Computer Protect Virus: CWS.Feads Trojan

CWS.Feads description:
CWS.Feads Category:Trojan,BHO,Hijacker
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.

Detection CWS.Feads :

CWS.Feads Files:
[%APPDATA%]\iefeatsl\dict.dat
[%APPDATA%]\winfj\dict.dat
[%APPDATA%]\winme\dict.dat
[%SYSTEM%]\addgp32.exe
[%SYSTEM%]\addwh32.exe
[%SYSTEM%]\adfft.txt
[%SYSTEM%]\aohov.log
[%SYSTEM%]\aommy.txt
[%SYSTEM%]\apioe.exe
[%SYSTEM%]\atlhy.exe
[%SYSTEM%]\awwvy.log
[%SYSTEM%]\bdkdx.txt
[%SYSTEM%]\bktfo.txt
[%SYSTEM%]\bmyri.txt
[%SYSTEM%]\bowjv.txt
[%SYSTEM%]\cfkia.dat
[%SYSTEM%]\couyd.log
[%SYSTEM%]\crcz.exe
[%SYSTEM%]\d3ul32.exe
[%SYSTEM%]\dfbfs.log
[%SYSTEM%]\dglgj.log
[%SYSTEM%]\dlnru.log
[%SYSTEM%]\eawhw.log
[%SYSTEM%]\eclnt.txt
[%SYSTEM%]\efqax.log
[%SYSTEM%]\eqcrd.dat
[%SYSTEM%]\erdqz.txt
[%SYSTEM%]\ezdwa.dat
[%SYSTEM%]\ezvoc.txt
[%SYSTEM%]\fdvph.log
[%SYSTEM%]\fintt.log
[%SYSTEM%]\fvnrq.dat
[%SYSTEM%]\fwicc.dat
[%SYSTEM%]\gjmee.log
[%SYSTEM%]\glplp.log
[%SYSTEM%]\goynk.log
[%SYSTEM%]\hfjzc.txt
[%SYSTEM%]\hhhdz.dat
[%SYSTEM%]\hozyc.log
[%SYSTEM%]\hpsek.txt
[%SYSTEM%]\inyky.dat
[%SYSTEM%]\iscez.log
[%SYSTEM%]\jgomu.log
[%SYSTEM%]\jiart.dat
[%SYSTEM%]\jjrqh.log
[%SYSTEM%]\klvpu.dat
[%SYSTEM%]\krand.txt
[%SYSTEM%]\kzffk.log
[%SYSTEM%]\ldwtz.dat
[%SYSTEM%]\lfxis.log
[%SYSTEM%]\lgtzx.txt
[%SYSTEM%]\ljzqk.log
[%SYSTEM%]\mfcgt32.exe
[%SYSTEM%]\mkige.dat
[%SYSTEM%]\mscta.dat
[%SYSTEM%]\mssz32.dll
[%SYSTEM%]\ndyyl.dat
[%SYSTEM%]\nhbng.txt
[%SYSTEM%]\nvssc.dat
[%SYSTEM%]\oiasz.txt
[%SYSTEM%]\omqqj.dat
[%SYSTEM%]\pztgn.log
[%SYSTEM%]\qzoyb.log
[%SYSTEM%]\raqwn.txt
[%SYSTEM%]\revoc.dat
[%SYSTEM%]\rhgja.dat
[%SYSTEM%]\ripvz.txt
[%SYSTEM%]\rlaog.dat
[%SYSTEM%]\rnmzx.log
[%SYSTEM%]\rpvvi.txt
[%SYSTEM%]\rtfvz.dat
[%SYSTEM%]\rxyca.log
[%SYSTEM%]\ryesf.dat
[%SYSTEM%]\sauoj.txt
[%SYSTEM%]\sbcuo.log
[%SYSTEM%]\sdkly.exe
[%SYSTEM%]\sqctm.dat
[%SYSTEM%]\tddhm.dat
[%SYSTEM%]\tfgzc.log
[%SYSTEM%]\ubahb.log
[%SYSTEM%]\ucxpp.dat
[%SYSTEM%]\ufaym.dat
[%SYSTEM%]\ugigk.log
[%SYSTEM%]\ugonv.log
