Technical details:
Categories: Adware
CDNHelper Folders:
[%PROGRAMS%]\cdnClient
CDNHelper Files:
[%PROFILE_TEMP%]\2\cnrbtn.html
[%PROFILE_TEMP%]\311\cnrbtn.html
[%PROFILE_TEMP%]\31\cnrbtn.html
[%PROFILE_TEMP%]\3B\cnrbtn.html
[%PROFILE_TEMP%]\3\cnrbtn.html
[%PROFILE_TEMP%]\C\cnrbtn.html
[%PROFILE_TEMP%]\setup\cdn.dll
[%PROFILE_TEMP%]\setup\CdnAux.dll
[%PROFILE_TEMP%]\setup\CdnIEHlp.dll
[%PROFILE_TEMP%]\setup\cdntran.dat
[%PROGRAM_FILES%]\OCINS\cnrbtn.html
[%SYSTEM%]\zunins.exe
[%DESKTOP%]\IdnMail.lnk
[%PROFILE_TEMP%]\1C\cdn.dll
[%PROFILE_TEMP%]\1C\cdnaux.dll
[%PROFILE_TEMP%]\1C\cdnforie.dll
[%PROFILE_TEMP%]\1C\cdnins.dll
[%PROFILE_TEMP%]\1C\cdnprh.dll
[%PROFILE_TEMP%]\1C\cdnprot.dat
[%PROFILE_TEMP%]\1C\cdnprot.sys
[%PROFILE_TEMP%]\1C\cdnunins.exe
[%PROFILE_TEMP%]\1C\cdnup.exe
[%PROFILE_TEMP%]\1C\cdnvers.dat
[%PROFILE_TEMP%]\1C\idnconvs.dll
[%PROFILE_TEMP%]\cdndisp.tmp
[%PROFILE_TEMP%]\setup\AHOOK9X.DAT
[%PROFILE_TEMP%]\setup\AHOOKNT.DAT
[%PROFILE_TEMP%]\setup\capp.exe
[%PROFILE_TEMP%]\setup\character.dat
[%PROFILE_TEMP%]\setup\clean.exe
[%PROFILE_TEMP%]\setup\CodeLib.dll
[%PROFILE_TEMP%]\setup\hookdll.dll
[%PROFILE_TEMP%]\setup\IdnMail.exe
[%PROFILE_TEMP%]\setup\idnoe.dll
[%PROFILE_TEMP%]\setup\idnol.dll
[%PROFILE_TEMP%]\setup\zconfig.dat
[%PROFILE_TEMP%]\setup\zunins.exe
[%PROFILE_TEMP%]\setup\zver.dat
[%SYSTEM%]\capp.exe
[%SYSTEM%]\cdn.dll
[%SYSTEM%]\CdnAux.dll
[%SYSTEM%]\CdnIEHlp.dll
[%SYSTEM%]\character.dat
[%SYSTEM%]\IdnMail.exe
[%SYSTEM%]\idnoe.dll
[%SYSTEM%]\idnol.dll
[%SYSTEM%]\ZUpdate\zver.dat
[%SYSTEM%]\ZW.exe
[%PROFILE_TEMP%]\2\cnrbtn.html
[%PROFILE_TEMP%]\311\cnrbtn.html
[%PROFILE_TEMP%]\31\cnrbtn.html
[%PROFILE_TEMP%]\3B\cnrbtn.html
[%PROFILE_TEMP%]\3\cnrbtn.html
[%PROFILE_TEMP%]\C\cnrbtn.html
[%PROFILE_TEMP%]\setup\cdn.dll
[%PROFILE_TEMP%]\setup\CdnAux.dll
[%PROFILE_TEMP%]\setup\CdnIEHlp.dll
[%PROFILE_TEMP%]\setup\cdntran.dat
[%PROGRAM_FILES%]\OCINS\cnrbtn.html
[%SYSTEM%]\zunins.exe
[%DESKTOP%]\IdnMail.lnk
[%PROFILE_TEMP%]\1C\cdn.dll
[%PROFILE_TEMP%]\1C\cdnaux.dll
[%PROFILE_TEMP%]\1C\cdnforie.dll
[%PROFILE_TEMP%]\1C\cdnins.dll
[%PROFILE_TEMP%]\1C\cdnprh.dll
[%PROFILE_TEMP%]\1C\cdnprot.dat
[%PROFILE_TEMP%]\1C\cdnprot.sys
[%PROFILE_TEMP%]\1C\cdnunins.exe
[%PROFILE_TEMP%]\1C\cdnup.exe
[%PROFILE_TEMP%]\1C\cdnvers.dat
[%PROFILE_TEMP%]\1C\idnconvs.dll
[%PROFILE_TEMP%]\cdndisp.tmp
[%PROFILE_TEMP%]\setup\AHOOK9X.DAT
[%PROFILE_TEMP%]\setup\AHOOKNT.DAT
[%PROFILE_TEMP%]\setup\capp.exe
[%PROFILE_TEMP%]\setup\character.dat
[%PROFILE_TEMP%]\setup\clean.exe
[%PROFILE_TEMP%]\setup\CodeLib.dll
[%PROFILE_TEMP%]\setup\hookdll.dll
[%PROFILE_TEMP%]\setup\IdnMail.exe
[%PROFILE_TEMP%]\setup\idnoe.dll
[%PROFILE_TEMP%]\setup\idnol.dll
[%PROFILE_TEMP%]\setup\zconfig.dat
[%PROFILE_TEMP%]\setup\zunins.exe
[%PROFILE_TEMP%]\setup\zver.dat
[%SYSTEM%]\capp.exe
[%SYSTEM%]\cdn.dll
[%SYSTEM%]\CdnAux.dll
[%SYSTEM%]\CdnIEHlp.dll
[%SYSTEM%]\character.dat
[%SYSTEM%]\IdnMail.exe
[%SYSTEM%]\idnoe.dll
[%SYSTEM%]\idnol.dll
[%SYSTEM%]\ZUpdate\zver.dat
[%SYSTEM%]\ZW.exe
CDNHelper Registry Keys:
HKEY_CLASSES_ROOT\cdnforie.iehlprobj
HKEY_CLASSES_ROOT\cdnforie.iehlprobj.1
HKEY_CLASSES_ROOT\CLSID\{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108}
HKEY_CLASSES_ROOT\clsid\{8cdcbba0-4be1-4199-8389-1b19ed41d3e8}
HKEY_CLASSES_ROOT\CLSID\{F5824EFB-728A-4726-A5A5-85A68B20EDC3}
HKEY_CLASSES_ROOT\interface\{5c3853cd-c7e0-4946-b3fa-1abdb6f48108}
HKEY_CLASSES_ROOT\interface\{9c991f1e-d6fe-4b74-b6ec-763ff528fae1}
HKEY_CLASSES_ROOT\interface\{f248ebab-d894-4682-80e3-f48aabf4b12d}
HKEY_CLASSES_ROOT\typelib\{5c3853ce-c7e0-4946-b3fa-1abdb6f48108}
HKEY_CLASSES_ROOT\typelib\{df571585-070d-4eb1-8b0e-99023f934fd4}
HKEY_CLASSES_ROOT\wmhlpr.wmevtsink
HKEY_CLASSES_ROOT\wmhlpr.wmevtsink.1
HKEY_CLASSES_ROOT\wmhlpr.wmhlprobj
HKEY_CLASSES_ROOT\wmhlpr.wmhlprobj.1
HKEY_LOCAL_MACHINE\software\cnnic
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5824EFB-728A-4726-A5A5-85A68B20EDC3}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\cdnclient
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\cdnprot
HKEY_CLASSES_ROOT\clsid\{35980f6e-a137-4e50-953d-813bb8556899}
HKEY_CLASSES_ROOT\clsid\{461a86f7-a29d-460a-80d5-52979aa6c46d}
HKEY_CLASSES_ROOT\clsid\{5c3853cf-c7e0-4946-b3fa-1abdb6f48108}
HKEY_CLASSES_ROOT\clsid\{9a578c98-3c2f-4630-890b-fc04196ef420}
HKEY_CLASSES_ROOT\clsid\{f5824efb-728a-4726-a5a5-85a68b20edc3}
HKEY_CLASSES_ROOT\cndniehelper.cndniehlprobj
HKEY_CLASSES_ROOT\interface\{475abcc3-d4cf-45d2-938a-a434fdc95b67}
HKEY_CLASSES_ROOT\interface\{951a869a-1003-4897-948f-d55e570871db}
HKEY_CLASSES_ROOT\interface\{bf0a2eb3-0704-45c6-90f4-9ebb1deb57fd}
HKEY_CLASSES_ROOT\mailparsersvr.inspectorhandler
HKEY_CLASSES_ROOT\mailparsersvr.mailparser
HKEY_CLASSES_ROOT\typelib\{01833110-7c51-4d41-a09f-69ef74606e5b}
HKEY_CLASSES_ROOT\typelib\{c24a5a5c-0874-4386-85c7-e669f90997a9}
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{5c3853cf-c7e0-4946-b3fa-1abdb6f48108}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{35980f6e-a137-4e50-953d-813bb8556899}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5c3853cf-c7e0-4946-b3fa-1abdb6f48108}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{f5824efb-728a-4726-a5a5-85a68b20edc3}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\cdn
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\cdntran
CDNHelper Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\extensions\cmdmapping
HKEY_CURRENT_USER\software\microsoft\internet explorer\extensions\cmdmapping
HKEY_CURRENT_USER\software\microsoft\internet explorer\extensions\cmdmapping
HKEY_CURRENT_USER\software\microsoft\internet explorer\extensions\cmdmapping
HKEY_CURRENT_USER\software\microsoft\internet explorer\extensions\cmdmapping
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\internet explorer\extensions\cmdmapping
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
CDNHelper indications of infection
This symptoms of CDNHelper detection are the files, registry, and network communication referenced in the technical details section.Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.
Also Be Aware of the Following Threats:
InCommand.67b Backdoor Removal instruction
Light.Boot.dr!Dropper Trojan Information
Removing Focalink.com Tracking Cookie
Removing Punisher Trojan
SysInf Trojan Removal instruction
Posts
No comments:
Post a Comment