Threat Database Adware Ghokswa Browser

Ghokswa Browser

By GoldSparrow in Adware

Threat Scorecard

Ranking: 100
Threat Level: 10 % (Normal)
Infected Computers: 483,415
First Seen: November 18, 2015
Last Seen: March 26, 2024
OS(es) Affected: Windows

Computer users with Google Chrome as their default Web browser have reported that they have received messages from a different Web browser, noting that instead of Chrome, the Ghokswa Browser was set as their default Web browser. These pop-ups, associated with a published named 'BYSENDA TECHNOLOGIES LIMITED' prompt computer users to install 'BROWSERSERVER.EXE' on their computers. This Web browser, known as the Ghokswa Browser, looks and acts like Google Chrome, but presents different behaviors. The Ghokswa Browser is used to collect the Google login credentials of computer users, monitor their online activities, and expose them to unwanted advertising content. The Ghokswa Browser may change the affected computer's shortcuts, both on the Desktop and the Start Menu. Computer users clicking on these shortcuts expecting to launch Google Chrome will, instead, launch the Ghokswa Browser, often without realizing it because of the resemblance between the Ghokswa Browser and Google Chrome. If the Ghokswa Browser is installed on your computer, remove the Ghokswa Browser at once, perform a full scan of your computer with a reliable security application, and take steps to ensure that your online credentials have not been compromised.

The Ghokswa Browser has no Connection with Google Chrome

As part of the Ghokswa Browser, this fake version of the Google Chrome Web browser is used to trick inexperienced computer users into thinking that they are using Google Chrome. When computer users are prompted to log into their Google account, they may be giving their login information to the people responsible for the Ghokswa Browser. After the Ghokswa Browser is removed, it is impossible to check and make sure that all shortcuts (including those on the Task Bar, Start Menu and Desktop) direct to Google Chrome rather than to the Ghokswa Browser. Although other versions of this hoax were easy to spot using Task Manager, the executable file and memory process associated with the Ghokswa Browser is still Chrome.exe. However, if one tracks the file down, it is actually in the Ghokswa Browser folder rather than in the usual location for the Google Chrome Web browser. The Ghokswa Browser may be linked to other unwanted software, including a bogus 'unzipper' for managing ZIP or RAR files on Windows.

How the Ghokswa Browser Tactic Works

The main strategy of the Ghokswa Browser is to impersonate the Google Chrome Web browser. There are several ways this may be exploited: if computer users believe that they are using a reputable Web browser like Google Chrome, they may disclose information such as online banking credentials and Google login information. The tactic also may work the other way and the people responsible for the Ghokswa Browser also may use this Web browser to deliver unwanted advertisements or redirections without the need of a PUP or adware because, in this case, the entire Web browser is compromised. Google Chrome will still be on the affected computer; it is not deleted as part of the Ghokswa Browser installation process. However, without alerting the computer user, the affected computer's default Web browser will be changed to the Ghokswa Browser. All relevant shortcuts will be replaced so that they launch the Ghokswa Browser instead of Google Chrome.

Dealing with the Ghokswa Browser

If the Ghokswa Browser has been installed on your computer, the Ghokswa Browser should be uninstalled. It may be necessary to uninstall the Ghokswa Browser manually, as well as delete all files associated with the Ghokswa Browser. Computer users should confirm that all shortcuts effectively lead to Google Chrome again. It may also be necessary to use the Registry Editor to delete all registry key related to this bogus Web browser. PC security researchers recommend performing a full scan of your computer with the help of a reliable security application that is fully up-to-date to ensure that no threat has been installed, either as a result of the Ghokswa Browser or as part of its delivery to your computer.

