dll [%SYSTEM%]\nsl3F.dll [%SYSTEM%]\nsn25FE.dll [%SYSTEM%]\nsy129.dll [%SYSTEM%]\ss.dll [%SYSTEM%]\sysfile.dll [%SYSTEM%]\thin.dll [%WINDOWS%]\bsx32.ini [%WINDOWS%]\conscorr.ini [%WINDOWS%]\iconz.exe [%WINDOWS%]\Justin.exe [%WINDOWS%]\justin2a.exe [%WINDOWS%]\justin_new.exe [%WINDOWS%]\mmttil.exe [%WINDOWS%]\preinsln.exe [%WINDOWS%]\woinstall.exe [%APPDATA%]\sett.exe [%DESKTOP%]\amazon.com.url [%DESKTOP%]\amazon.url [%DESKTOP%]\bingo .lnk [%DESKTOP%]\block spyware.url [%DESKTOP%]\bsx32.ini [%DESKTOP%]\card games.lnk [%DESKTOP%]\casino online.lnk [%DESKTOP%]\cheap holiday travel.url [%DESKTOP%]\ebay.com.url [%DESKTOP%]\ebay.url [%DESKTOP%]\expedia.com.url [%DESKTOP%]\free online music.url [%DESKTOP%]\free spyware scanner.url [%DESKTOP%]\funcade_icmediax_install.exe [%DESKTOP%]\internet .lnk [%DESKTOP%]\investing .lnk [%DESKTOP%]\online dating.url [%DESKTOP%]\pacman.lnk [%DESKTOP%]\printer cartridges.lnk [%DESKTOP%]\travel .lnk [%DESKTOP%]\travel specials.url [%DESKTOP%]\website hosting.lnk [%DESKTOP%]\winsock2.reg [%FAVORITES%]\ adult entertainment\adult dvd.url [%FAVORITES%]\ adult entertainment\dating\christian dating.url [%FAVORITES%]\ adult entertainment\dating\dating agency.url [%FAVORITES%]\ adult entertainment\dating\dating service.url [%FAVORITES%]\ adult entertainment\dating\internet dating.url [%FAVORITES%]\ adult entertainment\dating\jewish dating.url [%FAVORITES%]\ adult entertainment\dating\online dating.url [%FAVORITES%]\ adult entertainment\dvd.url [%FAVORITES%]\ adult entertainment\fetish.url [%FAVORITES%]\ adult entertainment\gay.url [%FAVORITES%]\ adult entertainment\hardcore.url [%FAVORITES%]\ adult entertainment\lesbian.url [%FAVORITES%]\ adult entertainment\live video feeds.url [%FAVORITES%]\ adult entertainment\matchmaking.url [%FAVORITES%]\ adult entertainment\photos.url [%FAVORITES%]\ adult entertainment\sex movies.url [%FAVORITES%]\ adult entertainment\sex toys.url [%FAVORITES%]\ adult entertainment\shemale sex.url [%FAVORITES%]\ adult entertainment\viagra.url [%FAVORITES%]\ adult items\adult education.url [%FAVORITES%]\ adult items\adult personals.url [%FAVORITES%]\ adult items\adult toys.url [%FAVORITES%]\ adult items\breast enhancement.url [%FAVORITES%]\ adult items\buy adipex.url [%FAVORITES%]\ adult items\buy viagra.url [%FAVORITES%]\ adult items\diet pill.url [%FAVORITES%]\ adult items\penis enlargement.url [%FAVORITES%]\ adult items\personals.url [%FAVORITES%]\ computers\antivirus.url [%FAVORITES%]\ computers\communication technology.url [%FAVORITES%]\ computers\computer jobs .url [%FAVORITES%]\ computers\computer programming.url [%FAVORITES%]\ computers\domain hosting.url [%FAVORITES%]\ computers\dvd.url [%FAVORITES%]\ computers\games\computer game.url [%FAVORITES%]\ computers\games\gamecube.url [%FAVORITES%]\ computers\games\microsoft.url [%FAVORITES%]\ computers\games\playstation.url [%FAVORITES%]\ computers\games\quake.url [%FAVORITES%]\ computers\games\sega dreamcast.url [%FAVORITES%]\ computers\games\xbox.url [%FAVORITES%]\ computers\hosting.url [%FAVORITES%]\ computers\inkjet cartridge.url [%FAVORITES%]\ computers\instant messenger.url [%FAVORITES%]\ computers\internet.url [%FAVORITES%]\ computers\working from home.url [%FAVORITES%]\ dating\christian dating.url [%FAVORITES%]\ dating\dating agency.url [%FAVORITES%]\ dating\dating service.url [%FAVORITES%]\ dating\internet dating.url [%FAVORITES%]\ dating\jewish dating.url [%FAVORITES%]\ dating\online dating.url [%FAVORITES%]\ home\adjustable bed.url [%FAVORITES%]\ home\food nutrition.url [%FAVORITES%]\ home\health plan.url [%FAVORITES%]\ home\home equity loan.url [%FAVORITES%]\ home\home improvements.url [%FAVORITES%]\ home\home refinancing.url [%FAVORITES%]\ home\home security.url [%FAVORITES%]\ home\interior decorating .url [%FAVORITES%]\ home\office space.url [%FAVORITES%]\ home\outdoor cooking.url [%FAVORITES%]\ home\outdoor furniture.url [%FAVORITES%]\ home\phone system.url [%FAVORITES%]\ home\satellite television.url [%FAVORITES%]\ home\sleep aids.url [%FAVORITES%]\ home\timeshare.url [%FAVORITES%]\ home\working from home.url [%FAVORITES%]\ internet\domain registrations.url [%FAVORITES%]\ internet\education\adult education.url [%FAVORITES%]\ internet\education\book.url [%FAVORITES%]\ internet\education\college.url [%FAVORITES%]\ internet\education\community.url [%FAVORITES%]\ internet\education\education.url [%FAVORITES%]\ internet\education\essay.url [%FAVORITES%]\ internet\education\school.url [%FAVORITES%]\ internet\firewall.url [%FAVORITES%]\ internet\flowers.url [%FAVORITES%]\ internet\free long distance.url [%FAVORITES%]\ internet\hosting.url [%FAVORITES%]\ internet\internet business.url [%FAVORITES%]\ internet\investing money.url [%FAVORITES%]\ internet\jokes.url [%FAVORITES%]\ internet\newsgroup.url [%FAVORITES%]\ internet\online football games.url [%FAVORITES%]\ internet\online gaming.url [%FAVORITES%]\ internet\spyware.url [%FAVORITES%]\ internet\starting a business.url [%FAVORITES%]\ internet\web marketing.url [%FAVORITES%]\ online gaming\bingo.url [%FAVORITES%]\ online gaming\black jack poker.url [%FAVORITES%]\ online gaming\casino online.url [%FAVORITES%]\ online gaming\craps.url [%FAVORITES%]\ online gaming\gamble.url [%FAVORITES%]\ online gaming\jackpot.url [%FAVORITES%]\ online gaming\roulette gambling.url [%FAVORITES%]\ online gaming\slots.url [%FAVORITES%]\ online gaming\sport betting.url [%FAVORITES%]\ online gaming\sport book.url [%FAVORITES%]\ online gaming\time cards.url [%FAVORITES%]\ online pharmacy\buy adipex.url [%FAVORITES%]\ online pharmacy\buy celebrex.url [%FAVORITES%]\ online pharmacy\buy fidrex.url [%FAVORITES%]\ online pharmacy\buy ionamin.url [%FAVORITES%]\ online pharmacy\buy meridia .url [%FAVORITES%]\ online pharmacy\buy phentermine.url [%FAVORITES%]\ online pharmacy\buy propecia.url [%FAVORITES%]\ online pharmacy\buy soma.url [%FAVORITES%]\ online pharmacy\buy tenuate.url [%FAVORITES%]\ online pharmacy\buy ultram online.url [%FAVORITES%]\ online pharmacy\buy viagra.url [%FAVORITES%]\ online pharmacy\buy xenical.url [%FAVORITES%]\ online pharmacy\consumer consulting.url [%FAVORITES%]\ online pharmacy\doctor.url [%FAVORITES%]\ online pharmacy\mexican pharmacy.url [%FAVORITES%]\ online pharmacy\pass drug test.url [%FAVORITES%]\ online pharmacy\pet med.url [%FAVORITES%]\ online pharmacy\pharmacy online.url [%FAVORITES%]\ shopping gifts\birthday gift.url [%FAVORITES%]\ shopping gifts\cellular.url [%FAVORITES%]\ shopping gifts\christmas gift.url [%FAVORITES%]\ shopping gifts\corporate gift.url [%FAVORITES%]\ shopping gifts\digital cameras.url [%FAVORITES%]\ shopping gifts\dress fashion.url [%FAVORITES%]\ shopping gifts\dvd players.url [%FAVORITES%]\ shopping gifts\gift basket.url [%FAVORITES%]\ shopping gifts\jewelry.url [%FAVORITES%]\ shopping gifts\leather jackets.url [%FAVORITES%]\ shopping gifts\perfume.url [%FAVORITES%]\ shopping gifts\sexy lingerie.url [%FAVORITES%]\ shopping gifts\shoes.url [%FAVORITES%]\ shopping gifts\smoke shop.url [%FAVORITES%]\ shopping gifts\underwear.url [%FAVORITES%]\ shopping gifts\video surveillance.url [%FAVORITES%]\ shopping gifts\watches.url [%FAVORITES%]\ shopping gifts\wedding gifts.url [%FAVORITES%]\ shopping gifts\wine gifts.url [%FAVORITES%]\ shopping gifts\womens clothing.url [%FAVORITES%]\ travel\air travel.url [%FAVORITES%]\ travel\cancun vacation.url [%FAVORITES%]\ travel\car rental.url [%FAVORITES%]\ travel\cruises.url [%FAVORITES%]\ travel\discount travel.url [%FAVORITES%]\ travel\europe travel.url [%FAVORITES%]\ travel\family vacation.url [%FAVORITES%]\ travel\hawaii travel.url [%FAVORITES%]\ travel\hotels.url [%FAVORITES%]\ travel\las vegas hotel.url [%FAVORITES%]\ travel\london hotel.url [%FAVORITES%]\ travel\new york.url [%FAVORITES%]\ travel\orlando hotel.url [%FAVORITES%]\ travel\resort.url [%FAVORITES%]\ travel\skiing.url [%FAVORITES%]\ travel\timeshare.url [%FAVORITES%]\ travel\travel agent.url [%FAVORITES%]\ travel\travel insurance.url [%FAVORITES%]\ travel\vacation.url [%FAVORITES%]\ travel\world travel.url [%FAVORITES%]\ antivirus.url [%FAVORITES%]\ casino online.url [%FAVORITES%]\ computers.url [%FAVORITES%]\ instant messaging.url [%FAVORITES%]\ internet.url [%FAVORITES%]\ movie.url [%FAVORITES%]\ web hosting.url [%PROGRAMS%]\pacman.lnk [%PROGRAM_FILES%]\sed\se.exe [%PROGRAM_FILES%]\sed\sed.exe [%PROGRAM_FILES%]\sed\uninstall.exe [%PROGRAM_FILES%]\third close jugs\gojpuses.exe [%PROGRAM_FILES%]\third close jugs\gridtwo.exe [%PROGRAM_FILES%]\third close jugs\help anti.exe [%PROGRAM_FILES%]\third close jugs\link 01 live.exe [%PROGRAM_FILES%]\third close jugs\qiopzbor.exe [%PROGRAM_FILES%]\user hold beep\dogmfcd.exe [%PROGRAM_FILES%]\weboff~1\sepng.dll [%SYSTEM%]\amtxprxy.dll [%SYSTEM%]\aqzh0g6.exe [%SYSTEM%]\araamon.dll [%SYSTEM%]\atl76681.exe [%SYSTEM%]\auaamon.dll [%SYSTEM%]\aud.dll [%SYSTEM%]\avwav072.exe [%SYSTEM%]\bidispl9.exe [%SYSTEM%]\cdfview4.exe [%SYSTEM%]\cmpbk321.exe [%SYSTEM%]\coreak.dll [%SYSTEM%]\esad8.exe [%SYSTEM%]\hotelc.exe [%SYSTEM%]\ifojzc.exe [%SYSTEM%]\jel387h.exe [%SYSTEM%]\mmview_ouch.dll [%SYSTEM%]\nsm22.dll [%SYSTEM%]\nsu2D.dll [%SYSTEM%]\rulesak.dll [%SYSTEM%]\sicon.dll [%SYSTEM%]\splashspot games.exe [%SYSTEM%]\tfing.exe [%SYSTEM%]\updak.dll [%SYSTEM%]\vbbm8.exe [%SYSTEM%]\wrgkf2.exe [%SYSTEM%]\yzrokmen.exe [%SYSTEM%]\zibk.exe [%WINDOWS%]\cjijjom.ini [%WINDOWS%]\digital signature 20040814.htm [%COMMON_FAVORITES%]\amazon.com.url [%COMMON_FAVORITES%]\ebay.url [%COMMON_FAVORITES%]\links\ebay.url [%DESKTOP%]\amazon.com.url [%DESKTOP%]\amazon.url [%DESKTOP%]\ebay.url [%FAVORITES%]\amazon.com.url [%FAVORITES%]\amazon.url [%FAVORITES%]\ebay.com.url [%FAVORITES%]\ebay.url [%FAVORITES%]\expedia.com.url [%FAVORITES%]\links\amazon.com.url [%FAVORITES%]\links\amazon.url [%FAVORITES%]\links\ebay.com.url [%FAVORITES%]\links\ebay.url [%FAVORITES%]\links\expedia.url [%INTERNET_CACHE%]\content.ie5\RYS371KD\upgrade[1].vrn [%FAVORITES%]\links\amazon.com.url [%PROFILE_TEMP%]\aupd.exe [%PROFILE_TEMP%]\~nsu.tmp\Au_.exe [%PROGRAM_FILES%]\sed\uninst.exe [%PROGRAM_FILES%]\Web Offer\gendis.ez [%PROGRAM_FILES%]\Web Offer\paramp.ez [%PROGRAM_FILES%]\Web Offer\rwdsp.rst [%SYSTEM%]\antispy.exe [%SYSTEM%]\book.dll [%SYSTEM%]\cdcore.dll [%SYSTEM%]\cdrules.dll [%SYSTEM%]\cdsync.dll [%SYSTEM%]\ezpopstub.exe [%SYSTEM%]\justin.exe [%SYSTEM%]\msrev23.dll [%SYSTEM%]\msrev43.dll [%SYSTEM%]\nsb6.dll [%SYSTEM%]\nsdD8.dll [%SYSTEM%]\nse260A.dll [%SYSTEM%]\nsjD4.dll [%SYSTEM%]\nsl3F.dll [%SYSTEM%]\nsn25FE.dll [%SYSTEM%]\nsy129.dll [%SYSTEM%]\ss.dll [%SYSTEM%]\sysfile.dll [%SYSTEM%]\thin.dll [%WINDOWS%]\bsx32.ini [%WINDOWS%]\conscorr.ini [%WINDOWS%]\iconz.exe [%WINDOWS%]\Justin.exe [%WINDOWS%]\justin2a.exe [%WINDOWS%]\justin_new.exe [%WINDOWS%]\mmttil.exe [%WINDOWS%]\preinsln.exe [%WINDOWS%]\woinstall.exe [%APPDATA%]\sett.exe [%DESKTOP%]\amazon.com.url [%DESKTOP%]\amazon.url [%DESKTOP%]\bingo .lnk [%DESKTOP%]\block spyware.url [%DESKTOP%]\bsx32.ini [%DESKTOP%]\card games.lnk [%DESKTOP%]\casino online.lnk [%DESKTOP%]\cheap holiday travel.url [%DESKTOP%]\ebay.com.url [%DESKTOP%]\ebay.url [%DESKTOP%]\expedia.com.url [%DESKTOP%]\free online music.url [%DESKTOP%]\free spyware scanner.url [%DESKTOP%]\funcade_icmediax_install.exe [%DESKTOP%]\internet .lnk [%DESKTOP%]\investing .lnk [%DESKTOP%]\online dating.url [%DESKTOP%]\pacman.lnk [%DESKTOP%]\printer cartridges.lnk [%DESKTOP%]\travel .lnk [%DESKTOP%]\travel specials.url [%DESKTOP%]\website hosting.lnk [%DESKTOP%]\winsock2.reg [%FAVORITES%]\ adult entertainment\adult dvd.url [%FAVORITES%]\ adult entertainment\dating\christian dating.url [%FAVORITES%]\ adult entertainment\dating\dating agency.url [%FAVORITES%]\ adult entertainment\dating\dating service.url [%FAVORITES%]\ adult entertainment\dating\internet dating.url [%FAVORITES%]\ adult entertainment\dating\jewish dating.url [%FAVORITES%]\ adult entertainment\dating\online dating.url [%FAVORITES%]\ adult entertainment\dvd.url [%FAVORITES%]\ adult entertainment\fetish.url [%FAVORITES%]\ adult entertainment\gay.url [%FAVORITES%]\ adult entertainment\hardcore.url [%FAVORITES%]\ adult entertainment\lesbian.url [%FAVORITES%]\ adult entertainment\live video feeds.url [%FAVORITES%]\ adult entertainment\matchmaking.url [%FAVORITES%]\ adult entertainment\photos.url [%FAVORITES%]\ adult entertainment\sex movies.url [%FAVORITES%]\ adult entertainment\sex toys.url [%FAVORITES%]\ adult entertainment\shemale sex.url [%FAVORITES%]\ adult entertainment\viagra.url [%FAVORITES%]\ adult items\adult education.url [%FAVORITES%]\ adult items\adult personals.url [%FAVORITES%]\ adult items\adult toys.url [%FAVORITES%]\ adult items\breast enhancement.url [%FAVORITES%]\ adult items\buy adipex.url [%FAVORITES%]\ adult items\buy viagra.url [%FAVORITES%]\ adult items\diet pill.url [%FAVORITES%]\ adult items\penis enlargement.url [%FAVORITES%]\ adult items\personals.url [%FAVORITES%]\ computers\antivirus.url [%FAVORITES%]\ computers\communication technology.url [%FAVORITES%]\ computers\computer jobs .url [%FAVORITES%]\ computers\computer programming.url [%FAVORITES%]\ computers\domain hosting.url [%FAVORITES%]\ computers\dvd.url [%FAVORITES%]\ computers\games\computer game.url [%FAVORITES%]\ computers\games\gamecube.url [%FAVORITES%]\ computers\games\microsoft.url [%FAVORITES%]\ computers\games\playstation.url [%FAVORITES%]\ computers\games\quake.url [%FAVORITES%]\ computers\games\sega dreamcast.url [%FAVORITES%]\ computers\games\xbox.url [%FAVORITES%]\ computers\hosting.url [%FAVORITES%]\ computers\inkjet cartridge.url [%FAVORITES%]\ computers\instant messenger.url [%FAVORITES%]\ computers\internet.url [%FAVORITES%]\ computers\working from home.url [%FAVORITES%]\ dating\christian dating.url [%FAVORITES%]\ dating\dating agency.url [%FAVORITES%]\ dating\dating service.url [%FAVORITES%]\ dating\internet dating.url [%FAVORITES%]\ dating\jewish dating.url [%FAVORITES%]\ dating\online dating.url [%FAVORITES%]\ home\adjustable bed.url [%FAVORITES%]\ home\food nutrition.url [%FAVORITES%]\ home\health plan.url [%FAVORITES%]\ home\home equity loan.url [%FAVORITES%]\ home\home improvements.url [%FAVORITES%]\ home\home refinancing.url [%FAVORITES%]\ home\home security.url [%FAVORITES%]\ home\interior decorating .url [%FAVORITES%]\ home\office space.url [%FAVORITES%]\ home\outdoor cooking.url [%FAVORITES%]\ home\outdoor furniture.url [%FAVORITES%]\ home\phone system.url [%FAVORITES%]\ home\satellite television.url [%FAVORITES%]\ home\sleep aids.url [%FAVORITES%]\ home\timeshare.url [%FAVORITES%]\ home\working from home.url [%FAVORITES%]\ internet\domain registrations.url [%FAVORITES%]\ internet\education\adult education.url [%FAVORITES%]\ internet\education\book.url [%FAVORITES%]\ internet\education\college.url [%FAVORITES%]\ internet\education\community.url [%FAVORITES%]\ internet\education\education.url [%FAVORITES%]\ internet\education\essay.url [%FAVORITES%]\ internet\education\school.url [%FAVORITES%]\ internet\firewall.url [%FAVORITES%]\ internet\flowers.url [%FAVORITES%]\ internet\free long distance.url [%FAVORITES%]\ internet\hosting.url [%FAVORITES%]\ internet\internet business.url [%FAVORITES%]\ internet\investing money.url [%FAVORITES%]\ internet\jokes.url [%FAVORITES%]\ internet\newsgroup.url [%FAVORITES%]\ internet\online football games.url [%FAVORITES%]\ internet\online gaming.url [%FAVORITES%]\ internet\spyware.url [%FAVORITES%]\ internet\starting a business.url [%FAVORITES%]\ internet\web marketing.url [%FAVORITES%]\ online gaming\bingo.url [%FAVORITES%]\ online gaming\black jack poker.url [%FAVORITES%]\ online gaming\casino online.url [%FAVORITES%]\ online gaming\craps.url [%FAVORITES%]\ online gaming\gamble.url [%FAVORITES%]\ online gaming\jackpot.url [%FAVORITES%]\ online gaming\roulette gambling.url [%FAVORITES%]\ online gaming\slots.url [%FAVORITES%]\ online gaming\sport betting.url [%FAVORITES%]\ online gaming\sport book.url [%FAVORITES%]\ online gaming\time cards.url [%FAVORITES%]\ online pharmacy\buy adipex.url [%FAVORITES%]\ online pharmacy\buy celebrex.url [%FAVORITES%]\ online pharmacy\buy fidrex.url [%FAVORITES%]\ online pharmacy\buy ionamin.url [%FAVORITES%]\ online pharmacy\buy meridia .url [%FAVORITES%]\ online pharmacy\buy phentermine.url [%FAVORITES%]\ online pharmacy\buy propecia.url [%FAVORITES%]\ online pharmacy\buy soma.url [%FAVORITES%]\ online pharmacy\buy tenuate.url [%FAVORITES%]\ online pharmacy\buy ultram online.url [%FAVORITES%]\ online pharmacy\buy viagra.url [%FAVORITES%]\ online pharmacy\buy xenical.url [%FAVORITES%]\ online pharmacy\consumer consulting.url [%FAVORITES%]\ online pharmacy\doctor.url [%FAVORITES%]\ online pharmacy\mexican pharmacy.url [%FAVORITES%]\ online pharmacy\pass drug test.url [%FAVORITES%]\ online pharmacy\pet med.url [%FAVORITES%]\ online pharmacy\pharmacy online.url [%FAVORITES%]\ shopping gifts\birthday gift.url [%FAVORITES%]\ shopping gifts\cellular.url [%FAVORITES%]\ shopping gifts\christmas gift.url [%FAVORITES%]\ shopping gifts\corporate gift.url [%FAVORITES%]\ shopping gifts\digital cameras.url [%FAVORITES%]\ shopping gifts\dress fashion.url [%FAVORITES%]\ shopping gifts\dvd players.url [%FAVORITES%]\ shopping gifts\gift basket.url [%FAVORITES%]\ shopping gifts\jewelry.url [%FAVORITES%]\ shopping gifts\leather jackets.url [%FAVORITES%]\ shopping gifts\perfume.url [%FAVORITES%]\ shopping gifts\sexy lingerie.url [%FAVORITES%]\ shopping gifts\shoes.url [%FAVORITES%]\ shopping gifts\smoke shop.url [%FAVORITES%]\ shopping gifts\underwear.url [%FAVORITES%]\ shopping gifts\video surveillance.url [%FAVORITES%]\ shopping gifts\watches.url [%FAVORITES%]\ shopping gifts\wedding gifts.url [%FAVORITES%]\ shopping gifts\wine gifts.url [%FAVORITES%]\ shopping gifts\womens clothing.url [%FAVORITES%]\ travel\air travel.url [%FAVORITES%]\ travel\cancun vacation.url [%FAVORITES%]\ travel\car rental.url [%FAVORITES%]\ travel\cruises.url [%FAVORITES%]\ travel\discount travel.url [%FAVORITES%]\ travel\europe travel.url [%FAVORITES%]\ travel\family vacation.url [%FAVORITES%]\ travel\hawaii travel.url [%FAVORITES%]\ travel\hotels.url [%FAVORITES%]\ travel\las vegas hotel.url [%FAVORITES%]\ travel\london hotel.url [%FAVORITES%]\ travel\new york.url [%FAVORITES%]\ travel\orlando hotel.url [%FAVORITES%]\ travel\resort.url [%FAVORITES%]\ travel\skiing.url [%FAVORITES%]\ travel\timeshare.url [%FAVORITES%]\ travel\travel agent.url [%FAVORITES%]\ travel\travel insurance.url [%FAVORITES%]\ travel\vacation.url [%FAVORITES%]\ travel\world travel.url [%FAVORITES%]\ antivirus.url [%FAVORITES%]\ casino online.url [%FAVORITES%]\ computers.url [%FAVORITES%]\ instant messaging.url [%FAVORITES%]\ internet.url [%FAVORITES%]\ movie.url [%FAVORITES%]\ web hosting.url [%PROGRAMS%]\pacman.lnk [%PROGRAM_FILES%]\sed\se.exe [%PROGRAM_FILES%]\sed\sed.exe [%PROGRAM_FILES%]\sed\uninstall.exe [%PROGRAM_FILES%]\third close jugs\gojpuses.exe [%PROGRAM_FILES%]\third close jugs\gridtwo.exe [%PROGRAM_FILES%]\third close jugs\help anti.exe [%PROGRAM_FILES%]\third close jugs\link 01 live.exe [%PROGRAM_FILES%]\third close jugs\qiopzbor.exe [%PROGRAM_FILES%]\user hold beep\dogmfcd.exe [%PROGRAM_FILES%]\weboff~1\sepng.dll [%SYSTEM%]\amtxprxy.dll [%SYSTEM%]\aqzh0g6.exe [%SYSTEM%]\araamon.dll [%SYSTEM%]\atl76681.exe [%SYSTEM%]\auaamon.dll [%SYSTEM%]\aud.dll [%SYSTEM%]\avwav072.exe [%SYSTEM%]\bidispl9.exe [%SYSTEM%]\cdfview4.exe [%SYSTEM%]\cmpbk321.exe [%SYSTEM%]\coreak.dll [%SYSTEM%]\esad8.exe [%SYSTEM%]\hotelc.exe [%SYSTEM%]\ifojzc.exe [%SYSTEM%]\jel387h.exe [%SYSTEM%]\mmview_ouch.dll [%SYSTEM%]\nsm22.dll [%SYSTEM%]\nsu2D.dll [%SYSTEM%]\rulesak.dll [%SYSTEM%]\sicon.dll [%SYSTEM%]\splashspot games.exe [%SYSTEM%]\tfing.exe [%SYSTEM%]\updak.dll [%SYSTEM%]\vbbm8.exe [%SYSTEM%]\wrgkf2.exe [%SYSTEM%]\yzrokmen.exe [%SYSTEM%]\zibk.exe [%WINDOWS%]\cjijjom.ini [%WINDOWS%]\digital signature 20040814.htm

