Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'sys10' = '%HOMEPATH%\Local Settings\TempImages\spf11.exe'
- %WINDIR%\Tasks\Scheduled Update for Ask Toolbar.job
- [<HKLM>\SYSTEM\ControlSet001\Services\Seekapp Service] 'Start' = '00000002'
- '%PROGRAM_FILES%\Seekapp\seekapp.exe' "%PROGRAM_FILES%\Seekapp\seekapp.dll" Main
- '%ALLUSERSPROFILE%\Application Data\Seekapp\seekapp122.exe' "%PROGRAM_FILES%\Seekapp\seekapp.dll" Service
- '%HOMEPATH%\Local Settings\TempImages\spf11.exe' Settings\TempImages\spf11.exe
- '%PROGRAM_FILES%\Ask.com\TaskScheduler.exe' %PROGRAM_FILES%\Ask.com\UpdateTask.exe
- '%WINDIR%\Installer\MSI10.tmp'
- '%TEMP%\nsb8.tmp\seekapp.exe' "%TEMP%\nsb8.tmp\seekapp.dll" Install "-p SkapPAP "
- '%HOMEPATH%\Local Settings\TempImages\skasetup-122-SkapPAP.exe' Settings\TempImages\skasetup-122-SkapPAP.exe
- '%HOMEPATH%\Local Settings\TempImages\askToolbarInstaller-1.3.1.0.exe' Settings\TempImages\askToolbarInstaller-1.3.1.0.exe /verysilent /sa /tbr toolbar=SE
- '%TEMP%\ska4.tmp\skasetup-122-SkapPAP.exe' -p SkapPAP /S
- '%TEMP%\nsb8.tmp\seekapp.exe' "%TEMP%\nsb8.tmp\seekapp.dll" -r
- '%TEMP%\NEW3.tmp.exe' /s /v"PARTNER=SE HPR=NO /qn"
- '<SYSTEM32>\msiexec.exe' -Embedding 4DC1DBA8F13E0EF45127B7D0B6DB2931
- '<SYSTEM32>\msiexec.exe' -Embedding FC0E333281C4528927D97191AD034ECE M Global\MSI0000
- '<SYSTEM32>\msiexec.exe' /i "%TEMP%\{71E11998-EB9E-4BFF-BF6C-5124A6B63EB1}\Ask Toolbar.msi" /L*vx %TEMP%\ASKSUTBLOG PARTNER=SE HPR=NO /qn SETUPEXEDIR="%HOMEPATH%\Local Settings\Temp" SETUPEXENAME="NEW3.tmp.exe"
- '<SYSTEM32>\msiexec.exe' /V
- %TEMP%\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exe
- %TEMP%\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\askHomePage.exe
- %TEMP%\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\AskFFSuccess.js
- %TEMP%\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\askpopup.exe
- %WINDIR%\Installer\MSIF.tmp
- %TEMP%\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\AskHPRFF.js
- %TEMP%\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\JSXPCOMInstaller.exe
- %TEMP%\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\Del_AskHPRFF.VBS
- %TEMP%\{71E11998-EB9E-4BFF-BF6C-5124A6B63EB1}\Ask Toolbar.msi
- %PROGRAM_FILES%\Seekapp\uninstall.exe
- %PROGRAM_FILES%\Seekapp\readme.html
- %TEMP%\ASKSUTBLOG
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\adspace_bc_ref_1[1].htm
- %WINDIR%\Installer\MSIE.tmp
- %WINDIR%\Installer\2dbdf.msi
- %WINDIR%\Installer\MSI10.tmp
- %PROGRAM_FILES%\Ask.com\config.xml
- %PROGRAM_FILES%\Ask.com\mupcfg.xml
- %PROGRAM_FILES%\Ask.com\UpdateTask.exe
- %WINDIR%\Installer\MSI16.tmp
- %WINDIR%\Installer\MSI19.tmp
- %WINDIR%\Installer\MSI18.tmp
- %WINDIR%\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe
- %PROGRAM_FILES%\Ask.com\TaskScheduler.exe
- %WINDIR%\Installer\MSI12.tmp
- %WINDIR%\Installer\MSI11.tmp
- %TEMP%\~13.tmp
- %PROGRAM_FILES%\Ask.com\GenericAskToolbar.dll
- %WINDIR%\Installer\MSI15.tmp
