PUA.Win32.SpeedUpMyPc.AE
Windows
- マルウェアタイプ: 潜在的に迷惑なアプリケーション
- 破壊活動の有無: なし
- 暗号化:
- 感染報告の有無: はい
概要
プログラムは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。
詳細
侵入方法
プログラムは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。
インストール
プログラムは、以下のプロセスを追加します。
- %User Temp%\supoptsetup.exe /VERYSILENT
- "%User Temp%\is-KKS04.tmp\supoptsetup.tmp" /SL5="$20168,7227052,643584,%User Temp%\supoptsetup.exe" /VERYSILENT
- "%System%\rundll32.exe" "%Program Files%\Super Optimizer\SupOptCrash.dll",ENT -install
- %Program Files%\Super Optimizer\SupOptStart.exe
- "%System%\rundll32.exe" "%Program Files%\Super Optimizer\SupOptCrash.dll",ENT
(註:%User Temp%フォルダは、現在ログオンしているユーザの一時フォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\<ユーザー名>\Local Settings\Temp"です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Users\<ユーザ名>\AppData\Local\Temp" です。. %Program Files%フォルダは、デフォルトのプログラムファイルフォルダです。C:\Program Files in Windows 2000(32-bit)、Server 2003(32-bit)、XP、Vista(64-bit)、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Program Files"です。また、Windows XP(64-bit)、Vista(64-bit)、7(64-bit)、8(64-bit)、8.1(64-bit)、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Program Files(x86)" です。)
プログラムは、以下のフォルダを作成します。
- %Program Files%\Super Optimizer
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer
- %User Temp%\is-S9HED.tmp\_isetup
(註:%Program Files%フォルダは、デフォルトのプログラムファイルフォルダです。C:\Program Files in Windows 2000(32-bit)、Server 2003(32-bit)、XP、Vista(64-bit)、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Program Files"です。また、Windows XP(64-bit)、Vista(64-bit)、7(64-bit)、8(64-bit)、8.1(64-bit)、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Program Files(x86)" です。. %All Users Profile%フォルダは、ユーザの共通プロファイルフォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\All Users” です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\ProgramData” です。. %User Temp%フォルダは、現在ログオンしているユーザの一時フォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\<ユーザー名>\Local Settings\Temp"です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Users\<ユーザ名>\AppData\Local\Temp" です。)
自動実行方法
プログラムは、自身をシステムサービスとして登録し、Windows起動時に自動実行されるよう以下のレジストリ値を追加します。
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\cae99edb
ImagePath = "%System%\rundll32.exe %Program Files%\Super Optimizer\SupOptCrash.dll,ENT"
プログラムは、自身のコピーがWindows起動時に自動実行されるよう以下のレジストリ値を追加します。
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Run
Super Optimizer = "%Program Files%\Super Optimizer\SupOptLauncher.exe"
他のシステム変更
プログラムは、以下のファイルを削除します。
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Check updates.url
- %Program Files%\Super Optimizer\is-D7JH0.tmp
- %Desktop%\Super Optimizer.pif
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Check updates.pif
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Help.url
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Uninstall Super Optimizer.url
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Super Optimizer on the Web.pif
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Super Optimizer on the Web.url
- %Desktop%\Super Optimizer.url
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Super Optimizer.url
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Uninstall Super Optimizer.pif
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Help.pif
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Super Optimizer.pif
(註:%All Users Profile%フォルダは、ユーザの共通プロファイルフォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\All Users” です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\ProgramData” です。. %Program Files%フォルダは、デフォルトのプログラムファイルフォルダです。C:\Program Files in Windows 2000(32-bit)、Server 2003(32-bit)、XP、Vista(64-bit)、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Program Files"です。また、Windows XP(64-bit)、Vista(64-bit)、7(64-bit)、8(64-bit)、8.1(64-bit)、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Program Files(x86)" です。. %Desktop%フォルダは、現在ログオンしているユーザのデスクトップです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\<ユーザ名>\Desktop" です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Users\<ユーザ名>\Desktop" です。)
プログラムは、以下のレジストリ値を追加します。
HKEY_CURRENT_USER\Software\Super Optimizer
SetupName = "{malware file path and name}"
HKEY_CURRENT_USER\Software\Microsoft\
RestartManager\Session0000
Owner = "\xe0\x04\x00\x00\xcdd\x7fS\x9b\xb4\xd5\x01"
HKEY_CURRENT_USER\Software\Microsoft\
RestartManager\Session0000
SessionHash = "{random characters}"
HKEY_CURRENT_USER\Software\Microsoft\
RestartManager\Session0000
Sequence = "1"
HKEY_CURRENT_USER\Software\Microsoft\
RestartManager\Session0000
RegFiles0000 = "\x00\x00\x00\x00l\xee\x90\x80\x04\xe1\x80\x80t\xe0\xb8\x84"
HKEY_CURRENT_USER\Software\Microsoft\
RestartManager\Session0000
RegFilesHash = "{random characters}"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_d7c3e76f\eae10f9d
340d3099 = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_d7c3e76f\eae10f9d
dbaf3ce3 = "/P////%%"
HKEY_CURRENT_USER\Software\Super Optimizer
Language = "1"
HKEY_CURRENT_USER\Software\Microsoft\
Windows NT\CurrentVersion\AppCompatFlags\
Compatibility Assistant\Persisted\%System Root%\
Program Files\Super Optimizer
unins000.exe = "1"
HKEY_CURRENT_USER\Software\Microsoft\
Windows NT\CurrentVersion\AppCompatFlags\
Compatibility Assistant\Persisted\%Program Files%\
Super Optimizer
unins000.exe = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
Inno Setup: Setup Version = "5.5.3 (u)"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
Inno Setup: App Path = "%Program Files%\Super Optimizer"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
InstallLocation = "%Program Files%\Super Optimizer"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
Inno Setup: Icon Group = "Super Optimizer"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
Inno Setup: User = "{username}"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
Inno Setup: Selected Tasks = "desktopicon"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
Inno Setup: Deselected Tasks = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
Inno Setup: Language = "en"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