In order to ensure that the Ezula is launched automatically each time the system is booted, the Ezula adds a link to its executable file in the system registry:
HKLM\Microsoft\Windows\CurrentVersion\Run [%PROFILE_TEMP%]\aupd.exe [%PROFILE_TEMP%]\~nsu.tmp\Au_.exe [%PROGRAM_FILES%]\sed\uninst.exe [%SYSTEM%]\antispy.exe [%SYSTEM%]\ezpopstub.exe [%SYSTEM%]\justin.exe [%WINDOWS%]\iconz.exe [%WINDOWS%]\Justin.exe [%WINDOWS%]\justin2a.exe [%WINDOWS%]\justin_new.exe [%WINDOWS%]\mmttil.exe [%WINDOWS%]\preinsln.exe [%WINDOWS%]\woinstall.exe [%APPDATA%]\sett.exe [%DESKTOP%]\funcade_icmediax_install.exe [%PROGRAM_FILES%]\sed\se.exe [%PROGRAM_FILES%]\sed\sed.exe [%PROGRAM_FILES%]\sed\uninstall.exe [%PROGRAM_FILES%]\third close jugs\gojpuses.exe [%PROGRAM_FILES%]\third close jugs\gridtwo.exe [%PROGRAM_FILES%]\third close jugs\help anti.exe [%PROGRAM_FILES%]\third close jugs\link 01 live.exe [%PROGRAM_FILES%]\third close jugs\qiopzbor.exe [%PROGRAM_FILES%]\user hold beep\dogmfcd.exe [%SYSTEM%]\aqzh0g6.exe [%SYSTEM%]\atl76681.exe [%SYSTEM%]\avwav072.exe [%SYSTEM%]\bidispl9.exe [%SYSTEM%]\cdfview4.exe [%SYSTEM%]\cmpbk321.exe [%SYSTEM%]\esad8.exe [%SYSTEM%]\hotelc.exe [%SYSTEM%]\ifojzc.exe [%SYSTEM%]\jel387h.exe [%SYSTEM%]\splashspot games.exe [%SYSTEM%]\tfing.exe [%SYSTEM%]\vbbm8.exe [%SYSTEM%]\wrgkf2.exe [%SYSTEM%]\yzrokmen.exe [%SYSTEM%]\zibk.exe

