Home Malware Programs Browser Hijackers Elex Hijacker

Elex Hijacker

Posted: April 1, 2015

Threat Metric

Ranking: 10
Threat Level: 5/10
Infected PCs: 3,355,695
First Seen: April 1, 2015
Last Seen: January 6, 2022
OS(es) Affected: Windows


The Elex Hijacker is a browser hijacker: a threat that forces your browser to load unwanted websites. Most browser hijackers lack any formal recognition for being a threat, but malware researchers do consider removing the Elex Hijacker and similar software an essential baseline for your safety while browsing the Web. Using standard anti-adware and anti-malware tools for cleaning your PC can provide the best assurance for the removal of an Elex Hijacker along with all settings changes.

The Internet Entertainment that Came by Force

Purveyors of unwanted software and services rarely limit themselves to just one such business venture and may utilize multiple domains and brand names that show few differences from past offerings. The Hichina Zhicheng Technology is one company with a previous name for trafficking in questionable payment-processing domains and Yet Another Cleaner (or YAC) scamware, but also may be expanding into browser-hijacking apps. The sample currently being investigated by malware experts, the Elex Hijacker, promotes Elex.com, one of the company's entertainment product websites. The site is designed for Chinese audiences, although targets of unwanted software installations from the same company have spanned other countries around the world.

Browsers modified by an Elex Hijacker may show symptoms as outlined below:

  • Your browser's homepage, search engine, or default new tab may lock itself to Elex.com.
  • Your browser may load additional, Elex brand-affiliated advertisements that inject themselves into unrelated Web pages.

Unlike some of the more overt, browser-hijacking products malware researchers see, the Elex Hijacker is unassociated with toolbars or other browser apps that include visible User-Interface elements. As per the usual standards for Potentially Unwanted Software, an Elex Hijacker overrides all default browser settings. The full range of browsers being targeted by the Elex Hijacker campaign still is under confirmation, although popular brands like Chrome and Internet Explorer are likely of inclusion.

Because Elex.com hosts no threatening content, your browser security products are not likely to display warnings after your browser redirects itself to this site.

Redirecting Your Browser out of a Hijacking

Products that have no purpose beyond exerting control over your browser are unlikely sources for providing any features worth putting up with that security risk. Although the Elex Hijacker isn't classified as being a threat currently, like most PUPs, its presence may put your Web-browsing safety in danger by redirecting you to harmful websites unintentionally, or exposing you to advertisements with deceptive content. Whether or not you use a Web browser being modified by an Elex Hijacker regularly, removing this PUP and software related to the Elex Hijacker always should be strongly considered.

When uninstalling an Elex Hijacker, reboot your computer and load the Advanced Boot Options menu by pressing F8 before your operating system loads. Selecting any Safe Mode option will let your OS launch only with essential programs, ideally blocking the automated launching of any unwanted or harmful software. From that sterile environment, scan your computer with your preferred security solution, reset the affected browser's cache, and reboot. Any scans also may find additional, Potentially Unwanted Programs on your PC at the same time as the Elex Hijacker, such as variants of YAC or Adware.Graftor, that are noted for being affiliated with the Elex.com's company.

Since the Elex Hijacker distribution model still is being investigated, malware researchers only can recommend generalized security protocols, such as scanning downloads and blocking in-browser scripts, for avoiding this threat.

Aliases

Riskware/Elex [Fortinet]PUP/XTab [Panda]Artemis!5C76D5C030CB [McAfee]PUP/Win32.Generic [AhnLab-V3]Artemis!Trojan [McAfee-GW-Edition]

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Elex Hijacker may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%PROGRAMFILES%\SNARE\terana64.dll\terana64.dll File name: terana64.dll
Size: 909.31 KB (909312 bytes)
MD5: 67a8678a6a84d323814b3dea0eb271b0
Detection count: 6,935
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\SNARE\terana64.dll\
Group: Malware file
Last Updated: January 6, 2022
%SYSTEMDRIVE%\Users\Marcelo Emilio\AppData\Local\Temp\~seEBF0.tmp\~seEBF0.tmp File name: ~seEBF0.tmp
Size: 830.46 KB (830464 bytes)
MD5: f836ee87da9248456dfab1227ffb25ef
Detection count: 6,373
File type: Temporary File
Mime Type: unknown/tmp
Path: %SYSTEMDRIVE%\Users\Marcelo Emilio\AppData\Local\Temp\~seEBF0.tmp\
Group: Malware file
Last Updated: January 6, 2022
C:\Users\Αντώνης1\AppData\Local\Temp\~seD124.tmp\~seD124.tmp File name: ~seD124.tmp
Size: 908.28 KB (908288 bytes)
MD5: 0a2b05b9c1f413510f6c036c260264fc
Detection count: 4,047
File type: Temporary File
Mime Type: unknown/tmp
Path: C:\Users\Αντώνης1\AppData\Local\Temp\~seD124.tmp\
Group: Malware file
Last Updated: December 19, 2021
%SYSTEMDRIVE%\Users\Leticia\AppData\Local\Temp\6\kokoko2.dll\kokoko2.dll File name: kokoko2.dll
Size: 1.85 MB (1858048 bytes)
MD5: 20947acc76523411fba0a85484441cc8
Detection count: 2,967
File type: Dynamic link library
Mime Type: unknown/dll
Path: %SYSTEMDRIVE%\Users\Leticia\AppData\Local\Temp\6\kokoko2.dll\
Group: Malware file
Last Updated: January 6, 2022
%SYSTEMDRIVE%\Users\Leticia\AppData\Local\Temp\~se8F5.tmp\~se8F5.tmp File name: ~se8F5.tmp
Size: 652.28 KB (652288 bytes)
MD5: 19488e1593252b738beebf8632b57075
Detection count: 2,761
File type: Temporary File
Mime Type: unknown/tmp
Path: %SYSTEMDRIVE%\Users\Leticia\AppData\Local\Temp\~se8F5.tmp\
Group: Malware file
Last Updated: January 3, 2022
%PROGRAMFILES(x86)%\Jovishsterqile\_ALLOWDEL_b17a5\kokoko1.dll\kokoko1.dll File name: kokoko1.dll
Size: 123.9 KB (123904 bytes)
MD5: 4d15e77941a8b96209d561b6d859dd5f
Detection count: 2,693
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES(x86)%\Jovishsterqile\_ALLOWDEL_b17a5\kokoko1.dll\
Group: Malware file
Last Updated: December 25, 2021
C:\Program Files (x86)\Jamper\Application\bin\Jamper.dll\Jamper.dll File name: Jamper.dll
Size: 139.77 KB (139776 bytes)
MD5: c17e67bdcbcec49226dadf6450287ef6
Detection count: 2,597
File type: Dynamic link library
Mime Type: unknown/dll
Path: C:\Program Files (x86)\Jamper\Application\bin\Jamper.dll\
Group: Malware file
Last Updated: December 13, 2021
C:\Users\MSI\AppData\Local\Temp\~se7EB0.tmp\~se7EB0.tmp File name: ~se7EB0.tmp
Size: 833.53 KB (833536 bytes)
MD5: 03811ffdc485da52704012631f83645f
Detection count: 2,483
File type: Temporary File
Mime Type: unknown/tmp
Path: C:\Users\MSI\AppData\Local\Temp\~se7EB0.tmp\
Group: Malware file
Last Updated: December 15, 2021
%SYSTEMDRIVE%\users\kesra\appdata\local\terana\terana.dll\terana.dll File name: terana.dll
Size: 664.57 KB (664576 bytes)
MD5: 96fa28794f8896ee745172b4e20c8f6e
Detection count: 2,429
File type: Dynamic link library
Mime Type: unknown/dll
Path: %SYSTEMDRIVE%\users\kesra\appdata\local\terana\terana.dll\
Group: Malware file
Last Updated: November 7, 2021
C:\Users\arge\AppData\Local\Temp\~seBF96.tmp\~seBF96.tmp File name: ~seBF96.tmp
Size: 802.81 KB (802816 bytes)
MD5: e27a43aae4160edf987ca50fefb6f5b2
Detection count: 1,714
File type: Temporary File
Mime Type: unknown/tmp
Path: C:\Users\arge\AppData\Local\Temp\~seBF96.tmp\
Group: Malware file
Last Updated: December 13, 2021
%WINDIR%\Temp\tmpDDE3.tmp\kitty1.dll\kitty1.dll File name: kitty1.dll
Size: 1.81 MB (1811968 bytes)
MD5: 7e02638e86eafaae1cf9149046e83792
Detection count: 1,483
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\Temp\tmpDDE3.tmp\kitty1.dll\
