ezReward
|
Description:
|
Spyware
|
|
Risk Level:
|
Low
|
|
Date of First Occurence:
|
Wednesday, June 18, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Spyware is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with the computer, without the user's informed consent.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
RIMUOVI SPYWARE »
Geographical Distribution of Threat "ezReward"
Threat Info
View All
Detected Items
- Detected Files:
%PROGRAMFILES%\ErWindow\ErWindow.exe
MD5: 618DA17AEB4AB5F8B6E2BFDCB4B16F4C Size:762368
%PROGRAMFILES%\ErWindow\ErWindow.dll
MD5: 8A2A26898566E4FD49B46C6B2F6640D1 Size:45056
%PROGRAMFILES%\ErWindow\ErUtf.dll
MD5: 7BE7407FC93D4B68AD6557CC45EFA9D1 Size:695296
%PROGRAMFILES%\ErWindow\ErSQL.dll
MD5: B45E3EEFBDEE517E2032C2FCE0D14891 Size:901184
%PROGRAMFILES%\ErWindow\ErData.dll
MD5: 95E98327F20093C3CB737AFCC2475B15 Size:1149952
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%PROGRAMFILES%\ErWindow\ErData.dll
%PROGRAMFILES%\ErWindow\ErSQL.dll
%PROGRAMFILES%\ErWindow\ErUtf.dll
%PROGRAMFILES%\ErWindow\ErWindow.dll
%PROGRAMFILES%\ErWindow\ErWindow.exe
%START_PROGRAMS%\Å ½Å\Å ½Å Å.lnk
%START_PROGRAMS%\Å ½Å\Å ½Å.lnk
%START_PROGRAMS%\Å ½Å\À̼¾½ .url
%START_PROGRAMS%\Å ½Å\ÈÆÀÌ.url
- Files by Directories
%PROGRAMFILES%\ErWindow
%START_PROGRAMS%\Å ½Å
- Files by CLSID or Name
CLSID=CA17B789-D21A-49cf-81F5-F7E01DE2C452
- Registry Keys
HKCR\Windows.ErWindow
HKCR\Windows.ErWindow.1
HKCU\Software\ErWindow
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Å ½Å
HKLM\SOFTWARE\erWindow
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA17B789-D21A-49cf-81F5-F7E01DE2C452}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ErWindow
- Registry Values
HKCU\Software\Microsoft\Windows\CurrentVersion\Run ValueName=ErWindow
«
Go to Software Database
