AdTool.WhenU.a

Description:	Unclassified Threat
Risk Level:	Medium
Date of First Occurence:	Wednesday, April 16, 2008
Software Developer:	(unknown)
Brief Info:	Unclassified threats are threats that are not properly sorted or threats having an unknown publisher.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "AdTool.WhenU.a"

Threat Info

View All

Detected Items

Detected Files: %SystemDiskRoot%\PPK_CD\servis\rlight\RadLight3.exe MD5: D0FFCD343439AFADF395A3B4D17BEBF1 Size:859930 e:\Programme\Internet & Netzwerk\Download\TauschBrse\Bear Share\Bear Share v 5.2\BSINSTALLDE52.exe MD5: 16E4538B90A089B97ED13B135C290A07 Size:3534144 %DESKTOP%\PDF Converter\CuteComp.exe MD5: 87F366B2E4A9EC9010E5EBE8782C0A4C Size:1701848 d:\berat\oyun\77Oyun\AquaPOP.exe MD5: F3D8BB6BBEE9F3D6EA6D081DEAA27C2E Size:2885870
Detected Files with variable Filenames: MD5: 3E9C72F5B57307229D75FD5B8891593D Size: 106560 %TEMP%\VVSNInst.exe %PROGRAMFILES%\filesubmit\bdcats.zip\VVSNInst.exe %PROGRAMFILES%\filesubmit\VVSNInst.exe %PROGRAMFILES%\themexp\VVSNInst.exe %PROGRAMFILES%\All2WAV Recorder\VVSNInst.exe %PROGRAMFILES%\themexp\Themexp.org File\VVSNInst.exe d:\Documents and Settings\mmmm\Ustawienia lokalne\Temp\VVSNInst.exe d:\respaldo imagino c\Documents and Settings\Usuario\Local Settings\Temp\VVSNInst.exe %SystemDiskRoot%\RECYCLER\S-1-5-21-3952008336-529500595-3553786955-1003\Dc105.exe %SystemDiskRoot%\Documents and Settings\Natasha Wormley\Local Settings\Temp\VVSNInst.exe %SystemDiskRoot%\Documents and Settings disco C\mario\Impostazioni locali\Temp\VVSNInst.exe and next 32 variations. MD5: CEF5A6707CAF709DC606C1DAA61EB06F Size: 121256 %PROGRAMFILES%\DAEMON Tools\SetupDTSB.exe f:\Programmi\DAEMON Tools\SetupDTSB.exe d:\Intalaky\DAEMON Tools\SetupDTSB.exe D:\Disk+HWtools\DaemonTools\SetupDTSB.exe g:\Program Files\DAEMON Tools\SetupDTSB.exe %SystemDiskRoot%\System Volume Information\_restore{39C0DF2F-A9D0-489A-AFB0-0ACE1CBF9D81}\RP67\A0055022.exe d:\Program Files\DAEMON Tools\SetupDTSB.exe %SystemDiskRoot%\System Volume Information\_restore{4AD4443B-D03C-443D-93F7-BD44BF74EFD8}\RP11\A0012955.exe e:\Programme\DAEMON Tools\SetupDTSB.exe e:\Program Files\DAEMON Tools\SetupDTSB.exe d:\Programy\Daemon\DAEMON Tools\SetupDTSB.exe and next 42 variations. MD5: 9669E660BE9C5F1EC78F0355F3713257 Size: 121256 %PROGRAMFILES%\DAEMON Tools\SetupDTSB.exe %SystemDiskRoot%\System Volume Information\_restore{E202ECEB-50D6-408F-A03D-1FC08C74D55B}\RP4\A0000687.exe F:\Program Files\DAEMON Tools\SetupDTSB.exe %SystemDiskRoot%\System Volume Information\_restore{242F2F82-2BBD-4C25-B079-2AE23D710472}\RP26\A0011669.exe %SystemDiskRoot%\System Volume Information\_restore{242F2F82-2BBD-4C25-B079-2AE23D710472}\RP21\A0006495.exe d:\Program Files\DAEMON Tools\SetupDTSB.exe d:\letltsek\DAEMON Tools\SetupDTSB.exe %SystemDiskRoot%\RECYCLER\NPROTECT\00000033.EXE %SystemDiskRoot%\System Volume