Adware.BigTrafficNet

Printer Friendly Page

Updated: February 13, 2007 11:44:00 AM

Type: Adware

Publisher: BigTrafficNetwork

Risk Impact: Medium

File Names: ns[RANDOM CHARACTERS].dll

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

When Adware.BigTrafficNet is installed, it does the following:

Creates some or all of the following files:
- %System%\ns[random characters].dll
- %UserProfile%\Desktop\Free Xbox 360.url
- %UserProfile%\Desktop\Free Sony PS3.url
- %UserProfile%\Desktop\Kill All Spyware.url
- %UserProfile%\Desktop\Kill Spyware.url
- %UserProfile%\Desktop\Spyware Killer.url
- %UserProfile%\Desktop\Sexsearch.url
- %UserProfile%\Desktop\Virus Hunter.url
- %UserProfile%\Favorites\1111\1111.url
  
  Note:
- %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
- %UserProfile% is a variable that refers to the current user's profile folder. By default, this is C:\Documents and Settings\[Current User] (Windows NT/2000/XP).
Creates the following registry subkeys and adds a number of entries under these subkeys:

HKEY_CURRENT_USER\Software\[.dll file name] HKEY_CLASSES_ROOT\btnetw.amo HKEY_CLASSES_ROOT\btnetw.amo.1 HKEY_CLASSES_ROOT\btnetw.iiittt HKEY_CLASSES_ROOT\btnetw.iiittt.1 HKEY_CLASSES_ROOT\btnetw.momo HKEY_CLASSES_ROOT\btnetw.momo.1 HKEY_CLASSES_ROOT\btnetw.ohb HKEY_CLASSES_ROOT\btnetw.ohb.1 HKEY_CLASSES_ROOT\CLSID\{9ADE0443-2AB2-4B23-A3F8-AC520773DE12} HKEY_CLASSES_ROOT\CLSID\{BC54B24C-5A97-4C19-9181-8B8A05B2E931} HKEY_CLASSES_ROOT\CLSID\{BD9584EF-C28C-4F6D-8D49-0CEE3C0E442F} HKEY_CLASSES_ROOT\CLSID\{C7888681-1A83-4C14-B9A5-95F91240B44F} HKEY_CLASSES_ROOT\Interface\{15D53B86-E055-43B1-BBEE-A91A0F37BD2A} HKEY_CLASSES_ROOT\Interface\{6B882C34-A832-4F5B-BEF1-7E198BE3F094}HKEY_CLASSES_ROOT\Interface\{32A9D21F-F510-44DC-9EA6-0456EDA04668}HKEY_CLASSES_ROOT\Interface\{4562B6F3-DAF8-464E-87B7-5464575F0D6A}HKEY_CLASSES_ROOT\Interface\{C93CC79D-02D5-45B0-BE39-7F5B0E5DDA31}HKEY_CLASSES_ROOT\Interface\{DA4B919F-B757-4E32-8D79-DEC5C2704C4B}HKEY_CLASSES_ROOT\Interface\{9B6B4031-1D6D-4C65-ACBA-021916853822} HKEY_CLASSES_ROOT\Interface\{9FF60A27-0C0C-4A6A-A15F-B21B644D67BB} HKEY_CLASSES_ROOT\Interface\{F3C41C1D-22F1-4692-8A7A-88DE70A2E9E2} HKEY_CLASSES_ROOT\Interface\{FA6FA7A5-2C49-4567-BA74-6DD1C36099EE} HKEY_CLASSES_ROOT\TypeLib\{BF56BE6A-0AEA-45F3-8B10-7312876584A8}HKEY_CLASSES_ROOT\TypeLib\{DA15C9A2-C30A-4761-922A-5DFE7C9A1F67}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ADE0443-2AB2-4B23-A3F8-AC520773DE12}
Downloads pop-up advertisements from the www.bigtrafficnetwork.com domain displays them.
Downloads remote files from the www.bigtrafficnetwork.com domain. The following files may be downloaded:
- dsktrf.dll (A copy of Adware.Begin2search.)
- thin_poker_installerV36.exe (A copy of Trojan.Dropper.)
- installerv3.exe( A copy of Spyware.SafeSurfing.)
- thin-94-1-x-x.exe(A copy of Adware.BetterInternet)

Removal

Summary

Search Threats

Search by name

_{Example: W32.Beagle.AG@mm}