CoolSavings Adware

CoolSavings virus description
Technical details:
Categories: Adware

CoolSavings Folders:
[%PROFILE_TEMP%]\coolcache

CoolSavings Files:
[%PROFILE_TEMP%]\CoolCache\Piggy.CGD
[%WINDOWS%]\downloaded program files\cpnmgr.dll
[%WINDOWS%]\TEMP\CoolCache\Piggy.CGD
[%PROFILE_TEMP%]\CoolCache\Piggy.CGD
[%WINDOWS%]\downloaded program files\cpnmgr.dll
[%WINDOWS%]\TEMP\CoolCache\Piggy.CGD

CoolSavings Registry Keys:
HKEY_CLASSES_ROOT\clsid\{549f957e-2f89-11d6-8cfe-00c04f52b225}
HKEY_CLASSES_ROOT\cpnmgr.cmv5
HKEY_CLASSES_ROOT\cpnmgr.cmv5.3
HKEY_CLASSES_ROOT\interface\{549f957d-2f89-11d6-8cfe-00c04f52b225}
HKEY_CLASSES_ROOT\interface\{549f957f-2f89-11d6-8cfe-00c04f52b225}
HKEY_CLASSES_ROOT\typelib\{549f9571-2f89-11d6-8cfe-00c04f52b225}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{549F957E-2F89-11D6-8CFE-00C04F52B225}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:\windows\downloaded program files\cpnmgr.dll
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{549f957e-2f89-11d6-8cfe-00c04f52b225}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]\downloaded program files\cpnmgr.dll

CoolSavings Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/winnt/downloaded program files/cpnmgr.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/downloaded program files/cpnmgr.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/downloaded program files/cpnmgr.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls

CoolSavings indications of infection

This symptoms of CoolSavings detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Comasp.V472 RAT Removal instruction
Pigeon.AVCP Trojan Removal

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)