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

 
Detecting Ezula:
  Files:  
[%COMMON_FAVORITES%]\amazon.com.url
[%COMMON_FAVORITES%]\ebay.url
[%COMMON_FAVORITES%]\links\ebay.url
[%DESKTOP%]\amazon.com.url
[%DESKTOP%]\amazon.url
[%DESKTOP%]\ebay.url
[%FAVORITES%]\amazon.com.url
[%FAVORITES%]\amazon.url
[%FAVORITES%]\ebay.com.url
[%FAVORITES%]\ebay.url
[%FAVORITES%]\expedia.com.url
[%FAVORITES%]\links\amazon.com.url
[%FAVORITES%]\links\amazon.url
[%FAVORITES%]\links\ebay.com.url
[%FAVORITES%]\links\ebay.url
[%FAVORITES%]\links\expedia.url
[%INTERNET_CACHE%]\content.ie5\RYS371KD\upgrade[1].vrn
[%FAVORITES%]\links\amazon.com.url
[%PROFILE_TEMP%]\aupd.exe
[%PROFILE_TEMP%]\~nsu.tmp\Au_.exe
[%PROGRAM_FILES%]\sed\uninst.exe
[%PROGRAM_FILES%]\Web Offer\gendis.ez
[%PROGRAM_FILES%]\Web Offer\paramp.ez
[%PROGRAM_FILES%]\Web Offer\rwdsp.rst
[%SYSTEM%]\antispy.exe
[%SYSTEM%]\book.dll
[%SYSTEM%]\cdcore.dll
[%SYSTEM%]\cdrules.dll
[%SYSTEM%]\cdsync.dll
[%SYSTEM%]\ezpopstub.exe
[%SYSTEM%]\justin.exe
[%SYSTEM%]\msrev23.dll
[%SYSTEM%]\msrev43.dll
[%SYSTEM%]\nsb6.dll
[%SYSTEM%]\nsdD8.dll
[%SYSTEM%]\nse260A.dll
[%SYSTEM%]\nsjD4.dll
[%SYSTEM%]\nsl3F.dll
[%SYSTEM%]\nsn25FE.dll
[%SYSTEM%]\nsy129.dll
[%SYSTEM%]\ss.dll
[%SYSTEM%]\sysfile.dll
[%SYSTEM%]\thin.dll
[%WINDOWS%]\bsx32.ini
[%WINDOWS%]\conscorr.ini
[%WINDOWS%]\iconz.exe
[%WINDOWS%]\Justin.exe
[%WINDOWS%]\justin2a.exe
[%WINDOWS%]\justin_new.exe
[%WINDOWS%]\mmttil.exe
[%WINDOWS%]\preinsln.exe
[%WINDOWS%]\woinstall.exe
[%APPDATA%]\sett.exe
[%DESKTOP%]\amazon.com.url
[%DESKTOP%]\amazon.url
[%DESKTOP%]\bingo .lnk
[%DESKTOP%]\block spyware.url
[%DESKTOP%]\bsx32.ini
[%DESKTOP%]\card  games.lnk
[%DESKTOP%]\casino  online.lnk
[%DESKTOP%]\cheap holiday travel.url
[%DESKTOP%]\ebay.com.url
[%DESKTOP%]\ebay.url
[%DESKTOP%]\expedia.com.url
[%DESKTOP%]\free online music.url
[%DESKTOP%]\free spyware scanner.url
[%DESKTOP%]\funcade_icmediax_install.exe
[%DESKTOP%]\internet .lnk
[%DESKTOP%]\investing .lnk
[%DESKTOP%]\online dating.url
[%DESKTOP%]\pacman.lnk
[%DESKTOP%]\printer  cartridges.lnk
[%DESKTOP%]\travel .lnk
[%DESKTOP%]\travel specials.url
[%DESKTOP%]\website  hosting.lnk
[%DESKTOP%]\winsock2.reg
[%FAVORITES%]\  adult entertainment\adult dvd.url
[%FAVORITES%]\  adult entertainment\dating\christian dating.url
[%FAVORITES%]\  adult entertainment\dating\dating agency.url
[%FAVORITES%]\  adult entertainment\dating\dating service.url
[%FAVORITES%]\  adult entertainment\dating\internet dating.url
[%FAVORITES%]\  adult entertainment\dating\jewish dating.url
[%FAVORITES%]\  adult entertainment\dating\online dating.url
[%FAVORITES%]\  adult entertainment\dvd.url
[%FAVORITES%]\  adult entertainment\fetish.url
[%FAVORITES%]\  adult entertainment\gay.url
[%FAVORITES%]\  adult entertainment\hardcore.url
[%FAVORITES%]\  adult entertainment\lesbian.url
[%FAVORITES%]\  adult entertainment\live video feeds.url
[%FAVORITES%]\  adult entertainment\matchmaking.url
[%FAVORITES%]\  adult entertainment\photos.url
[%FAVORITES%]\  adult entertainment\sex movies.url
[%FAVORITES%]\  adult entertainment\sex toys.url
[%FAVORITES%]\  adult entertainment\shemale sex.url
[%FAVORITES%]\  adult entertainment\viagra.url
[%FAVORITES%]\  adult items\adult education.url
[%FAVORITES%]\  adult items\adult personals.url
[%FAVORITES%]\  adult items\adult toys.url
[%FAVORITES%]\  adult items\breast enhancement.url
[%FAVORITES%]\  adult items\buy adipex.url
[%FAVORITES%]\  adult items\buy viagra.url
[%FAVORITES%]\  adult items\diet pill.url
[%FAVORITES%]\  adult items\penis enlargement.url
[%FAVORITES%]\  adult items\personals.url
[%FAVORITES%]\  computers\antivirus.url
[%FAVORITES%]\  computers\communication technology.url
[%FAVORITES%]\  computers\computer jobs .url
[%FAVORITES%]\  computers\computer programming.url
[%FAVORITES%]\  computers\domain hosting.url
[%FAVORITES%]\  computers\dvd.url
[%FAVORITES%]\  computers\games\computer game.url
[%FAVORITES%]\  computers\games\gamecube.url
[%FAVORITES%]\  computers\games\microsoft.url
[%FAVORITES%]\  computers\games\playstation.url
[%FAVORITES%]\  computers\games\quake.url
[%FAVORITES%]\  computers\games\sega dreamcast.url
[%FAVORITES%]\  computers\games\xbox.url
[%FAVORITES%]\  computers\hosting.url
[%FAVORITES%]\  computers\inkjet cartridge.url
[%FAVORITES%]\  computers\instant messenger.url
[%FAVORITES%]\  computers\internet.url
[%FAVORITES%]\  computers\working from home.url
[%FAVORITES%]\  dating\christian dating.url
[%FAVORITES%]\  dating\dating agency.url
[%FAVORITES%]\  dating\dating service.url
[%FAVORITES%]\  dating\internet dating.url
[%FAVORITES%]\  dating\jewish dating.url
[%FAVORITES%]\  dating\online dating.url
[%FAVORITES%]\  home\adjustable bed.url
[%FAVORITES%]\  home\food nutrition.url
[%FAVORITES%]\  home\health plan.url
[%FAVORITES%]\  home\home equity loan.url
[%FAVORITES%]\  home\home improvements.url
[%FAVORITES%]\  home\home refinancing.url
[%FAVORITES%]\  home\home security.url
[%FAVORITES%]\  home\interior decorating .url
[%FAVORITES%]\  home\office space.url
[%FAVORITES%]\  home\outdoor cooking.url
[%FAVORITES%]\  home\outdoor furniture.url
[%FAVORITES%]\  home\phone system.url
[%FAVORITES%]\  home\satellite television.url
[%FAVORITES%]\  home\sleep aids.url
[%FAVORITES%]\  home\timeshare.url
[%FAVORITES%]\  home\working from home.url
[%FAVORITES%]\  internet\domain registrations.url
[%FAVORITES%]\  internet\education\adult education.url
[%FAVORITES%]\  internet\education\book.url
[%FAVORITES%]\  internet\education\college.url
[%FAVORITES%]\  internet\education\community.url
[%FAVORITES%]\  internet\education\education.url
[%FAVORITES%]\  internet\education\essay.url
[%FAVORITES%]\  internet\education\school.url
[%FAVORITES%]\  internet\firewall.url
[%FAVORITES%]\  internet\flowers.url
[%FAVORITES%]\  internet\free long distance.url
[%FAVORITES%]\  internet\hosting.url
[%FAVORITES%]\  internet\internet business.url
[%FAVORITES%]\  internet\investing money.url
[%FAVORITES%]\  internet\jokes.url
[%FAVORITES%]\  internet\newsgroup.url
[%FAVORITES%]\  internet\online football games.url
[%FAVORITES%]\  internet\online gaming.url
[%FAVORITES%]\  internet\spyware.url
[%FAVORITES%]\  internet\starting a business.url
[%FAVORITES%]\  internet\web marketing.url
[%FAVORITES%]\  online gaming\bingo.url
[%FAVORITES%]\  online gaming\black jack poker.url
[%FAVORITES%]\  online gaming\casino online.url
[%FAVORITES%]\  online gaming\craps.url
[%FAVORITES%]\  online gaming\gamble.url
[%FAVORITES%]\  online gaming\jackpot.url
[%FAVORITES%]\  online gaming\roulette gambling.url
[%FAVORITES%]\  online gaming\slots.url
[%FAVORITES%]\  online gaming\sport betting.url
[%FAVORITES%]\  online gaming\sport book.url
[%FAVORITES%]\  online gaming\time cards.url
[%FAVORITES%]\  online pharmacy\buy adipex.url
[%FAVORITES%]\  online pharmacy\buy celebrex.url
[%FAVORITES%]\  online pharmacy\buy fidrex.url
[%FAVORITES%]\  online pharmacy\buy ionamin.url
[%FAVORITES%]\  online pharmacy\buy meridia .url
[%FAVORITES%]\  online pharmacy\buy phentermine.url
[%FAVORITES%]\  online pharmacy\buy propecia.url
[%FAVORITES%]\  online pharmacy\buy soma.url
[%FAVORITES%]\  online pharmacy\buy tenuate.url
[%FAVORITES%]\  online pharmacy\buy ultram online.url
[%FAVORITES%]\  online pharmacy\buy viagra.url
[%FAVORITES%]\  online pharmacy\buy xenical.url
[%FAVORITES%]\  online pharmacy\consumer consulting.url
[%FAVORITES%]\  online pharmacy\doctor.url
[%FAVORITES%]\  online pharmacy\mexican pharmacy.url
[%FAVORITES%]\  online pharmacy\pass drug test.url
[%FAVORITES%]\  online pharmacy\pet med.url
[%FAVORITES%]\  online pharmacy\pharmacy online.url
[%FAVORITES%]\  shopping gifts\birthday gift.url
[%FAVORITES%]\  shopping gifts\cellular.url
[%FAVORITES%]\  shopping gifts\christmas gift.url
[%FAVORITES%]\  shopping gifts\corporate gift.url
[%FAVORITES%]\  shopping gifts\digital cameras.url
[%FAVORITES%]\  shopping gifts\dress fashion.url
[%FAVORITES%]\  shopping gifts\dvd players.url
[%FAVORITES%]\  shopping gifts\gift basket.url
[%FAVORITES%]\  shopping gifts\jewelry.url
[%FAVORITES%]\  shopping gifts\leather jackets.url
[%FAVORITES%]\  shopping gifts\perfume.url
[%FAVORITES%]\  shopping gifts\sexy lingerie.url
[%FAVORITES%]\  shopping gifts\shoes.url
[%FAVORITES%]\  shopping gifts\smoke shop.url
