Technical details:
Categories: Trojan,Hijacker,Downloader
[Kaspersky]Trojan.Win32.StartPage.by,Trojan.Win32.StartPage.ci,Trojan.Win32.StartPage.fx;
[Panda]Adware/Popmon,Adware/SearchAid,Trojan Horse;
[Computer Associates]Win32.Winshow.D,Win32/Winshow.51712!DLL!Trojan CWS.IEFeats Folders:
[%APPDATA%]\iefeatsl
[%APPDATA%]\winzf
[%APPDATA%]\sysxd
CWS.IEFeats Files:
[%APPDATA%]\winshow\dict.dat
[%WINDOWS%]\application data\iefeatsl\msiesh.dll
[%WINDOWS%]\bipw.exe
[%APPDATA%]\winshow\dict.dat
[%WINDOWS%]\application data\iefeatsl\msiesh.dll
[%WINDOWS%]\bipw.exe
CWS.IEFeats Registry Keys:
HKEY_CLASSES_ROOT\clsid\{7a7ffd7b-4e13-d1d1-fa76-0910b513e4de}
HKEY_CLASSES_ROOT\clsid\{a5b6ede1-cc5a-b569-ab04-69ac5c0b7b59}
HKEY_CLASSES_ROOT\clsid\{e7efbca0-eab9-e4c5-50c3-79622a93478a}
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{e7efbca0-eab9-e4c5-50c3-79622a93478a}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{e7efbca0-eab9-e4c5-50c3-79622a93478a}
CWS.IEFeats Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
CWS.IEFeats indications of infection
This symptoms of CWS.IEFeats detection are the files, registry, and network communication referenced in the technical details section.Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.
Also Be Aware of the Following Threats:
ServU Trojan Cleaner
SearchGauge Tracking Cookie Cleaner
Removing Bancos.HTK Trojan
Posts
No comments:
Post a Comment