Technical details:
Categories: BHO,Hijacker,Toolbar
[McAfee]FakeAlert-R.dll AutoSearch Files:
[%COMMON_APPDATA%]\AutoSearch.dll
[%PROFILE_TEMP%]\stdrun3.exe
[%WINDOWS%]\aff_0006.exe
[%APPDATA%]\AutoSearch.dll
[%SYSTEM%]\safesearch.dll
[%WINDOWS%]\AutoSearch.dll
[%WINDOWS%]\AutoSearchHelper.dll
[%WINDOWS%]\sibrwin07.exe
[%WINDOWS%]\system\safesearch.dll
[%COMMON_APPDATA%]\AutoSearch.dll
[%PROFILE_TEMP%]\stdrun3.exe
[%WINDOWS%]\aff_0006.exe
[%APPDATA%]\AutoSearch.dll
[%SYSTEM%]\safesearch.dll
[%WINDOWS%]\AutoSearch.dll
[%WINDOWS%]\AutoSearchHelper.dll
[%WINDOWS%]\sibrwin07.exe
[%WINDOWS%]\system\safesearch.dll
AutoSearch Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{00000000-0000-0000-0000-000000000001}
HKEY_CURRENT_USER\software\classes\autosearch.autosearchobj
HKEY_CURRENT_USER\software\classes\autosearch.autosearchobj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000000-0000-0000-0000-000000000001}
HKEY_CLASSES_ROOT\.wink
HKEY_CLASSES_ROOT\bhonew.bhoapp
HKEY_CLASSES_ROOT\bhonew.bhoapp.1
HKEY_CLASSES_ROOT\clsid\{00000000-0000-0000-0000-000000000001}
HKEY_CLASSES_ROOT\clsid\{1d3aea68-1602-4674-9552-f8f9309ee6e0}
HKEY_CLASSES_ROOT\dting file
HKEY_CLASSES_ROOT\iextensions.autosearch
HKEY_CLASSES_ROOT\iextensions.autosearch.1
HKEY_CLASSES_ROOT\interface\{3d11cbe7-1eee-4c8f-ab5c-a4cf7939f1f1}
HKEY_CLASSES_ROOT\interface\{d2735263-bb7c-4786-88d0-ed04886a8708}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-0000-0000-0000-000000000001}
HKEY_CLASSES_ROOT\typelib\{b7f3b034-329e-4373-a415-20bb0b03d053}
HKEY_CLASSES_ROOT\typelib\{c1947e81-7036-4ac8-ac09-906224f6f4fc}
HKEY_CLASSES_ROOT\wink file
HKEY_CURRENT_USER\autosearch.autosearchobj
HKEY_CURRENT_USER\autosearch.autosearchobj.1
HKEY_CURRENT_USER\clsid\{a55581dc-2cdb-4089-8878-71a080b22342}
HKEY_CURRENT_USER\software\classes\clsid\{a55581dc-2cdb-4089-8878-71a080b22342}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\clsid\{a55581dc-2cdb-4089-8878-71a080b22342}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-0000-0000-0000-000000000001}
AutoSearch Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_CURRENT_USER\software\microsoft\internet explorer\urlsearchhooks
HKEY_CURRENT_USER\software\microsoft\internet explorer\urlsearchhooks
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
AutoSearch indications of infection
This symptoms of AutoSearch detection are the files, registry, and network communication referenced in the technical details section.Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.
Also Be Aware of the Following Threats:
Removing MoneyTree.DyFuCA Trojan
Remove Hip Trojan
Remove SillyDl.BYH Trojan
Prodex Trojan Cleaner
Posts
No comments:
Post a Comment