When ScanandRepair is installed, it performs the following actions:
- Creates the following folder:
%ProgramFiles%\SpyViper Demo
Note: %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.
- Creates the following files:
- C:\Program Files\SpyViper Demo\AppRestart.exe
- C:\Program Files\SpyViper Demo\BlockedCookies.dat
- C:\Program Files\SpyViper Demo\ExeDefinition.dat
- C:\Program Files\SpyViper Demo\FileDefinition.dat
- C:\Program Files\SpyViper Demo\help.chm
- C:\Program Files\SpyViper Demo\RegistryDefinition.dat
- C:\Program Files\SpyViper Demo\riched32.dll
- C:\Program Files\SpyViper Demo\Scan_Log.txt
- C:\Program Files\SpyViper Demo\SpyViper.com.url
- C:\Program Files\SpyViper Demo\SpyViperDemo.exe
- C:\WINDOWS\Installer\[random ].msi
- C:\WINDOWS\system32\actskn43.ocx
- C:\WINDOWS\system32\mscomct2.ocx
- C:\WINDOWS\system32\mscomctl.ocx
- C:\WINDOWS\system32\richtx32.ocx
- C:\WINDOWS\system32\skinboxer43.dll
- C:\WINDOWS\system32\tabctl32.ocx
- C:\Documents and Settings\Administrator\Desktop\SpyViper Demo.lnk
- C:\Documents and Settings\Administrator\Start Menu\Programs\SpyViper.com Software\SpyViper Demo\Readme-Help.lnk
- C:\Documents and Settings\Administrator\Start Menu\Programs\SpyViper.com Software\SpyViper Demo\SpyViper Demo.lnk
- C:\Documents and Settings\Administrator\Start Menu\Programs\SpyViper.com Software\SpyViper Demo\SpyViper.com.url
- C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{7D77157C-CB0B-443B-A62A-8BCA496BA488}\[random].exe
- Creates the following registry subkeys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\DE3CB23B70E487F42BC60E58932FB63E
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7D77157C-CB0B-443B-A62A-8BCA496BA488}
HKEY_ALL_USERS\Software\Microsoft\Installer\Features\C75177D7B0BCB3446AA2B8AC94B64A88
HKEY_ALL_USERS\Software\Microsoft\Installer\Products\C75177D7B0BCB3446AA2B8AC94B64A88
HKEY_ALL_USERS\Software\Microsoft\Installer\UpgradeCodes\DE3CB23B70E487F42BC60E58932FB63E
HKEY_LOCAL_MACHINE\SOFTWARE\SpyViper.com
HKEY_ALL_USERS\Software\UnSpyPC
HKEY_ALL_USERS\Software\VB and VBA Program Settings\AdwareRemovalSoftware
HKEY_ALL_USERS\Software\VB and VBA Program Settings\SpyViper
- Adds the value:
"SpyViperDemo" = "C:\Program Files\SpyViper Demo\SpyViperDemo"
to the registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
so that it is executed every time Windows starts.
- Adds the values:
"C:\Program Files\SpyViper Demo\" = ""
"C:\Documents and Settings\Administrator\Start Menu\Programs\SpyViper.com Software\" = ""
"C:\Documents and Settings\Administrator\Start Menu\Programs\SpyViper.com Software\SpyViper Demo\" = ""
"C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{7D77157C-CB0B-443B-A62A-8BCA496BA488}" = ""
to the registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