[%FAVORITES%]\  shopping gifts\underwear.url
[%FAVORITES%]\  shopping gifts\video surveillance.url
[%FAVORITES%]\  shopping gifts\watches.url
[%FAVORITES%]\  shopping gifts\wedding gifts.url
[%FAVORITES%]\  shopping gifts\wine gifts.url
[%FAVORITES%]\  shopping gifts\womens clothing.url
[%FAVORITES%]\  travel\air travel.url
[%FAVORITES%]\  travel\cancun vacation.url
[%FAVORITES%]\  travel\car rental.url
[%FAVORITES%]\  travel\cruises.url
[%FAVORITES%]\  travel\discount travel.url
[%FAVORITES%]\  travel\europe travel.url
[%FAVORITES%]\  travel\family vacation.url
[%FAVORITES%]\  travel\hawaii travel.url
[%FAVORITES%]\  travel\hotels.url
[%FAVORITES%]\  travel\las vegas hotel.url
[%FAVORITES%]\  travel\london hotel.url
[%FAVORITES%]\  travel\new york.url
[%FAVORITES%]\  travel\orlando hotel.url
[%FAVORITES%]\  travel\resort.url
[%FAVORITES%]\  travel\skiing.url
[%FAVORITES%]\  travel\timeshare.url
[%FAVORITES%]\  travel\travel agent.url
[%FAVORITES%]\  travel\travel insurance.url
[%FAVORITES%]\  travel\vacation.url
[%FAVORITES%]\  travel\world travel.url
[%FAVORITES%]\ antivirus.url
[%FAVORITES%]\ casino online.url
[%FAVORITES%]\ computers.url
[%FAVORITES%]\ instant messaging.url
[%FAVORITES%]\ internet.url
[%FAVORITES%]\ movie.url
[%FAVORITES%]\ web hosting.url
[%PROGRAMS%]\pacman.lnk
[%PROGRAM_FILES%]\sed\se.exe
[%PROGRAM_FILES%]\sed\sed.exe
[%PROGRAM_FILES%]\sed\uninstall.exe
[%PROGRAM_FILES%]\third close jugs\gojpuses.exe
[%PROGRAM_FILES%]\third close jugs\gridtwo.exe
[%PROGRAM_FILES%]\third close jugs\help anti.exe
[%PROGRAM_FILES%]\third close jugs\link 01 live.exe
[%PROGRAM_FILES%]\third close jugs\qiopzbor.exe
[%PROGRAM_FILES%]\user hold beep\dogmfcd.exe
[%PROGRAM_FILES%]\weboff~1\sepng.dll
[%SYSTEM%]\amtxprxy.dll
[%SYSTEM%]\aqzh0g6.exe
[%SYSTEM%]\araamon.dll
[%SYSTEM%]\atl76681.exe
[%SYSTEM%]\auaamon.dll
[%SYSTEM%]\aud.dll
[%SYSTEM%]\avwav072.exe
[%SYSTEM%]\bidispl9.exe
[%SYSTEM%]\cdfview4.exe
[%SYSTEM%]\cmpbk321.exe
[%SYSTEM%]\coreak.dll
[%SYSTEM%]\esad8.exe
[%SYSTEM%]\hotelc.exe
[%SYSTEM%]\ifojzc.exe
[%SYSTEM%]\jel387h.exe
[%SYSTEM%]\mmview_ouch.dll
[%SYSTEM%]\nsm22.dll
[%SYSTEM%]\nsu2D.dll
[%SYSTEM%]\rulesak.dll
[%SYSTEM%]\sicon.dll
[%SYSTEM%]\splashspot games.exe
[%SYSTEM%]\tfing.exe
[%SYSTEM%]\updak.dll
[%SYSTEM%]\vbbm8.exe
[%SYSTEM%]\wrgkf2.exe
[%SYSTEM%]\yzrokmen.exe
[%SYSTEM%]\zibk.exe
[%WINDOWS%]\cjijjom.ini
[%WINDOWS%]\digital signature 20040814.htm
[%COMMON_FAVORITES%]\amazon.com.url
[%COMMON_FAVORITES%]\ebay.url
[%COMMON_FAVORITES%]\links\ebay.url
[%DESKTOP%]\amazon.com.url
[%DESKTOP%]\amazon.url
[%DESKTOP%]\ebay.url
[%FAVORITES%]\amazon.com.url
[%FAVORITES%]\amazon.url
[%FAVORITES%]\ebay.com.url
[%FAVORITES%]\ebay.url
[%FAVORITES%]\expedia.com.url
[%FAVORITES%]\links\amazon.com.url
[%FAVORITES%]\links\amazon.url
[%FAVORITES%]\links\ebay.com.url
[%FAVORITES%]\links\ebay.url
[%FAVORITES%]\links\expedia.url
[%INTERNET_CACHE%]\content.ie5\RYS371KD\upgrade[1].vrn
[%FAVORITES%]\links\amazon.com.url
[%PROFILE_TEMP%]\aupd.exe
[%PROFILE_TEMP%]\~nsu.tmp\Au_.exe
[%PROGRAM_FILES%]\sed\uninst.exe
[%PROGRAM_FILES%]\Web Offer\gendis.ez
[%PROGRAM_FILES%]\Web Offer\paramp.ez
[%PROGRAM_FILES%]\Web Offer\rwdsp.rst
[%SYSTEM%]\antispy.exe
[%SYSTEM%]\book.dll
[%SYSTEM%]\cdcore.dll
[%SYSTEM%]\cdrules.dll
[%SYSTEM%]\cdsync.dll
[%SYSTEM%]\ezpopstub.exe
[%SYSTEM%]\justin.exe
[%SYSTEM%]\msrev23.dll
[%SYSTEM%]\msrev43.dll
[%SYSTEM%]\nsb6.dll
[%SYSTEM%]\nsdD8.dll
[%SYSTEM%]\nse260A.dll
[%SYSTEM%]\nsjD4.dll
[%SYSTEM%]\nsl3F.dll
[%SYSTEM%]\nsn25FE.dll
[%SYSTEM%]\nsy129.dll
[%SYSTEM%]\ss.dll
[%SYSTEM%]\sysfile.dll
[%SYSTEM%]\thin.dll
[%WINDOWS%]\bsx32.ini
[%WINDOWS%]\conscorr.ini
[%WINDOWS%]\iconz.exe
[%WINDOWS%]\Justin.exe
[%WINDOWS%]\justin2a.exe
[%WINDOWS%]\justin_new.exe
[%WINDOWS%]\mmttil.exe
[%WINDOWS%]\preinsln.exe
[%WINDOWS%]\woinstall.exe
[%APPDATA%]\sett.exe
[%DESKTOP%]\amazon.com.url
[%DESKTOP%]\amazon.url
[%DESKTOP%]\bingo .lnk
[%DESKTOP%]\block spyware.url
[%DESKTOP%]\bsx32.ini
[%DESKTOP%]\card  games.lnk
[%DESKTOP%]\casino  online.lnk
[%DESKTOP%]\cheap holiday travel.url
[%DESKTOP%]\ebay.com.url
[%DESKTOP%]\ebay.url
[%DESKTOP%]\expedia.com.url
[%DESKTOP%]\free online music.url
[%DESKTOP%]\free spyware scanner.url
[%DESKTOP%]\funcade_icmediax_install.exe
[%DESKTOP%]\internet .lnk
[%DESKTOP%]\investing .lnk
[%DESKTOP%]\online dating.url
[%DESKTOP%]\pacman.lnk
[%DESKTOP%]\printer  cartridges.lnk
[%DESKTOP%]\travel .lnk
[%DESKTOP%]\travel specials.url
[%DESKTOP%]\website  hosting.lnk
[%DESKTOP%]\winsock2.reg
[%FAVORITES%]\  adult entertainment\adult dvd.url
[%FAVORITES%]\  adult entertainment\dating\christian dating.url
[%FAVORITES%]\  adult entertainment\dating\dating agency.url
[%FAVORITES%]\  adult entertainment\dating\dating service.url
[%FAVORITES%]\  adult entertainment\dating\internet dating.url
[%FAVORITES%]\  adult entertainment\dating\jewish dating.url
[%FAVORITES%]\  adult entertainment\dating\online dating.url
[%FAVORITES%]\  adult entertainment\dvd.url
[%FAVORITES%]\  adult entertainment\fetish.url
[%FAVORITES%]\  adult entertainment\gay.url
[%FAVORITES%]\  adult entertainment\hardcore.url
[%FAVORITES%]\  adult entertainment\lesbian.url
[%FAVORITES%]\  adult entertainment\live video feeds.url
[%FAVORITES%]\  adult entertainment\matchmaking.url
[%FAVORITES%]\  adult entertainment\photos.url
[%FAVORITES%]\  adult entertainment\sex movies.url
[%FAVORITES%]\  adult entertainment\sex toys.url
[%FAVORITES%]\  adult entertainment\shemale sex.url
[%FAVORITES%]\  adult entertainment\viagra.url
[%FAVORITES%]\  adult items\adult education.url
[%FAVORITES%]\  adult items\adult personals.url
[%FAVORITES%]\  adult items\adult toys.url
[%FAVORITES%]\  adult items\breast enhancement.url
[%FAVORITES%]\  adult items\buy adipex.url
[%FAVORITES%]\  adult items\buy viagra.url
[%FAVORITES%]\  adult items\diet pill.url
[%FAVORITES%]\  adult items\penis enlargement.url
[%FAVORITES%]\  adult items\personals.url
[%FAVORITES%]\  computers\antivirus.url
[%FAVORITES%]\  computers\communication technology.url
[%FAVORITES%]\  computers\computer jobs .url
[%FAVORITES%]\  computers\computer programming.url
[%FAVORITES%]\  computers\domain hosting.url
[%FAVORITES%]\  computers\dvd.url
[%FAVORITES%]\  computers\games\computer game.url
[%FAVORITES%]\  computers\games\gamecube.url
[%FAVORITES%]\  computers\games\microsoft.url
[%FAVORITES%]\  computers\games\playstation.url
[%FAVORITES%]\  computers\games\quake.url
[%FAVORITES%]\  computers\games\sega dreamcast.url
[%FAVORITES%]\  computers\games\xbox.url
[%FAVORITES%]\  computers\hosting.url
[%FAVORITES%]\  computers\inkjet cartridge.url
[%FAVORITES%]\  computers\instant messenger.url
[%FAVORITES%]\  computers\internet.url
[%FAVORITES%]\  computers\working from home.url
[%FAVORITES%]\  dating\christian dating.url
[%FAVORITES%]\  dating\dating agency.url
[%FAVORITES%]\  dating\dating service.url
[%FAVORITES%]\  dating\internet dating.url
[%FAVORITES%]\  dating\jewish dating.url
[%FAVORITES%]\  dating\online dating.url
[%FAVORITES%]\  home\adjustable bed.url
[%FAVORITES%]\  home\food nutrition.url
[%FAVORITES%]\  home\health plan.url
[%FAVORITES%]\  home\home equity loan.url
[%FAVORITES%]\  home\home improvements.url
[%FAVORITES%]\  home\home refinancing.url
[%FAVORITES%]\  home\home security.url
[%FAVORITES%]\  home\interior decorating .url
[%FAVORITES%]\  home\office space.url
[%FAVORITES%]\  home\outdoor cooking.url
[%FAVORITES%]\  home\outdoor furniture.url
[%FAVORITES%]\  home\phone system.url
[%FAVORITES%]\  home\satellite television.url
[%FAVORITES%]\  home\sleep aids.url
[%FAVORITES%]\  home\timeshare.url
[%FAVORITES%]\  home\working from home.url
[%FAVORITES%]\  internet\domain registrations.url
[%FAVORITES%]\  internet\education\adult education.url
[%FAVORITES%]\  internet\education\book.url
[%FAVORITES%]\  internet\education\college.url
[%FAVORITES%]\  internet\education\community.url
[%FAVORITES%]\  internet\education\education.url
[%FAVORITES%]\  internet\education\essay.url
[%FAVORITES%]\  internet\education\school.url
[%FAVORITES%]\  internet\firewall.url
[%FAVORITES%]\  internet\flowers.url
[%FAVORITES%]\  internet\free long distance.url
[%FAVORITES%]\  internet\hosting.url
[%FAVORITES%]\  internet\internet business.url
[%FAVORITES%]\  internet\investing money.url
[%FAVORITES%]\  internet\jokes.url