DisplayName = "Super Optimizer v3.2"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
DisplayIcon = "%Program Files%\Super Optimizer\SupOptLauncher.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
UninstallString = "%Program Files%\Super Optimizer\unins000.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
QuietUninstallString = "%Program Files%\Super Optimizer\unins000.exe /SILENT"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
DisplayVersion = "3.2.0.1"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
Publisher = "Super PC Tools ltd"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
URLInfoAbout = "http://www.{BLOCKED}ctools.com"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
HelpLink = "http://www.{BLOCKED}ctools.com"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
URLUpdateInfo = "http://www.{BLOCKED}ctools.com"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
NoModify = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
NoRepair = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
InstallDate = "20191217"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
MajorVersion = "3"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
MinorVersion = "2"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Uninstall\Super Optimizer_is1
EstimatedSize = "14383"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
date = "1586929388"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
date = "1586929388"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
data.0 = "{random characters}"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
data.0 = "{random characters}"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
data.1 = "{random characters}"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
data.1 = "{random characters}"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
usr.0 = "q+zCWn0123456789/X"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
usr.0 = "q+zCWn0123456789/X"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
usr.1 = "fpnTNMWYSUMOQIKEG+"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
usr.1 = "fpnTNMWYSUMOQIKEG+"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
version = "22022115"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
uuid = "274677124"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
uuid = "274677124"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
51d2f2ea = "JlA+/Y//GPAf/B//IlAl/YP/HPAi/Xt/dxAu/YZ/Z//e/B2/N//l/B2/Vx/l/CD/NP////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
51d2f2ea = "JlA+/Y//GPAf/B//IlAl/YP/HPAi/Xt/dxAu/YZ/Z//e/B2/N//l/B2/Vx/l/CD/NP////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
a2e3b941 = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
a2e3b941 = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
bbf88800 = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
bbf88800 = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
appid.0 = "AOMhbzNQRjafeIKEG+aZ7GJTjMuXVy8B2gKSOC"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
state = "0"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
a1dcff5b = "V/////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
a1dcff5b = "V/////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
340d3099 = "/P////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
340d3099 = "/P////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
0e93c3f3 = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
0e93c3f3 = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
0c230bcb = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
0c230bcb = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
27ddcf6f = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
27ddcf6f = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
414bc593 = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
414bc593 = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
f0bf0bde = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
f0bf0bde = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
c99a5f5c = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
c99a5f5c = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
72758a5d = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
72758a5d = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
e46c271e = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
e46c271e = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
7f69fa1f = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
7f69fa1f = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
3c09c42b = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
3c09c42b = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
7367429f = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
7367429f = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
0dc3ee96 = "/P////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
0dc3ee96 = "/P////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
d1abcdb6 = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
d1abcdb6 = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
38583bc3 = "Ml/2/CF/M//g/CZ////%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
38583bc3 = "Ml/2/CF/M//g/CZ////%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
c24899a6 = "Vx/g/C//M/////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
c24899a6 = "Vx/g/C//M/////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
65114b36 = "VP/+"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
65114b36 = "VP/+"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
f1f24e29 = "Vl/l/C/////%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
f1f24e29 = "Vl/l/C/////%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
6185d035 = "VP/h/CP/V//l"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
6185d035 = "VP/h/CP/V//l"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
c5705860 = "Vx////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
c5705860 = "Vx////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
a0743acc = "N/////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
a0743acc = "N/////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
