Updated: February 13, 2007 11:39:07 AM
Type: Spyware
Risk Impact: High
File Names: QWE0486.dll
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
When Spyware.Arau runs, it does the following:
- Creates the following registry keys:
HKEY_CLASSES_ROOT\QWE0486.QW0486
HKEY_CLASSES_ROOT\CLSID\{CF021F40-3E14-23A5-CBA2-717177650486}
HKEY_CLASSES_ROOT\Typelin\{CF021F40-3E14-23A5-CBA2-717177650486}
HKEY_CLASSES_ROOT\Interface\{CF021F40-3E14-23A5-CBA2-717177650486}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF021F40-3E14-23A5-CBA2-717177650486}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QWE0486.QW0486
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\Windows\CurrentVersion\Explorer\
Browser Helper Objects\{CF021F40-3E14-23A5-CBA2-717177650486}
- Sends information back to a server.
- Might download and execute files.
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