SpyHunter Detects & Remove Ghokswa Browser

File System Details

Ghokswa Browser may create the following file(s):
# File Name MD5 Detections
1. capcadf.tmp:ad 49aa97c550422ef95e66d15e70fae6aa 2,198
2. upgrade.ini:ad f4dc24f953c05ffff726f1394b70cbf7 775
3. 9bcb3fab78e80d68be28892ea7ad46c3.msp:dp 0b5d38194d0dca523326dec951b03210 517
4. firefoxupdate.exe b48f781ed01b76bde633261caad4deda 510
5. FirefoxUpdate.exe d718b98651407df2c9dbb726195833ac 292
6. chk.dll 9260fcee39be90620e1f202590c40f97 171
7. capcadf.tmp:ad f548fbf7673e5ac007a5739f754e1742 151
8. appv.dll 79d096f16e7538c2df69f61403b06da8 103
9. FirefoxUpdate.exe afd0c49288860c4e8c61484c24f0fdac 72
10. FirefoxUpdate.exe b7a4330e85268509f00c145fb9d34d70 63
11. upgrade.ini:ad f1c1225f62f5bf9fdc6156db790c141c 57
12. 9bcb3fab78e80d68be28892ea7ad46c3.msp.dll 77cd97afc91d1e31bd8e2023fab25b90 55
13. 4e29234340aaf3a96ec480c1aad8d179.cab:ad 51fe179e199b04bb3e82558fd5a9183b 33
14. 9bcb3fab78e80d68be28892ea7ad46c3.msp:dp 1e4ff4f3511aaea5e43c4f288c4ef953 29
15. FirefoxUpdate.exe 795bc643d2f4a537605ef4d5a7871289 22
16. upgrade.ini:ad 35900cac7e67e221d1a6ab9c16f0ca0d 18
17. appidsvr.dll 66edd44eb8353805b4ed081f4aab0e2e 17
18. SDKFilesVer.dll 3a89b102ed7549e4c1aabdc19294b02f 13
19. 30daf459e79c5d26366654b1b482e87.cab:dp 5adfb9b6b20b61fc06603ac6867a4f31 7
20. 9bcb3fab78e80d68be28892ea7ad46c3.msp:dp 594f565986c7a3db0e853ceedbe47cf0 6
21. 30daf459e79c5d26366654b1b482e87.cab:dp 0f2f75680a95564b3f4c1fdccc905639 2
22. 1.1.4322__2.3.0.2.dll 9991bf0c0deca2cc57daca55ea56db0d 2
23. 30daf459e79c5d26366654b1b482e87.cab:dp 11552c35ea61525d8ba2102eeec1ae38 2
24. 9bcb3fab78e80d68be28892ea7ad46c3.msp:dp 8181dc651a89923800a109c9629d957f 1
25. 1.1.4322__2.3.0.2.dll a2201686f1f6eca16e7331feea4c7a29 1
26. SDKFilesVer.dll 2311c387be305e70dc6103bb623c3f4d 1
More files

