||||
Symantec.com > Security Response > Threats and Risks > Adware.Adstation
PRINT THIS PAGE

Adware.Adstation

Printer Friendly Page

Updated: February 13, 2007 11:44:29 AM
Type: Adware
Risk Impact: Low
File Names: adstation.exe adshook.dll
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP


When Adware.Adstation runs, it performs the following actions:
  1. Downloads configuration files and updates to itself from the www.2pari.co.kr domain.

  2. Creates the folder %System%\adstation

    Note: %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).

  3. Creates the following files in the %System%\adstation folder:

    • logo.bmp
    • go.bmp
    • icon.bmp
    • menu.dat
    • adshook.dll

  4. Loads the file adshook.dll, which may monitor Web sites visited.

  5. Creates the registry subkey:

    HKEY_LOCAL_MACHINE\SOFTWARE\ADNCommunication\AdStation
  6. Downloads and displays adware on the compromised computer.


Search by name
Example: W32.Beagle.AG@mm
Windows 7
Windows Vista Security
©1995 - 2009 Symantec Corporation
Site Map|
Legal Notices|
Privacy Policy|
|
Contact Us|
Global Sites|
License Agreements|
RSS