c6c5dd44 = "V/////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
c6c5dd44 = "V/////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
1520c6f1 = "V/////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
1520c6f1 = "V/////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
2d71d5ab = "V/////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
2d71d5ab = "V/////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
8b9e4cbc = "V/////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
8b9e4cbc = "V/////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
fe94ce1e = "V/////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
fe94ce1e = "V/////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
587b5709 = "V/////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
587b5709 = "V/////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
lrts = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
lrts = "0"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
mode = "4026531840"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
mode = "4026531840"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
svn = "Super Optimizer"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
svx = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
svi = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
svt = "1576595606"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
370856c7 = "\x00"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
370856c7 = "\x00"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
493c7345 = "\x00\x00"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
493c7345 = "\x00\x00"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
3efeb33e = "\x00"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
3efeb33e = "\x00"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
a47da861 = "{random characters}"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
a47da861 = "{random characters}"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
2e22d94e = "///%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
2e22d94e = "///%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
48bd1aff = "V/////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
48bd1aff = "V/////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
f6ad6fa6 = "V/////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
f6ad6fa6 = "V/////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
d94388d2 = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
d94388d2 = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
37b7a6d8 = "UlAr/XJ/c//k"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
37b7a6d8 = "UlAr/XJ/c//k"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
060df2cd = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAp/YP/UxAs/X6/aP////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
060df2cd = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAp/YP/UxAs/X6/aP////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
e8f9dcc7 = "UlAr/XJ/c//k"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
e8f9dcc7 = "UlAr/XJ/c//k"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
1c311243 = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
1c311243 = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
f2c53c49 = "UlAr/XJ/c//k"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
f2c53c49 = "UlAr/XJ/c//k"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
iiid = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
iiid = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows NT\CurrentVersion\
Windows
LoadAppInit_DLLs = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{6791A2F3-FC80-475C-A002-C014AF797E9C}
cae99edb = "%Program Files%\Super Optimizer\SupOptCrash.dll"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
dlpath = "%Program Files%\supero~1\supopt~2.dll"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
svpath = "%Program Files%\Super Optimizer\SupOptCrash.dll"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{6791A2F3-FC80-475C-A002-C014AF797E9C}
n = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
n = "1"
HKEY_CURRENT_USER\Software\AppDataLow\
{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
dbaf3ce3 = "/P////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
00000000
370856c7 = "\x00"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
00000000
3efeb33e = "\x00"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
00000000
493c7345 = "\x00\x00"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
00000000
a47da861 = "\x00\x00E"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
060df2cd = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAp/YP/UxAs/X6/aP////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
0c230bcb = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
0dc3ee96 = "/P////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
0e93c3f3 = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
1520c6f1 = "V/////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
1c311243 = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
27ddcf6f = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
2d71d5ab = "V/////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
2e22d94e = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
340d3099 = "/P////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
37b7a6d8 = "UlAr/XJ/c//k"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
38583bc3 = "Ml/2/CF/M//g/CZ////%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
3c09c42b = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
414bc593 = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
48bd1aff = "V/////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
51d2f2ea = "JlA+/Y//GPAf/B//IlAl/YP/HPAi/Xt/dxAu/YZ/Z//e/B2/N//l/B2/Vx/l/CD/NP////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
587b5709 = "V/////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
6185d035 = "VP/h/CP/V//l"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
65114b36 = "VP/+"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
