Updated: February 13, 2007 11:35:04 AM
Type: Adware
Risk Impact: High
File Names: syscm.exe,syscm_update.exe,msiinet.exe,obcbole.exe
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
When Adware.Vanish is executed, it performs the following actions:
- Modifies the default home page and search settings in Internet Explorer.
- Adds the value:
"syscm" = %original file path%
to the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- Accesses and downloads files from www.vanishonline.com, including executables, possibly to update itself.
Note: www.vanishonline.com did not appear to be a valid Web address at the time of this analysis.
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