- C:\Config.Msi\2dbe2.rbs
- %PROGRAM_FILES%\Seekapp\seekapp.exe
- %TEMP%\nsa2.tmp\ExecDos.dll
- %TEMP%\nsa2.tmp\modern-wizard.bmp
- %TEMP%\nsa2.tmp\ioSpecial.ini
- %TEMP%\NEW3.tmp.exe
- %TEMP%\nsa7.tmp\System.dll
- %TEMP%\nsp6.tmp
- %TEMP%\ska4.tmp\skasetup-122-SkapPAP.exe
- %TEMP%\nsa2.tmp\ioAsk.ini
- %HOMEPATH%\Local Settings\TempImages\AskInstallChecker.exe
- %HOMEPATH%\Local Settings\TempImages\ioClean.ini
- %TEMP%\nsa2.tmp\System.dll
- %HOMEPATH%\Local Settings\TempImages\askToolbarInstaller-1.3.1.0.exe
- %HOMEPATH%\Local Settings\TempImages\spf11.exe
- %HOMEPATH%\Local Settings\TempImages\skasetup-122-SkapPAP.exe
- %HOMEPATH%\Local Settings\TempImages\ask.bmp
- %TEMP%\nsa7.tmp\logo.bmp
- %TEMP%\_isC.tmp
- %TEMP%\nsb8.tmp\seekapp.exe
- %TEMP%\nsb8.tmp\uninstall.exe
- %TEMP%\~B.tmp
- %PROGRAM_FILES%\Seekapp\seekapp.dll
- %ALLUSERSPROFILE%\Application Data\Seekapp\seekapp122.exe
- %TEMP%\_isD.tmp
- %TEMP%\nsb8.tmp\readme.html
- %TEMP%\{71E11998-EB9E-4BFF-BF6C-5124A6B63EB1}\Setup.INI
- %TEMP%\_is9.tmp
- %TEMP%\nsa7.tmp\infoPage.ini
- %TEMP%\nsb8.tmp\seekapp.dll
- %TEMP%\{71E11998-EB9E-4BFF-BF6C-5124A6B63EB1}\0x0409.ini
- %TEMP%\_isA.tmp
- %TEMP%\{71E11998-EB9E-4BFF-BF6C-5124A6B63EB1}\_ISMSIDEL.INI
- %TEMP%\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\AskHPRFF.js
- %TEMP%\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\askHomePage.exe
- %TEMP%\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\Del_AskHPRFF.VBS
- %TEMP%\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\askpopup.exe
- %TEMP%\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\AskFFSuccess.js
- %PROGRAM_FILES%\Ask.com\TaskScheduler.exe
- C:\Config.Msi\2dbe2.rbs
- %WINDIR%\Installer\MSI18.tmp
- %TEMP%\~13.tmp
- %TEMP%\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\JSXPCOMInstaller.exe
- %TEMP%\{71E11998-EB9E-4BFF-BF6C-5124A6B63EB1}\Setup.INI
- %TEMP%\{71E11998-EB9E-4BFF-BF6C-5124A6B63EB1}\Ask Toolbar.msi
- %TEMP%\NEW3.tmp.exe
- %TEMP%\{71E11998-EB9E-4BFF-BF6C-5124A6B63EB1}\_ISMSIDEL.INI
- %TEMP%\{71E11998-EB9E-4BFF-BF6C-5124A6B63EB1}\0x0409.ini
- %WINDIR%\Installer\MSI19.tmp
- %TEMP%\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exe
- %WINDIR%\Installer\2dbe1.ipi
- %WINDIR%\Installer\2dbdf.msi
- %WINDIR%\Installer\MSI11.tmp
- %TEMP%\nsb8.tmp\seekapp.exe
- %TEMP%\nsb8.tmp\seekapp.dll
- %TEMP%\nsa7.tmp\infoPage.ini
- %TEMP%\nsb8.tmp\uninstall.exe
- %TEMP%\nsb8.tmp\readme.html
- %TEMP%\_isA.tmp
- %TEMP%\_is9.tmp
- %TEMP%\~B.tmp
- %TEMP%\_isC.tmp
- %TEMP%\nsa7.tmp\logo.bmp
- %WINDIR%\Installer\MSI12.tmp
- %WINDIR%\Installer\MSI10.tmp
- %WINDIR%\Installer\MSI16.tmp
- %WINDIR%\Installer\MSI15.tmp
- %WINDIR%\Installer\MSIF.tmp
- %TEMP%\ska4.tmp\skasetup-122-SkapPAP.exe
- %TEMP%\nsa7.tmp\System.dll
- %WINDIR%\Installer\MSIE.tmp
- %TEMP%\_isD.tmp
- 'www.sp###apps.com':80
- 'localhost':1036
- www.sp###apps.com/adspace_bc_ref_1.htm
- DNS ASK www.sp###apps.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''