Group: Malware file
Last Updated: December 18, 2021
%SYSTEMDRIVE%\users\home\appdata\local\glory\glory.dll\glory.dll File name: glory.dll
Size: 665.6 KB (665600 bytes)
MD5: e2fb8dac218b694bfbce94c214ea6e33
Detection count: 1,351
File type: Dynamic link library
Mime Type: unknown/dll
Path: %SYSTEMDRIVE%\users\home\appdata\local\glory\glory.dll\
Group: Malware file
Last Updated: November 15, 2021
%WINDIR%\System32\drivers\NetUtils2016.sys.0e680f4f\NetUtils2016.sys.0e680f4f File name: NetUtils2016.sys.0e680f4f
Size: 907.16 KB (907160 bytes)
MD5: 999995e6e594d8f7aa72029c8eb2b952
Detection count: 1,220
Mime Type: unknown/0e680f4f
Path: %WINDIR%\System32\drivers\NetUtils2016.sys.0e680f4f\
Group: Malware file
Last Updated: December 23, 2021
C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe\FirefoxUpdate.exe File name: FirefoxUpdate.exe
Size: 110.59 KB (110592 bytes)
MD5: ea4172402f973e5b9bbfae6f0a17fe24
Detection count: 1,115
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe\
Group: Malware file
Last Updated: September 24, 2021
C:\Users\Misi\AppData\Local\Temp\~se5BA.tmp\~se5BA.tmp File name: ~se5BA.tmp
Size: 687.61 KB (687616 bytes)
MD5: 0f393897a889d3a7b528283060c6c2e6
Detection count: 1,005
File type: Temporary File
Mime Type: unknown/tmp
Path: C:\Users\Misi\AppData\Local\Temp\~se5BA.tmp\
Group: Malware file
Last Updated: October 14, 2021
C:\Users\Misi\AppData\Local\Temp\~se82E5.tmp\~se82E5.tmp File name: ~se82E5.tmp
Size: 652.28 KB (652288 bytes)
MD5: 89e194be6e316330a6bdf40b05186c6f
Detection count: 771
File type: Temporary File
Mime Type: unknown/tmp
Path: C:\Users\Misi\AppData\Local\Temp\~se82E5.tmp\
Group: Malware file
Last Updated: December 17, 2021
%SYSTEMDRIVE%\Users\pc\AppData\Local\Temp\~se3439.tmp\~se3439.tmp File name: ~se3439.tmp
Size: 680.44 KB (680448 bytes)
MD5: e0e9eb3073fdfe0a4182a849073df19e
Detection count: 340
File type: Temporary File
Mime Type: unknown/tmp
Path: %SYSTEMDRIVE%\Users\pc\AppData\Local\Temp\~se3439.tmp\
Group: Malware file
Last Updated: December 11, 2021
c:\programdata\package cache\{e01cb7f1-3e88-4450-1764-b3cc1e205c4a}v10.1.14393.795\installers\30daf459e79c5d26366654b1b482e87.cab:dp\30daf459e79c5d26366654b1b482e87.cab:dp File name: 30daf459e79c5d26366654b1b482e87.cab:dp
Size: 102.91 KB (102912 bytes)
MD5: 023de9921a465dbcb3dad4606e44aa22
Detection count: 314
Mime Type: unknown/cab:dp
Path: c:\programdata\package cache\{e01cb7f1-3e88-4450-1764-b3cc1e205c4a}v10.1.14393.795\installers\30daf459e79c5d26366654b1b482e87.cab:dp\
Group: Malware file
Last Updated: October 26, 2021
C:\Users\Misi\AppData\Local\Temp\~seEE92.tmp\~seEE92.tmp File name: ~seEE92.tmp
Size: 658.43 KB (658432 bytes)
MD5: 51f76a0fdeeee8f4c75c0a14b037027b
Detection count: 192
File type: Temporary File
Mime Type: unknown/tmp
Path: C:\Users\Misi\AppData\Local\Temp\~seEE92.tmp\
Group: Malware file
Last Updated: December 11, 2021
C:\Users\pc\AppData\Local\Temp\~seF619.tmp\~seF619.tmp File name: ~seF619.tmp
Size: 654.84 KB (654848 bytes)
MD5: 59ceb9de4c5be1491fe4d54a5b9cd2c9
Detection count: 54
File type: Temporary File
Mime Type: unknown/tmp
Path: C:\Users\pc\AppData\Local\Temp\~seF619.tmp\
Group: Malware file
Last Updated: November 8, 2021
%LOCALAPPDATA%\SNARE\Snare.dll File name: Snare.dll
Size: 802.81 KB (802816 bytes)
MD5: e57439e203749c0be272d3cd3df6ee03
Detection count: 7
File type: Dynamic link library
Mime Type: unknown/dll
Path: %LOCALAPPDATA%\SNARE\
Group: Malware file
Last Updated: April 28, 2017
%ALLUSERSPROFILE%\BIT\BIT.dll File name: BIT.dll
Size: 1.93 MB (1935815 bytes)
MD5: a132a6a689ee560dccce010cb57246ce
Detection count: 5
File type: Dynamic link library
Mime Type: unknown/dll
Path: %ALLUSERSPROFILE%\BIT\
Group: Malware file
Last Updated: May 9, 2017

More files

Registry Modifications

The following newly produced Registry Values are:

Directory%ALLUSERSPROFILE%\rEuWuFTools%APPDATA%\appyphinek%APPDATA%\dapicult%APPDATA%\herley%PROGRAMFILES%\apptools%PROGRAMFILES%\clugoghphwodom%PROGRAMFILES%\clugokftgh%PROGRAMFILES%\clunaent%PROGRAMFILES%\coercock%PROGRAMFILES%\coerkocult%PROGRAMFILES%\cogapymoderther%PROGRAMFILES%\coicerph%PROGRAMFILES%\coidswermepy%PROGRAMFILES%\coohatain%PROGRAMFILES%\cootion%PROGRAMFILES%\copkmahoch%PROGRAMFILES%\daletictain%PROGRAMFILES%\dapasy%PROGRAMFILES%\datosh%PROGRAMFILES%\deceward%PROGRAMFILES%\dedoly%PROGRAMFILES%\deqosehasity%PROGRAMFILES%\dermupy%PROGRAMFILES%\derrepyvivering%PROGRAMFILES%\diaent%PROGRAMFILES%\dliterpory%PROGRAMFILES%\dnesharuzus%PROGRAMFILES%\dralach%PROGRAMFILES%\dranoge%PROGRAMFILES%\drarainganipition%PROGRAMFILES%\drecetain%PROGRAMFILES%\drenackghowedom%PROGRAMFILES%\dresle%PROGRAMFILES%\dretule%PROGRAMFILES%\drewespgrerwey%PROGRAMFILES%\drizphqolother%PROGRAMFILES%\drjother%PROGRAMFILES%\drpasydest%PROGRAMFILES%\druciy%PROGRAMFILES%\druditain%PROGRAMFILES%\eepyruha%PROGRAMFILES%\emather%PROGRAMFILES%\fepuly%PROGRAMFILES%\figasy%PROGRAMFILES%\fijushreibuent%PROGRAMFILES%\fovigemei%PROGRAMFILES%\garunufupy%PROGRAMFILES%\gazshrasity%PROGRAMFILES%\gefudom%PROGRAMFILES%\gersieddrerterpy%PROGRAMFILES%\gertery%PROGRAMFILES%\ghabuty%PROGRAMFILES%\gherertionghatersh%PROGRAMFILES%\ghergersyqerkeing%PROGRAMFILES%\gherjech%PROGRAMFILES%\gherkadomijly%PROGRAMFILES%\ghezeentghicay%PROGRAMFILES%\ghgersybqury%PROGRAMFILES%\ghibay%PROGRAMFILES%\ghijerght%PROGRAMFILES%\ghmalyanacoing%PROGRAMFILES%\ghojetain%PROGRAMFILES%\ghojiryjile%PROGRAMFILES%\ghorugh%PROGRAMFILES%\ghubuge%PROGRAMFILES%\ghuverckplokaent%PROGRAMFILES%\gjadom%PROGRAMFILES%\gokolestepation%PROGRAMFILES%\graghmerrek%PROGRAMFILES%\granidomrsaph%PROGRAMFILES%\grerght%PROGRAMFILES%\grersiward%PROGRAMFILES%\griduy%PROGRAMFILES%\grigikcunack%PROGRAMFILES%\grihersmiritain%PROGRAMFILES%\griqitherphegoty%PROGRAMFILES%\grokise%PROGRAMFILES%\groseghtjibied%PROGRAMFILES%\grtase%PROGRAMFILES%\grupward%PROGRAMFILES%\grurecult%PROGRAMFILES%\grutesy%PROGRAMFILES%\gubicult%PROGRAMFILES%\hecyhewury%PROGRAMFILES%\herary%PROGRAMFILES%\hidupyplumole%PROGRAMFILES%\hiulysaey%PROGRAMFILES%\holush%PROGRAMFILES%\hubishrwoy%PROGRAMFILES%\humedomlutik%PROGRAMFILES%\huweried%PROGRAMFILES%\icackaraergh%PROGRAMFILES%\idoing%PROGRAMFILES%\idotion%PROGRAMFILES%\ifeghtarinuph%PROGRAMFILES%\jercaenttrch%PROGRAMFILES%\jerjers%PROGRAMFILES%\jetrympward%PROGRAMFILES%\jeweseprsot%PROGRAMFILES%\kedasepuving%PROGRAMFILES%\kikusphudoght%PROGRAMFILES%\lafetqilse%PROGRAMFILES%\lerlaied%PROGRAMFILES%\lermacultoqus%PROGRAMFILES%\lfasyjiqege%PROGRAMFILES%\mehition%PROGRAMFILES%\meqoshvurery%PROGRAMFILES%\mevaentcoijely%PROGRAMFILES%\mijerwardplemese%PROGRAMFILES%\miqoshzesetion%PROGRAMFILES%\miwertainckerpsp%PROGRAMFILES%\mizotycernery%PROGRAMFILES%\mokagecerpuly%PROGRAMFILES%\naerentprefos%PROGRAMFILES%\nasitain%PROGRAMFILES%\nelithetay%PROGRAMFILES%\nerrachghefeing%PROGRAMFILES%\nerwughlleried%PROGRAMFILES%\newughikeing%PROGRAMFILES%\Nidaty%PROGRAMFILES%\nilchtherjerent%PROGRAMFILES%\nimkdejersp%PROGRAMFILES%\nitish%PROGRAMFILES%\niwerdavitain%PROGRAMFILES%\nofoiedanasition%PROGRAMFILES%\nvather%PROGRAMFILES%\pciphtheviry%PROGRAMFILES%\peloch%PROGRAMFILES%\perkaght%PROGRAMFILES%\peroty%PROGRAMFILES%\phaderplemaing%PROGRAMFILES%\phagiselipege%PROGRAMFILES%\phapergeatjaied%PROGRAMFILES%\phbiiedtorle%PROGRAMFILES%\phediktebaght%PROGRAMFILES%\pheption%PROGRAMFILES%\pherluied%PROGRAMFILES%\pherlutherprudit%PROGRAMFILES%\phohatyreamuy%PROGRAMFILES%\phudikthwisy%PROGRAMFILES%\phuhos%PROGRAMFILES%\phuige%PROGRAMFILES%\phuquk%PROGRAMFILES%\phviingstaledom%PROGRAMFILES%\pirering%PROGRAMFILES%\placutherghulers%PROGRAMFILES%\plberied%PROGRAMFILES%\plebuckwuwury%PROGRAMFILES%\plelage%PROGRAMFILES%\plerqer%PROGRAMFILES%\plokoy%PROGRAMFILES%\pluteward%PROGRAMFILES%\preguckuech%PROGRAMFILES%\prergasp%PROGRAMFILES%\prerqiwarddacertain%PROGRAMFILES%\prerus%PROGRAMFILES%\pripiieddocch%PROGRAMFILES%\prissy%PROGRAMFILES%\prjoentmerdery%PROGRAMFILES%\prlusterkogh%PROGRAMFILES%\projlyanubay%PROGRAMFILES%\prunaplatuph%PROGRAMFILES%\prusash%PROGRAMFILES%\pubight%PROGRAMFILES%\qeqotion%PROGRAMFILES%\qitech%PROGRAMFILES%\qivethercoqerly%PROGRAMFILES%\qnuhegach%PROGRAMFILES%\razoward%PROGRAMFILES%\reasetyulesp%PROGRAMFILES%\reawerghtraserph%PROGRAMFILES%\rebergeclarodom%PROGRAMFILES%\reilechjpu%PROGRAMFILES%\reiwaghgherfile%PROGRAMFILES%\remerspwaqing%PROGRAMFILES%\reoientrusoge%PROGRAMFILES%\reratqatudom%PROGRAMFILES%\rerkuy%PROGRAMFILES%\rersse%PROGRAMFILES%\retawardkukty%PROGRAMFILES%\reuses%PROGRAMFILES%\rEuWuFTools%PROGRAMFILES%\riferpy%PROGRAMFILES%\rosatain%PROGRAMFILES%\sagerspkawege%PROGRAMFILES%\sahotplerpoied%PROGRAMFILES%\saquterpward%PROGRAMFILES%\serhesy%PROGRAMFILES%\sewasemhient%PROGRAMFILES%\shapoly%PROGRAMFILES%\shepashkuderward%PROGRAMFILES%\shijerghnuguch%PROGRAMFILES%\shntherquhither%PROGRAMFILES%\shoccult%PROGRAMFILES%\shodisyqrugh%PROGRAMFILES%\shomephclezeried%PROGRAMFILES%\shorush%PROGRAMFILES%\shumaing%PROGRAMFILES%\shuqitainstazegh%PROGRAMFILES%\shurerphraterward%PROGRAMFILES%\sokeing%PROGRAMFILES%\stiduy%PROGRAMFILES%\stumogeqebut%PROGRAMFILES%\tukoentvegsh%PROGRAMFILES%\valoryatusation%PROGRAMFILES%\vastyatedeing%PROGRAMFILES%\vehotherdreguty%PROGRAMFILES%\vieshhubule%PROGRAMFILES%\voboght%PROGRAMFILES(x86)%\apptools%PROGRAMFILES(x86)%\Aterlutthikile%PROGRAMFILES(x86)%\cluberspmercerk%PROGRAMFILES(x86)%\clugoghphwodom%PROGRAMFILES(x86)%\clugokftgh%PROGRAMFILES(x86)%\clunaent%PROGRAMFILES(x86)%\coepageatovry%PROGRAMFILES(x86)%\coercock%PROGRAMFILES(x86)%\coerkocult%PROGRAMFILES(x86)%\cogapymoderther%PROGRAMFILES(x86)%\coicerph%PROGRAMFILES(x86)%\coidswermepy%PROGRAMFILES(x86)%\conochdupution%PROGRAMFILES(x86)%\coohatain%PROGRAMFILES(x86)%\copkmahoch%PROGRAMFILES(x86)%\couwadomcerperdom%PROGRAMFILES(x86)%\daletictain%PROGRAMFILES(x86)%\dapasy%PROGRAMFILES(x86)%\datosh%PROGRAMFILES(x86)%\deceward%PROGRAMFILES(x86)%\dedoly%PROGRAMFILES(x86)%\deqosehasity%PROGRAMFILES(x86)%\dermupy%PROGRAMFILES(x86)%\derrepyvivering%PROGRAMFILES(x86)%\diaent%PROGRAMFILES(x86)%\dliterpory%PROGRAMFILES(x86)%\dnesharuzus%PROGRAMFILES(x86)%\donagesetese%PROGRAMFILES(x86)%\drakerlecgadom%PROGRAMFILES(x86)%\dralach%PROGRAMFILES(x86)%\dranoge%PROGRAMFILES(x86)%\drarainganipition%PROGRAMFILES(x86)%\drecetain%PROGRAMFILES(x86)%\drejiy%PROGRAMFILES(x86)%\drenackghowedom%PROGRAMFILES(x86)%\dresle%PROGRAMFILES(x86)%\dretule%PROGRAMFILES(x86)%\drewespgrerwey%PROGRAMFILES(x86)%\drizphqolother%PROGRAMFILES(x86)%\drjother%PROGRAMFILES(x86)%\droqekziday%PROGRAMFILES(x86)%\drpasydest%PROGRAMFILES(x86)%\druciy%PROGRAMFILES(x86)%\druditain%PROGRAMFILES(x86)%\dudusyplesoch%PROGRAMFILES(x86)%\duqitainpcile%PROGRAMFILES(x86)%\eepyruha%PROGRAMFILES(x86)%\emather%PROGRAMFILES(x86)%\fepuly%PROGRAMFILES(x86)%\fermuge%PROGRAMFILES(x86)%\ferory%PROGRAMFILES(x86)%\feusenofs%PROGRAMFILES(x86)%\figasy%PROGRAMFILES(x86)%\fijushreibuent%PROGRAMFILES(x86)%\filetnemerck%PROGRAMFILES(x86)%\fovigemei%PROGRAMFILES(x86)%\garunufupy%PROGRAMFILES(x86)%\gazshrasity%PROGRAMFILES(x86)%\gefing%PROGRAMFILES(x86)%\gefudom%PROGRAMFILES(x86)%\gerrershsterother%PROGRAMFILES(x86)%\gersoghgrlopy%PROGRAMFILES(x86)%\gertery%PROGRAMFILES(x86)%\ghabuty%PROGRAMFILES(x86)%\gherertionghatersh%PROGRAMFILES(x86)%\ghergersyqerkeing%PROGRAMFILES(x86)%\gherhis%PROGRAMFILES(x86)%\gherjech%PROGRAMFILES(x86)%\gherkadomijly%PROGRAMFILES(x86)%\ghgersybqury%PROGRAMFILES(x86)%\ghibay%PROGRAMFILES(x86)%\ghijerght%PROGRAMFILES(x86)%\ghmalyanacoing%PROGRAMFILES(x86)%\ghojetain%PROGRAMFILES(x86)%\ghojiryjile%PROGRAMFILES(x86)%\ghorugh%PROGRAMFILES(x86)%\ghubuge%PROGRAMFILES(x86)%\ghuverckplokaent%PROGRAMFILES(x86)%\gjadom%PROGRAMFILES(x86)%\gokolestepation%PROGRAMFILES(x86)%\granidomrsaph%PROGRAMFILES(x86)%\grawition%PROGRAMFILES(x86)%\grcakmiberdom%PROGRAMFILES(x86)%\grerght%PROGRAMFILES(x86)%\grersiward%PROGRAMFILES(x86)%\grerzersp%PROGRAMFILES(x86)%\griduy%PROGRAMFILES(x86)%\grihersmiritain%PROGRAMFILES(x86)%\griqitherphegoty%PROGRAMFILES(x86)%\grocentreevugh%PROGRAMFILES(x86)%\grokise%PROGRAMFILES(x86)%\gromeent%PROGRAMFILES(x86)%\groseghtjibied%PROGRAMFILES(x86)%\grtase%PROGRAMFILES(x86)%\grupward%PROGRAMFILES(x86)%\grurecult%PROGRAMFILES(x86)%\grutesy%PROGRAMFILES(x86)%\gubicult%PROGRAMFILES(x86)%\hecyhewury%PROGRAMFILES(x86)%\herary%PROGRAMFILES(x86)%\herhery%PROGRAMFILES(x86)%\herjery%PROGRAMFILES(x86)%\hertion%PROGRAMFILES(x86)%\hidupyplumole%PROGRAMFILES(x86)%\hiulysaey%PROGRAMFILES(x86)%\holush