AdWare.Virtumonde.qng
|
Description:
|
Adware
|
|
Risk Level:
|
Critical
|
|
Date of First Occurence:
|
Monday, April 28, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Adware
Software that is displaying pop-up/pop-under windows containing advertisements when the primary user interface is not visible or displayed advertisements are not related to the product.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
REMOVER SPYWARE »
Geographical Distribution of Threat "AdWare.Virtumonde.qng"
Threat Info
View All
Detected Items
- Detected Files:
%SYSDIR%\mlJATklJ.dll
MD5: 657D7A5AC680327A0F84B8AE54E8125A Size:37888
%SYSDIR%\ssqNHaAQ.dll
MD5: 62A934DD020778F89C33F46EB0D63851 Size:37888
- Detected Files with variable Filenames:
MD5: FA4356974A67FFDC905ACD16A65978F8 Size: 37888
%SYSDIR%\opnMdBSk.dll
%SYSDIR%\qoMgfGvw.dll
%SYSDIR%\nnnljgEU.dll
%SYSDIR%\cbXQkiIY.dll
%SYSDIR%\jkkHWmjG.dll
%SYSDIR%\mlJBSmNg.dll
%SYSDIR%\khfDvsSL.dll
%SYSDIR%\awttrRlj.dll
%SYSDIR%\gebrlkbu.dll.ren
%SYSDIR%\geBstron.dll
%SYSDIR%\urqqhhww.dll.ren
and next 52 variations.
MD5: 4680A260300F436E7C521D5111326AAE Size: 37888
%SYSDIR%\efcDSKcB.dll
%SYSDIR%\khfDvwVn.dll
%SYSDIR%\efcAPIBq.dll
%SYSDIR%\nnNfFXrr.dll
%TEMP%\hgGaaWnk.dll
%SystemDiskRoot%\Users\Stephen\AppData\Local\Temp\rqRJDvtu.dll
MD5: 6DEAB4D519F65D8710C6BC09E419315B Size: 37888
%SYSDIR%\ddcBUnkL.dll
%SYSDIR%\ssqNGWoP.dll
%TEMP%\urqQgeEv.dll
%TEMP%\wvUlmMfG.dll
%SYSDIR%\nNEUKCtr.dll
%SystemDiskRoot%\Users\dm\AppData\Local\Temp\hgGVpnmn.dll
%TEMP%\urqRIaYs.dll
%SYSDIR%\byXRliJA.dll
%TEMP%\rqRHaWQj.dll
MD5: 5D8A9F489FE035D968DEB688DA769CC0 Size: 37888
%SYSDIR%\wvUliheB.dll
%SYSDIR%\iifGxxwX.dll
MD5: 00830CDDBC243A54097219E4C1771B7A Size: 37888
%SYSDIR%\tuvUOfgH.dll
%SYSDIR%\yayaYrpN.dll
%TEMP%\khffGYol.dll
%TEMP%\qoMfgGvt.dll
%SYSDIR%\efcBsQIb.dll
%SYSDIR%\nnnoNeEu.dll
%SYSDIR%\vtUnkljj.dll
%SYSDIR%\hgGxUKdA.dll
%SYSDIR%\ddcapooh.dll.ren
%SystemDiskRoot%\System Volume Information\_restore{491CE589-2971-4B34-9F90-4A438B731058}\RP39\A0044740.dll
%SystemDiskRoot%\System Volume Information\_restore{491CE589-2971-4B34-9F90-4A438B731058}\RP39\A0044736.dll
and next 39 variations.
MD5: 20CE4FCC3BA4E7AD566942AB3229A65E Size: 37888
%SYSDIR%\ddcAtRhI.dll
%SYSDIR%\hgGyvwWN.dll
Detecting items list:
- Files by MD5
MD5: 00830CDDBC243A54097219E4C1771B7A Size: 37888
MD5: 00830CDDBC243A54097219E4C1771B7A Size: 37888
MD5: 262AB6C469ED54F24D13050EF62D6EC4 Size: 37888
MD5: 20CE4FCC3BA4E7AD566942AB3229A65E Size: 37888
MD5: 1FE0915A8A1CE5AADC1E85E719A3C739 Size: 37888
MD5: 0240DD71EC4B54F3DB7A789754454E0E Size: 37888
MD5: FA4356974A67FFDC905ACD16A65978F8 Size: 37888
MD5: E53A8C3602AA554751A6F3838AEBAE37 Size: 37888
MD5: D856135FBED0EDB298E5C9C3F642DEB4 Size: 37888
- Files by CLSID or Name
CLSID=A6C54318-5AC7-477D-B0A7-49AF5189300C
«
Go to Software Database
