Virus: DR/MyWebSearch.AU Date discovered: 04/03/2008 Type: Dropper In the wild: No Reported Infections: Low Distribution Potential: Low Damage Potential: Low Static file: Yes File size: 5.115.904 Bytes MD5 checksum: 45a84b7590b49b5828d608fa06dff781 IVDF version: 7.00.02.226 - Tuesday, March 4, 2008
General Method of propagation: Alias: Platforms / OS: Side effects: Files %PROGRAM FILES% \MyWebSearch\bar\%PROGRAM FILES% \MyWebSearch\bar\1.bin\F3BKGERR.JPG; %PROGRAM%PROGRAM FILES% \MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST This is a non malicious text file with the following content:%PROGRAM FILES% \MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST This is a non malicious text file with the following content:%SYSDIR% \f3PSSavr.scr Further investigation pointed out that this file is malware, too. Detected as: ADSPY/MyWebSearch.BQ %PROGRAM FILES% \MyWebSearch\bar\1.bin\F3WPHOOK.DLL Further investigation pointed out that this file is malware, too. Detected as: ADSPY/MyWebSearch.A.50 %PROGRAM FILES% \MyWebSearch\bar\1.bin\M3PLUGIN.DLL Further investigation pointed out that this file is malware, too. Detected as: ADSPY/MyWebS.A.60.C %PROGRAM FILES% \MyWebSearch\bar\1.bin\M3SKIN.DLL Further investigation pointed out that this file is malware, too. Detected as: ADSPY/MyWebSearc.AD %PROGRAM FILES% \MyWebSearch\bar\1.bin\MWSBAR.DLL Further investigation pointed out that this file is malware, too. Detected as: ADSPY/MyWebSearc.BA %PROGRAM FILES% \MyWebSearch\bar\1.bin\MWSOEMON.EXE Further investigation pointed out that this file is malware, too. Detected as: ADSPY/MyWebS.A.60.A Registry %PROGRAM FILES% \MyWebSearch\bar\"%PROGRAM FILES% \MyWebSearch\bar\1.bin" File details Programming language: The malware program was written in MS Visual C++.
Description inserted by Thomas Wegele on Tuesday, March 11, 2008
Back
.
.
.
.
