Home / malware Adware:Win32/Admoke
First posted on 31 August 2011.
Source: SecurityHomeAliases :
Adware:Win32/Admoke is also known as Adware BHO.B (AVG), Trojan.Tunovitu.4 (Dr.Web), Win32/BHO.ODC trojan (ESET), Adware.Admoke (Ikarus).
Explanation :
Adware:Win32/Admoke is a DLL file that is installed as a Browser Helper Object (BHO). It is capable of displaying advertisements.
Top
Adware:Win32/Admoke is a DLL file that is installed as a Browser Helper Object (BHO). It is capable of displaying advertisements.
Adware:Win32/Admoke is installed as a BHO with the name "axc" by the creation of certain registry keys, for example:
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC01FC6C-6E29-71D8-DE1C-CDD6252D4289}
- HKCR\CLSID\{CC01FC6C-6E29-71D8-DE1C-CDD6252D4289}
Note that the format of the CLSID is {CC01FC6C-<string>}.
Adware:Win32/Admoke connects to the domain "cjnovt.com" to display advertisements on the computer.
Analysis by Stefan Sellmer
Last update 31 August 2011
