Dmitry Sokolov recommends UnHackMe!

UnHackMe is a powerful tool against malware.

UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!

Alex NightWatcher: Solved! (5 / 5)

Malware Analysis of W32.HfsAutoB.E579 – LIBCDG_PLUGIN.DLL

Created files:

%Program Files%\HiDefMedia\HiDefMedia\plugins\libcc_plugin.dll
%Program Files%\HiDefMedia\HiDefMedia\plugins\libcdda_plugin.dll
%Program Files%\HiDefMedia\HiDefMedia\plugins\libcdg_plugin.dll
%Program Files%\HiDefMedia\HiDefMedia\plugins\libchain_plugin.dll
%Program Files%\HiDefMedia\HiDefMedia\plugins\libchorus_flanger_plugin.dll

Autostart registry keys:

HKLM\Software\Classes\Applications\HiDefMedia.exe\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\Applications\HiDefMedia.exe\shell\Open\: “Play with VLC media player”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.a52: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.aac: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.ac3: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.adt: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.adts: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.aif: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.aifc: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.aiff: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.au: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.amr: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.aob: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.ape: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.cda: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.dts: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.flac: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.it: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.m4a: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.m4p: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mid: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mka: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mlp: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mod: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mp1: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mp2: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mp3: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mpc: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.oma: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.oga: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.rmi: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.snd: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.s3m: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.spx: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.tta: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.voc: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.vqf: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.w64: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.wav: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.wma: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.wv: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.xa: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.xm: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.3g2: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.3gp: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.3gp2: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.3gpp: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.amv: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.asf: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.avi: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.divx: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.dv: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.flv: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.gxf: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.m1v: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.m2t: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.m2v: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.m2ts: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.m4v: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mkv: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mov: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mp2v: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mp4: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mp4v: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mpa: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mpe: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mpeg: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mpeg1: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mpeg2: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mpeg4: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mpg: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mpv2: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mts: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.mxf: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.nsv: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.nuv: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.ogg: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.ogm: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.ogx: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.ogv: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.rec: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.rm: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.rmvb: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.tod: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.ts: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.tts: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.vob: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.vro: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.webm: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.wmv: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.asx: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.b4s: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.bin: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.cue: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.ifo: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.m3u: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.m3u8: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.pls: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.ram: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.sdp: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.vlc: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\SupportedTypes\.xspf: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\: “”
HKLM\Software\Classes\Applications\HiDefMedia.exe\FriendlyAppName: “HiDef Media Player”
HKLM\Software\Classes\CLSID\{9BE31822-FDAD-461B-AD51-BE1D1C159921}\InprocServer32\: “%Program Files%\HiDefMedia\HiDefMedia\axvlc.dll”
HKLM\Software\Classes\CLSID\{E23FE9C6-778E-49D4-B537-38FCDE4887D8}\InprocServer32\: “%Program Files%\HiDefMedia\HiDefMedia\axvlc.dll”
HKLM\Software\Classes\HiDefMedia.3g2\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.3gp\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.3gp2\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.3gpp\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.a52\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.aac\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.ac3\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.adt\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.adts\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.aif\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.aifc\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.aiff\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.amr\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.amv\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.aob\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.ape\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.asf\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.asx\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.au\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.avi\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.b4s\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.bin\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.cda\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.CDAudio\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file cdda://%1″
HKLM\Software\Classes\HiDefMedia.cue\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.divx\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.dts\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.dv\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.DVDMovie\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file dvd://%1″
HKLM\Software\Classes\HiDefMedia.flac\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.flv\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.gxf\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.ifo\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.it\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.m1v\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.m2t\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.m2ts\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.m2v\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.m3u\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.m3u8\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.m4a\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.m4p\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.m4v\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mid\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mka\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mkv\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mlp\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mod\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mov\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mp1\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mp2\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mp2v\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mp3\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mp4\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mp4v\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mpa\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mpc\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mpe\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mpeg\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mpeg1\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mpeg2\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mpeg4\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mpg\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mpv2\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mts\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.mxf\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.nsv\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.nuv\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.oga\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.ogg\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.ogm\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.ogv\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.ogx\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.oma\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.OPENFolder\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” %1″
HKLM\Software\Classes\HiDefMedia.pls\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.ram\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.rec\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.rm\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.rmi\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.rmvb\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.s3m\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.sdp\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.snd\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.spx\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.SVCDMovie\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file vcd://%1″
HKLM\Software\Classes\HiDefMedia.tod\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.ts\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.tta\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.tts\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.VCDMovie\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file vcd://%1″
HKLM\Software\Classes\HiDefMedia.vlc\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.vob\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.voc\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.vqf\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.vro\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.w64\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.wav\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.webm\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.wma\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.wmv\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.wv\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.xa\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.xm\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Classes\HiDefMedia.xspf\shell\Open\command\: “”%Program Files%\HiDefMedia\HiDefMedia\HiDefMedia.exe” –started-from-file “%1″”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HiDef Media Player\DisplayName: “HiDef Media Player 1.1.12”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HiDef Media Player\UninstallString: “%Program Files%\HiDefMedia\HiDefMedia\uninstall.exe”

Detected by UnHackMe:

LIBCDG_PLUGIN.DLL
Default location: %PROGRAM FILES%\HIDEFMEDIA\HIDEFMEDIA\PLUGINS\LIBCDG_PLUGIN.DLL

Dropper hash(md5): f9591f099174463725129e294deee786

Written by NightWatcher

Malware Hunter.
Google+

UnHackMe removes malware invisible for your antivirus!

UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.