RegiFast
|
Description:
|
Adware
|
|
Risk Level:
|
Critical
|
|
Date of First Occurence:
|
Thursday, August 07, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Adaware
Software that is displaying pop-up/pop-under windows containing advertisements when the primary user interface is not visible or displayed advertisements are not related to the product.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SUPPRIMER SPYWARE »
Geographical Distribution of Threat "RegiFast"
Threat Info
View All
Detected Items
- Detected Files:
%PROGRAMFILES%\RegiFast\msvcr71.dll
MD5: 86F1895AE8C5E8B17D99ECE768A70732 Size:348160
%PROGRAMFILES%\RegiFast\RFManager.exe
MD5: 00B269A617FA16E0FC36C2FEEB1D1553 Size:385024
%PROGRAMFILES%\RegiFast\RegiFast.dll
MD5: A8B9009663F8E55B8B9E59A0980EEDE7 Size:221184
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%ProgramFiles%\RegiFast\localdb.dat
%ProgramFiles%\RegiFast\PopUpMgr.plg
%ProgramFiles%\RegiFast\RegiFast.dll
%ProgramFiles%\RegiFast\RFManager.exe
%ProgramFiles%\RegiFast\skin.jpg
%DOWNLOADEDPROGRAMFILES%\RegiFastSI.ocx
- Files by Directories
%ProgramFiles%\RegiFast
- Files by CLSID or Name
CLSID=191978C5-F642-4EE6-B8FD-97A95C435E7D
CLSID=C67A62C7-A68D-484C-9617-880C1F70D3F7
- Registry Keys
HKCR\Interface\{B4B66483-E499-485E-B77B-000D31C1656F}
HKCR\Interface\{B7BEE73A-84E0-4B4F-A5ED-0100F2590B05}
HKCR\TypeLib\{AF3DB5F5-93AA-4F48-B4AE-0A28BC4270BF}
HKCR\TypeLib\{CE7C3CE2-4B15-11D1-ABED-709549C10000}
HKCR\RegiFastObj.RegiFastObj
HKCR\RegiFastObj.RegiFastObj.1
HKCR\RegiFastSI.SilentInstall
HKCR\RegiFastSI.SilentInstall.1
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{191978C5-F642-4EE6-B8FD-97A95C435E7D}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\%Windir%/Downloaded Program Files/RegiFastSI.ocx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegiFast
HKLM\SOFTWARE\RegiFast
- Registry Values
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=RegiFast
«
Go to Software Database
