Affilred
Affilred is a browser hijacker that blocks access to numerous web sites and sends a web browser to predefined Internet resources without asking for user permission. Affilred must be manually installed. The spyware automatically runs on every Windows startup. Affilred creates lots of files in different locations, so it is quite difficult to get rid of.
File System Modifications
- The following files were created in the system:
# File Name 1 axe.exe 2 cab.exe 3 comnt32.dll 4 criticalupdate.exe 5 default.scr 6 highspeed-cable.exe 7 inetconnect.dll 8 iprotect.exe 9 memorymanager.pif 10 mshotfix.exe 11 msupdate.exe 12 regisry.pif 13 security32.exe 14 twain_32.exe 15 usbwin32.exe 16 winsecure.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}%Windir%iprotect.exeHKEY_CURRENT_USERSoftwareMicrosoftWindowsNTCurrentVersionWindowsloadMemoryManagerHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunMSUpdateHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunMicrosoftCabManagerHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunMicrosoftSecurityHotFixUpdateHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunRegistryMonitorHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServicesWinTaskHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunWindowsSecurityManagerHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunWindowsSecurityUpdateHKEY_LOCAL_MACHINESOFTWARESoftwareMicrosoftWindowsNTCurrentVersionWinlogonUserinit=%System%userinit.exe - The following CLSID's were detected:
HKEY..\..\{CLSID Path}C0DADD7E-D3F1-430D-B735-39DC6033592C8E668361-C801-41B7-BF89-2FC2C8DE916777566C2A-2987-44BC-AC81-A02D19EE271B0CDAAEC2-E245-44CC-8357-CAB70172D017FD3A6AB4-5527-4B52-90AF-F90CD32708611BB87441-6B7F-4B60-885C-B7AF9F9AFDE3
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.