Home Malware Programs Browser Hijackers Aqovd.com

Aqovd.com

Posted: May 29, 2015

Threat Metric

Ranking: 11,661
Threat Level: 5/10
Infected PCs: 12,191
First Seen: May 29, 2015
Last Seen: October 7, 2023
OS(es) Affected: Windows


Aqovd.com is a Web portal that features a search engine as well as a broad range of other widgets and features that some users may find useful. Aqovd.com offers its users quick access to the latest news stories, addictive Flash games, popular Web destinations, dating websites, and other potentially interesting pages. The page's interface is quite cluttered because of the large amount of content published there, as well as the numerous ads that Aqovd.com hosts, and that's why some users may experience Web browser performance issues when they visit this page. However, the most notable thing about Aqovd.com isn't its feature-rich interface, but the fact that this website is popularized with the help of browser hijackers.

The Aqovd.com browser hijacker is a small application whose sole purpose is to reconfigure your Web browser so that it displays Aqovd.com as your homepage, search engine and new tab page. The Aqovd.com hijacker also may check your Web browser's settings continuously, and correct them automatically if you attempt to remove Aqovd.com as your default setting. Often, users may have no idea that the hijacker is on their computers because this small application may utilize unfair marketing tricks to get into them. For example, software bundling is a commonly used technique that browser hijackers rely on for their distribution. Software bundles are something you may get when you download freeware and shareware applications, so we advise you to be extra cautious when installing these types of software because they may offer to install the Aqovd.com hijacker or other Potentially Unwanted Programs.

Removing the Aqovd.com browser hijacker is a task that you should handle with the assistance of a reputable anti-malware scanner. This is required because potent anti-malware utilities can fully terminate all of the hijacker's components, and prevent the annoying pest from tampering with your Web browser's settings again.

Aliases

PUA.Downloader [Symantec]

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%SYSTEMDRIVE%\Users\<username>\appdata\local\crsoft\crsvc.exe File name: crsvc.exe
Size: 185.8 KB (185800 bytes)
MD5: 0f86442b238f1c9ca69cb8d662deb05b
Detection count: 2,738
File type: Executable File
Mime Type: unknown/exe
Path: %SYSTEMDRIVE%\Users\<username>\appdata\local\crsoft\crsvc.exe
Group: Malware file
Last Updated: September 30, 2023

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{RegistryKeys}Software\Microsoft\Internet Explorer\DOMStorage\aqovd.comSoftware\Microsoft\Internet Explorer\DOMStorage\www.aqovd.comSOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\aqovd.comSOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.aqovd.comSYSTEM\Controlset001\Services\CrashhdSYSTEM\Controlset002\Services\CrashhdSYSTEM\CurrentControlSet\Services\Crashhd

Additional Information

The following directories were created:
%LOCALAPPDATA%\Crsoft
The following URL's were detected:
aqovd.com
Loading...