AdWare.Win32.Kwsearchguide
AdWare.Win32.Kwsearchguide is a malicious adware program that displays banner adverts and sends personal user information to a central server where hackers can access it. AdWare.Win32.Kwsearchguide uses shareware and freeware programs to enter the computer system before creating havoc. Once AdWare.Win32.Kwsearchguide is active, the user can wave online privacy goodbye. AdWare.Win32.Kwsearchguide will monitor Internet activity and display extremely annoying popups and banners which falsely claim that the website the user is browsing is corrupt. AdWare.Win32.Kwsearchguide should immediately be terminated and not given any time to do its dirty work.
File System Modifications
- The following files were created in the system:
# File Name 1 %System%\kbd101b.dll 2 %System%\kbd101c.dll 3 %System%\kbd103.dll 4 %System%\kbd106.dll 5 %System%\kbdjpn.dll 6 %System%\kbdkor.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_CURRENT_USER\Software\Microsoft\CloverPlus\lst][HKEY_CURRENT_USER\Software\Microsoft\CloverPlus][HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International][HKEY_CURRENT_USER\Software\Microsoft\etcman]HKEY..\..\..\..{RegistryKeys}CLog00 = "4C7836A66BD689F7213A29639FBFA4CC9A50880F4BF69BB9"CLog01 = "8A8468F82C1C87D92B58A38DA1D5C705F23DF53D3CA3CDE7"CLog03 = "8A846DF74233DCCC57C4AC8F4BE3DBF1F03AFA103BA6E177"CLog04 = "8A7B6BED2A1902B6617AEF25598DB19FF833F33B52D9D8E4"CLog05 = "8A7B6CF42B1073C52B58A252ECCFB339DB875FA7632E63AA2DDD14B6099474F11854CEFE"CLog06 = "8A7BFC6486EA85C30669B18C4ED4C606813FF7463AA1E25C"CLog07 = "5075BFCA211BD9D5"CLog08 = "8A7B66F6581546B752A5F39660C2AF9DEA34F41453DED37407E22145D6E6BE756723970703F2BF"CLog09 = "8A7BF99B870003D052A5F2993D89B23AC732"CLog10 = "8A846CF436EA85C602559E88"CLog11 = "8A846CF4351AD5B3617AF352ECCFAE9EF98860A7652867E5"CLog12 = "8A7B66F62C0CD7B480AFEF86F0C2B23AF98141D855D8D7E1F05612B406C8C0ED0A523801D5F1C2756D99"CLog13 = "8A846AF258EA85C3305F9F94F6DDB49CC4855DA4489FD6AA"CLog14 = "8A7BFC64511B84D9305F9D884A88E10FE9354D15632E66AE01E22244D6C16FF1021A900CF022298AA8A53256B70A1CB6"CLog15 = "8A8468F835FF10D07BA8F25C3E85DCF4DD8F47D63BA6E1E9D8330C3EEFBC7CD9000CE103D70ACB5C61AD2A5EBD144A5E"CLog16 = "8A7B6EFE43048FD106699C2E"CLog17 = "8A846CF4580003B55360C58F4BE3DAF2DE3CFCE38D3064E2"FLog00 = "8A7BF99B871C87D92C5BA486F0C2B0A0C7824249489FD35D2CE818AAED9272CA67239718F4CCB750779A3347B6"FLog01 = "497203A02E087FCE547EA72EF53466B8BFAA8A407E2C9B51211A061A310C4CDE0D4419C2007CC3646CBD1ABE5A"FLog02 = "C5793B8F811AD6C57DB5A224EACF64ADF43600"FLog03 = "8A8466F681E679C7116AA22763F262EAF7875FCE582F63E5F437283AD7937180F01C230BEF263B8C7C9CB5507E"FLog04 = "8A8465EF581AD5B67BA8ED24668D650BF687"FLog05 = "8A7B65EF811AD5B32B589E86F0CBB19FF988"FLog06 = "8A8465EF2B1B84C4305FA4894DD9640CF5875F3E41A489AA2D06234FD90D537D09118504D80A31"FLog07 = "8A7B65EF2A3E11CF52A5F052ECCFB23AC68444A2642B68DFEE592446D9C16FF30E4ECD0BEF223C87B483B0C4BB2E4B209AA8EC24D866"FLog08 = "8A846BED810CD7B480AFEE53EFD6B19FF886"FLog09 = "432F14"FLog10 = "8A846DF72D128DDB5360C62E3893B6F6F38949103BA6CB782BE30C3EF1E78D7D0A52C804D80BC67161B0295E2C239074"FLog11 = "8A8465EF35EA85C62ED19D235F7FB59BF933F3A2652868DADD592446D9E6BE75F418E7F9FDF92780A7511E51C0"FLog12 = "8A8466F62B0003D07CABF325598CDDF3F18D"FLog13 = "8A7B67112CE576C7116A9924668CAF9DEA374F17462DD47726E416A8E1D8907D1854FA11"FLog14 = "475B37811C0243A80799A61E4A27"FLog15 = "8A7B6EFE2F02DDCB8A5DAA2E388AC9076E8A4AE08B365B7928E33AACE00E86670A526B16F2CC298AB59582C5E40BFEB2A01F0E0ED7833BA2C22CAE47E8206D4546115D915C7B7444E2695E139DECCC6EE02FE4A10696330ABA4C64FCBF796056"FLog16 = "8A7BFAA286E679DA0255A286F0CBAE9EEA88"FLog17 = "8A7BF55F7A0D7EB2116AA38C4ED4C8086F3FF74641A47CB1"FLog18 = "8A7B66F62C0F80E080AFEE2763F2DF0DCB87"FLog19 = "BD770497790686"FLog20 = "8A8465EF2B1B84D9305FA386F0CBB59BF9824249489FD3DFEE3712B406E58B750119CCFAFEF7BA5D84A8315653F6E865176BA96124F492529F"FLog21 = "8A7BFAA287E679DA2C5B99983A88B59BC58141D98F2A5AE92E4C085119A1B143AE1327B62FB6EE46C373F278737D55"FLog22 = "FE4DCC9421E86B6D1BC8523713EF4AE27E6B6B136DD07BC8FB13A91D50EB29C8FA22681B1F123EB9A6B1"FLog23 = "8A846DF72D02DDCB7DA6F3894DD9B59BC638503E41A489E1"FLog24 = "8A8466F6811649B7617AEF2763FBB49CC43AFA118B365EE5"FLog25 = "C15FCB8D482F28DA600F7F683DB3AB01DF8C9617ABA05B4C"FLog26 = "8A7B66F6581B84C47CABF355E9DCAF9DF88242D99134634C"FLog27 = "8A7B6AF23533DCC157C4C68D"FLog28 = "8A8465EF2BE972C32C5BA3894DD9B19FC671F14854DBD7AE010913FF099371F1000CF209ED291354A9A53256B63105B1931D1028CC8149A8D123723489CE5D954A216DC149CA824B"FLog29 = "8A8466F6370CD7B47FACF4894DD8B23AF83DF5CC57325FE7D62E0C3EF0BABAF21854FA0602F6CE"FLog30 = "8A7B6EFE43084BCD8A5DAA2E3893DCF4DC8D453C47A2E27928F50C3EF0BABAF21854FBEEDAF1C2750C99B6596940965E0C95E7271F16BC51C22CA74EFF2566DA5F3A6A0A54C3D69208C0480D0FF9CFA3E0"W2KLpk = 0x00000001bandtitle = "brainclan SM"ietitle = "brainclan SM"sidebar_loaddate = "10-27"value00 = "00-00-00-00-00-00"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.