Registry Details

Ghokswa Browser may create the following registry entry or registry entries:
Regexp file mask
%ALLUSERSPROFILE%\Apple\Common\Cloud\WinHelper.dll
%ALLUSERSPROFILE%\Apple\Temp\upgrade.ini:ad
%ALLUSERSPROFILE%\common\Apple\Apps\AzureTools.dll
%ALLUSERSPROFILE%\Microsoft OneDrive\setup\SyncTool.dll
%ALLUSERSPROFILE%\Microsoft OneNote\Updates\Version\Check\chkver.dll
%ALLUSERSPROFILE%\Microsoft OneNote\Updates\VersionCheck\chk.dll
%ALLUSERSPROFILE%\Microsoft\App-V\Client\AppV.dll
%ALLUSERSPROFILE%\Microsoft\Apps\common\helper.dll
%ALLUSERSPROFILE%\Microsoft\AppV\setup\install.dll
%ALLUSERSPROFILE%\Microsoft\AppV\Setup\Integrator.dll
%ALLUSERSPROFILE%\Microsoft\AppV\sym\dbg.dll
%ALLUSERSPROFILE%\Microsoft\IdentityCRL\production\ppcrlconfig617.dll
%ALLUSERSPROFILE%\Microsoft\Office\OneNote\Appinfo.dll
%ALLUSERSPROFILE%\Microsoft\Office\PackageLocker.dll
%ALLUSERSPROFILE%\Microsoft\OneDrive\Uploader.dll
%ALLUSERSPROFILE%\Microsoft\Phone Tools\CoreCon\12.0\addons\SDKFilesVer.dll
%ALLUSERSPROFILE%\Microsoft\Software\Shadow\Provider.dll
%ALLUSERSPROFILE%\Microsoft\Windows\GameExplorer\Resources.dll
%ALLUSERSPROFILE%\Microsoft\Windows\system\appidsvr.dll
%ALLUSERSPROFILE%\Package Cache\{2A002F88-FD5D-379B-A350-A25D84AF128B}v14.0.25420\packages\VisualC_D14\VC_IDE.Base\VC_IDE_Base.dll
%ALLUSERSPROFILE%\PreEmptive Solutions\Common\LAC\sos\1.1.4322__2.3.0.2.dll
%ALLUSERSPROFILE%\Software\Apple\Apps\Notification.dll
%ALLUSERSPROFILE%\Sun\Java\extension.dll
%ALLUSERSPROFILE%\Windows\App\Kit\ApplicationVerifier.dll
%APPDATA%\go00001.bak
%PROGRAMFILES%\Explorer\iedvutils.exe
%PROGRAMFILES(x86)%\Explorer\iedvutils.exe
%PROGRAMFILES(x86)%\IIS\Microsoft Web Deploy V3\te\msdeploy.resources.dll
%PROGRAMFILES(x86)%\Microsoft Office\Updates\Detection\Version\Descriptor.dll
%WINDIR%\System32\Tasks\BookfatUpdateTaskMachineCore
%WINDIR%\System32\Tasks\BookfatUpdateTaskMachineUA
%WINDIR%\System32\Tasks\ceQeekgBrowserUpdateCore
%WINDIR%\System32\Tasks\ceQeekgBrowserUpdateUA
%WINDIR%\System32\Tasks\ceQeekgCheckTask
%WINDIR%\System32\Tasks\FootblueUpdateTaskMachineCore
%WINDIR%\System32\Tasks\FootblueUpdateTaskMachineUA
%WINDIR%\System32\Tasks\milimili
%WINDIR%\System32\Tasks\MonoldBrowserUpdateUA
%WINDIR%\System32\Tasks\MonoldCheckTask
%WINDIR%\System32\Tasks\OutboatUpdateTaskMachineCore
%WINDIR%\System32\Tasks\OutboatUpdateTaskMachineUA
%WINDIR%\System32\Tasks\ZootonyUpdateTaskMachineCore
%WINDIR%\System32\Tasks\ZootonyUpdateTaskMachineUA
SOFTWARE\Applemy
SOFTWARE\Baglook
SOFTWARE\BagSarah
SOFTWARE\Bangcar
SOFTWARE\Bangtony
SOFTWARE\Bedkiss
SOFTWARE\Dohat
SOFTWARE\Eastness
SOFTWARE\Everness
SOFTWARE\Footjane
SOFTWARE\Gotoe
Software\Hipmy
SOFTWARE\Hippig
SOFTWARE\Hotleaf
SOFTWARE\Legass
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\milimili