[%FAVORITES%]\  internet\newsgroup.url
[%FAVORITES%]\  internet\online football games.url
[%FAVORITES%]\  internet\online gaming.url
[%FAVORITES%]\  internet\spyware.url
[%FAVORITES%]\  internet\starting a business.url
[%FAVORITES%]\  internet\web marketing.url
[%FAVORITES%]\  online gaming\bingo.url
[%FAVORITES%]\  online gaming\black jack poker.url
[%FAVORITES%]\  online gaming\casino online.url
[%FAVORITES%]\  online gaming\craps.url
[%FAVORITES%]\  online gaming\gamble.url
[%FAVORITES%]\  online gaming\jackpot.url
[%FAVORITES%]\  online gaming\roulette gambling.url
[%FAVORITES%]\  online gaming\slots.url
[%FAVORITES%]\  online gaming\sport betting.url
[%FAVORITES%]\  online gaming\sport book.url
[%FAVORITES%]\  online gaming\time cards.url
[%FAVORITES%]\  online pharmacy\buy adipex.url
[%FAVORITES%]\  online pharmacy\buy celebrex.url
[%FAVORITES%]\  online pharmacy\buy fidrex.url
[%FAVORITES%]\  online pharmacy\buy ionamin.url
[%FAVORITES%]\  online pharmacy\buy meridia .url
[%FAVORITES%]\  online pharmacy\buy phentermine.url
[%FAVORITES%]\  online pharmacy\buy propecia.url
[%FAVORITES%]\  online pharmacy\buy soma.url
[%FAVORITES%]\  online pharmacy\buy tenuate.url
[%FAVORITES%]\  online pharmacy\buy ultram online.url
[%FAVORITES%]\  online pharmacy\buy viagra.url
[%FAVORITES%]\  online pharmacy\buy xenical.url
[%FAVORITES%]\  online pharmacy\consumer consulting.url
[%FAVORITES%]\  online pharmacy\doctor.url
[%FAVORITES%]\  online pharmacy\mexican pharmacy.url
[%FAVORITES%]\  online pharmacy\pass drug test.url
[%FAVORITES%]\  online pharmacy\pet med.url
[%FAVORITES%]\  online pharmacy\pharmacy online.url
[%FAVORITES%]\  shopping gifts\birthday gift.url
[%FAVORITES%]\  shopping gifts\cellular.url
[%FAVORITES%]\  shopping gifts\christmas gift.url
[%FAVORITES%]\  shopping gifts\corporate gift.url
[%FAVORITES%]\  shopping gifts\digital cameras.url
[%FAVORITES%]\  shopping gifts\dress fashion.url
[%FAVORITES%]\  shopping gifts\dvd players.url
[%FAVORITES%]\  shopping gifts\gift basket.url
[%FAVORITES%]\  shopping gifts\jewelry.url
[%FAVORITES%]\  shopping gifts\leather jackets.url
[%FAVORITES%]\  shopping gifts\perfume.url
[%FAVORITES%]\  shopping gifts\sexy lingerie.url
[%FAVORITES%]\  shopping gifts\shoes.url
[%FAVORITES%]\  shopping gifts\smoke shop.url
[%FAVORITES%]\  shopping gifts\underwear.url
[%FAVORITES%]\  shopping gifts\video surveillance.url
[%FAVORITES%]\  shopping gifts\watches.url
[%FAVORITES%]\  shopping gifts\wedding gifts.url
[%FAVORITES%]\  shopping gifts\wine gifts.url
[%FAVORITES%]\  shopping gifts\womens clothing.url
[%FAVORITES%]\  travel\air travel.url
[%FAVORITES%]\  travel\cancun vacation.url
[%FAVORITES%]\  travel\car rental.url
[%FAVORITES%]\  travel\cruises.url
[%FAVORITES%]\  travel\discount travel.url
[%FAVORITES%]\  travel\europe travel.url
[%FAVORITES%]\  travel\family vacation.url
[%FAVORITES%]\  travel\hawaii travel.url
[%FAVORITES%]\  travel\hotels.url
[%FAVORITES%]\  travel\las vegas hotel.url
[%FAVORITES%]\  travel\london hotel.url
[%FAVORITES%]\  travel\new york.url
[%FAVORITES%]\  travel\orlando hotel.url
[%FAVORITES%]\  travel\resort.url
[%FAVORITES%]\  travel\skiing.url
[%FAVORITES%]\  travel\timeshare.url
[%FAVORITES%]\  travel\travel agent.url
[%FAVORITES%]\  travel\travel insurance.url
[%FAVORITES%]\  travel\vacation.url
[%FAVORITES%]\  travel\world travel.url
[%FAVORITES%]\ antivirus.url
[%FAVORITES%]\ casino online.url
[%FAVORITES%]\ computers.url
[%FAVORITES%]\ instant messaging.url
[%FAVORITES%]\ internet.url
[%FAVORITES%]\ movie.url
[%FAVORITES%]\ web hosting.url
[%PROGRAMS%]\pacman.lnk
[%PROGRAM_FILES%]\sed\se.exe
[%PROGRAM_FILES%]\sed\sed.exe
[%PROGRAM_FILES%]\sed\uninstall.exe
[%PROGRAM_FILES%]\third close jugs\gojpuses.exe
[%PROGRAM_FILES%]\third close jugs\gridtwo.exe
[%PROGRAM_FILES%]\third close jugs\help anti.exe
[%PROGRAM_FILES%]\third close jugs\link 01 live.exe
[%PROGRAM_FILES%]\third close jugs\qiopzbor.exe
[%PROGRAM_FILES%]\user hold beep\dogmfcd.exe
[%PROGRAM_FILES%]\weboff~1\sepng.dll
[%SYSTEM%]\amtxprxy.dll
[%SYSTEM%]\aqzh0g6.exe
[%SYSTEM%]\araamon.dll
[%SYSTEM%]\atl76681.exe
[%SYSTEM%]\auaamon.dll
[%SYSTEM%]\aud.dll
[%SYSTEM%]\avwav072.exe
[%SYSTEM%]\bidispl9.exe
[%SYSTEM%]\cdfview4.exe
[%SYSTEM%]\cmpbk321.exe
[%SYSTEM%]\coreak.dll
[%SYSTEM%]\esad8.exe
[%SYSTEM%]\hotelc.exe
[%SYSTEM%]\ifojzc.exe
[%SYSTEM%]\jel387h.exe
[%SYSTEM%]\mmview_ouch.dll
[%SYSTEM%]\nsm22.dll
[%SYSTEM%]\nsu2D.dll
[%SYSTEM%]\rulesak.dll
[%SYSTEM%]\sicon.dll
[%SYSTEM%]\splashspot games.exe
[%SYSTEM%]\tfing.exe
[%SYSTEM%]\updak.dll
[%SYSTEM%]\vbbm8.exe
[%SYSTEM%]\wrgkf2.exe
[%SYSTEM%]\yzrokmen.exe
[%SYSTEM%]\zibk.exe
[%WINDOWS%]\cjijjom.ini
[%WINDOWS%]\digital signature 20040814.htm  
   Folders:  
[%PROGRAM_FILES%]\web offer
[%WINDOWS%]\ezstub.exe  
   Registry Keys:  
HKEY_CLASSES_ROOT\appid\{0818d423-6247-11d1-abee-00d049c10000}
HKEY_CLASSES_ROOT\clsid\{23fb5add-da37-4a40-9fc0-b0e2384cde92}
HKEY_CLASSES_ROOT\clsid\{2cab0356-88e3-4902-a85d-379689c625e1}
HKEY_CLASSES_ROOT\clsid\{50b4d2b3-723f-41b3-aec4-0bd66f0f45ff}
HKEY_CLASSES_ROOT\clsid\{746455fe-d059-47e7-af0e-140e03f5a447}
HKEY_CLASSES_ROOT\clsid\{8940e505-72c6-44de-be85-1d746780efbf}
HKEY_CLASSES_ROOT\clsid\{a166c1b0-5cdb-447a-894a-4b9fd7149d51}
HKEY_CLASSES_ROOT\clsid\{ed5d884b-1a35-482e-bea1-dd52f75b6138}
HKEY_CLASSES_ROOT\crypt.core
HKEY_CLASSES_ROOT\crypt.core.1
HKEY_CLASSES_ROOT\da.bomb
HKEY_CLASSES_ROOT\da.bomb.1
HKEY_CLASSES_ROOT\interface\{241667a3-ec83-4885-84dd-c2daafc1c5ea}
HKEY_CLASSES_ROOT\interface\{25630b50-53c6-4e66-a945-9d7b6b2171ff}
HKEY_CLASSES_ROOT\interface\{370f6327-41c4-4fa6-a2df-1ba57ee0fbb9}
HKEY_CLASSES_ROOT\interface\{370f6353-41c4-4fa6-a2df-1ba57ee0fbb9}
HKEY_CLASSES_ROOT\interface\{3a951af0-53f8-4803-a565-0e1dee4b11f5}
HKEY_CLASSES_ROOT\interface\{6e0ed53c-9908-49ed-b055-7cb31b162577}
HKEY_CLASSES_ROOT\interface\{788c6f6e-c2ea-4a63-9c38-ce7d8f43bce4}
HKEY_CLASSES_ROOT\interface\{78bcf936-45b0-40a7-9391-dcc03420db35}
HKEY_CLASSES_ROOT\interface\{7edc96e1-5dd3-11d4-b185-0050dab79376}
HKEY_CLASSES_ROOT\interface\{830d3aed-2fa9-454f-b266-d931862bbf34}
HKEY_CLASSES_ROOT\interface\{8c53bd8e-b12d-4c8f-ad0e-c9ddc39d1273}
HKEY_CLASSES_ROOT\interface\{8ebb1743-9a2f-11d4-8a7e-0050da2ee1be}
HKEY_CLASSES_ROOT\interface\{955cbf48-4313-4b1f-872b-254b7822ccf2}
HKEY_CLASSES_ROOT\interface\{9bcdd51b-4a7b-446c-8452-d32d38004582}
HKEY_CLASSES_ROOT\interface\{9cfa26c2-81da-4c9d-a501-f144a4a000fa}
HKEY_CLASSES_ROOT\interface\{a1465eaa-5f48-477d-b263-3b472989ffc4}
HKEY_CLASSES_ROOT\interface\{a42dc659-33b5-409e-a433-650ac42ecca4}
HKEY_CLASSES_ROOT\interface\{a8516f49-8046-4295-8ee9-c59d5041c9e2}
HKEY_CLASSES_ROOT\interface\{a986f4db-792e-4571-8974-0bb6e024766f}
HKEY_CLASSES_ROOT\interface\{af286cea-635d-40c5-a891-b40a0f520539}
HKEY_CLASSES_ROOT\interface\{ba2a20e0-2476-43bb-bcc8-bfee2419b293}
HKEY_CLASSES_ROOT\interface\{bccab53d-0895-40c3-a942-a03538ce227a}
HKEY_CLASSES_ROOT\interface\{bd6f129a-08db-4cc5-a75a-f2ab79e55b6e}
HKEY_CLASSES_ROOT\interface\{c03351a3-6755-11d4-8a73-0050da2ee1be}
HKEY_CLASSES_ROOT\interface\{c0f88e9e-dceb-4655-968a-ae508a677c39}
HKEY_CLASSES_ROOT\interface\{c4fee4a6-4b8b-11d4-8a6d-0050da2ee1be}
HKEY_CLASSES_ROOT\interface\{d0c1545e-61e1-40d5-8f8c-37d4e7758275}
HKEY_CLASSES_ROOT\interface\{d7eac2d8-2d52-4010-a4ad-dfdf60c1706c}
HKEY_CLASSES_ROOT\interface\{ef0372dc-f552-11d3-8528-0050dab79376}
HKEY_CLASSES_ROOT\interface\{ef0372de-f552-11d3-8528-0050dab79376}
HKEY_CLASSES_ROOT\interface\{efa52460-8822-4191-ba38-facdd2007910}
HKEY_CLASSES_ROOT\interface\{f50a45ec-df75-47d1-b879-3a983043aefb}
HKEY_CLASSES_ROOT\interface\{fb82ccd5-174b-4379-bc37-72d9b5adaeda}
HKEY_CLASSES_ROOT\onone.theimp
HKEY_CLASSES_ROOT\onone.theimp.1
HKEY_CLASSES_ROOT\typelib\{230290d9-946f-4276-9a91-ce2a2f376b9e}
HKEY_CLASSES_ROOT\typelib\{370f6327-41c4-4fa6-a2df-1ba57ee0fbb9}
HKEY_CLASSES_ROOT\typelib\{5e594162-60a9-487d-84b8-dbdd716cb862}
HKEY_CLASSES_ROOT\typelib\{8992b6ca-b8c9-4aed-bf89-0a17f6296a06}
HKEY_CLASSES_ROOT\typelib\{9cfa26c0-81da-4c9d-a501-f144a4a000fa}
HKEY_CLASSES_ROOT\typelib\{9cfa26c1-81da-4c9d-a501-f144a4a000fa}
HKEY_CLASSES_ROOT\typelib\{baf13496-8f72-47a1-9cee-09238efc75f0}
HKEY_CLASSES_ROOT\typelib\{fdb10602-aa12-4e76-aae2-2b328a3e950a}
HKEY_CURRENT_USER\software\mprocessor
HKEY_CURRENT_USER\software\web offer
