ActualNames
ActualNames is an address bar search hijacker which targets IE, Netscape and AOL browsers. ActualNames seems to contain components to interfere with sending of e-mail from many softwares and web sites. Bundled with KazaaMate. Suspected also to be installed by ActiveX drive-by download from some pop-ups. ActualNames has the ability to update itself via the Internet. It includes the uninstaller.
File System Modifications
- The following files were created in the system:
# File Name 1 cliner.exe 2 finddll.dll 3 findservice.exe 4 mailbook.exe 5 mailbookproxy.dll 6 mydll.dll 7 nn7dll.dll 8 nndll.dll 9 spredirect.dll 10 unins000.exe 11 update.exe 12 updater.exe 13 updaterproxy.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}7197649B-548D-41C0-B2C1-45ED402594AHKEY_CLASSES_ROOTAdvSearch.AlarIT.LioN.UpdaterHKEY_CLASSES_ROOTAdvSearch.AlarIT.LioN.Updater.1HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunBrowseProxy - The following CLSID's were detected:
HKEY..\..\{CLSID Path}4CD051DD-AA90-4C5C-BD55-EA52969BE48B300D6635-E419-47E3-9642-6D73337684CDDEE456F3-A075-4F60-BEA0-8748D0917701B9CD23F0-086D-4190-9C04-FBFA1EA09FF892C7D65C-52F3-4545-8A35-213D730DB1ED80751B22-3FB8-4ED9-B029-E6F568BB48A833403499-E238-4F35-8F5A-7F53D24FF9E2
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.