[%SYSTEM%]\uhrko.dat
[%SYSTEM%]\uisod.log
[%SYSTEM%]\uophl.log
[%SYSTEM%]\uqsha.log
[%SYSTEM%]\vjeal.dat
[%SYSTEM%]\vwzsr.log
[%SYSTEM%]\vzscc.dat
[%SYSTEM%]\wcowo.dat
[%SYSTEM%]\wkakg.log
[%SYSTEM%]\wllfk.log
[%SYSTEM%]\wpsmg.txt
[%SYSTEM%]\xknze.txt
[%SYSTEM%]\xnrfk.log
[%SYSTEM%]\xqtce.txt
[%SYSTEM%]\xvlik.dat
[%SYSTEM%]\ybbaj.log
[%SYSTEM%]\ygtle.log
[%SYSTEM%]\ykiyh.txt
[%SYSTEM%]\zfgjh.log
[%SYSTEM%]\znctv.log
[%SYSTEM%]\zslxx.log
[%SYSTEM%]\zyqxy.txt
[%WINDOWS%]\appwn32.exe
[%WINDOWS%]\atlfs32.exe
[%WINDOWS%]\bbgwx.log
[%WINDOWS%]\bpyas.log
[%WINDOWS%]\bwstm.txt
[%WINDOWS%]\ckypp.dat
[%WINDOWS%]\clnhn.log
[%WINDOWS%]\cnkqf.log
[%WINDOWS%]\crlso.log
[%WINDOWS%]\d3fd32.exe
[%WINDOWS%]\d3nr32.exe
[%WINDOWS%]\d3zg.exe
[%WINDOWS%]\dalyo.dat
[%WINDOWS%]\ddadp.log
[%WINDOWS%]\dgsff.dat
[%WINDOWS%]\dmmsb.dat
[%WINDOWS%]\dtohl.txt
[%WINDOWS%]\fdhvb.log
[%WINDOWS%]\fennc.log
[%WINDOWS%]\fkdrw.log
[%WINDOWS%]\flqex.dat
[%WINDOWS%]\ftktd.txt
[%WINDOWS%]\ggdhy.txt
[%WINDOWS%]\ipyx32.exe
[%WINDOWS%]\iucpn.log
[%WINDOWS%]\iummc.txt
[%WINDOWS%]\jhpmo.dat
[%WINDOWS%]\jpvge.log
[%WINDOWS%]\jrqdr.log
[%WINDOWS%]\kbplj.txt
[%WINDOWS%]\klksa.txt
[%WINDOWS%]\kvhyp.dat
[%WINDOWS%]\kwsaj.dat
[%WINDOWS%]\lapui.txt
[%WINDOWS%]\lobuc.log
[%WINDOWS%]\lqbxv.log
[%WINDOWS%]\lrhkn.log
[%WINDOWS%]\lricy.dat
[%WINDOWS%]\lydcd.log
[%WINDOWS%]\lyycb.dat
[%WINDOWS%]\mfcbm32.dll
[%WINDOWS%]\mfckb.exe
[%WINDOWS%]\mszv32.exe
[%WINDOWS%]\muhjl.txt
[%WINDOWS%]\nfhrc.log
[%WINDOWS%]\nlirs.log
[%WINDOWS%]\ntyk32.exe
[%WINDOWS%]\nytvk.dat
[%WINDOWS%]\ofiba.dat
[%WINDOWS%]\olvyg.dat
[%WINDOWS%]\opgyo.log
[%WINDOWS%]\oydyt.txt
[%WINDOWS%]\pbytl.dat
[%WINDOWS%]\pdrpv.log
[%WINDOWS%]\pejxt.log
[%WINDOWS%]\pfoze.log
[%WINDOWS%]\pnvrq.txt
[%WINDOWS%]\poqsm.log
[%WINDOWS%]\pqjkb.txt
[%WINDOWS%]\qdsqq.dat
[%WINDOWS%]\qtine.txt
[%WINDOWS%]\qvnmd.txt
[%WINDOWS%]\rkhzp.log
[%WINDOWS%]\rlnwf.txt
[%WINDOWS%]\rlvtj.txt
[%WINDOWS%]\rzawn.txt
[%WINDOWS%]\scfcy.txt
[%WINDOWS%]\srqob.dat
[%WINDOWS%]\svmvw.log
[%WINDOWS%]\techt.txt