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MonoldBrowserUpdateCore
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MonoldBrowserUpdateUA
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\apple_config
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\AppsSvc
Software\Microsoft\Windows\CurrentVersion\Run\background_fault
SOFTWARE\Pearhas
SOFTWARE\Setleaf
SOFTWARE\Wow6432Node\Applemy
SOFTWARE\Wow6432Node\Baglook
SOFTWARE\WOW6432Node\BagSarah
SOFTWARE\Wow6432Node\Bangcar
SOFTWARE\Wow6432Node\Bangtony
SOFTWARE\WOW6432Node\Bedkiss
SOFTWARE\WOW6432Node\Dohat
SOFTWARE\WOW6432Node\Eastness
SOFTWARE\WOW6432Node\Everness
SOFTWARE\WOW6432Node\Footjane
SOFTWARE\Wow6432Node\Gotoe
SOFTWARE\Wow6432Node\Hipmy
SOFTWARE\Wow6432Node\Hippig
SOFTWARE\WOW6432Node\Hotleaf
SOFTWARE\Wow6432Node\Legass
SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost\apple_config
SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost\AppsSvc
SOFTWARE\Wow6432Node\Pearhas
SOFTWARE\WOW6432Node\Setleaf
SYSTEM\ControlSet001\services\AlltieSU
SYSTEM\ControlSet001\services\Apple_Cfg
SYSTEM\ControlSet001\Services\APPLE_svr
SYSTEM\ControlSet001\services\AppleAzureSrv
SYSTEM\ControlSet001\services\Apps_Cfg
SYSTEM\ControlSet001\services\eventlog\Application\iedvutils
SYSTEM\ControlSet001\Services\FootblueU
SYSTEM\ControlSet001\services\FootperSU
SYSTEM\ControlSet001\Services\MCSvc
SYSTEM\ControlSet001\Services\MSCFG_SVR
SYSTEM\ControlSet001\services\MVCSrv
SYSTEM\ControlSet001\services\vreXjvX_protect
SYSTEM\ControlSet001\services\vreXjvX_update
SYSTEM\ControlSet001\Services\WPDTSrv
SYSTEM\ControlSet002\services\AlltieSU
SYSTEM\ControlSet002\services\Apple_Cfg
SYSTEM\ControlSet002\Services\APPLE_svr
SYSTEM\ControlSet002\services\AppleAzureSrv
SYSTEM\ControlSet002\services\Apps_Cfg
SYSTEM\ControlSet002\services\eventlog\Application\iedvutils
SYSTEM\ControlSet002\Services\FootblueU
SYSTEM\ControlSet002\services\FootperSU
SYSTEM\ControlSet002\Services\MCSvc
SYSTEM\ControlSet002\Services\MSCFG_SVR
SYSTEM\ControlSet002\services\MVCSrv
SYSTEM\ControlSet002\services\vreXjvX_protect
SYSTEM\ControlSet002\services\vreXjvX_update
SYSTEM\ControlSet002\Services\WPDTSrv
SYSTEM\CurrentControlSet\services\AlltieSU
SYSTEM\CurrentControlSet\services\Apple_Cfg
SYSTEM\CurrentControlSet\Services\APPLE_svr
SYSTEM\CurrentControlSet\services\AppleAzureSrv
SYSTEM\CurrentControlSet\services\Apps_Cfg
SYSTEM\CurrentControlSet\services\eventlog\Application\iedvutils
SYSTEM\CurrentControlSet\Services\FootblueU
SYSTEM\CurrentControlSet\services\FootperSU
SYSTEM\CurrentControlSet\Services\MCSvc
SYSTEM\CurrentControlSet\Services\MSCFG_SVR
SYSTEM\CurrentControlSet\services\MVCSrv
SYSTEM\CurrentControlSet\services\vreXjvX_protect
SYSTEM\CurrentControlSet\services\vreXjvX_update
SYSTEM\CurrentControlSet\Services\WPDTSrv