72758a5d = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
7367429f = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
7f69fa1f = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
8b9e4cbc = "V/////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
a0743acc = "N/////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
a1dcff5b = "V/////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
a2e3b941 = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
bbf88800 = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
c24899a6 = "Vx/g/C//M/////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
c5705860 = "Vx////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
c6c5dd44 = "V/////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
c99a5f5c = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
d1abcdb6 = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
d94388d2 = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
e46c271e = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
e8f9dcc7 = "UlAr/XJ/c//k"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
f0bf0bde = "///%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
f1f24e29 = "Vl/l/C/////%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
f2c53c49 = "UlAr/XJ/c//k"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
f6ad6fa6 = "V/////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
fe94ce1e = "V/////%%"
HKEY_USERS\.DEFAULT\SOFTWARE\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
iiid = "1"
HKEY_USERS\S-1-5-21-2407829820-1079796033-203259571-500\Software\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
dbaf3ce3 = "/P////%%"
HKEY_USERS\S-1-5-21-2407829820-1079796033-203259571-500\Software\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
lrts = "1576596776"
HKEY_USERS\S-1-5-21-2407829820-1079796033-203259571-500\Software\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
c6c5dd44 = "VP////%%"
HKEY_USERS\S-1-5-21-2407829820-1079796033-203259571-500\Software\
AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\
eae10f9d
2d71d5ab = "VP////%%"
HKEY_CURRENT_USER\Software\Super Optimizer
InstallDate = "\x96\x12\xbeF\x14e\xe5@"
HKEY_CURRENT_USER\Software\Super Optimizer
AppStart = "0"
HKEY_CURRENT_USER\Software\Super Optimizer
Os = "106"
HKEY_CURRENT_USER\Software\Super Optimizer
MachineGuid = "F6504567-D881-20B0-F4E8-712C08200A77"
HKEY_CURRENT_USER\Software\Super Optimizer
DelayedStart = "5"
HKEY_CURRENT_USER\Software\Super Optimizer
Querry = "{random characters}"
HKEY_CURRENT_USER\Software\Super Optimizer
UninstallURL = "https://{BLOCKED}rt.com/superpctools/.spo-special/purchase?sid=211001619-JP-094"
HKEY_CURRENT_USER\Software\Super Optimizer
SupportURL = "http://support.{BLOCKED}ctools.com"
HKEY_CURRENT_USER\Software\Super Optimizer
HomePageURL = "http://www.{BLOCKED}ctools.com"
HKEY_CURRENT_USER\Software\Super Optimizer
BuyNowURL = "{random characters}"
HKEY_CURRENT_USER\Software\Super Optimizer
UseAds = "1"
HKEY_CURRENT_USER\Software\Super Optimizer
AdsHost = "dl.superpcdownload.net"
HKEY_CURRENT_USER\Software\Super Optimizer
AdsDownloadURL = "http://dl.{BLOCKED}cdownload.net/221001619/SuperUpdaterSetup.exe"
HKEY_CURRENT_USER\Software\Super Optimizer
AdsBuyNowURL = "{random characters}"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\cae99edb
DisplayName = "Super Optimizer"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\cae99edb
Start = "SERVICE_AUTO_START"
プログラムは、以下のレジストリ値を変更します。
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Windows
AppInit_DLLs = " "
プログラムは、以下のレジストリキーを削除します。
HKEY_CURRENT_USER\Software\Microsoft\
RestartManager\Session0000\RegFilesHash
HKEY_CURRENT_USER\Software\Microsoft\
RestartManager\Session0000\RegFiles0000
HKEY_CURRENT_USER\Software\Microsoft\
RestartManager\Session0000\Sequence
HKEY_CURRENT_USER\Software\Microsoft\
RestartManager\Session0000\SessionHash
HKEY_CURRENT_USER\Software\Microsoft\
RestartManager\Session0000\Owner
作成活動
プログラムは、以下のファイルを作成します。
- %Program Files%\Super Optimizer\is-5CO6F.tmp
- %Program Files%\Super Optimizer\is-58M93.tmp
- %User Temp%\__tmp_31ef8355
- %Program Files%\Super Optimizer\is-H013R.tmp
- %Program Files%\Super Optimizer\unins000.dat
- %User Temp%\__tmp_2bdbd31f
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Super Optimizer.lnk
- %Program Files%\Super Optimizer\is-8M30V.tmp
- %Program Files%\Super Optimizer\is-LIEB9.tmp
- %Program Files%\Super Optimizer\is-H1E9K.tmp
- %Program Files%\Super Optimizer\SupOptLauncher.exe
- %Program Files%\Super Optimizer\is-Q5A17.tmp
- %Program Files%\Super Optimizer\SupOptUninstaller.exe
- %Program Files%\Super Optimizer\is-RMVFK.tmp
- %Program Files%\Super Optimizer\is-74H5B.tmp
- %User Temp%\is-S9HED.tmp\_isetup\_shfoldr.dll
- %Program Files%\Super Optimizer\English.ini
- %Program Files%\Super Optimizer\CookiesException.txt
- %User Temp%\is-S9HED.tmp\SupOptCrash.dll
- %Program Files%\Super Optimizer\SupOptSchedule.exe
- %Program Files%\Super Optimizer\sqlite3.dll
- %Program Files%\Super Optimizer\SupOptSmartScan.exe
- %Program Files%\Super Optimizer\scan.gif
- %Program Files%\Super Optimizer\is-4G9AB.tmp
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Help.lnk
- %Program Files%\Super Optimizer\unins000.msg
- %Program Files%\Super Optimizer\HomePage.url
- %Program Files%\Super Optimizer\file_id.diz
- %Program Files%\Super Optimizer\SupOptHelper.dll
- %Program Files%\Super Optimizer\SupOptReminder.exe
- %Program Files%\Super Optimizer\SuperOptimizer.chm
- %Program Files%\Super Optimizer\SuperOptimizer.exe
- %Program Files%\Super Optimizer\is-3LB60.tmp
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Super Optimizer on the Web.lnk
- %Program Files%\Super Optimizer\SupOptGuard.exe
- %User Temp%\supoptsetup.exe
- %Program Files%\Super Optimizer\is-FI2MV.tmp
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Check updates.lnk
- %Program Files%\Super Optimizer\is-9K78O.tmp
- %Program Files%\Super Optimizer\StartupList.txt
- %Program Files%\Super Optimizer\SupOptStart.exe
- %Program Files%\Super Optimizer\is-DMD5B.tmp
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Uninstall Super Optimizer.lnk
