ezReward

Description: Spyware
Risk Level: Low
Date of First Occurence: Wednesday, June 18, 2008
Software Developer: (unknown)
Brief Info: Spyware is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with the computer, without the user's informed consent.
Removal: This threat can be removed using "Spyware Terminator"

ENTFERNEN SPYWARE »

Geographical Distribution of Threat "ezReward"

Threat Info

View All

Detected Items

  1. Detected Files: %PROGRAMFILES%\ErWindow\ErWindow.exe MD5: 618DA17AEB4AB5F8B6E2BFDCB4B16F4C Size:762368 %PROGRAMFILES%\ErWindow\ErWindow.dll MD5: 8A2A26898566E4FD49B46C6B2F6640D1 Size:45056 %PROGRAMFILES%\ErWindow\ErUtf.dll MD5: 7BE7407FC93D4B68AD6557CC45EFA9D1 Size:695296 %PROGRAMFILES%\ErWindow\ErSQL.dll MD5: B45E3EEFBDEE517E2032C2FCE0D14891 Size:901184 %PROGRAMFILES%\ErWindow\ErData.dll MD5: 95E98327F20093C3CB737AFCC2475B15 Size:1149952
  2. Detected Files with variable Filenames:

Detecting items list:

  1. Files by Name %PROGRAMFILES%\ErWindow\ErData.dll %PROGRAMFILES%\ErWindow\ErSQL.dll %PROGRAMFILES%\ErWindow\ErUtf.dll %PROGRAMFILES%\ErWindow\ErWindow.dll %PROGRAMFILES%\ErWindow\ErWindow.exe %START_PROGRAMS%\Å ½Å\Å ½Å Å.lnk %START_PROGRAMS%\Å ½Å\Å ½Å.lnk %START_PROGRAMS%\Å ½Å\À̼¾½ .url %START_PROGRAMS%\Å ½Å\ÈÆÀÌ.url
  2. Files by Directories %PROGRAMFILES%\ErWindow %START_PROGRAMS%\Å ½Å
  3. Files by CLSID or Name CLSID=CA17B789-D21A-49cf-81F5-F7E01DE2C452
  4. Registry Keys HKCR\Windows.ErWindow HKCR\Windows.ErWindow.1 HKCU\Software\ErWindow HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Å ½Å HKLM\SOFTWARE\erWindow HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA17B789-D21A-49cf-81F5-F7E01DE2C452} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ErWindow
  5. Registry Values HKCU\Software\Microsoft\Windows\CurrentVersion\Run ValueName=ErWindow

« Go to Software Database