Threat Information for "EQAdvice"

Removal Top

StopSign will automatically remove this infection with a paid membership.

Summary Top
  • Name: EQAdvice
  • Aliases:
  • Date Discovered: 2006-04-21
  • Protection Added: 2006-05-01
Description Top 

            

            

            
                

                

                

                Technical Details
                Top
                

                

                

                
  • Added Directory/File:
    FilePath: %WINDIR%\dh.ini
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\FCAdvice\FCAdvice.exe
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\EQBranch\Uninstall.exe
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\EQAdvice
  • Added Directory/File:
    FilePath: %TEMPDIR%\contextualapp.exe
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\EQBranch\EQBranch.exe
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\EQAdvice\sf.txt
  • Added Directory/File:
    FilePath: %WINDIR%\pf??.exe
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\FCAdvice
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\EQAdvice\EQAdvice.exe
  • Added Directory/File:
    FilePath: %WINDIR%\wallpap.exe
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\FCAdvice\patterns.dat
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\EQBranch
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\FCAdvice\FCAdvice.dll
  • Added Directory/File:
    FilePath: %CACHE%\contextualapp*.exe
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\EQBranch\sf.txt
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\EQAdvice\Uninstall.exe
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\Runner.dll
  • Added Directory/File:
    FilePath: %WINDIR%\DH.dll
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\EQAdvice\hf.txt
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\ad.html
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\FCAdvice\Uninstall.exe
  • Added Registry Key:
    Key: HKCU\Software\EQAdvice
  • Added Registry Key:
    Key: HKCU\Software\EQBranch
  • Added Registry Key:
    Key: HKLM\%CURRENTVERSIONREG%\DH
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\CLSID\{994D478A-45D0-4DB4-AE77-288B1E346E99}
  • Added Registry Key:
    Key: HKCU\Software\FCAdvice
  • Added Registry Key:
    Key: HKLM\%BHOREG%\{6001CDF7-6F45-471b-A203-0225615E35A7}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\TypeLib\{1B8B502E-455B-4022-BE77-FB6D9F808A18}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\CLSID\{6001CDF7-6F45-471b-A203-0225615E35A7}
  • Added Registry Data:
    Key: HKCU\%CURRENTVERSIONREG%\Run
Value: [RANDOM VALUE]
Data: %PROGRAMFILESDIR%\EQBranch\EQBranch.exe
  • Added Registry Data:
    Key: HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\text/html
Value: [RANDOM VALUE]
Data: FCEngine.MimeFilter
  • Added Registry Data:
    Key: HKCU\%CURRENTVERSIONREG%\Run
Value: [RANDOM VALUE]
Data: %PROGRAMFILESDIR%\EQAdvice\EQAdvice.exe
  • Added Registry Data:
    Key: HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\text/html
Value: [RANDOM VALUE]
Data: {994D478A-45D0-4DB4-AE77-288B1E346E99}