HKEY_LOCAL_MACHINE\software\classes\typelib\{8a044396-5da2-11d4-b185-0050dab79376}
HKEY_LOCAL_MACHINE\software\coupondeals
HKEY_LOCAL_MACHINE\software\interads
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\direct2d
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\explorer bars\{50b4d2b3-723f-41b3-aec4-0bd66f0f45ff}
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\explorer bars\{a166c1b0-5cdb-447a-894a-4b9fd7149d51}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{746455fe-d059-47e7-af0e-140e03f5a447}
HKEY_CLASSES_ROOT\atlbrcon.atlbrcon.1
HKEY_CLASSES_ROOT\clsid\{00320615-b6c2-40a6-8f99-f1c52d674fad}
HKEY_CLASSES_ROOT\clsid\{01eb5130-fc0c-4d75-b9ce-4801b1b854f5}\programmable
HKEY_CLASSES_ROOT\clsid\{10049d2a-2965-4e4f-8c7e-cb33ad95feb7}\programmable
HKEY_CLASSES_ROOT\clsid\{1a9880a9-5a48-15ac-b6e5-4a07a1f4df7a}
HKEY_CLASSES_ROOT\clsid\{220f9cb2-acf1-ae12-1d11-536411e35dfe}
HKEY_CLASSES_ROOT\clsid\{23358854-c851-a9c8-7858-954990bc2490}
HKEY_CLASSES_ROOT\clsid\{25630b47-53c6-4e66-a945-9d7b6b2171ff}
HKEY_CLASSES_ROOT\clsid\{2720f083-325e-7d8d-c082-7d07a8eade87}
HKEY_CLASSES_ROOT\clsid\{2ada082b-9f11-a314-9431-d7c29f458b6e}
HKEY_CLASSES_ROOT\clsid\{370f6354-41c4-4fa6-a2df-1ba57ee0fbb9}
HKEY_CLASSES_ROOT\clsid\{3a411476-c94b-4cdc-8700-6f7901ce9eeb}
HKEY_CLASSES_ROOT\clsid\{4368aaa5-c359-2ce0-c7df-4246bb5b4cb2}
HKEY_CLASSES_ROOT\clsid\{4cd4be40-22e3-ccac-bceb-69a27ddf5f89}
HKEY_CLASSES_ROOT\clsid\{4d335fff-080f-8f89-e1c4-75220c35322e}
HKEY_CLASSES_ROOT\clsid\{5c9df9e7-8687-05a2-17a3-036319e3786d}
HKEY_CLASSES_ROOT\clsid\{6df5e318-6994-4a41-85bd-45ccada616f8}
HKEY_CLASSES_ROOT\clsid\{788c6f6f-c2ea-4a63-9c38-ce7d8f43bce4}
HKEY_CLASSES_ROOT\clsid\{78bcf937-45b0-40a7-9391-dcc03420db35}
HKEY_CLASSES_ROOT\clsid\{9bcf9f0e-80c2-bd69-8c3e-b1ced587cbff}
HKEY_CLASSES_ROOT\clsid\{9cfa26c0-81da-4c9d-a501-f144a4a000fa}
HKEY_CLASSES_ROOT\clsid\{c256d608-29d9-bcf2-1c2a-6e01a66a8b51}
HKEY_CLASSES_ROOT\clsid\{c68924a3-c49a-37c2-eb92-1645f73d3e1e}
HKEY_CLASSES_ROOT\clsid\{e08b462d-2fb7-0489-54b7-1b6aafc2ecba}
HKEY_CLASSES_ROOT\clsid\{e7a05400-4cfa-4df3-a643-e40f86e8e3d7}
HKEY_CLASSES_ROOT\clsid\{f75521b8-76f1-4a4d-84b1-9e642e9c51d0}
HKEY_CLASSES_ROOT\clsid\{fa66d870-8368-1b50-fb12-631748c9752d}
HKEY_CLASSES_ROOT\clsid\{fb87796b-c1d1-a2cf-468a-03e77186d7b5}
HKEY_CLASSES_ROOT\clsid\{fc2a685e-3d0f-87b0-2045-18023d80bb50}
HKEY_CLASSES_ROOT\ezulafsearcheng.popupdispla
HKEY_CLASSES_ROOT\ezulafsearcheng.resulthelpe
HKEY_CLASSES_ROOT\ezulafsearcheng.searchhelpe
HKEY_CLASSES_ROOT\ezulamain.ezulapopsearchpipe
HKEY_CLASSES_ROOT\ezulamain.ezulapopsearchpipe.1
HKEY_CLASSES_ROOT\typelib\{82910ce3-d86a-435a-a519-6a8c369855d3}
HKEY_CLASSES_ROOT\typelib\{eb5e961f-f519-303c-9744-0d4376b1b0b5}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{01eb5130-fc0c-4d75-b9ce-4801b1b854f5}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{23fb5add-da37-4a40-9fc0-b0e2384cde92}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9cfa26c0-81da-4c9d-a501-f144a4a000fa}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{fc2a685e-3d0f-87b0-2045-18023d80bb50}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\clickfast
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\web offer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\{23fb5add-da37-4a40-9fc0-b0e2384cde92}  
   Registry Values:  
HKEY_CLASSES_ROOT\interface\{0fd6420a-f789-40ae-b921-3983f84e074e}\typelib
HKEY_CLASSES_ROOT\interface\{994a0535-b09c-4d1c-aa4a-2f76002349b1}\typelib
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\fileexts\.ldb\openwithlist
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\fileexts\.mdb\openwithlist
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\fileexts\.mdb\openwithlist
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_LOCAL_MACHINE\software\microsoft\compression
HKEY_CLASSES_ROOT\clsid\{01eb5130-fc0c-4d75-b9ce-4801b1b854f5}\inprocserver32
HKEY_CLASSES_ROOT\clsid\{10049d2a-2965-4e4f-8c7e-cb33ad95feb7}\inprocserver32
HKEY_CLASSES_ROOT\clsid\{1115bae4-62c1-00f9-699a-573366dc900}\{3df87d69-5120-3342-7197-45fdbaa4433}
HKEY_CLASSES_ROOT\clsid\{1115bae4-62c1-00f9-699a-573366dc900}\{b740471d-0554-fd37-0643-9d563903067}
HKEY_CLASSES_ROOT\clsid\{1115bae4-62c1-00f9-699a-573366dc900}\{b740471d-0554-fd37-0643-9d563903067}
HKEY_CLASSES_ROOT\clsid\{1115bae4-62c1-00f9-699a-573366dc900}\{b740471d-0554-fd37-0643-9d563903067}
HKEY_CLASSES_ROOT\clsid\{1115bae4-62c1-00f9-699a-573366dc900}\{b740471d-0554-fd37-0643-9d563903067}
HKEY_CLASSES_ROOT\clsid\{1115bae4-62c1-00f9-699a-573366dc900}\{bb88b15d-0943-9047-7704-ad9ab66706b}
HKEY_CLASSES_ROOT\clsid\{16c050d2-677f-2c7f-45b2-8a55c79af3c}\{2364bb4a-434a-8767-5553-87884aaac66}
HKEY_CLASSES_ROOT\clsid\{16c050d2-677f-2c7f-45b2-8a55c79af3c}\{38e4c144-9b58-7ea6-fb27-b2444944dde}
HKEY_CLASSES_ROOT\clsid\{2253ec38-a972-40a9-8967-e9b1c82e7804}\inprocserver32
HKEY_CLASSES_ROOT\clsid\{3c34c5f1-d5aa-4b44-9dbd-27dba3fb6e0f}\inprocserver32
HKEY_CLASSES_ROOT\interface\{0fd6420a-f789-40ae-b921-3983f84e074e}\typelib
HKEY_CLASSES_ROOT\interface\{994a0535-b09c-4d1c-aa4a-2f76002349b1}\typelib
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\localnrd
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\windows media\wmsdk\general
HKEY_CURRENT_USER\software\microsoft\windows media\wmsdk\general
HKEY_CURRENT_USER\software\microsoft\windows\currentversion
HKEY_CURRENT_USER\software\microsoft\windows\currentversion
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\discardable\postsetup\shellnew
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\streammru
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\streammru
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\streammru
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\streammru
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\streams\184
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\streams\185
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\streams\186
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\streams\34
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\5.0\cache\extensible cache\mshist012004081420040815
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\5.0\cache\extensible cache\mshist012004081420040815
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\5.0\cache\extensible cache\mshist012004081420040815
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\5.0\cache\extensible cache\mshist012004081420040815
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\5.0\cache\extensible cache\mshist012004081420040815
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\5.0\cache\extensible cache\mshist012004081520040816
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\5.0\cache\extensible cache\mshist012004081520040816
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\5.0\cache\extensible cache\mshist012004081520040816
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\5.0\cache\extensible cache\mshist012004081520040816
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\5.0\cache\extensible cache\mshist012004081520040816
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft
HKEY_LOCAL_MACHINE\software\microsoft\cryptography\services
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\secedit
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\secedit
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\secedit
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\secedit
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\secedit
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\secedit
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\secedit
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\secedit
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\user agent\post platform
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions\approved
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\030da494382e
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\4784f481c85c
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\amyshorse.zip
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\amyshorse.zip
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\cake kind test
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\cake kind test
HKEY_LOCAL_MACHINE\system\mounteddevices  
    