- %Program Files%\Super Optimizer\SupOptCrash.dll
- %Desktop%\Super Optimizer.lnk
- %Program Files%\Super Optimizer\is-C2EJ3.tmp
- %Program Files%\Super Optimizer\unins000.exe
- %Program Files%\Super Optimizer\is-SPTCA.tmp
- %Program Files%\Super Optimizer\is-JICK7.tmp
(註:%Program Files%フォルダは、デフォルトのプログラムファイルフォルダです。C:\Program Files in Windows 2000(32-bit)、Server 2003(32-bit)、XP、Vista(64-bit)、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Program Files"です。また、Windows XP(64-bit)、Vista(64-bit)、7(64-bit)、8(64-bit)、8.1(64-bit)、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Program Files(x86)" です。. %User Temp%フォルダは、現在ログオンしているユーザの一時フォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\<ユーザー名>\Local Settings\Temp"です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Users\<ユーザ名>\AppData\Local\Temp" です。. %All Users Profile%フォルダは、ユーザの共通プロファイルフォルダです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\All Users” です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\ProgramData” です。. %Desktop%フォルダは、現在ログオンしているユーザのデスクトップです。Windows 2000(32-bit)、XP、Server 2003(32-bit)の場合、通常 "C:\Documents and Settings\<ユーザ名>\Desktop" です。また、Windows Vista、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Users\<ユーザ名>\Desktop" です。)
このウイルス情報は、自動解析システムにより作成されました。
対応方法
手順 1
Windows XP、Windows Vista 、Windows 7、および Windows 10 のユーザは、コンピュータからマルウェアもしくはアドウェア等を完全に削除するために、ウイルス検索の実行前には必ず「システムの復元」を無効にしてください。
手順 2
Windowsをセーフモードで再起動します。
手順 3
「PUA.Win32.SpeedUpMyPc.AE」で検出したファイル名を確認し、そのファイルを終了します。
- すべての実行中プロセスが、Windows のタスクマネージャに表示されない場合があります。この場合、"Process Explorer" などのツールを使用しマルウェアのファイルを終了してください。"Process Explorer" については、こちらをご参照下さい。
- 検出ファイルが、Windows のタスクマネージャまたは "Process Explorer" に表示されるものの、削除できない場合があります。この場合、コンピュータをセーフモードで再起動してください。
セーフモードについては、こちらをご参照下さい。 - 検出ファイルがタスクマネージャ上で表示されない場合、次の手順にお進みください。
手順 4
このレジストリ値を削除します。
警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
レジストリの編集はお客様の責任で行っていただくようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- Super Optimizer = "%Program Files%\Super Optimizer\SupOptLauncher.exe"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- SetupName = "{malware file path and name}"
- In HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
- Owner = "\xe0\x04\x00\x00\xcdd\x7fS\x9b\xb4\xd5\x01"
- In HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
- SessionHash = "{random characters}"
- In HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
- Sequence = "1"
- In HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
- RegFiles0000 = "\x00\x00\x00\x00l\xee\x90\x80\x04\xe1\x80\x80t\xe0\xb8\x84"
- In HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
- RegFilesHash = "{random characters}"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_d7c3e76f\eae10f9d
- 340d3099 = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_d7c3e76f\eae10f9d
- dbaf3ce3 = "/P////%%"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- Language = "1"
- In HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted\%System Root%\Program Files\Super Optimizer
- unins000.exe = "1"
- In HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted\%Program Files%\Super Optimizer
- unins000.exe = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- Inno Setup: Setup Version = "5.5.3 (u)"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- Inno Setup: App Path = "%Program Files%\Super Optimizer"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- InstallLocation = "%Program Files%\Super Optimizer"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- Inno Setup: Icon Group = "Super Optimizer"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- Inno Setup: User = "{username}"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- Inno Setup: Selected Tasks = "desktopicon"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- Inno Setup: Deselected Tasks = ""
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- Inno Setup: Language = "en"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- DisplayName = "Super Optimizer v3.2"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- DisplayIcon = "%Program Files%\Super Optimizer\SupOptLauncher.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- UninstallString = "%Program Files%\Super Optimizer\unins000.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- QuietUninstallString = "%Program Files%\Super Optimizer\unins000.exe /SILENT"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- DisplayVersion = "3.2.0.1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- Publisher = "Super PC Tools ltd"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- URLInfoAbout = "http://www.{BLOCKED}ctools.com"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- HelpLink = "http://www.{BLOCKED}ctools.com"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- URLUpdateInfo = "http://www.{BLOCKED}ctools.com"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- NoModify = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- NoRepair = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- InstallDate = "20191217"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- MajorVersion = "3"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- MinorVersion = "2"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