[%WINDOWS%]\tiche.dat
[%WINDOWS%]\ucmys.dat
[%WINDOWS%]\ufaje.txt
[%WINDOWS%]\umipt.log
[%WINDOWS%]\unomh.log
[%WINDOWS%]\usyjr.log
[%WINDOWS%]\vtonz.log
[%WINDOWS%]\wcaws.log
[%WINDOWS%]\wqhfc.txt
[%WINDOWS%]\xedxk.txt
[%WINDOWS%]\xkqgy.log
[%WINDOWS%]\xlqip.txt
[%WINDOWS%]\xuyvq.dat
[%WINDOWS%]\zcflt.dat
[%WINDOWS%]\zpyis.log
[%WINDOWS%]\zrddf.dat
[%WINDOWS%]\zuuud.dat
[%WINDOWS%]\zvrqw.log
[%WINDOWS%]\zwlha.txt
[%WINDOWS%]\zxgoa.txt
[%WINDOWS%]\zytoa.txt
[%SYSTEM%]\adddx.dll
[%SYSTEM%]\apica.exe
[%SYSTEM%]\apivy.exe
[%SYSTEM%]\appio.exe
[%SYSTEM%]\appis32.exe
[%SYSTEM%]\appjc32.exe
[%SYSTEM%]\appoe32.exe
[%SYSTEM%]\atlkt32.exe
[%SYSTEM%]\atlpv32.exe
[%SYSTEM%]\crby32.exe
[%SYSTEM%]\crko.exe
[%SYSTEM%]\crsw32.exe
[%SYSTEM%]\d3fm.exe
[%SYSTEM%]\d3gj.exe
[%SYSTEM%]\iefi.exe
[%SYSTEM%]\iefy.exe
[%SYSTEM%]\ieug32.exe
[%SYSTEM%]\iewe32.exe
[%SYSTEM%]\ipgs.exe
[%SYSTEM%]\iphj32.exe
[%SYSTEM%]\ippy.exe
[%SYSTEM%]\ipst32.exe
[%SYSTEM%]\mfcqc32.exe
[%SYSTEM%]\mfcuo.exe
[%SYSTEM%]\msph32.exe
[%SYSTEM%]\netjh32.exe
[%SYSTEM%]\ntdx.exe
[%SYSTEM%]\sdkdh.exe
[%SYSTEM%]\sdkhb32.exe
[%SYSTEM%]\winga.exe
[%SYSTEM%]\winlo.exe
[%SYSTEM%]\winns32.exe
[%SYSTEM%]\winyw32.exe
[%WINDOWS%]\addkc32.exe
[%WINDOWS%]\apiac.exe
[%WINDOWS%]\apifb.exe
[%WINDOWS%]\apigj.exe
[%WINDOWS%]\apijn32.exe
[%WINDOWS%]\apivt.exe
[%WINDOWS%]\appsh.exe
[%WINDOWS%]\atlrl32.dll
[%WINDOWS%]\crvl.exe
[%WINDOWS%]\d3cq.exe
[%WINDOWS%]\d3fl32.exe
[%WINDOWS%]\d3ue.exe
[%WINDOWS%]\ipog.dll
[%WINDOWS%]\mfcui32.exe
[%WINDOWS%]\msnc32.exe
[%WINDOWS%]\ntwg.exe
[%WINDOWS%]\ntwn.exe
[%WINDOWS%]\ntyo32.exe
[%WINDOWS%]\sdkev.exe
[%WINDOWS%]\sdkrr32.exe
[%WINDOWS%]\sysea.exe
[%WINDOWS%]\sysjq.exe
[%WINDOWS%]\syskr.exe
[%WINDOWS%]\syslr.exe
[%WINDOWS%]\winmc.exe
[%WINDOWS%]\winnj32.exe
[%APPDATA%]\iefeatsl\dict.dat
[%APPDATA%]\winfj\dict.dat
[%APPDATA%]\winme\dict.dat
[%SYSTEM%]\addgp32.exe
[%SYSTEM%]\addwh32.exe
[%SYSTEM%]\adfft.txt
[%SYSTEM%]\aohov.log
[%SYSTEM%]\aommy.txt
[%SYSTEM%]\apioe.exe
[%SYSTEM%]\atlhy.exe
