Heoms is a spyware trojan that tracks user Internet activity and records addresses of visited web sites. Gathered information is transferred to a predetermined remote server. Heoms is able to silently update itself via the Internet.
heomstool.exe
dvdsdtl.dll
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunheomstoolHKEY_CLASSES_ROOTvddsdlsHKEY_CLASSES_ROOTdvdsdtl.IEBrowserHelperHKEY_CLASSES_ROOTCLSID{E694E3DC-723F-40C7-87FE-6FFC222AD122}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E694E3DC-723F-40C7-87FE-6FFC222AD122}