AdTool.MyWebSearch.au

Description:	Unclassified Threat
Risk Level:	Medium
Date of First Occurence:	Monday, April 14, 2008
Software Developer:	(unknown)
Brief Info:	Unclassified threats are threats that are not properly sorted or threats having an unknown publisher.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "AdTool.MyWebSearch.au"

Threat Info

View All

Detected Items

Detected Files:
Detected Files with variable Filenames: MD5: BAA6CFD45C7B190AC59C14A7B5A9CAF9 Size: 24677 %PROGRAMFILES%\MyWebSearch\bar\1.bin\M3SRCHMN.EXE %SystemDiskRoot%\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE.vir %SystemDiskRoot%\!KillBox\MyWebSearch\bar\1.bin\M3SRCHMN.EXE %WINDIR%\Temp\DWHF86.tmp %PROGRAMFILES%\MyWebSearch\bar\2.bin\M3SRCHMN.EXE %PROGRAMFILES%\myway\bar\2.bin\M3SRCHMN.EXE.ren %SystemDiskRoot%\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP290\A0066894.EXE i:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE %PROGRAMFILES%\AdwareAlert\Quarantine\12-08-2007-08-34-45\10009.qit\bar\1.bin\M3SRCHMN.EXE %SystemDiskRoot%\Windows.old\Program Files\MyWebSearch\bar\3.bin\M3SRCHMN.EXE %ALLUSERS_APPDATA%\Symantec\Symantec AntiVirus Corporate Edition\7.5\APTemp\APQ1AF.tmp and next 96 variations. MD5: 82384A4C75CAFDB8D10A7AA25F8CCFF4 Size: 2749920 %USERPROFILE%\Local Settings\Temporary Internet Files\Content.IE5\ODE34HUJ\SmileyCentralSetup2.3.50.17.ZSman000[1].exe %USERDOCUMENTS%\SmileyCentralSetup2.3.50.17.ZSman000.exe %TEMP%\4ok1eigi.exe %SystemDiskRoot%\$RECYCLE.BIN\S-1-5-21-3941287613-2544968885-1210908923-1000\$R4NNVYF.exe MD5: BD0748DAC9726569E2CAAAFE42C32D31 Size: 5169152 %TEMP%\MWSSETUP.EXE %PROGRAMFILES%\Alwil Software\Avast4\DATA\moved\MWSSETUP.EXE %SystemDiskRoot%\RECYCLER\S-1-5-21-2124934595-3698031532-3142975576-1009\Dc1292.EXE %DESKTOP%\backup\WINDOWS\TEMP\MWSSETUP.EXE MD5: A58CD7833D21A090700FAAA149F91934 Size: 24662 H:\Archivos de programa\MyWebSearch\bar\2.bin\M3SRCHMN.EXE %SystemDiskRoot%\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP359\A0039524.EXE e:\Sauvegarde kader\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE \\Tyan\driveZ\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE F:\RECYCLER\S-1-5-21-117609710-2077806209-725345543-1003\Dd1\MyWebSearch\bar\2.bin\M3SRCHMN.EXE %SystemDiskRoot%\System Volume Information\_restore{C6174862-F908-49C1-A35C-2FA1940B5F23}\RP1254\A0099744.EXE %PROGRAMFILES%\MyWebSearch\bar\2.bin\M3SRCHMN.EXE MD5: 9659E301D09DF54EE38C9DC78A3421A9 Size: 2741976 e:\Users\Angel Jr\Downloads\ZwinkySetup2.3.50.10.exe %SystemDiskRoot%\Users\Angel Jr\Downloads\ZwinkySetup2.3.50.10.exe d:\sandra\sandra2\Documents\Desktop\ZwinkySetup2.3.50.10.exe Os meus documentos\downloads\ZwinkySetup2.3.50.10.ZJfox000.exe %SystemDiskRoot%\Users\Kelsie\ZwinkySetup2.3.50.10.ZJfox000.exe %SystemDiskRoot%\Downloads\Completed\ZwinkySetup2.3.50.10.exe t:\Patrick's Laptop\Completed\ZwinkySetup2.3.50.10.exe MD5: E12DEFECDA3FAE103D8AF11BFF1AAD90 Size: 24576 %PROGRAMFILES%\MSN Messenger\msimg32.dll %PROGRAMFILES%\Internet Explorer\msimg32.dll f:\$RECYCLE.BIN\S-1-5-21-2909029569-769185296-378590055-1000\$R7WBWUX\MSN Messenger\msimg32.dll %PROGRAMFILES%\MSN Messenger\MSIMG32.dll.ren %PROGRAMFILES%\Internet Explorer\MSIMG32.dll.ren %SystemDiskRoot%\System Volume Information\_restore{C1610F47-9637-482A-AFDF-76C1A0C66BAD}\RP189\A0272193.DLL %DESKTOP%\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL %DESKTOP%\Program Files\Internet Explorer\msimg32.dll %SystemDiskRoot%\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP217\A0072217.DLL %SystemDiskRoot%\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP217\A0072206.dll %SystemDiskRoot%\System Volume Information\_restore{C6174862-F908-49C1-A35C-2FA1940B5F23}\RP1254\A0099729.DLL and next 141 variations.

Detecting items list:

Files by MD5 MD5: 4A9ADBA6D1C2F85EA3AC9E76568CF86E Size: 24694 MD5: A58CD7833D21A090700FAAA149F91934 Size: 24662 MD5: 9659E301D09DF54EE38C9DC78A3421A9 Size: 2741976 MD5: EF362E514B5633D93406208415C9A6FB Size: 28672 MD5: E9A3B7ABA3671DA52A5E5F6FC7295AC5 Size: 28672 MD5: 82384A4C75CAFDB8D10A7AA25F8CCFF4 Size: 2749920 MD5: BD0748DAC9726569E2CAAAFE42C32D31 Size: 5169152 MD5: C5EE58AABC4DFC27F1276F67AA7299A7 Size: 2754024 MD5: BAA6CFD45C7B190AC59C14A7B5A9CAF9 Size: 24677

« Go to Software Database

Pesquisar em nosso banco de dados de software

Navegar pelo Banco de dados

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias anteriores sobre malware »