Adware.OwlForce
Friday, 05 February 2010 19:16
Author: Aaron Harris
Adware.OwlForce
Adware.OwlForce displays advertisements on the infected computer
Discovered: February 1, 2010
Systems at Risk: Windows Operating Systems
Aliases: Adware.Websearch
The following files are created.
- %ProgramFiles%\Mozilla Firefox\extensions\{E7467507-DD40-4123-BE49-7B7DF5DB80C6}\chrome\content\OFoxb.xul
- %ProgramFiles%\Mozilla Firefox\extensions\{E7467507-DD40-4123-BE49-7B7DF5DB80C6}\chrome.manifest
- %ProgramFiles%\Mozilla Firefox\extensions\{E7467507-DD40-4123-BE49-7B7DF5DB80C6}\components\IFoxB.xpt
- %ProgramFiles%\Mozilla Firefox\extensions\{E7467507-DD40-4123-BE49-7B7DF5DB80C6}\components\OFoxB.dll
- %ProgramFiles%\Mozilla Firefox\extensions\{E7467507-DD40-4123-BE49-7B7DF5DB80C6}\install.rdf
- %ProgramFiles%\Ofb1\Ofb1.dll
- %ProgramFiles%\Ofb1\sites.ini
- %ProgramFiles%\Ofb1\Uninstall.exe
The following registry entries are created/modified.
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3E1500AC-87A5-416b-A211-82E848649DA9}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7467507-DD40-4123-BE49-7B7DF5DB80C6}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9504AE8F-1019-4258-A047-C04CCC5301E6}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C1BC108B-B3EF-4E18-8EE6-CF3C381E3783}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Ofb1
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Ofb1.1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E1500AC-87A5-416b-A211-82E848649DA9}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E1500AC-87A5-416B-A211-82E848649DA9}
Add this page to your favorite Social Bookmarking websites
| < Prev | Next > |
|---|