AbetterInternet.Ceres

Description:	Adware
Risk Level:	High
Date of First Occurence:	Friday, May 09, 2008
Software Developer:	Direct Revenue, LLC
Brief Info:	ABetterInternet/Ceres displays popup/popunder ads when the primary user interface is not visible.
Removal:	This threat can be removed using "Spyware Terminator"

SUPPRIMER SPYWARE »

Geographical Distribution of Threat "AbetterInternet.Ceres"

Threat Info

View All

Detected Items

Detected Files: %WINDIR%\ceres.dll MD5: A228A46400FE95879E7E7EA79B0393F0 Size:327680 MD5: 8C26B138F19D7A75803C414B47BF351D Size:249856 MD5: 81B5B903052646A79406EB54C01E8BD3 Size:327680 MD5: 492B2B64667E4D24A648335F820C5790 Size:327680 %WINDIR%\CERES.DLL MD5: C1E7E548C1EDAD03B12CC6B153F44774 Size:253952 %TEMP%\drp58.tmp\thnall5c.exe MD5: 5FB7B4AE603309572780178D2479690A Size:70144 %TEMP%\drp10.tmp\thnall5c.exe MD5: D007CDD1C9BC4523A70AD78BDEB554B9 Size:69632 %TEMP%\drp9B.tmp\thnall5c.exe MD5: D12F6B17548AB9F01294F07F98A0A10B Size:70144 %TEMP%\drp71.tmp\thnall5c.exe MD5: 793316D5CE1F100C2B33730E7368E99B Size:70144 %TEMP%\drp50.tmp\thnall5c.exe MD5: 971F449B04C4F614D196975FD4E470B6 Size:69632
Detected Files with variable Filenames: MD5: 81B5B903052646A79406EB54C01E8BD3 Size: 327680 %WINDIR%\ceres.dll %TEMP%\drtemp\ceres.dll

Detecting items list:

Files by Name %windir%\ceres.dll %windir%\flashtalk-wise1000.exe %TEMP%\drtemp\ceres.dll %TEMP%\drtemp\ceres.cab %TEMP%\drp*\thnall5c.exe %windir%\inf\ceres.inf
Files by MD5 MD5: B1E6AB14647591D677EE6C59606B7491 Size: 91136
Files by CLSID or Name CLSID=00000049-8f91-4d9c-9573-f016e7626484
Registry Keys HKCU\software\ceres HKLM\software\ceres HKLM\software\microsoft\windows\currentversion\uninstall\ceres

« Go to Software Database

Chercher dans la Base de Données de notre Logiciel

Naviguez dans la Base de Données du Logiciel

Dernières Nouvelles sur les Malwares

15. marche 2010

For the second time since the beginning of the year another critical error with “zero-day” vulnerability has appeared in Internet Explorer browser. An effort to misuse this error was reported by several security companies. The error is not able to be misused through opening an email in HTML format, but it is enough to allure users to a fraudulent website or to click on a link in the email. This error does not affect Internet Explorer 8 but users with Internet Explorer 6 or 7 are recommended to activate DEP protection and block scripting in their browser and in emails. Furthermore, we recommend that users activate or install our WSG application (Web Security Guard), which protects users from entering fraudulent websites.

Anciennes Nouvelles sur les Malwares »