EliteBar

Detected Items

1. Detected Files: %WINDIR%\etb\xud_70.dll MD5: 802D0865CF62099EC16F0326ED2581A7 Size:4096 %WINDIR%\EliteToolBar\EliteToolBar version 60.dll MD5: B2EE1BA2B4280B19EF22AAC153241481 Size:97792 MD5: B2EE1BA2B4280B19EF22AAC153241481 MD5: B2EE1BA2B4280B19EF22AAC153241481 Size:4294967295 %WINDIR%\etb\xud_63.dll MD5: 2A5E41D4950CB225919C16285164DE39 Size:7168 %WINDIR%\etb\nt_hide63.dll MD5: 4A011EDF1DC3CA5F8151C47A70E975F3 Size:28672 %WINDIR%\etb\xud2f.dll MD5: 9EB36B87B8F0A270213C6BC32C908319 Size:7680 %WINDIR%\etb\pokapoka79.exe MD5: 807FCB10C817836AF1F0F6F5E9B944F4 Size:4294967295 %WINDIR%\etb\nt_hide61.dll MD5: DCCB7DC40BEC529AF8173791AD467369 Size:28672 %WINDIR%\etb\pokapoka62.exe MD5: 420331B6793711C99582CA971F6D1FEC Size:119296 %SYSDIR%\elitekck32.exe MD5: 825B6E2F440CBFF32E340FF0D59B66CC Size:4294967295 %SYSDIR%\KIMO.EXE MD5: 6AEE2B966900AB282A213DB40B5C356C Size:64360 %TEMP%\suicidetb.exe MD5: C17959B8C4E9F0A29A3B4FBBC98D79A5 Size:110592 MD5: 4DCC60612141A023AD737DA00BFAAFA9 Size:115200 %WINDIR%\etb\pokapoka69(2)(2).exe MD5: 898B8FFDE25CB980C2926A6A526322AD Size:120320 %WINDIR%\etb\pokapoka69.exe MD5: 424FF8A5CC1DC0341473F954DAE031C3 Size:65280 %WINDIR%\etb\nt_hide62(2).dll MD5: AE8E18C06F19F47468CC6C7712DC78B4 Size:28672
2. Detected Files with variable Filenames: MD5: 825B6E2F440CBFF32E340FF0D59B66CC Size: 11593 %SYSDIR%\eliteyrx32.exe %SYSDIR%\elitevhg32.exe %SYSDIR%\eliteayb32.exe %SYSDIR%\eliteezw32.exe %SYSDIR%\elitewoh32.exe %SYSDIR%\elitefxk32.exe %SYSDIR%\elitetii32.exe %SYSDIR%\eliteuey32.exe %SystemDiskRoot%\System Volume Information\_restore{E87A81FB-FDCF-4B92-A20C-951710F82D7C}\RP66\A0012406.exe %SystemDiskRoot%\System Volume Information\_restore{E87A81FB-FDCF-4B92-A20C-951710F82D7C}\RP66\A0012405.exe %SYSDIR%\elitehof32.exe and next 70 variations. MD5: 3BFE5760545429DD1D9D0BA7FEAE3F8B Size: 49152 %WINDIR%\etb\nt_hide79.dll %WINDIR%\etb\nt_hide79.dll.ren MD5: 807FCB10C817836AF1F0F6F5E9B944F4 Size: 148480 %WINDIR%\etb\pokapoka79.exe %WINDIR%\etb\pokapoka79.exe.ren MD5: 6BF7A782AAADA80617948ECFE121FC97 Size: 20992 %WINDIR%\etb\nt_hide70(2).dll %WINDIR%\etb\nt_hide70.dll MD5: 37B7BC79DA88E00B27302EC5DB5EFC17 Size: 4096 %WINDIR%\etb\xud_69(5).dll %WINDIR%\etb\xud_69(4).dll %WINDIR%\etb\xud_69(2).dll MD5: 75CF45686F3219346DF663645C835E2D Size: 18944 %WINDIR%\etb\nt_hide69(3).dll %WINDIR%\etb\nt_hide69(2)(3).dll %WINDIR%\etb\nt_hide69(2)(2).dll

Detecting items list:

1. Files by Name %windir%\etb\pokapoka*.exe %TEMP%\suicidetb.exe %userprofile%\local settings\temporary internet files\silent_install.exe %windir%\elitesidebar\elitesidebar*.dll %windir%\elitetoolbar\elitetoolbar*.dll %windir%\etb\nt_hide*.dll %sysdir%\elitefmj32.exe %sysdir%\elitekck32.exe %sysdir%\elitexdx32.exe %sysdir%\ELITEXLZ32.EXE %sysdir%\UGZEBVC.DLL %sysdir%\KIMO.EXE
2. Files by MD5 MD5: 825B6E2F440CBFF32E340FF0D59B66CC Size: 11593
3. Files by Directories %windir%\etb %windir%\elitesidebar
4. Files by CLSID or Name CLSID=DBF33E89-1784-42AC-ADE4-A428F56550A3 CLSID=A9B28EF6-ABF3-463B-A3D8-4D0D0BADFADC CLSID=276B0903-EB4B-46FF-8304-F093DEF69DE7 CLSID=4AFF987A-773B-48E4-AEE8-08EBDDBDADF8 CLSID=CAAB3B3F-E815-47D9-94FD-8BB9143C0077 CLSID=ED646219-20BF-41E5-80FD-EE49021DA599 CLSID=a74cd7dd-ea6f-11d4-abf3-000102378429 CLSID=CA9FC31A-6F35-4493-B629-E64BD6170A17 CLSID=8AA59E15-6E81-415C-B299-1ADFB50C8E1A CLSID=02C20140-76F8-4763-83D5-B660107BABCD CLSID=BE8D0059-D24D-4919-B76F-99F4A2203647 CLSID=A74CD7DD-EA6F-11D4-ABF3-000102378429 CLSID=ED103D9F-3070-4580-AB1E-E5C179C1AE41 CLSID=28CAEFF3-0F18-4036-B504-51D73BD81ABC CLSID=825CF5BD-8862-4430-B771-0C15C5CA8DEF
5. Registry Keys HKLM\SOFTWARE\Elitum\EliteSideBar HKLM\SOFTWARE\Elitum\EliteToolBar
6. Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=System service79

• Sobre o Suporte
• Ajuda
• Guia de Suporte
• FAQ
• Auditoria de Software
• Dicas

• Banco de dados de Software
• Sobre Spyware