- EstimatedSize = "14383"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- date = "1586929388"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- date = "1586929388"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- data.0 = "{random characters}"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- data.0 = "{random characters}"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- data.1 = "{random characters}"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- data.1 = "{random characters}"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- usr.0 = "q+zCWn0123456789/X"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- usr.0 = "q+zCWn0123456789/X"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- usr.1 = "fpnTNMWYSUMOQIKEG+"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- usr.1 = "fpnTNMWYSUMOQIKEG+"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- version = "22022115"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- uuid = "274677124"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- uuid = "274677124"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 51d2f2ea = "JlA+/Y//GPAf/B//IlAl/YP/HPAi/Xt/dxAu/YZ/Z//e/B2/N//l/B2/Vx/l/CD/NP////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 51d2f2ea = "JlA+/Y//GPAf/B//IlAl/YP/HPAi/Xt/dxAu/YZ/Z//e/B2/N//l/B2/Vx/l/CD/NP////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- a2e3b941 = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- a2e3b941 = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- bbf88800 = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- bbf88800 = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- appid.0 = "AOMhbzNQRjafeIKEG+aZ7GJTjMuXVy8B2gKSOC"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- state = "0"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- a1dcff5b = "V/////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- a1dcff5b = "V/////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 340d3099 = "/P////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 340d3099 = "/P////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 0e93c3f3 = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 0e93c3f3 = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 0c230bcb = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 0c230bcb = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 27ddcf6f = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 27ddcf6f = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 414bc593 = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 414bc593 = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- f0bf0bde = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- f0bf0bde = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- c99a5f5c = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- c99a5f5c = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 72758a5d = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 72758a5d = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- e46c271e = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- e46c271e = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 7f69fa1f = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 7f69fa1f = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 3c09c42b = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 3c09c42b = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 7367429f = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 7367429f = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 0dc3ee96 = "/P////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 0dc3ee96 = "/P////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- d1abcdb6 = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- d1abcdb6 = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 38583bc3 = "Ml/2/CF/M//g/CZ////%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 38583bc3 = "Ml/2/CF/M//g/CZ////%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- c24899a6 = "Vx/g/C//M/////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- c24899a6 = "Vx/g/C//M/////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 65114b36 = "VP/+"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 65114b36 = "VP/+"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- f1f24e29 = "Vl/l/C/////%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- f1f24e29 = "Vl/l/C/////%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 6185d035 = "VP/h/CP/V//l"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 6185d035 = "VP/h/CP/V//l"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- c5705860 = "Vx////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- c5705860 = "Vx////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- a0743acc = "N/////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- a0743acc = "N/////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- c6c5dd44 = "V/////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- c6c5dd44 = "V/////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 1520c6f1 = "V/////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 1520c6f1 = "V/////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 2d71d5ab = "V/////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 2d71d5ab = "V/////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 8b9e4cbc = "V/////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 8b9e4cbc = "V/////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- fe94ce1e = "V/////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- fe94ce1e = "V/////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 587b5709 = "V/////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 587b5709 = "V/////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- lrts = "0"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- lrts = "0"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- mode = "4026531840"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- mode = "4026531840"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- svn = "Super Optimizer"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- svx = ""
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- svi = "0"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- svt = "1576595606"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
- 370856c7 = "\x00"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
- 370856c7 = "\x00"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
- 493c7345 = "\x00\x00"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
- 493c7345 = "\x00\x00"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
- 3efeb33e = "\x00"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
- 3efeb33e = "\x00"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
- a47da861 = "{random characters}"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
- a47da861 = "{random characters}"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 2e22d94e = "///%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 2e22d94e = "///%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 48bd1aff = "V/////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 48bd1aff = "V/////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- f6ad6fa6 = "V/////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- f6ad6fa6 = "V/////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- d94388d2 = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- d94388d2 = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 37b7a6d8 = "UlAr/XJ/c//k"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 37b7a6d8 = "UlAr/XJ/c//k"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 060df2cd = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAp/YP/UxAs/X6/aP////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 060df2cd = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAp/YP/UxAs/X6/aP////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- e8f9dcc7 = "UlAr/XJ/c//k"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- e8f9dcc7 = "UlAr/XJ/c//k"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 1c311243 = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 1c311243 = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- f2c53c49 = "UlAr/XJ/c//k"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- f2c53c49 = "UlAr/XJ/c//k"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- iiid = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- iiid = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows
- LoadAppInit_DLLs = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{6791A2F3-FC80-475C-A002-C014AF797E9C}
- cae99edb = "%Program Files%\Super Optimizer\SupOptCrash.dll"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- dlpath = "%Program Files%\supero~1\supopt~2.dll"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- svpath = "%Program Files%\Super Optimizer\SupOptCrash.dll"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{6791A2F3-FC80-475C-A002-C014AF797E9C}
- n = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
- n = "1"
- In HKEY_CURRENT_USER\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- dbaf3ce3 = "/P////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
- 370856c7 = "\x00"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
- 3efeb33e = "\x00"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
- 493c7345 = "\x00\x00"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\00000000
- a47da861 = "\x00\x00E"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 060df2cd = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAp/YP/UxAs/X6/aP////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 0c230bcb = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 0dc3ee96 = "/P////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 0e93c3f3 = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 1520c6f1 = "V/////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 1c311243 = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 27ddcf6f = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 2d71d5ab = "V/////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 2e22d94e = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 340d3099 = "/P////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 37b7a6d8 = "UlAr/XJ/c//k"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 38583bc3 = "Ml/2/CF/M//g/CZ////%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 3c09c42b = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 414bc593 = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 48bd1aff = "V/////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 51d2f2ea = "JlA+/Y//GPAf/B//IlAl/YP/HPAi/Xt/dxAu/YZ/Z//e/B2/N//l/B2/Vx/l/CD/NP////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 587b5709 = "V/////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 6185d035 = "VP/h/CP/V//l"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 65114b36 = "VP/+"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 72758a5d = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 7367429f = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 7f69fa1f = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 8b9e4cbc = "V/////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- a0743acc = "N/////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- a1dcff5b = "V/////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- a2e3b941 = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- bbf88800 = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- c24899a6 = "Vx/g/C//M/////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- c5705860 = "Vx////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- c6c5dd44 = "V/////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- c99a5f5c = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- d1abcdb6 = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- d94388d2 = "blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- e46c271e = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- e8f9dcc7 = "UlAr/XJ/c//k"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- f0bf0bde = "///%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- f1f24e29 = "Vl/l/C/////%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- f2c53c49 = "UlAr/XJ/c//k"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- f6ad6fa6 = "V/////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- fe94ce1e = "V/////%%"
- In HKEY_USERS\.DEFAULT\SOFTWARE\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- iiid = "1"
- In HKEY_USERS\S-1-5-21-2407829820-1079796033-203259571-500\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- dbaf3ce3 = "/P////%%"
- In HKEY_USERS\S-1-5-21-2407829820-1079796033-203259571-500\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb
- lrts = "1576596776"
- In HKEY_USERS\S-1-5-21-2407829820-1079796033-203259571-500\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- c6c5dd44 = "VP////%%"
- In HKEY_USERS\S-1-5-21-2407829820-1079796033-203259571-500\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_cae99edb\eae10f9d