Information\_restore{D87A12EA-E604-4E12-898B-F68535EB96F0}\RP456\A0129289.exe f:\RECYCLER\S-1-5-21-436374069-484061587-725345543-1003\Df5\suchit\My Documents\DAEMON Tools\SetupDTSB.exe %PROGRAMFILES%\Alwil Software\Avast4\DATA\moved\A0004006.exe and next 2 variations. MD5: F123981C00295AE5FA1E16B781FFB435 Size: 123000 %PROGRAMFILES%\DAEMON Tools\SetupDTSB.exe d:\Program Files old\DAEMON Tools\SetupDTSB.exe d:\RECYCLER\S-1-5-21-842925246-884357618-839522115-1003\Dd3\SetupDTSB.exe e:\System Volume Information\_restore{1EEAFC4C-5706-4EBD-A71A-C34620AE5A28}\RP62\A0011696.exe %PROGRAMFILES%\DrWeb\infected.!!!\A0014178.exe.3DB8DD44 d:\regi_c\Program Files\DAEMON Tools\SetupDTSB.exe MD5: 59F19E34662EEB71D6D8D0A3B6E83D95 Size: 107064 %PROGRAMFILES%\DAEMON Tools\SetupDTSB.exe %USERDOCUMENTS%\DAEMON Tools 4.0.3 - Full Pack\DAEMON Tools\SetupDTSB.exe d:\System Volume Information\_restore{7A9A4EF8-2C4C-4D06-9531-67885DA18916}\RP17\A0008716.exe %SystemDiskRoot%\System Volume Information\_restore{2340125B-75E8-43DA-8953-BF21002A9C21}\RP84\A0031802.exe d:\Programy\DAEMON Tools\SetupDTSB.exe %SystemDiskRoot%\System Volume Information\_restore{172950F6-6E64-4A9B-BC07-DB19C20D1309}\RP64\A0030604.exe %SystemDiskRoot%\System Volume Information\_restore{172950F6-6E64-4A9B-BC07-DB19C20D1309}\RP64\A0029604.exe %SystemDiskRoot%\System Volume Information\_restore{172950F6-6E64-4A9B-BC07-DB19C20D1309}\RP64\A0029175.exe %SystemDiskRoot%\System Volume Information\_restore{172950F6-6E64-4A9B-BC07-DB19C20D1309}\RP63\A0028880.exe %SystemDiskRoot%\System Volume Information\_restore{172950F6-6E64-4A9B-BC07-DB19C20D1309}\RP63\A0028421.exe %SystemDiskRoot%\System Volume Information\_restore{172950F6-6E64-4A9B-BC07-DB19C20D1309}\RP63\A0028014.exe and next 50 variations. MD5: 08BC5830E008C1BE4F0F2ACC6F02A0E2 Size: 382904 e:\_4-12 Complete\_Z\ \Bad CD Repair Pro\bad_cd_repair_pro_install.exe d:\instalki\Kopiuje porysowane CD\badcdrepairpro\badcdrepairpro\bad_cd_repair_pro_install.exe d:\Pendrive2\badcdrepairpro_Chilewarez.org_\badcdrepairpro\bad_cd_repair_pro_install.exe d:\Downloads\badcdrepairpro\badcdrepairpro\bad_cd_repair_pro_install.exe %SystemDiskRoot%\System Volume Information\_restore{98A9B569-77D5-4F77-ADED-734EA31473E3}\RP253\A0051208.exe %DESKTOP%\badcdrepairpro\badcdrepairpro\bad_cd_repair_pro_install.exe %DESKTOP%\badcdrepairpr1o\badcdrepairpro\bad_cd_repair_pro_install.exe %USERDOCUMENTS%\badcdrepairpro\badcdrepairpro\bad_cd_repair_pro_install.exe %DESKTOP%\badcdrepairpro_WwW.X-CALETA.COM\badcdrepairpro\bad_cd_repair_pro_install.exe %SystemDiskRoot%\Vietinis diskas (E)\Patarejas\programos\Bad CD Repair Pro\bad_cd_repair_pro_install.exe %SystemDiskRoot%\Documents and Settings\Joe\Desktop\stuff ex JTs stash\bad_cd_repair_pro_install.exe and next 1 variations. MD5: BE39EE979E9940508E511994141F8990 Size: 6806391 e:\Marcos\utilitarios\bsplayer215[1].943_clip.exe %TEMP%\_tc6\BSPlayer v215.943_clip.exe %TEMP%\_tc2\BSPlayer v215.943_clip.exe d:\LEJTSZS\BSPlayer v215.943_clip.exe f:\G.Farins\Guillermo\Programas\bsplayer215[1].943_clip.exe %SystemDiskRoot%\Windows.old\Windows\CSC\v2.0.6\namespace\SERVER\Users\Guillermo\Mis documentos\Guillermo\Programas\bsplayer215[1].943_clip.exe %SystemDiskRoot%\Windows.old\Users\Guillermo\Mis documentos\Guillermo\Ocio\Programas\bsplayer215[1].943_clip.exe %SystemDiskRoot%\Windows.old\Documents and Settings\Guillermo\Documents\Guillermo\Ocio\Programas\bsplayer215[1].943_clip.exe %USERDOCUMENTS%\Guillermo\Ocio\Programas\bsplayer215[1].943_clip.exe %DESKTOP%\download\tools\player\bsplayer215.943_clip.exe %DESKTOP%\Dokumentumok\_ezmegaz\bsplayer215[1].943_clip.exe and next 0 variations. MD5: A16EC11226730330C32115BC3656BA18 Size: 131960 e:\System Volume Information\_restore{8B50FFC9-A561-4983-839C-7AE9D72D84BF}\RP177\A0073926.exe e:\Downloadz\SetupInstRe.exe %USERPROFILE%\Local Settings\Temporary Internet Files\Content.IE5\8XIJKPQN\SetupInstRe[1].exe %USERDOCUMENTS%\Letltsek\SetupInstRe.exe %USERDOCUMENTS%\Letltsek\SetupInstRe(2).exe d:\tomik - !\Rzn prog\SetupInstRe.exe d:\tomik - !\SetupInstRe.exe d:\instalaciones\SetupInstRe.exe d:\System Volume Information\_restore{11E95D35-D2EE-4B80-B2F8-975DFB6D9670}\RP161\A0119275.exe d:\install\SetupInstRe.exe %SystemDiskRoot%\Users\Rasa\Downloads\SetupInstRe.exe and next 4 variations. MD5: 777C143BA209E58B21C7EA838360335F Size: 1374585 e:\UpToDown\03 Internet\Lphant-v3.02-Installer.exe %SystemDiskRoot%\Lphant-v3.02-Installer.exe f:\progamas egecutables\Lphant-v3.02-Installer.exe %DESKTOP%\Todo el escritorio\progamas egecutables\Lphant-v3.02-Installer.exe d:\Downloads\Lphant-v3.02-Installer.exe h:\Downloads\PC\Lphant-v3.02-Installer.exe %SystemDiskRoot%\RECYCLER\S-1-5-21-2567003989-26510390-311954006-1008\Dc15.exe e:\System Volume Information\_restore{00D08531-0720-4F32-B7A0-8F7EA0652AFD}\RP160\A0020581.exe %SystemDiskRoot%\19-10-07 Datos Policia\Archivos de programa\Lphant-v3.02-Installer.exe f:\System Volume Information\_restore{80EFFE5D-E47A-4A62-BEC4-8B3FC132CDBE}\RP14\A0002738.exe f:\System Volume Information\_restore{80EFFE5D-E47A-4A62-BEC4-8B3FC132CDBE}\RP14\A0002737.exe MD5: AADF4E3CE88935A277C379F8F2ADE91B Size: 2318064 %TEMP%\5770.exe c:\Felipe\Programas\mezclador de musica.exe %SystemDiskRoot%\RECYCLER\S-1-5-21-789336058-73586283-725345543-1003\Dc4.exe f:\10314\Documents and Settings\Eddie Bannon\Desktop\Stuff\setup.exe d:\PROGRAMS\DJ mix\setup.exe %SystemDiskRoot%\System Volume Information\_restore{A1E49049-9DBF-42E3-8187-710BEC515F77}\RP270\A0176472.exe j:\Retrospect Copies\(ACER) Backup of Local Disk (C)\Documents and Settings\Owner\My Documents\Downloads\mixsensesetup.exe MD5: 02D1059EA8597BC7AEC52E9CC1E57A3E Size: 5405904 d:\DELL\D\New Folder\torrentsearcher53.exe d:\DELL\D\New Folder\My Shared Folder\torrentsearcher53.exe %SystemDiskRoot%\My Shared Folder\torrentsearcher60.exe %SystemDiskRoot%\torrentsearcher60.exe %SystemDiskRoot%\My Shared Folder\torrentsearcher53.exe %SystemDiskRoot%\Downloads\torrentsearcher53.exe %SystemDiskRoot%\torrentsearcher53.exe %SystemDiskRoot%\Programas\torrentsearcher60.exe MD5: 932D86E6F3D2B4B191FCE0691FB54FD0 Size: 1050072 d:\ \Soft\\ \WAV to MP3 Encoder v2.5\setupwavtomp3.exe %SystemDiskRoot%\NEW\setupwavtomp3.exe f:\Software Post format\DVD 2\Audio Editing\setupwavtomp3.exe MD5: 97C5A450DECB92546BEB4FACA9831900 Size: 4923979 %PROGRAMFILES%\LimeWire Turbo\Shared\LW Turbo 5.4.1 Final.exe %SystemDiskRoot%\$Recycle.Bin\S-1-5-21-112531627-3087031663-281828992-1000\$RYP125O.1_Final\LW.T_5.4.1_Final\LW Turbo 5.4.1 Final.exe h:\kituri2008\LW Turbo 5.4.1 Final.exe %PROGRAMFILES%\Limewire_Turbo_5.4.1\Setup.exe %PROGRAMFILES%\LimeWire Turbo\Shared\Setup.exe %USERPROFILE%\ \SETUP\limewire_turbo.exe e:\GYJT\PROGRAMOK\LimeWire 5\Setup.exe e:\install\- P2P, File Sharing -\LimeWire Turbo 5.4.1\Setup.exe d:\hdd\programlar\LW_Turbo_5.4.1_Final\LW Turbo 5.4.1 Final\LW Turbo 5.4.1 Final.exe d:\System Volume Information\_restore{292FD36F-BA51-4650-B6AF-73C2B9929593}\RP56\A0051847.exe e:\software\limeWire Turbo\LimeWire Turbo 5.41\Shared\limewire_turbo.exe and next 2 variations. MD5: 06660DEE744A4F340F7C6DDF299AF1DC Size: 369302 F:\Ultra Software (G)\Recovery\bad_cd_repair_pro_install\bad_cd_repair_pro_install.exe k:\DE TOATE\KITURI\Permanente\Utilitare\BadCD Repair 4.0\badcdrepairpro\bad_cd_repair_pro_install.exe MD5: CCE6CF4AC4AF0165CECA360BA1700E07 Size: 3053851 d:\=INSTALL=\bsplayer142[1].833.exe f:\System Volume Information\_restore{ADB9E5AA-21F4-44AF-A9D0-0F21ECBA2EB4}\RP148\A0024887.exe f:\My Downloads\Video\Players\DiVX\BSPlayer\bsplayer142.833.exe MD5: 64816655F6A2D1B49FF89D5B31599A0C Size: 1063694 e:\DATA\\\EXE\Music\setupmp3towav.exe %USERPROFILE%\DoctorWeb\Quarantine\setupmp3towav.exe i:\Documents and Settings\mike\ \Downloads\Programms\setupmp3towav.exe f:\\Web-Stream\\setupmp3towav.exe f:\Downloads\Programms\setupmp3towav.exe %DESKTOP%\Neuer Ordner\Alles\Neuer Ordner (2)\Privat\setupmp3towav.exe

Detecting items list:

Files by MD5 MD5: 275EF5A3A1CEBE59B9D92E86DCA63033 Size: 121256 MD5: D846A9E8F3898E568A941EEBFBD6825D Size: 808504 MD5: F3D8BB6BBEE9F3D6EA6D081DEAA27C2E Size: 2885870 MD5: AADF4E3CE88935A277C379F8F2ADE91B Size: 2318064 MD5: 777C143BA209E58B21C7EA838360335F Size: 1374585 MD5: 932D86E6F3D2B4B191FCE0691FB54FD0 Size: 1050072 MD5: A16EC11226730330C32115BC3656BA18 Size: 131960 MD5: 9669E660BE9C5F1EC78F0355F3713257 Size: 121256 MD5: AF08E2087520FB16B6E19034AECCE1C4 Size: 4399736 MD5: E33C4EADC1A90B59386FF6AB2AEAFADF Size: 2908786

« Go to Software Database

Pesquisar em nosso banco de dados de software

Navegar pelo Banco de dados

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias anteriores sobre malware »