Directories

Ghokswa Browser may create the following directory or directories:

%ALLUSERSPROFILE%\Application Data\Inbob
%ALLUSERSPROFILE%\Bagbin
%ALLUSERSPROFILE%\Banglamp
%ALLUSERSPROFILE%\Birdeye
%ALLUSERSPROFILE%\Birdmay
%ALLUSERSPROFILE%\Bookfat
%ALLUSERSPROFILE%\Bossseed
%ALLUSERSPROFILE%\Eastmy
%ALLUSERSPROFILE%\Eastness
%ALLUSERSPROFILE%\Fishlose
%ALLUSERSPROFILE%\Footblue
%ALLUSERSPROFILE%\Gotoe
%ALLUSERSPROFILE%\Hotdear
%ALLUSERSPROFILE%\Hotmay
%ALLUSERSPROFILE%\Inbob
%ALLUSERSPROFILE%\Jamben
%ALLUSERSPROFILE%\Jamjob
%ALLUSERSPROFILE%\Junetoe
%ALLUSERSPROFILE%\Newjob
%ALLUSERSPROFILE%\Onfat
%ALLUSERSPROFILE%\Setmike
%ALLUSERSPROFILE%\Weness
%ALLUSERSPROFILE%\Zootony
%ALLUSERSPROFILE%\ceQeekg
%ALLUSERSPROFILE%\redjane
%ALLUSERSPROFILE%\seteat
%APPDATA%\go00001
%LOCALAPPDATA%\Allold
%LOCALAPPDATA%\Alltoe
%LOCALAPPDATA%\Antanna
%LOCALAPPDATA%\Antper
%LOCALAPPDATA%\Applefat
%LOCALAPPDATA%\Applemy
%LOCALAPPDATA%\Bagbin
%LOCALAPPDATA%\Baghair
%LOCALAPPDATA%\Baglook
%LOCALAPPDATA%\Bagsarah
%LOCALAPPDATA%\Ballcine
%LOCALAPPDATA%\Ballduck
%LOCALAPPDATA%\Bangcar
%LOCALAPPDATA%\Banglamp
%LOCALAPPDATA%\Bangone
%LOCALAPPDATA%\Bangtony
%LOCALAPPDATA%\Bedhat
%LOCALAPPDATA%\Bedkiss
%LOCALAPPDATA%\Bemike
%LOCALAPPDATA%\Bepat
%LOCALAPPDATA%\Bigflat
%LOCALAPPDATA%\Bigold
%LOCALAPPDATA%\Birdeye
%LOCALAPPDATA%\Birdkiss
%LOCALAPPDATA%\Birdmay
%LOCALAPPDATA%\Birdsarah
%LOCALAPPDATA%\Bookfat
%LOCALAPPDATA%\Bossface
%LOCALAPPDATA%\Bossseed
%LOCALAPPDATA%\Bossship
%LOCALAPPDATA%\Boxbob
%LOCALAPPDATA%\Boxfat
%LOCALAPPDATA%\Cansuck
%LOCALAPPDATA%\Coldmay
%LOCALAPPDATA%\Coldold
%LOCALAPPDATA%\Coldone
%LOCALAPPDATA%\Cupblue
%LOCALAPPDATA%\Cupface
%LOCALAPPDATA%\Cuppat
%LOCALAPPDATA%\Daydoor
%LOCALAPPDATA%\Docine
%LOCALAPPDATA%\Doeye
%LOCALAPPDATA%\Dohat
%LOCALAPPDATA%\Doold
%LOCALAPPDATA%\Eastmy
%LOCALAPPDATA%\Eastness
%LOCALAPPDATA%\Eggness
%LOCALAPPDATA%\Evercine
%LOCALAPPDATA%\Everness
%LOCALAPPDATA%\Fishjane
%LOCALAPPDATA%\Fishlamp
%LOCALAPPDATA%\Fishlose
%LOCALAPPDATA%\Footblue
%LOCALAPPDATA%\Footeat
%LOCALAPPDATA%\Footjane
%LOCALAPPDATA%\Footlook
%LOCALAPPDATA%\Footper
%LOCALAPPDATA%\Gofat
%LOCALAPPDATA%\Goldass
%LOCALAPPDATA%\Gotoe
%LOCALAPPDATA%\Gunone
%LOCALAPPDATA%\Gunship
%LOCALAPPDATA%\Hipbear
%LOCALAPPDATA%\Hipeat
%LOCALAPPDATA%\Hipfat
%LOCALAPPDATA%\Hipmy
%LOCALAPPDATA%\Hippig
%LOCALAPPDATA%\Hisarah
%LOCALAPPDATA%\Hotdear
%LOCALAPPDATA%\Hothair
%LOCALAPPDATA%\Hotjob
%LOCALAPPDATA%\Hotleaf
%LOCALAPPDATA%\Hotmay
%LOCALAPPDATA%\Inbob
%LOCALAPPDATA%\Infun
%LOCALAPPDATA%\Inper
%LOCALAPPDATA%\Jamben
%LOCALAPPDATA%\Jamjob
%LOCALAPPDATA%\Jamlarry
%LOCALAPPDATA%\Jamsarah
%LOCALAPPDATA%\Jarhair
%LOCALAPPDATA%\Jarness
%LOCALAPPDATA%\Junedoor
%LOCALAPPDATA%\Junetoe
%LOCALAPPDATA%\Lefttoe
%LOCALAPPDATA%\Legness
%LOCALAPPDATA%\Legpat
%LOCALAPPDATA%\Mapbob
%LOCALAPPDATA%\Mapcar
%LOCALAPPDATA%\Moncar
%LOCALAPPDATA%\Monold
%LOCALAPPDATA%\Newjob
%LOCALAPPDATA%\Nobean
%LOCALAPPDATA%\Nolarry
%LOCALAPPDATA%\Nosekiss
%LOCALAPPDATA%\Nosemay
%LOCALAPPDATA%\Onfat
%LOCALAPPDATA%\Ontoe
%LOCALAPPDATA%\Outbob
%LOCALAPPDATA%\Outfire
%LOCALAPPDATA%\Outlose
%LOCALAPPDATA%\Pearhas
%LOCALAPPDATA%\Seablue
%LOCALAPPDATA%\Seaness
%LOCALAPPDATA%\Setleaf
%LOCALAPPDATA%\Setmike
%LOCALAPPDATA%\Shutness
%LOCALAPPDATA%\Stancine
%LOCALAPPDATA%\Standoor
%LOCALAPPDATA%\Standuck
%LOCALAPPDATA%\Stanper
%LOCALAPPDATA%\Tooleat
%LOCALAPPDATA%\Toolhair
%LOCALAPPDATA%\Toolrain
%LOCALAPPDATA%\Tooltony
%LOCALAPPDATA%\Wefat
%LOCALAPPDATA%\Weness
%LOCALAPPDATA%\Yeahfire
%LOCALAPPDATA%\Yeahseed
%LOCALAPPDATA%\Yeahship
%LOCALAPPDATA%\Yesdear
%LOCALAPPDATA%\Yeshat
%LOCALAPPDATA%\Yestony
%LOCALAPPDATA%\Zooarm
%LOCALAPPDATA%\Zooface
%LOCALAPPDATA%\Zootony
%LOCALAPPDATA%\background_fault
%LOCALAPPDATA%\birdjob
%LOCALAPPDATA%\ceQeekg
%LOCALAPPDATA%\fishhas
%LOCALAPPDATA%\hotcine
%LOCALAPPDATA%\legass
%LOCALAPPDATA%\redjane
%LOCALAPPDATA%\seteat
%LOCALAPPDATA%\vreXjvX
%PROGRAMFILES%\Alltoe
%PROGRAMFILES%\Antanna
%PROGRAMFILES%\Antper
%PROGRAMFILES%\Applefat
%PROGRAMFILES%\Applemy
%PROGRAMFILES%\Bagbin
%PROGRAMFILES%\Baghair
%PROGRAMFILES%\Baglook
%PROGRAMFILES%\Bagsarah
%PROGRAMFILES%\Ballcine
%PROGRAMFILES%\Ballduck
%PROGRAMFILES%\Bangcar
%PROGRAMFILES%\Banglamp
%PROGRAMFILES%\Bangtony
%PROGRAMFILES%\Bedhat
%PROGRAMFILES%\Bedkiss
%PROGRAMFILES%\Bemike
%PROGRAMFILES%\Bepat
%PROGRAMFILES%\Bigflat
%PROGRAMFILES%\Bigold
%PROGRAMFILES%\Birdeye
%PROGRAMFILES%\Birdmay
%PROGRAMFILES%\Bookfat
%PROGRAMFILES%\Bossface
%PROGRAMFILES%\Bossseed
%PROGRAMFILES%\Bossship
%PROGRAMFILES%\Boxbob
%PROGRAMFILES%\Boxfat
%PROGRAMFILES%\Cansuck
%PROGRAMFILES%\Coldmay
%PROGRAMFILES%\Coldold
%PROGRAMFILES%\Coldone
%PROGRAMFILES%\Cupface
%PROGRAMFILES%\Cuppat
%PROGRAMFILES%\Doeye
%PROGRAMFILES%\Dohat
%PROGRAMFILES%\Eastmy
%PROGRAMFILES%\Eastness
%PROGRAMFILES%\Eggness
%PROGRAMFILES%\Evercine
%PROGRAMFILES%\Everness
%PROGRAMFILES%\Fishjane
%PROGRAMFILES%\Fishlose
%PROGRAMFILES%\Footblue
%PROGRAMFILES%\Footeat
%PROGRAMFILES%\Footjane
%PROGRAMFILES%\Footlook
%PROGRAMFILES%\Footper
%PROGRAMFILES%\Gofat
%PROGRAMFILES%\Goldass
%PROGRAMFILES%\Gotoe
%PROGRAMFILES%\Gunone
%PROGRAMFILES%\Hipeat
%PROGRAMFILES%\Hipmy
%PROGRAMFILES%\Hippig
%PROGRAMFILES%\Hotdear
%PROGRAMFILES%\Hothair
%PROGRAMFILES%\Hotjob
%PROGRAMFILES%\Hotleaf
%PROGRAMFILES%\Hotmay
%PROGRAMFILES%\Inbob
%PROGRAMFILES%\Infun
%PROGRAMFILES%\Inper
%PROGRAMFILES%\Jamben
%PROGRAMFILES%\Jamjob
%PROGRAMFILES%\Jamlarry
%PROGRAMFILES%\Jarhair
%PROGRAMFILES%\Jarness
%PROGRAMFILES%\Junetoe
%PROGRAMFILES%\Legness
%PROGRAMFILES%\Lerfopervather Host
%PROGRAMFILES%\MIO\loader
%PROGRAMFILES%\Mapbob
%PROGRAMFILES%\Moncar
%PROGRAMFILES%\Newjob
%PROGRAMFILES%\Nolarry
%PROGRAMFILES%\Nosekiss
%PROGRAMFILES%\Onfat
%PROGRAMFILES%\Ontoe
%PROGRAMFILES%\Outbob
%PROGRAMFILES%\Pearhas
%PROGRAMFILES%\Setleaf
%PROGRAMFILES%\Setmike
%PROGRAMFILES%\Shutness
%PROGRAMFILES%\Stancine
%PROGRAMFILES%\Standoor
%PROGRAMFILES%\Standuck
%PROGRAMFILES%\Stanper
%PROGRAMFILES%\Tooleat
%PROGRAMFILES%\Toolhair
%PROGRAMFILES%\Tooltony
%PROGRAMFILES%\Weness
%PROGRAMFILES%\Yeahfire
%PROGRAMFILES%\Yeahseed
%PROGRAMFILES%\Yeahship
%PROGRAMFILES%\Yeshat
%PROGRAMFILES%\Zooarm
%PROGRAMFILES%\Zootony
%PROGRAMFILES%\birdjob
%PROGRAMFILES%\fishhas
%PROGRAMFILES%\hotcine
%PROGRAMFILES%\legass
%PROGRAMFILES%\redjane
%PROGRAMFILES%\seteat
%PROGRAMFILES(x86)%\Alltoe
%PROGRAMFILES(x86)%\Antanna
%PROGRAMFILES(x86)%\Antper
%PROGRAMFILES(x86)%\Applefat
%PROGRAMFILES(x86)%\Applemy
%PROGRAMFILES(x86)%\Bagbin
%PROGRAMFILES(x86)%\Baghair
%PROGRAMFILES(x86)%\Baglook
%PROGRAMFILES(x86)%\Bagsarah
%PROGRAMFILES(x86)%\Ballcine
%PROGRAMFILES(x86)%\Ballduck
%PROGRAMFILES(x86)%\Bangcar
%PROGRAMFILES(x86)%\Banglamp
%PROGRAMFILES(x86)%\Bangtony
%PROGRAMFILES(x86)%\Bedhat
%PROGRAMFILES(x86)%\Bedkiss
%PROGRAMFILES(x86)%\Bemike
%PROGRAMFILES(x86)%\Bepat
%PROGRAMFILES(x86)%\Bigflat
%PROGRAMFILES(x86)%\Bigold
%PROGRAMFILES(x86)%\Birdeye
%PROGRAMFILES(x86)%\Birdmay
%PROGRAMFILES(x86)%\Bookfat
%PROGRAMFILES(x86)%\Bossface
%PROGRAMFILES(x86)%\Bossseed
%PROGRAMFILES(x86)%\Bossship
%PROGRAMFILES(x86)%\Boxbob
%PROGRAMFILES(x86)%\Boxfat
%PROGRAMFILES(x86)%\Cansuck
%PROGRAMFILES(x86)%\Coldmay
%PROGRAMFILES(x86)%\Coldold
%PROGRAMFILES(x86)%\Coldone
%PROGRAMFILES(x86)%\Cupface
%PROGRAMFILES(x86)%\Cuppat
%PROGRAMFILES(x86)%\Daydoor
%PROGRAMFILES(x86)%\Doeye
%PROGRAMFILES(x86)%\Dohat
%PROGRAMFILES(x86)%\Eastmy
%PROGRAMFILES(x86)%\Eastness
%PROGRAMFILES(x86)%\Eggness
%PROGRAMFILES(x86)%\Evercine
%PROGRAMFILES(x86)%\Everness
%PROGRAMFILES(x86)%\Fishjane
%PROGRAMFILES(x86)%\Fishlose
%PROGRAMFILES(x86)%\Footblue
%PROGRAMFILES(x86)%\Footeat
%PROGRAMFILES(x86)%\Footjane
%PROGRAMFILES(x86)%\Footlook
%PROGRAMFILES(x86)%\Footper
%PROGRAMFILES(x86)%\Gofat
%PROGRAMFILES(x86)%\Goldass
%PROGRAMFILES(x86)%\Gotoe
%PROGRAMFILES(x86)%\Gunone
%PROGRAMFILES(x86)%\Hipeat
%PROGRAMFILES(x86)%\Hipmy
%PROGRAMFILES(x86)%\Hippig
%PROGRAMFILES(x86)%\Hotdear
%PROGRAMFILES(x86)%\Hothair
%PROGRAMFILES(x86)%\Hotjob
%PROGRAMFILES(x86)%\Hotleaf
%PROGRAMFILES(x86)%\Hotmay
%PROGRAMFILES(x86)%\Inbob
%PROGRAMFILES(x86)%\Infun
%PROGRAMFILES(x86)%\Inper
%PROGRAMFILES(x86)%\Jamben
%PROGRAMFILES(x86)%\Jamjob
%PROGRAMFILES(x86)%\Jamlarry
%PROGRAMFILES(x86)%\Jarhair
%PROGRAMFILES(x86)%\Jarness
%PROGRAMFILES(x86)%\Junetoe
%PROGRAMFILES(x86)%\Legness
%PROGRAMFILES(x86)%\Lerfopervather Host
%PROGRAMFILES(x86)%\MIO\loader
%PROGRAMFILES(x86)%\Mapbob
%PROGRAMFILES(x86)%\Moncar
%PROGRAMFILES(x86)%\Newjob
%PROGRAMFILES(x86)%\Nolarry
%PROGRAMFILES(x86)%\Nosekiss
%PROGRAMFILES(x86)%\Onfat
%PROGRAMFILES(x86)%\Ontoe
%PROGRAMFILES(x86)%\Outbob
%PROGRAMFILES(x86)%\Pearhas
%PROGRAMFILES(x86)%\Setleaf
%PROGRAMFILES(x86)%\Setmike
%PROGRAMFILES(x86)%\Shutness
%PROGRAMFILES(x86)%\Stancine
%PROGRAMFILES(x86)%\Standoor
%PROGRAMFILES(x86)%\Standuck
%PROGRAMFILES(x86)%\Stanper
%PROGRAMFILES(x86)%\Tooleat
%PROGRAMFILES(x86)%\Toolhair
%PROGRAMFILES(x86)%\Tooltony
%PROGRAMFILES(x86)%\Weness
%PROGRAMFILES(x86)%\Yeahfire
%PROGRAMFILES(x86)%\Yeahseed
%PROGRAMFILES(x86)%\Yeahship
%PROGRAMFILES(x86)%\Yeshat
%PROGRAMFILES(x86)%\Zooarm
%PROGRAMFILES(x86)%\Zootony
%PROGRAMFILES(x86)%\birdjob
%PROGRAMFILES(x86)%\fishhas
%PROGRAMFILES(x86)%\hotcine
%PROGRAMFILES(x86)%\legass
%PROGRAMFILES(x86)%\redjane
%PROGRAMFILES(x86)%\seteat
%UserProfile%\Local Settings\Application Data\Weness
%UserProfile%\Local Settings\Application Data\Yestony

Trending

Most Viewed

Loading...