Home Malware Programs Browser Hijackers Abnow.com


Posted: January 27, 2012

Abnow.com Screenshot 1Abnow.com is a search engine website that uses its position to display advertisements, sponsored links and other forms of irrelevant results. This alone wouldn't be enough to make Abnow.com a threat to your PC, but, regrettably, Abnow.com has a history of being the destination page for web browser hijackers. Browser hijacks can result in your browser being redirected to Abnow.com or other types of equally questionable sites whenever you try to visit unrelated sites, such as reputable search engines. Spontaneous browser redirects to Abnow.com or any other website should be considered a symptom of attack by PC threats such as Trojans or rootkits and it's recommended that you scan your computer immediately after such an attack. Since redirects to Abnow.com can use baseline changes to your Windows Registry settings that will function in any type of web browser, it is not enough to cure an Abnow.com redirect problem by changing your browser or its settings.

Abnow.com – Abusing Your Trust of Search Engines for Pennies of Profi

Even though Abnow.com hasn't been rated as a directly malicious website, time spent on Abnow.com is generally wasted, since Abnow.com (contrary to its claims of providing free insurance quotes and other types of useful information) has a preference for providing links to associates that pay revenue back for the traffic that Abnow.com provides.

Recent attention has been given to Abnow.com due to its promotion by browser hijackers that redirect web browsers to Abnow.com from unrelated sites. Also, known as an Abnow.com redirect virus, although browser hijackers are rarely viruses, a browser hijacker for Abnow.com may trigger in Chrome, Internet Explorer, Firefox or any other brand of web browser and can utilize basic changes to your Registry settings, such as your Domain Name System, to force redirects at an OS level regardless of the software that you're using to surf the web. SpywareRemove.com malware experts warn that such browser hijackers can also cause other attacks, such as pop-ups, theft of cache-saved data or inaccurate error screens that block anti-malware websites.

Saying Farewell to Abnow.com and All of Its Friends

Redirects to Abnow.com may also be accompanied by redirects to similar types of non-meritorious search engines, particularly mediashifting.com and hooot.com. Since prolonged exposure to sites that Abnow.com and its associates promote may leave your PC open to other attacks, and since browser hijackers typically reduce the security of the web browsers that they attack, SpywareRemove.com malware researchers recommend that you remove any browser hijacker as soon as you first spot its redirects.

Ideal removal of browser hijackers involves the use of anti-malware products to scan your PC, reverse Windows Registry changes and detect all components of a hijack-capable PC threat without causing any damage to your OS. Manual deletion, although almost always possible, is rarely the most reliable way to get rid of a browser hijacker, unless it is done by a qualified expert in PC security.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Abnow.com may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%Windows%\system32\consrv.dll File name: %Windows%\system32\consrv.dll
File type: Dynamic link library
Mime Type: unknown/dll
%Windows%\system32\DRIVERS\mrxsmb.sys File name: %Windows%\system32\DRIVERS\mrxsmb.sys
File type: System file
Mime Type: unknown/sys

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Search\Gather\Windows\System Index\Crawls\ll@IsCatalogLevel 0SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4

One Comment

  • Deetta Marjan says:

    Another reason (not mentioned) is that the first user created can gain root privileges using their own password.