%PROGRAMFILES(x86)%\howight%PROGRAMFILES(x86)%\hubishrwoy%PROGRAMFILES(x86)%\humedomlutik%PROGRAMFILES(x86)%\huvachreerjepy%PROGRAMFILES(x86)%\icackaraergh%PROGRAMFILES(x86)%\icockreoguing%PROGRAMFILES(x86)%\idoing%PROGRAMFILES(x86)%\idotion%PROGRAMFILES(x86)%\ifeghtarinuph%PROGRAMFILES(x86)%\jacestreward%PROGRAMFILES(x86)%\jegoing%PROGRAMFILES(x86)%\jercaenttrch%PROGRAMFILES(x86)%\jerjers%PROGRAMFILES(x86)%\jetrympward%PROGRAMFILES(x86)%\jevilewomuty%PROGRAMFILES(x86)%\jeweseprsot%PROGRAMFILES(x86)%\jntmodo%PROGRAMFILES(x86)%\jorosparertary%PROGRAMFILES(x86)%\judolyderfck%PROGRAMFILES(x86)%\juserly%PROGRAMFILES(x86)%\kajuynobersh%PROGRAMFILES(x86)%\kedasepuving%PROGRAMFILES(x86)%\keoght%PROGRAMFILES(x86)%\kikusphudoght%PROGRAMFILES(x86)%\kukther%PROGRAMFILES(x86)%\kuroplgaly%PROGRAMFILES(x86)%\lafetqilse%PROGRAMFILES(x86)%\lerlaied%PROGRAMFILES(x86)%\lermacultoqus%PROGRAMFILES(x86)%\lerqashchigother%PROGRAMFILES(x86)%\letegeshopother%PROGRAMFILES(x86)%\lfasyjiqege%PROGRAMFILES(x86)%\lgechsteris%PROGRAMFILES(x86)%\lhoyplerwuse%PROGRAMFILES(x86)%\lomutherbagaied%PROGRAMFILES(x86)%\luhuch%PROGRAMFILES(x86)%\lurshgerns%PROGRAMFILES(x86)%\lwuward%PROGRAMFILES(x86)%\magdom%PROGRAMFILES(x86)%\mehition%PROGRAMFILES(x86)%\meqoshvurery%PROGRAMFILES(x86)%\mertoghtzehige%PROGRAMFILES(x86)%\mevaentcoijely%PROGRAMFILES(x86)%\mijerwardplemese%PROGRAMFILES(x86)%\miqoshzesetion%PROGRAMFILES(x86)%\miwertainckerpsp%PROGRAMFILES(x86)%\mizotycernery%PROGRAMFILES(x86)%\mokagecerpuly%PROGRAMFILES(x86)%\muziiedsvosh%PROGRAMFILES(x86)%\naerentprefos%PROGRAMFILES(x86)%\nasitain%PROGRAMFILES(x86)%\negerle%PROGRAMFILES(x86)%\negoent%PROGRAMFILES(x86)%\nelithetay%PROGRAMFILES(x86)%\nerrachghefeing%PROGRAMFILES(x86)%\nerwughlleried%PROGRAMFILES(x86)%\newughikeing%PROGRAMFILES(x86)%\Nidaty%PROGRAMFILES(x86)%\nilchtherjerent%PROGRAMFILES(x86)%\nimkdejersp%PROGRAMFILES(x86)%\nitish%PROGRAMFILES(x86)%\niwerdavitain%PROGRAMFILES(x86)%\noferkgrorerk%PROGRAMFILES(x86)%\nofoiedanasition%PROGRAMFILES(x86)%\nulchsezas%PROGRAMFILES(x86)%\nvather%PROGRAMFILES(x86)%\pciphtheviry%PROGRAMFILES(x86)%\pedittawese%PROGRAMFILES(x86)%\pekusy%PROGRAMFILES(x86)%\peloch%PROGRAMFILES(x86)%\peroty%PROGRAMFILES(x86)%\phaderplemaing%PROGRAMFILES(x86)%\phagiselipege%PROGRAMFILES(x86)%\phagoge%PROGRAMFILES(x86)%\phapergeatjaied%PROGRAMFILES(x86)%\pharudom%PROGRAMFILES(x86)%\phbiiedtorle%PROGRAMFILES(x86)%\phediktebaght%PROGRAMFILES(x86)%\pheption%PROGRAMFILES(x86)%\pherluied%PROGRAMFILES(x86)%\pherlutherprudit%PROGRAMFILES(x86)%\phertuph%PROGRAMFILES(x86)%\pherzok%PROGRAMFILES(x86)%\philughgrukis%PROGRAMFILES(x86)%\phudikthwisy%PROGRAMFILES(x86)%\phuige%PROGRAMFILES(x86)%\phuquk%PROGRAMFILES(x86)%\phviingstaledom%PROGRAMFILES(x86)%\pirering%PROGRAMFILES(x86)%\pizery%PROGRAMFILES(x86)%\placutherghulers%PROGRAMFILES(x86)%\platergh%PROGRAMFILES(x86)%\platety%PROGRAMFILES(x86)%\plberied%PROGRAMFILES(x86)%\plebuckwuwury%PROGRAMFILES(x86)%\plelage%PROGRAMFILES(x86)%\plercitzumet%PROGRAMFILES(x86)%\plibedom%PROGRAMFILES(x86)%\plizoy%PROGRAMFILES(x86)%\plokoy%PROGRAMFILES(x86)%\pluteward%PROGRAMFILES(x86)%\poaentdermuch%PROGRAMFILES(x86)%\preguckuech%PROGRAMFILES(x86)%\prergasp%PROGRAMFILES(x86)%\prerqiwarddacertain%PROGRAMFILES(x86)%\prerus%PROGRAMFILES(x86)%\prifuly%PROGRAMFILES(x86)%\pripiieddocch%PROGRAMFILES(x86)%\prissy%PROGRAMFILES(x86)%\prjoentmerdery%PROGRAMFILES(x86)%\prlusterkogh%PROGRAMFILES(x86)%\projlyanubay%PROGRAMFILES(x86)%\prunaplatuph%PROGRAMFILES(x86)%\prusash%PROGRAMFILES(x86)%\prutuy%PROGRAMFILES(x86)%\pubight%PROGRAMFILES(x86)%\qalolefaqent%PROGRAMFILES(x86)%\qeqotion%PROGRAMFILES(x86)%\qerhawardkiztion%PROGRAMFILES(x86)%\qerzise%PROGRAMFILES(x86)%\qitech%PROGRAMFILES(x86)%\qivethercoqerly%PROGRAMFILES(x86)%\qnuhegach%PROGRAMFILES(x86)%\razoward%PROGRAMFILES(x86)%\reasetyulesp%PROGRAMFILES(x86)%\reawerghtraserph%PROGRAMFILES(x86)%\rebergeclarodom%PROGRAMFILES(x86)%\reerwerghtsergale%PROGRAMFILES(x86)%\referkzabak%PROGRAMFILES(x86)%\reilechjpu%PROGRAMFILES(x86)%\reiwaghgherfile%PROGRAMFILES(x86)%\remerspwaqing%PROGRAMFILES(x86)%\reocight%PROGRAMFILES(x86)%\reoientrusoge%PROGRAMFILES(x86)%\reonosptewoy%PROGRAMFILES(x86)%\reosetherprutaent%PROGRAMFILES(x86)%\reowtainvesck%PROGRAMFILES(x86)%\reratqatudom%PROGRAMFILES(x86)%\rerkuy%PROGRAMFILES(x86)%\rersse%PROGRAMFILES(x86)%\reurusptujos%PROGRAMFILES(x86)%\reuses%PROGRAMFILES(x86)%\riferpy%PROGRAMFILES(x86)%\rilethercheduied%PROGRAMFILES(x86)%\ripitsjile%PROGRAMFILES(x86)%\rjatain%PROGRAMFILES(x86)%\rokaphdruzitain%PROGRAMFILES(x86)%\rolugh%PROGRAMFILES(x86)%\rosatain%PROGRAMFILES(x86)%\sagerspkawege%PROGRAMFILES(x86)%\sahotplerpoied%PROGRAMFILES(x86)%\saquterpward%PROGRAMFILES(x86)%\serhesy%PROGRAMFILES(x86)%\sewasemhient%PROGRAMFILES(x86)%\shapoly%PROGRAMFILES(x86)%\shbseverqersp%PROGRAMFILES(x86)%\shekicult%PROGRAMFILES(x86)%\shepashkuderward%PROGRAMFILES(x86)%\shetighaterbent%PROGRAMFILES(x86)%\shijerghnuguch%PROGRAMFILES(x86)%\shntherquhither%PROGRAMFILES(x86)%\shoccult%PROGRAMFILES(x86)%\shodisyqrugh%PROGRAMFILES(x86)%\shomephclezeried%PROGRAMFILES(x86)%\shorush%PROGRAMFILES(x86)%\shumaing%PROGRAMFILES(x86)%\shuqitainstazegh%PROGRAMFILES(x86)%\shurerphraterward%PROGRAMFILES(x86)%\sokeing%PROGRAMFILES(x86)%\stiduy%PROGRAMFILES(x86)%\stumogeqebut%PROGRAMFILES(x86)%\thaberchnaey%PROGRAMFILES(x86)%\therhisy%PROGRAMFILES(x86)%\toliingcluverph%PROGRAMFILES(x86)%\tukerty%PROGRAMFILES(x86)%\tukoentvegsh%PROGRAMFILES(x86)%\valoryatusation%PROGRAMFILES(x86)%\vastyatedeing%PROGRAMFILES(x86)%\vehotherdreguty%PROGRAMFILES(x86)%\vervghtprerqercult%PROGRAMFILES(x86)%\vieshhubule%PROGRAMFILES(x86)%\vndomkivory%PROGRAMFILES(x86)%\voboghtHKEY..\..\..\..{RegistryKeys}SOFTWARE\ompndbSOFTWARE\WOW6432Node\ompndb

Related Posts