ESDIexplorr is an adware parasite that displays an excessively large amount of unsolicited pop-up advertisements. It also silently downloads from the Internet and executes arbitrary potentially malicious files. ESDIexplorr is installed by some advertising-supported software or several parasites. The threat works as an Internet Explorer add-on and therefore runs every time the user launches the web browser.
install.exe
HKEY_LOCAL_MACHINESOFTWAREClassesWindowsIEHKEY_LOCAL_MACHINESOFTWAREClassesWindowsIE.clsISHKEY_LOCAL_MACHINESOFTWAREClassesIExplorr[XVS].clsDWHKEY_LOCAL_MACHINESOFTWAREClassesIExplorr[XVS].clsISHKEY_LOCAL_MACHINESOFTWAREClassesCLSID{236826B1-8FDB-4D3C-8F70-E154F874703D}HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{2E12B523-3D4C-4FAC-9B04-0376A8F5E879}HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{39AF31DD-EAFC-45EA-A56C-385B52E25CC0}HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{43E2DBE5-8C8A-4519-9684-8CD7F39A5147}HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{4CEBBC6B-5CEE-4644-80CF-38980BAE93F6}HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{6B12DABB-0B7C-44FA-B0B3-4BAFF3790256}HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A76066C9-941B-4209-9D96-0AC80501100D}HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{BC0D2038-2DE5-4A6F-92BC-B18A3E0DE32A}HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{DA3609D1-3E96-4726-A17F-30F46AE89726}HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{EB6D8BAA-704A-415B-BC0A-3468BFAE924E}HKEY_LOCAL_MACHINESOFTWAREClassesInterface{0B60CEF5-2431-4F92-82CF-03FEE5BDC762}HKEY_LOCAL_MACHINESOFTWAREClassesInterface{22EB8F60-F99B-4E29-8376-E8BC417148FD}HKEY_LOCAL_MACHINESOFTWAREClassesInterface{338F1D89-A419-4C40-96E3-C29C978A7DF6}HKEY_LOCAL_MACHINESOFTWAREClassesInterface{4B191B11-A44C-4D42-B4AC-6FCD5F61587C}HKEY_LOCAL_MACHINESOFTWAREClassesInterface{7FB04DE1-4340-4002-9D9E-3B6913AE6953}HKEY_LOCAL_MACHINESOFTWAREClassesInterface{943F44C0-44DA-40D5-98D7-9AAC4C15C603}HKEY_LOCAL_MACHINESOFTWAREClassesInterface{B4450075-9717-43B1-BA10-4B9FD7325FD5}HKEY_LOCAL_MACHINESOFTWAREClassesInterface{CBD7E8BE-0E1E-441D-B133-E26F5636CCCF}HKEY_LOCAL_MACHINESOFTWAREClassesInterface{E41774F1-63E7-44ED-A03A-FF8422F9AFF0}HKEY_LOCAL_MACHINESOFTWAREClassesInterface{FC385F81-0109-4FA8-AAD0-53B4A9A5DD2B}HKEY_LOCAL_MACHINESOFTWAREClassesTypeLib{1620D17D-F2B5-43BE-8ED4-6B22E321D2A3}HKEY_LOCAL_MACHINESOFTWAREClassesTypeLib{22CBCB4C-E9DF-4D25-86BC-FFDA4DF8FC06}HKEY_LOCAL_MACHINESOFTWAREClassesTypeLib{B224AFF4-0561-4B35-A91A-6F339152A482}HKEY_LOCAL_MACHINESOFTWAREClassesTypeLib{D6862A20-1DD6-11D3-BB7C-444553540000}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{2E12B523-3D4C-4FAC-9B04-0376A8F5E879}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{39AF31DD-EAFC-45EA-A56C-385B52E25CC0}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{4CEBBC6B-5CEE-4644-80CF-38980BAE93F6}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6B12DABB-0B7C-44FA-B0B3-4BAFF3790256}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{BC0D2038-2DE5-4A6F-92BC-B18A3E0DE32A}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallWindowsIE