PersonalAntiSpy

PersonalAntiSpy

Found: 
2008-09-26
Known system changes: 

Created Files

  • %Desktop%PersonalAntiSpy.lnk
  • %Desktop%PersonalAntiSpy.lnk
  • %Desktop%PersonalAntiSpy..lnk

Created Folders

  • %ApplicationData%SalesMon
  • c:\Documents and Settings\All Users\Application Data\SalesMon
  • %StartMenu%Programs\QuickInstallPack
  • %ProgramFiles%PersonalAntiSpy
  • %CommonPrograms%PersonalAntiSpy
  • %ProgramFiles%PersonalAntiSpy
  • %CommonProgramFiles%PersonalAntiSpy
  • %CommonPrograms%PersonalAntiSpy
  • %ApplicationData%qip
  • %ApplicationData%PersonalAntiSpy
  • c:\Documents and Settings\All Users\Application Data\PersonalAntiSpy
  • %ApplicationData%UPAS_QIP
  • %ProgramFiles%PersonalAntiSpy Free

Registry Entries

  • Key: HKEY_CLASSES_ROOT\AppID\{3A9377A6-BE7F-485D-908C-D44114691389}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\AppID\iercpt.DLL
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\CLSID\{D4CDC21D-43BE-4101-A1EF-E379F134771E}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\iercpt.iercptbho
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\iercpt.iercptbho.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\Interface\{59C345BA-3D5E-44E3-9D10-D3848AF15D73}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\TypeLib\{A6FBD2E4-1C7E-4EAB-80DD-01DE2645566A}
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4CDC21D-43BE-4101-A1EF-E379F134771E}
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickInstallPack
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\software\personalantispy free
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\upashellext.shellhook
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\upashellext.shellhook.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\upashellext.wascontextmenu
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\upashellext.wascontextmenu.1
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\uwasfsd.creationnotifier
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\uwasfsd.creationnotifier.1
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\personalantispy free_is1
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\pcprivacycleaner
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\personalantispy free
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\system\controlset001\services\uwasfsd
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\system\currentcontrolset\services\uwasfsd
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks
  • Value: {1924fa29-9740-4f6b-a683-90fb42fc1237}
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: pasmonitor
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: personalantispy free
  • Data:
  • Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
  • Value: upascw
  • Data:
  • Key: HKEY_CLASSES_ROOT\CLSID\{1924FA29-9740-4F6B-A683-90FB42FC1237}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\CLSID\{5CAB6A79-7710-405a-9B08-A13E908534E9}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\CLSID\{ABCD4567-76B5-4bc7-AAC5-396D70925B11}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\Interface\{4567AB12-A884-4CA6-B739-CEDB12FEF096}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\Interface\{ABCD4567-4D73-43E9-85E5-53A2DBD95411}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\Interface\{ABCD4567-D8E8-4DF1-A3EA-D0AA72F42611}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\TypeLib\{4567AB12-AE24-4FD6-B479-E2B464F32DA6}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\TypeLib\{ABCD4567-7437-43EF-AB74-4AB1D3A37411}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\TypeLib\{C766ED4F-EF37-4C77-8F71-288661A2D513}
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\ExplorerUPAS
  • Value:
  • Data:
  • Key: HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\ExplorerUPAS
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Mirabilis
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: QuickInstallPack
  • Data: C:\Documents and Settings\%userprofile%\Local Settings\Application Data\qip\QuickInstallPack.exe
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Value: SalesMonitor
  • Data: "C:\Program Files\Common Files\PersonalAntiSpy\pbm.exe" dm=http://personalantispy.com;http://load.personalantispy.com ad=http://personalantispy.com;http://load.personalantispy.com sd=http://log.personalantispy.com