[%SYSTEM%]\awwvy.log
[%SYSTEM%]\bdkdx.txt
[%SYSTEM%]\bktfo.txt
[%SYSTEM%]\bmyri.txt
[%SYSTEM%]\bowjv.txt
[%SYSTEM%]\cfkia.dat
[%SYSTEM%]\couyd.log
[%SYSTEM%]\crcz.exe
[%SYSTEM%]\d3ul32.exe
[%SYSTEM%]\dfbfs.log
[%SYSTEM%]\dglgj.log
[%SYSTEM%]\dlnru.log
[%SYSTEM%]\eawhw.log
[%SYSTEM%]\eclnt.txt
[%SYSTEM%]\efqax.log
[%SYSTEM%]\eqcrd.dat
[%SYSTEM%]\erdqz.txt
[%SYSTEM%]\ezdwa.dat
[%SYSTEM%]\ezvoc.txt
[%SYSTEM%]\fdvph.log
[%SYSTEM%]\fintt.log
[%SYSTEM%]\fvnrq.dat
[%SYSTEM%]\fwicc.dat
[%SYSTEM%]\gjmee.log
[%SYSTEM%]\glplp.log
[%SYSTEM%]\goynk.log
[%SYSTEM%]\hfjzc.txt
[%SYSTEM%]\hhhdz.dat
[%SYSTEM%]\hozyc.log
[%SYSTEM%]\hpsek.txt
[%SYSTEM%]\inyky.dat
[%SYSTEM%]\iscez.log
[%SYSTEM%]\jgomu.log
[%SYSTEM%]\jiart.dat
[%SYSTEM%]\jjrqh.log
[%SYSTEM%]\klvpu.dat
[%SYSTEM%]\krand.txt
[%SYSTEM%]\kzffk.log
[%SYSTEM%]\ldwtz.dat
[%SYSTEM%]\lfxis.log
[%SYSTEM%]\lgtzx.txt
[%SYSTEM%]\ljzqk.log
[%SYSTEM%]\mfcgt32.exe
[%SYSTEM%]\mkige.dat
[%SYSTEM%]\mscta.dat
[%SYSTEM%]\mssz32.dll
[%SYSTEM%]\ndyyl.dat
[%SYSTEM%]\nhbng.txt
[%SYSTEM%]\nvssc.dat
[%SYSTEM%]\oiasz.txt
[%SYSTEM%]\omqqj.dat
[%SYSTEM%]\pztgn.log
[%SYSTEM%]\qzoyb.log
[%SYSTEM%]\raqwn.txt
[%SYSTEM%]\revoc.dat
[%SYSTEM%]\rhgja.dat
[%SYSTEM%]\ripvz.txt
[%SYSTEM%]\rlaog.dat
[%SYSTEM%]\rnmzx.log
[%SYSTEM%]\rpvvi.txt
[%SYSTEM%]\rtfvz.dat
[%SYSTEM%]\rxyca.log
[%SYSTEM%]\ryesf.dat
[%SYSTEM%]\sauoj.txt
[%SYSTEM%]\sbcuo.log
[%SYSTEM%]\sdkly.exe
[%SYSTEM%]\sqctm.dat
[%SYSTEM%]\tddhm.dat
[%SYSTEM%]\tfgzc.log
[%SYSTEM%]\ubahb.log
[%SYSTEM%]\ucxpp.dat
[%SYSTEM%]\ufaym.dat
[%SYSTEM%]\ugigk.log
[%SYSTEM%]\ugonv.log
[%SYSTEM%]\uhrko.dat
[%SYSTEM%]\uisod.log
[%SYSTEM%]\uophl.log
[%SYSTEM%]\uqsha.log
[%SYSTEM%]\vjeal.dat
[%SYSTEM%]\vwzsr.log
[%SYSTEM%]\vzscc.dat
[%SYSTEM%]\wcowo.dat
[%SYSTEM%]\wkakg.log
[%SYSTEM%]\wllfk.log
[%SYSTEM%]\wpsmg.txt
[%SYSTEM%]\xknze.txt
[%SYSTEM%]\xnrfk.log
[%SYSTEM%]\xqtce.txt
[%SYSTEM%]\xvlik.dat
[%SYSTEM%]\ybbaj.log
[%SYSTEM%]\ygtle.log
[%SYSTEM%]\ykiyh.txt
[%SYSTEM%]\zfgjh.log
[%SYSTEM%]\znctv.log
[%SYSTEM%]\zslxx.log