- 2d71d5ab = "VP////%%"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- InstallDate = "\x96\x12\xbeF\x14e\xe5@"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- AppStart = "0"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- Os = "106"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- MachineGuid = "F6504567-D881-20B0-F4E8-712C08200A77"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- DelayedStart = "5"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- Querry = "{random characters}"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- UninstallURL = "https://{BLOCKED}rt.com/superpctools/.spo-special/purchase?sid=211001619-JP-094"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- SupportURL = "http://support.{BLOCKED}ctools.com"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- HomePageURL = "http://www.{BLOCKED}ctools.com"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- BuyNowURL = "{random characters}"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- UseAds = "1"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- AdsHost = "dl.superpcdownload.net"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- AdsDownloadURL = "http://dl.{BLOCKED}cdownload.net/221001619/SuperUpdaterSetup.exe"
- In HKEY_CURRENT_USER\Software\Super Optimizer
- AdsBuyNowURL = "{random characters}"
- In HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cae99edb
- DisplayName = "Super Optimizer"
- In HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cae99edb
- Start = "SERVICE_AUTO_START"
手順 5
変更されたレジストリ値を修正します。
警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
事前に意図的に対象の設定を変更していた場合は、意図するオリジナルの設定に戻してください。変更する値が分からない場合は、システム管理者にお尋ねいただき、レジストリの編集はお客様の責任として行なって頂くようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
- AppInit_DLLs = " "
手順 6
以下のファイルを検索し削除します。
- %Program Files%\Super Optimizer\is-5CO6F.tmp
- %Program Files%\Super Optimizer\is-58M93.tmp
- %User Temp%\__tmp_31ef8355
- %Program Files%\Super Optimizer\is-H013R.tmp
- %Program Files%\Super Optimizer\unins000.dat
- %User Temp%\__tmp_2bdbd31f
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Super Optimizer.lnk
- %Program Files%\Super Optimizer\is-8M30V.tmp
- %Program Files%\Super Optimizer\is-LIEB9.tmp
- %Program Files%\Super Optimizer\is-H1E9K.tmp
- %Program Files%\Super Optimizer\SupOptLauncher.exe
- %Program Files%\Super Optimizer\is-Q5A17.tmp
- %Program Files%\Super Optimizer\SupOptUninstaller.exe
- %Program Files%\Super Optimizer\is-RMVFK.tmp
- %Program Files%\Super Optimizer\is-74H5B.tmp
- %User Temp%\is-S9HED.tmp\_isetup\_shfoldr.dll
- %Program Files%\Super Optimizer\English.ini
- %Program Files%\Super Optimizer\CookiesException.txt
- %User Temp%\is-S9HED.tmp\SupOptCrash.dll
- %Program Files%\Super Optimizer\SupOptSchedule.exe
- %Program Files%\Super Optimizer\sqlite3.dll
- %Program Files%\Super Optimizer\SupOptSmartScan.exe
- %Program Files%\Super Optimizer\scan.gif
- %Program Files%\Super Optimizer\is-4G9AB.tmp
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Help.lnk
- %Program Files%\Super Optimizer\unins000.msg
- %Program Files%\Super Optimizer\HomePage.url
- %Program Files%\Super Optimizer\file_id.diz
- %Program Files%\Super Optimizer\SupOptHelper.dll
- %Program Files%\Super Optimizer\SupOptReminder.exe
- %Program Files%\Super Optimizer\SuperOptimizer.chm
- %Program Files%\Super Optimizer\SuperOptimizer.exe
- %Program Files%\Super Optimizer\is-3LB60.tmp
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Super Optimizer on the Web.lnk
- %Program Files%\Super Optimizer\SupOptGuard.exe
- %User Temp%\supoptsetup.exe
- %Program Files%\Super Optimizer\is-FI2MV.tmp
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Check updates.lnk
- %Program Files%\Super Optimizer\is-9K78O.tmp
- %Program Files%\Super Optimizer\StartupList.txt
- %Program Files%\Super Optimizer\SupOptStart.exe
- %Program Files%\Super Optimizer\is-DMD5B.tmp
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Uninstall Super Optimizer.lnk
- %Program Files%\Super Optimizer\SupOptCrash.dll
- %Desktop%\Super Optimizer.lnk
- %Program Files%\Super Optimizer\is-C2EJ3.tmp
- %Program Files%\Super Optimizer\unins000.exe
- %Program Files%\Super Optimizer\is-SPTCA.tmp
- %Program Files%\Super Optimizer\is-JICK7.tmp
手順 7
以下のフォルダを検索し削除します。
- %Program Files%\Super Optimizer
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer
- %User Temp%\is-S9HED.tmp\_isetup
手順 8
コンピュータを通常モードで再起動し、最新のバージョン(エンジン、パターンファイル)を導入したウイルス対策製品を用い、「PUA.Win32.SpeedUpMyPc.AE」と検出したファイルの検索を実行してください。 検出されたファイルが、弊社ウイルス対策製品により既に駆除、隔離またはファイル削除の処理が実行された場合、ウイルスの処理は完了しており、他の削除手順は特にありません。
手順 9
以下のファイルをバックアップを用いて修復します。なお、マイクロソフト製品に関連したファイルのみ修復されます。このマルウェア/グレイウェア/スパイウェアが同社製品以外のプログラムをも削除した場合には、該当プログラムを再度インストールする必要があります。
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Check updates.url
- %Program Files%\Super Optimizer\is-D7JH0.tmp
- %Desktop%\Super Optimizer.pif
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Check updates.pif
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Help.url
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Uninstall Super Optimizer.url
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Super Optimizer on the Web.pif
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Super Optimizer on the Web.url
- %Desktop%\Super Optimizer.url
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Super Optimizer.url
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Uninstall Super Optimizer.pif
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Help.pif
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Super Optimizer.pif
手順 10
以下の削除されたレジストリキーまたはレジストリ値をバックアップを用いて修復します。
※註:マイクロソフト製品に関連したレジストリキーおよびレジストリ値のみが修復されます。このマルウェアもしくはアドウェア等が同社製品以外のプログラムも削除した場合には、該当プログラムを再度インストールする必要があります。
- In HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
- RegFilesHash
- In HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
- RegFiles0000
- In HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
- Sequence
- In HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
- SessionHash
- In HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
- Owner
ご利用はいかがでしたか? アンケートにご協力ください