 |
Home
Articles
Spyware Research
Support
Scan Now
Purchase
F.A.Q.
Top 25 Spyware:
Glossary Latest Detections  |
 |
Trojan/Backdoor/Homepage Hijacker/AboutblankAlias: Win32/Mersting.B!DLL!Trojan, Trj/StartPage.FH, Trojan.Win32.StartPage.ix, Win32/StartPage.IX trojan, CWS.Aboutblank, About Blank
Description: Aboutblank is a member of the CoolWebSearch (CWS) spyware family that includes some of the most widely known and the most annoying browser hijackers. Aboutblank hijacks home page, address bar and default search engine of your Internet Explorer browser. Aboutblank captures your search and address requests and redirects them to various IP addresses and it prevents you from changing Internet Explorer's home page or default search engine. Aboutblank may also install other executable programs or browser helper objects that slow down your Internet connection and consume system resources. It distributes itself by exploiting security holes in older or unpatched versions of Internet Explorer. Threat type: Backdoor - A Backdoor is an undocumented or secret means that can be used to obtain unauthorized access to your computer, or a malicious program that uses such a means to penetrate a computer system. Backdoor applications exploit vulnerabilities of installed programs or operating system and allow attackers to gain control over your computer system. Backdoor works in the background and hides from the user. It is always a high security risk. Homepage Hijacker - A Homepage Hijacker is a software application that takes control over your browser's settings. Usually it changes your home page and redirects it to some other site or modifies your search settings. It prevents you to change browser's settings. In such hijacks, your browser may operate normally, but be much slower. Search Hijacker - A Search Hijacker is a software application that takes control of your browser's default search engine. The search results may not necessarily be the best fit as those usually come from paid advertisements, as issued to you by the Hijacker authors. Search hijackers prevent you from changing your browser's default search engine, and they tend to slow down PC performance. Trojan - A Trojans or Trojan Horse is any programs that installs itself secretly, quite often with sinister intent. Once installed, the trojan author (hacker) can gain complete control of the infected PC. Trojans are usually designed to steal sensitive information and/or destroy the system. Trojans can be distributed as unsolicited email attachments, or bundled with freeware and shareware programs. Advice: Remove This is a very high risk threat and should be removed immediately as to prevent harm to your computer or your privacy. Detection: SpyNoMore detects Trojan/Backdoor/Homepage Hijacker/Aboutblank: Yes Threat risk: Very High Risk  Extremely dangerous malware. Uses stealth installation, randomly named entries and has the capability to self update or resurrect after incomplete removal. Almost impossible to remove manually. Category mostly consists of trojans and spyware. Symptoms: Trojan/Backdoor/Homepage Hijacker/Aboutblank protects itself from security software. Trojan/Backdoor/Homepage Hijacker/Aboutblank hides from the user and stays resident in background. Trojan/Backdoor/Homepage Hijacker/Aboutblank displays commercial advertisements. Trojan/Backdoor/Homepage Hijacker/Aboutblank changes browser settings. Trojan/Backdoor/Homepage Hijacker/Aboutblank connects itself to the internet. Trojan/Backdoor/Homepage Hijacker/Aboutblank may install other software.
Running Process Signatures: N/A File Signatures: %WINDOWS%\system\achpjba.dll %WINDOWS%\system\wdm.dll %WINDOWS%\system32\cbme.dll %WINDOWS%\svhost.exe %WINDOWS%\system32\xea2108l.9zt Registered Dll (Dynamic Link Library) Signatures: N/A Folder Signatures: N/A Registry Signatures: HKCR\clsid\{06abaa2d-34ab-4902-a326-409bd9b9a7a5} SpyNoMore Collected Residual File Signatures: N/A
| | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| ||||
|
||||
 |
|
 | ||