Saturday, January 31, 2009

Search.Assistant Adware

Removing Search.Assistant
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Search.Assistant Also known as:

[Panda]Adware/BlazeFind
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\WindowsSA\LIBCURL.dll
[%PROGRAM_FILES%]\WindowsSA\omniscient.exe
[%PROGRAM_FILES%]\WindowsSA\OmniscientHook.dll
[%SYSTEM%]\wsaupdater.exe
[%WINDOWS%]\cerbmod.dll
[%PROGRAM_FILES%]\WindowsSA\LIBCURL.dll
[%PROGRAM_FILES%]\WindowsSA\omniscient.exe
[%PROGRAM_FILES%]\WindowsSA\OmniscientHook.dll
[%SYSTEM%]\wsaupdater.exe
[%WINDOWS%]\cerbmod.dll

How to detect Search.Assistant:

Files:
[%PROGRAM_FILES%]\WindowsSA\LIBCURL.dll
[%PROGRAM_FILES%]\WindowsSA\omniscient.exe
[%PROGRAM_FILES%]\WindowsSA\OmniscientHook.dll
[%SYSTEM%]\wsaupdater.exe
[%WINDOWS%]\cerbmod.dll
[%PROGRAM_FILES%]\WindowsSA\LIBCURL.dll
[%PROGRAM_FILES%]\WindowsSA\omniscient.exe
[%PROGRAM_FILES%]\WindowsSA\OmniscientHook.dll
[%SYSTEM%]\wsaupdater.exe
[%WINDOWS%]\cerbmod.dll

Folders:
[%PROGRAM_FILES%]\windowssa

Registry Keys:
HKEY_CLASSES_ROOT\appid\searchhelp.dll
HKEY_CLASSES_ROOT\clsid\{0f9561d0-03b2-44a3-89a6-e95e417cba25}
HKEY_CLASSES_ROOT\interface\{491be5b7-a7f8-40ec-aad4-cba11fdfd814}
HKEY_CLASSES_ROOT\searchhelp
HKEY_CLASSES_ROOT\typelib\{29358aa6-679d-44ea-8a51-59a3c6e6f811}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{0f9561d0-03b2-44a3-89a6-e95e417cba25}

Registry Values:
HKEY_CURRENT_USER\software\microsoft\search assistant
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\microsoft\search assistant
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Search.Assistant:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Bancos.HHD Trojan Information
Bigbot Backdoor Information
StartPage.cy Hijacker Cleaner
Vxidl.AQX Trojan Cleaner

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)