DotcomToolbar
|
Description:
|
Spyware
|
|
Risk Level:
|
Low
|
|
Date of First Occurence:
|
Friday, May 09, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Spyware is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with the computer, without the user's informed consent.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
REMOVER SPYWARE »
Geographical Distribution of Threat "DotcomToolbar"
Threat Info
View All
Detected Items
- Detected Files:
%WINDIR%\redirect7.exe
MD5: 46BD1D0D855D74CA5913E80484017E4E Size:57344
%SystemDiskRoot%\kybrdd_5.exe
MD5: 2818F60901A667AA3B407B4F99B0E551 Size:40960
%SystemDiskRoot%\kybrdc_2.exe
MD5: 27D3E6B0C6B7FF929EC37EC70B71A6B2 Size:28672
%SystemDiskRoot%\kybrdff_e20.exe
MD5: 6F1E0D5C1BA6FA6ABDC6EC11D75D59CC Size:21504
%SystemDiskRoot%\kybrdff_18.exe
MD5: 2B73CB7BCB209E84AEE8F11F3224723F Size:282624
%SystemDiskRoot%\kybrdff_16.exe
MD5: 5ECE07271C4E7B52993749796A094768 Size:81920
%SystemDiskRoot%\kybrdff_15.exe
MD5: 961E1960F106A14F2D1F065814C94B51 Size:69632
%SystemDiskRoot%\kybrdff_11.exe
MD5: 8B405CB3D52446A7A0DFF2744E2B7BDF Size:98304
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%DOWNLOADEDPROGRAMFILES%\dotcomtoolbar.asp
%DOWNLOADEDPROGRAMFILES%\toolbar_nieuw14.dll
%WINDIR%\redirect7.exe
%SystemDiskRoot%\dfndr.exe
%SystemDiskRoot%\dfndrff_7.exe
%SystemDiskRoot%\kybrd.exe
%SystemDiskRoot%\kybrdff_7.exe
%systemdiskroot%\kybrd??_??.exe
%systemdiskroot%\kybrd??_?.exe
%systemdiskroot%\kybrd??_???.exe
%systemdiskroot%\kybrd???_???.exe
%systemdiskroot%\kybrd?_???.exe
%systemdiskroot%\kybrd?_?.exe
%systemdiskroot%\dfndr???_???.exe
%systemdiskroot%\dfndr?_???.exe
%SystemDiskRoot%\nwnm.exe
%DOWNLOADEDPROGRAMFILES%\logo.bmp
%DOWNLOADEDPROGRAMFILES%\logo.gif
%DOWNLOADEDPROGRAMFILES%\logo2.gif
%DOWNLOADEDPROGRAMFILES%\nav.bmp
%DOWNLOADEDPROGRAMFILES%\nav_hot.bmp
- Files by CLSID or Name
CLSID=5F1ABCDB-A875-46c1-8345-B72A4567E486
- Registry Keys
HKCR\Pugi.PugiObj
HKCR\Pugi.PugiObj.1
HKCU\Software\DotComToolbar
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DotComToolbarDotComToolbar
«
Go to Software Database
