I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
Adware Hebogo
Also known as: Virus Part, Trojan Generic
SHA256: 365757132c5551778845159823ff4e285050ea8c160481d28a4e74143543fe50
SHA1: 916602daad11107ae812f66f6076e992551d3544
MD5: db0e2dbe8b6112561cbb260fd1850477
File size: 867368 bytes
Created files:
%SysDir%\MSINET.OCX – Adware Hebogo
%SysDir%\VB6KO.DLL – Adware Hebogo
%AppData%\GuardSupport\GuardConvert.exe – Adware Hebogo
%AppData%\GuardSupport\GuardSupport.exe – Adware Hebogo
%AppData%\MicroLab\MyEngin\Common\MicroProCon.exe – Adware Hebogo
%AppData%\MicroLab\MyEngin\Common\MicroProProc.exe – Adware Hebogo
%AppData%\MicroLab\MyEngin\Common\Uninstall\Uninstall.exe – Adware Hebogo
%Temp%\_ir_sf_temp_0\irsetup.exe – Adware Hebogo
Adware Hebogo created autostart registry keys:
HKLM\Software\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX
HKLM\Software\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32\ThreadingModel: Apartment
HKLM\Software\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX
HKLM\Software\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\MicroLabProc: %AppData%\MicroLab\MyEngin\Common\MicroProProc.exe -checkvalue
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\MicroLabCon: %AppData%\MicroLab\MyEngin\Common\MicroProCon.exe -checkvalue
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\GuardSupport: %AppData%\GuardSupport\GuardConvert.exe /autorun