Removing Ezula:
  An up-to-date copy of ExterminateIt  should detect and prevent infection from Ezula.
    If you do not have ExterminateIt and you are worried that you may have infected computer,   you could run trial version of ExterminateIt,  or remove Ezula manually.
  To completely manually remove Ezula malware from your computer,  you need to delete the Windows registry keys and registry values, the files and folders  associated with Ezula.
   Use Task Manager to terminate the Ezula process.
   Delete the original Ezula file and folders.
   Delete the system registry key parameters
   Update your antivirus databases or buy antivirus software  and perform a full scan of the computer.
  
    We recommends that all Internet users    back up any important information on their computers,    enable maximum protection from network attacks and malicious code on their computers,    refrain from executing suspicious programs received from untrustworthy sources.  
      ExterminateIt effectively and automatically removes Ezula from you computer    and is a good solution for those who are seeking easy and effective protection for their computer    from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).  
      Download ExterminateIt!    to instantly get rid of Ezula!  
Also Be Aware of the Following Threats:
Aflac Trojan Cleaner
Remove SpySheriff Trojan






 














0
comments:
      


Post a Comment







Newer Post


Older Post



Remove Malware and Viruses Home Page




Subscribe to:
Post Comments (Atom)



Subscribe To







Posts










                  Atom
                










Posts












Comments










                  Atom
                










Comments


Blog Archive






► 

2009
            (836)
          



► 

02
            (88)
          



► 

04
            (2)
          





► 

03
            (34)
          





► 

02
            (31)
          





► 

01
            (21)
          







► 

01
            (748)
          



► 

31
            (21)
          





► 

30
            (20)
          





► 

29
            (30)
          





► 

28
            (36)
          





► 

27
            (35)
          





► 

26
            (31)
          





► 

25
            (29)
          





► 

24
            (27)
          





► 

23
            (25)
          





► 

22
            (32)
          





► 

21
            (27)
          





► 

20
            (24)
          





► 

19
            (27)
          





► 

18
            (15)
          





► 

16
            (3)
          





► 

15
            (13)
          





► 

14
            (27)
          





► 

13
            (24)
          





► 

12
            (20)
          





► 

11
            (23)
          





► 

10
            (17)
          





► 

09
            (19)
          





► 

08
            (23)
          





► 

07
            (32)
          





► 

06
            (19)
          





► 

05
            (30)
          





► 

04
            (29)
          





► 

03
            (29)
          





► 

02
            (31)
          





► 

01
            (30)
          









▼ 

2008
            (3208)
          



► 

12
            (855)
          



► 

31
            (26)
          





► 

30
            (30)
          





► 

29
            (31)
          





► 

28
            (24)
          





► 

27
            (34)
          





► 

26
            (27)
          





► 

25
            (24)
          





► 

24
            (32)
          





► 

23
            (13)
          





► 

22
            (30)
          





► 

21
            (31)
          





► 

20
            (26)
          





► 

19
            (28)
          





► 

18
            (21)
          





► 

17
            (22)
          





► 

16
            (30)
          





► 

15
            (33)
          





► 

14
            (28)
          





► 

13
            (27)
          





► 

12
            (37)
          





► 

11
            (21)
          





► 

10
            (27)
          





► 

09
            (25)
          





► 

08
            (31)
          





► 

07
            (24)
          





► 

06
            (31)
          





► 

05
            (30)
          





► 

04
            (33)
          





► 

03
            (23)
          





► 

02
            (28)
          





► 

01
            (28)
          







▼ 

11
            (813)
          



► 

30
            (27)
          





► 

29
            (31)
          





► 

28
            (25)
          





► 

27
            (27)
          





► 

26
            (30)
          





► 

25
            (31)
          





► 

24
            (22)
          





► 

23
            (26)
          





► 

22
            (25)
          





► 

21
            (23)
          





► 

20
            (28)
          





▼ 

19
            (31)
          

Ashaden.Pinger DoS
BAT.Rolling Trojan
Pigeon.EDY Trojan
Ellwen Trojan
FindAnOpportunity.com Tracking Cookie
Barely19 Tracking Cookie
PornTrack.com Tracking Cookie
VB.aya Downloader
Restina Trojan
AntiWin.dr Trojan
Pigeon.ENS Trojan
slotchbar Hijacker
IRC.Banned Backdoor
SillyDl.CZD Trojan
Tokonere Trojan
Bankor Trojan
Bat2EXE.Delauto Trojan
IRC.Kelebek Trojan
Verticity Adware
ClickStream.Jev.co Tracking Cookie
RDR RAT
Delf.ap Downloader
Error Trojan
Mslink32 Hijacker
XQ Backdoor
AOLPS.Explore Trojan
Pugi.SearchExplorer Toolbar
TheJoiner.15x Trojan
URLSpoof Trojan
SillyDl.CCP Downloader
Ezula Adware






► 

18
            (30)
          





► 

17
            (28)
          





► 

16
            (28)
          





► 

15
            (24)
          





► 

14
            (25)
          





► 

13
            (28)
          





► 

12
            (25)
          





► 

11
            (35)
          





► 

10
            (30)
          





► 

09
            (27)
          





► 

08
            (31)
          





► 

07
            (36)
          





► 

06
            (36)
          





► 

05
            (27)
          





► 

04
            (5)
          





► 

03
            (28)
          





► 

02
            (24)
          





► 

01
            (20)
          







► 

10
            (784)
          



► 

31
            (21)
          





► 

30
            (16)
          





► 

29
            (17)
          





► 

28
            (23)
          





► 

27
            (17)
          





► 

26
            (16)
          





► 

25
            (16)
          





► 

24
            (21)
          





► 

23
            (20)
          





► 

22
            (23)
          





► 

21
            (14)
          





► 

20
            (17)
          





► 

19
            (22)
          





► 

18
            (16)
          





► 

17
            (15)
          





► 

16
            (21)
          





► 

15
            (26)
          





► 

14
            (24)
          





► 

13
            (32)
          





► 

12
            (16)
          





► 

11
            (26)
          





► 

10
            (37)
          





► 

09
            (41)
          





► 

08
            (36)
          





► 

07
            (31)
          





► 

06
            (25)
          





► 

05
            (28)
          





► 

04
            (30)
          





► 

03
            (51)
          





► 

02
            (42)
          





► 

01
            (44)
          







► 

09
            (756)
          



► 

30
            (44)
          





► 

29
            (46)
          





► 

28
            (37)
          





► 

27
            (41)
          





► 

26
            (45)
          





► 

25
            (28)
          





► 

24
            (3)
          





► 

23
            (38)
          





► 

22
            (46)
          





► 

21
            (45)
          





► 

20
            (7)
          





► 

19
            (30)
          





► 

18
            (26)
          





► 

17
            (22)
          





► 

16
            (31)
          





► 

15
            (23)
          





► 

14
            (29)
          





► 

13
            (30)
          





► 

12
            (27)
          





► 

11
            (34)
          





► 

10
            (31)
          





► 

09
            (19)
          





► 

08
            (28)
          





► 

07
            (26)
          





► 

06
            (20)


Usefull Links

Info about malware |  Computer Infections




Search Viruses














ExterminateIt, powerful anti-virus and anti-malware solution defends your PC and notebook with ease. Now you can feel the meaning of Real Personal Protection with Submit State feature fastest possible responder to Your Threats in 24 hours. Huge everyday-updated Malware Database sustains your protection. It is compatible with other security suites.

User reviews:
Having wasted better part of a day on a Vundo infection, which none of the antivirus/antispyware solutions I normally use came even close to handling (one of them actually compounded the problem due to a partial fix, causing all browsers to seemingly lose connectivity after a few seconds), Exterminate It! fixed it in a single pass and one restart.
Nothing short of perfect. A few dollars very well spent.
Does not slow your machine dow, I will use it check my system often as there seems an influx of Malware and others around at the moment. As I said it is fast and does not take up resources.

Remove Malware and Viruses

Ezula Adware

Detecting Ezula:

Removing Ezula:

0 comments:

Subscribe To

Blog Archive

Usefull Links

Search Viruses

User reviews: