CWS.Aboutblank

Description:	Spyware
Risk Level:	High
Date of First Occurence:	Wednesday, April 16, 2008
Software Developer:	CoolWebSearch.com
Brief Info:	CWS/Aboutblank changes a user's web browser settings.
Removal:	This threat can be removed using "Spyware Terminator"

ELIMINAR SPYWARE »

Geographical Distribution of Threat "CWS.Aboutblank"

Threat Info

View All

Detected Items

Detected Files: %SystemDiskRoot%\temp\msbb.exe MD5: A89DDB6F2C69A9940C9E60EA88FE449A Size:309760 MD5: BE39E672B41E361304B0935F1BB54E23 Size:278528 MD5: 97D1792F15D0A1F1701002885CFBD981 Size:282624 MD5: 9DE544819A8E4B67463497A90C85FB6F Size:109056 %WINDIR%\appum.exe MD5: 97B1B0A86CC7BF7EC435E6D51D118B52 Size:12025 %WINDIR%\winvw32.exe MD5: D08602B22659A955AEA281E53444B991 Size:12022 MD5: 14204E568DB7C95A298DE3B282C192BD Size:10301 MD5: A8E840745CC4CACC06A7334F19A439D5 Size:68096 MD5: F751D18C5906BFD3ED278C8EEDD2EA8A Size:12276 %WINDIR%\ievr32.exe MD5: DB47B0445202003D4CCB2E3CF3CC18F5 Size:11634 %WINDIR%\msky.exe MD5: 6123D585757985D2A8134595A343D599 Size:37285 MD5: 287CD710CF29720DE67BC9F1DB87508B Size:29917 %SYSDIR%\sysfl32.dll MD5: 6B96FE7A3AE7987982FB284EBD2CC0F8 Size:102094 %SYSDIR%\ntzv32.exe MD5: 576DD7FE7258F1322479A407E76C2E40 Size:11966 %SYSDIR%\mfces32.exe MD5: B50A0E01CF8D9F57573F1BD592C7D28C Size:12294 %SYSDIR%\msvy32.dll MD5: CEC08EA7B16436F194BEE3B4EC8FE2C4 Size:89861
Detected Files with variable Filenames: MD5: 7AA603A4B0D725CE200E7A89487DDD8E Size: 11636 %SYSDIR%\mfces32.exe %WINDIR%\ntdx32.exe MD5: 2AD6552223C2313A3ED6B1E016A53D64 Size: 11385 %WINDIR%\crqe32.exe %WINDIR%\appum.exe %WINDIR%\ntdx32.exe %WINDIR%\ievr32.exe %SYSDIR%\ievr32.exe MD5: C7AD7FE1E9449CB1B91451FB104203B5 Size: 36677 %WINDIR%\crqe32.exe %WINDIR%\msky.exe MD5: BB220B8990698E3718D0150A1A2EAF90 Size: 36621 %WINDIR%\ntdx32.exe %WINDIR%\ievr32.exe MD5: 13889EA20D7E167AD135665E184E5194 Size: 11767 %SYSDIR%\crqe32.exe %WINDIR%\crqe32.exe %SYSDIR%\ipso.exe %WINDIR%\msky.exe %SYSDIR%\winpz.exe %WINDIR%\appum.exe %WINDIR%\ntdx32.exe %WINDIR%\winvw32.exe %WINDIR%\ievr32.exe MD5: 396503385543BADF8A51597120361AB7 Size: 12028 %WINDIR%\crqe32.exe %SYSDIR%\ipso.exe %WINDIR%\appum.exe %WINDIR%\ievr32.exe

Detecting items list:

Files by Name %SYSDIR%\achpjba.dll %SYSDIR%\wdm.dll %SYSDIR%\cbme.dll %SYSDIR%\xea2108l.9zt %sysdir%\ctlpb.dll %systemdiskroot%\temp\msbb.exe %sysdir%\fijhf.dll %sysdir%\msvy32.dll %sysdir%\iulugu.exe %sysdir%\ntzv32.exe %sysdir%\ievr32.exe %windir%\ievr32.exe %sysdir%\ftdgwj.exe %sysdir%\kwipaw.exe %windir%\winvw32.exe %windir%\ntdx32.exe %windir%\appum.exe %sysdir%\mfces32.exe %sysdir%\winpz.exe %windir%\msky.exe %sysdir%\ipso.exe %windir%\crqe32.exe %sysdir%\crqe32.exe %sysdir%\ntqu32.dll %sysdir%\sysfl32.dll
Files by CLSID or Name CLSID=06abaa2d-34ab-4902-a326-409bd9b9a7a5 CLSID=8D291203-D787-6A2F-2D24-18C37669C147 CLSID=A8EB478A-A3E8-2ECF-B115-9E8F5B3F1ECF CLSID=A8E7A7F0-2CF2-EB3D-F788-3CE5C20624D4 CLSID=B4BF9C14-1EE5-510F-78CB-D256DA9572AA

« Go to Software Database

Búsquedas en Nuestra Base de Datos del Software

Buscar en la Base de Datos del Software

Últimas Noticias Sobre Malware

23. septiembre 2011

Entre los spywares de la actualidad el Trojan MicroFake.ba. es sin duda el más activo. Ataca en conjunto con las aplicaciones antispyware Rogue y obliga a los usuarios a adquirir estas aplicaciones falsas. El uso de técnicas de rootkit es muy típico de este troyano para ayudarse a ocultarse de los usuarios y del sistema, por lo que es difícil de rastrear. Se recomienda la actualización periódica de nuestra base de datos y una activa protección en tiempo real con el antivirus.

Noticias más antiguas sobre malware »