1. /
  2. Security Response/
  3. Adware.NewWeb

Adware.NewWeb

Updated:
February 13, 2007 11:49:46 AM
Type:
Adware
Risk Impact:
Medium
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

When Adware.NewWeb is executed, it performs the following actions:
  1. Creates the following file:

    %System%\winsc.dll

    Note: %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).

  2. Creates the following registry subkeys:

    HKEY_LOCAL_MACHINE\SOFTWARE\SCIntruder
    HKEY_CLASSES_ROOT\AppID\SCIntruder.DLL
    HKEY_CLASSES_ROOT\AppID\{35A69597-0E2A-4100-A394-C6F6FC2535B9}
    HKEY_CLASSES_ROOT\CLSID\{0D8CA512-282E-4E3F-8970-F5EE879AF7FC}
    HKEY_CLASSES_ROOT\CLSID\{566CB5F7-D9FA-4B01-8A1A-168F706CBE41}
    HKEY_CLASSES_ROOT\CLSID\{86DC8694-AACC-4CE6-B8EC-A75DEEDA698D}
    HKEY_CLASSES_ROOT\CLSID\{9ACEEE30-143F-471A-AA45-72B061FE7D60}
    HKEY_CLASSES_ROOT\CLSID\{C5668031-4BDE-43D4-8766-8E9AAC16C56E}
    HKEY_CLASSES_ROOT\CLSID\{DED96F80-2B97-407C-8E09-D7233448753F}
    HKEY_CLASSES_ROOT\Interface\{172754B5-06E9-49D4-B1E0-7D821E23C5E8}
    HKEY_CLASSES_ROOT\Interface\{1B631EF9-EBD4-4828-ABB2-1AFB96E2EA4E}
    HKEY_CLASSES_ROOT\Interface\{36F305A9-4451-4FDF-9274-28F21E2A2F14}
    HKEY_CLASSES_ROOT\Interface\{B513A7FC-BC53-4077-ABE3-5BD321AF651D}
    HKEY_CLASSES_ROOT\Interface\{BCC53A8C-67A7-4E8F-B971-D4668D1A7423}
    HKEY_CLASSES_ROOT\Interface\{C88FD25F-8D53-4E99-AEA0-18F22801CE8C}
    HKEY_CLASSES_ROOT\Interface\{D1F6E94E-8EA1-4EC8-914C-138BC55AE104}
    HKEY_CLASSES_ROOT\NewWebController.Intruder
    HKEY_CLASSES_ROOT\NewWebController.Intruder.1
    HKEY_CLASSES_ROOT\SCIntruder.DocumentEventsHandler
    HKEY_CLASSES_ROOT\SCIntruder.DocumentEventsHandler.1
    HKEY_CLASSES_ROOT\SCIntruder.Magazines
    HKEY_CLASSES_ROOT\SCIntruder.Magazines.1
    HKEY_CLASSES_ROOT\SCIntruder.Service
    HKEY_CLASSES_ROOT\SCIntruder.Service.1
    HKEY_CLASSES_ROOT\SCIntruder.Settings
    HKEY_CLASSES_ROOT\SCIntruder.Settings.1
    HKEY_CLASSES_ROOT\SCIntruder.WindowEventsHandler
    HKEY_CLASSES_ROOT\SCIntruder.WindowEventsHandler.1
    HKEY_CLASSES_ROOT\TypeLib\{5CD75223-E010-4BE9-9027-7A53533EA4F6}
    HKEY_LOCAL_MACHINE\SOFTWARE\SCIntruder
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
    \Browser Helper Objects\{9ACEEE30-143F-471A-AA45-72B061FE7D60}

Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver