Monday, February 2, 2009

WinADiscount Adware

Removing WinADiscount
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\winadiscount\cache\adwin.exe
[%PROGRAM_FILES%]\winadiscount\cache\bundle.cfg
[%PROGRAM_FILES%]\winadiscount\cache\combosearch_button_1.acs
[%PROGRAM_FILES%]\winadiscount\cache\eraser001.bmp
[%PROGRAM_FILES%]\winadiscount\cache\hide002.bmp
[%PROGRAM_FILES%]\winadiscount\cache\logo.bmp
[%PROGRAM_FILES%]\winadiscount\cache\movies001.bmp
[%PROGRAM_FILES%]\winadiscount\cache\popupblocker002.bmp
[%PROGRAM_FILES%]\winadiscount\cache\search013.bmp
[%PROGRAM_FILES%]\winadiscount\cache\searchresults.xsl
[%PROGRAM_FILES%]\winadiscount\cache\shopping004.bmp
[%PROGRAM_FILES%]\winadiscount\cache\sk.ini
[%PROGRAM_FILES%]\winadiscount\cache\skbho.dll
[%PROGRAM_FILES%]\winadiscount\cache\uninstall001.bmp
[%PROGRAM_FILES%]\winadiscount\cache\weather003.bmp
[%PROGRAM_FILES%]\winadiscount\cache\winadiscounttb0401.cfg
[%PROGRAM_FILES%]\winadiscount\toolbar.ini
[%PROGRAM_FILES%]\winadiscount\uninstall.exe
[%PROGRAM_FILES%]\winadiscount\winadiscount.dll
[%PROGRAM_FILES%]\winadiscount\cache\adwin.exe
[%PROGRAM_FILES%]\winadiscount\cache\bundle.cfg
[%PROGRAM_FILES%]\winadiscount\cache\combosearch_button_1.acs
[%PROGRAM_FILES%]\winadiscount\cache\eraser001.bmp
[%PROGRAM_FILES%]\winadiscount\cache\hide002.bmp
[%PROGRAM_FILES%]\winadiscount\cache\logo.bmp
[%PROGRAM_FILES%]\winadiscount\cache\movies001.bmp
[%PROGRAM_FILES%]\winadiscount\cache\popupblocker002.bmp
[%PROGRAM_FILES%]\winadiscount\cache\search013.bmp
[%PROGRAM_FILES%]\winadiscount\cache\searchresults.xsl
[%PROGRAM_FILES%]\winadiscount\cache\shopping004.bmp
[%PROGRAM_FILES%]\winadiscount\cache\sk.ini
[%PROGRAM_FILES%]\winadiscount\cache\skbho.dll
[%PROGRAM_FILES%]\winadiscount\cache\uninstall001.bmp
[%PROGRAM_FILES%]\winadiscount\cache\weather003.bmp
[%PROGRAM_FILES%]\winadiscount\cache\winadiscounttb0401.cfg
[%PROGRAM_FILES%]\winadiscount\toolbar.ini
[%PROGRAM_FILES%]\winadiscount\uninstall.exe
[%PROGRAM_FILES%]\winadiscount\winadiscount.dll

How to detect WinADiscount:

Files:
[%PROGRAM_FILES%]\winadiscount\cache\adwin.exe
[%PROGRAM_FILES%]\winadiscount\cache\bundle.cfg
[%PROGRAM_FILES%]\winadiscount\cache\combosearch_button_1.acs
[%PROGRAM_FILES%]\winadiscount\cache\eraser001.bmp
[%PROGRAM_FILES%]\winadiscount\cache\hide002.bmp
[%PROGRAM_FILES%]\winadiscount\cache\logo.bmp
[%PROGRAM_FILES%]\winadiscount\cache\movies001.bmp
[%PROGRAM_FILES%]\winadiscount\cache\popupblocker002.bmp
[%PROGRAM_FILES%]\winadiscount\cache\search013.bmp
[%PROGRAM_FILES%]\winadiscount\cache\searchresults.xsl
[%PROGRAM_FILES%]\winadiscount\cache\shopping004.bmp
[%PROGRAM_FILES%]\winadiscount\cache\sk.ini
[%PROGRAM_FILES%]\winadiscount\cache\skbho.dll
[%PROGRAM_FILES%]\winadiscount\cache\uninstall001.bmp
[%PROGRAM_FILES%]\winadiscount\cache\weather003.bmp
[%PROGRAM_FILES%]\winadiscount\cache\winadiscounttb0401.cfg
[%PROGRAM_FILES%]\winadiscount\toolbar.ini
[%PROGRAM_FILES%]\winadiscount\uninstall.exe
[%PROGRAM_FILES%]\winadiscount\winadiscount.dll
[%PROGRAM_FILES%]\winadiscount\cache\adwin.exe
[%PROGRAM_FILES%]\winadiscount\cache\bundle.cfg
[%PROGRAM_FILES%]\winadiscount\cache\combosearch_button_1.acs
[%PROGRAM_FILES%]\winadiscount\cache\eraser001.bmp
[%PROGRAM_FILES%]\winadiscount\cache\hide002.bmp
[%PROGRAM_FILES%]\winadiscount\cache\logo.bmp
[%PROGRAM_FILES%]\winadiscount\cache\movies001.bmp
[%PROGRAM_FILES%]\winadiscount\cache\popupblocker002.bmp
[%PROGRAM_FILES%]\winadiscount\cache\search013.bmp
[%PROGRAM_FILES%]\winadiscount\cache\searchresults.xsl
[%PROGRAM_FILES%]\winadiscount\cache\shopping004.bmp
[%PROGRAM_FILES%]\winadiscount\cache\sk.ini
[%PROGRAM_FILES%]\winadiscount\cache\skbho.dll
[%PROGRAM_FILES%]\winadiscount\cache\uninstall001.bmp
[%PROGRAM_FILES%]\winadiscount\cache\weather003.bmp
[%PROGRAM_FILES%]\winadiscount\cache\winadiscounttb0401.cfg
[%PROGRAM_FILES%]\winadiscount\toolbar.ini
[%PROGRAM_FILES%]\winadiscount\uninstall.exe
[%PROGRAM_FILES%]\winadiscount\winadiscount.dll

Folders:
[%PROGRAM_FILES%]\winadiscount\cache\newcfg

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{4961a993-7f48-4c50-a30e-d597ac571707}
HKEY_CURRENT_USER\software\winadiscount\config
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4961a993-7f48-4c50-a30e-d597ac571707}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4e7bd74f-2b8d-469e-87be-a334b786b339}

Registry Values:
HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-87be-a334b786b339}\inprocserver32
HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-87be-a334b786b33a}\inprocserver32
HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-87be-a334b786b33b}\inprocserver32
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\winadiscount
HKEY_CURRENT_USER\software\winadiscount
HKEY_CURRENT_USER\software\winadiscount
HKEY_CURRENT_USER\software\winadiscount
HKEY_CURRENT_USER\software\winadiscount
HKEY_CURRENT_USER\software\winadiscount
HKEY_CURRENT_USER\software\winadiscount
HKEY_CURRENT_USER\software\winadiscount
HKEY_CURRENT_USER\software\winadiscount
HKEY_CURRENT_USER\software\winadiscount
HKEY_CURRENT_USER\software\winadiscount
HKEY_CURRENT_USER\software\winadiscount
HKEY_CURRENT_USER\software\winadiscount
HKEY_CURRENT_USER\software\winadiscount\ages
HKEY_CURRENT_USER\software\winadiscount\ages
HKEY_CURRENT_USER\software\winadiscount\ages
HKEY_CURRENT_USER\software\winadiscount\options
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\winadiscount
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\winadiscount

Removing WinADiscount:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
INService.ja Downloader Removal instruction
toolband BHO Removal instruction
Remove Stealth.Web.Page.Recorder Spyware

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)