[%SYSTEM%]\zyqxy.txt
[%WINDOWS%]\appwn32.exe
[%WINDOWS%]\atlfs32.exe
[%WINDOWS%]\bbgwx.log
[%WINDOWS%]\bpyas.log
[%WINDOWS%]\bwstm.txt
[%WINDOWS%]\ckypp.dat
[%WINDOWS%]\clnhn.log
[%WINDOWS%]\cnkqf.log
[%WINDOWS%]\crlso.log
[%WINDOWS%]\d3fd32.exe
[%WINDOWS%]\d3nr32.exe
[%WINDOWS%]\d3zg.exe
[%WINDOWS%]\dalyo.dat
[%WINDOWS%]\ddadp.log
[%WINDOWS%]\dgsff.dat
[%WINDOWS%]\dmmsb.dat
[%WINDOWS%]\dtohl.txt
[%WINDOWS%]\fdhvb.log
[%WINDOWS%]\fennc.log
[%WINDOWS%]\fkdrw.log
[%WINDOWS%]\flqex.dat
[%WINDOWS%]\ftktd.txt
[%WINDOWS%]\ggdhy.txt
[%WINDOWS%]\ipyx32.exe
[%WINDOWS%]\iucpn.log
[%WINDOWS%]\iummc.txt
[%WINDOWS%]\jhpmo.dat
[%WINDOWS%]\jpvge.log
[%WINDOWS%]\jrqdr.log
[%WINDOWS%]\kbplj.txt
[%WINDOWS%]\klksa.txt
[%WINDOWS%]\kvhyp.dat
[%WINDOWS%]\kwsaj.dat
[%WINDOWS%]\lapui.txt
[%WINDOWS%]\lobuc.log
[%WINDOWS%]\lqbxv.log
[%WINDOWS%]\lrhkn.log
[%WINDOWS%]\lricy.dat
[%WINDOWS%]\lydcd.log
[%WINDOWS%]\lyycb.dat
[%WINDOWS%]\mfcbm32.dll
[%WINDOWS%]\mfckb.exe
[%WINDOWS%]\mszv32.exe
[%WINDOWS%]\muhjl.txt
[%WINDOWS%]\nfhrc.log
[%WINDOWS%]\nlirs.log
[%WINDOWS%]\ntyk32.exe
[%WINDOWS%]\nytvk.dat
[%WINDOWS%]\ofiba.dat
[%WINDOWS%]\olvyg.dat
[%WINDOWS%]\opgyo.log
[%WINDOWS%]\oydyt.txt
[%WINDOWS%]\pbytl.dat
[%WINDOWS%]\pdrpv.log
[%WINDOWS%]\pejxt.log
[%WINDOWS%]\pfoze.log
[%WINDOWS%]\pnvrq.txt
[%WINDOWS%]\poqsm.log
[%WINDOWS%]\pqjkb.txt
[%WINDOWS%]\qdsqq.dat
[%WINDOWS%]\qtine.txt
[%WINDOWS%]\qvnmd.txt
[%WINDOWS%]\rkhzp.log
[%WINDOWS%]\rlnwf.txt
[%WINDOWS%]\rlvtj.txt
[%WINDOWS%]\rzawn.txt
[%WINDOWS%]\scfcy.txt
[%WINDOWS%]\srqob.dat
[%WINDOWS%]\svmvw.log
[%WINDOWS%]\techt.txt
[%WINDOWS%]\tiche.dat
[%WINDOWS%]\ucmys.dat
[%WINDOWS%]\ufaje.txt
[%WINDOWS%]\umipt.log
[%WINDOWS%]\unomh.log
[%WINDOWS%]\usyjr.log
[%WINDOWS%]\vtonz.log
[%WINDOWS%]\wcaws.log
[%WINDOWS%]\wqhfc.txt
[%WINDOWS%]\xedxk.txt
[%WINDOWS%]\xkqgy.log
[%WINDOWS%]\xlqip.txt
[%WINDOWS%]\xuyvq.dat
[%WINDOWS%]\zcflt.dat
[%WINDOWS%]\zpyis.log
[%WINDOWS%]\zrddf.dat
[%WINDOWS%]\zuuud.dat
[%WINDOWS%]\zvrqw.log
[%WINDOWS%]\zwlha.txt
[%WINDOWS%]\zxgoa.txt
[%WINDOWS%]\zytoa.txt
[%SYSTEM%]\adddx.dll
[%SYSTEM%]\apica.exe
[%SYSTEM%]\apivy.exe
[%SYSTEM%]\appio.exe
[%SYSTEM%]\appis32.exe
[%SYSTEM%]\appjc32.exe
[%SYSTEM%]\appoe32.exe
[%SYSTEM%]\atlkt32.exe
[%SYSTEM%]\atlpv32.exe
[%SYSTEM%]\crby32.exe
[%SYSTEM%]\crko.exe
[%SYSTEM%]\crsw32.exe
[%SYSTEM%]\d3fm.exe
[%SYSTEM%]\d3gj.exe
[%SYSTEM%]\iefi.exe
[%SYSTEM%]\iefy.exe
[%SYSTEM%]\ieug32.exe
[%SYSTEM%]\iewe32.exe
[%SYSTEM%]\ipgs.exe
[%SYSTEM%]\iphj32.exe
[%SYSTEM%]\ippy.exe
[%SYSTEM%]\ipst32.exe
[%SYSTEM%]\mfcqc32.exe
[%SYSTEM%]\mfcuo.exe
[%SYSTEM%]\msph32.exe
[%SYSTEM%]\netjh32.exe
[%SYSTEM%]\ntdx.exe
[%SYSTEM%]\sdkdh.exe
[%SYSTEM%]\sdkhb32.exe
[%SYSTEM%]\winga.exe
[%SYSTEM%]\winlo.exe
[%SYSTEM%]\winns32.exe
[%SYSTEM%]\winyw32.exe
[%WINDOWS%]\addkc32.exe
[%WINDOWS%]\apiac.exe
[%WINDOWS%]\apifb.exe
[%WINDOWS%]\apigj.exe
[%WINDOWS%]\apijn32.exe
[%WINDOWS%]\apivt.exe
[%WINDOWS%]\appsh.exe
[%WINDOWS%]\atlrl32.dll
[%WINDOWS%]\crvl.exe
[%WINDOWS%]\d3cq.exe
[%WINDOWS%]\d3fl32.exe
[%WINDOWS%]\d3ue.exe
[%WINDOWS%]\ipog.dll
[%WINDOWS%]\mfcui32.exe
[%WINDOWS%]\msnc32.exe
[%WINDOWS%]\ntwg.exe
[%WINDOWS%]\ntwn.exe
[%WINDOWS%]\ntyo32.exe
[%WINDOWS%]\sdkev.exe
[%WINDOWS%]\sdkrr32.exe
[%WINDOWS%]\sysea.exe
[%WINDOWS%]\sysjq.exe
[%WINDOWS%]\syskr.exe
[%WINDOWS%]\syslr.exe
[%WINDOWS%]\winmc.exe
[%WINDOWS%]\winnj32.exe

CWS.Feads Registry Keys:
HKEY_CLASSES_ROOT\clsid\{4700f4b2-eb75-07ef-2853-5b264bd6e7db}
HKEY_CLASSES_ROOT\clsid\{6ca3def1-f477-8ca2-64fd-b558a4257b4a}
HKEY_CLASSES_ROOT\clsid\{89abe5c0-3767-80d7-a957-8cc68dc6199b}
HKEY_CLASSES_ROOT\clsid\{a69b7d98-9dac-21c6-7adb-7ff21d28cec1}
HKEY_CLASSES_ROOT\clsid\{af324411-fe23-2928-2624-6e2035e4f460}
HKEY_CLASSES_ROOT\clsid\{e897b7a0-ebe4-3a18-7dd3-77e65116b006}
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy___ns_service_3
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_*008f*0010%%af*00e5*0003*0017*001a*00a4*00b6*00c0*00a8
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\%8F%10%%af%E5%03%17%1A%A4%B6%E0%A8
HKEY_CLASSES_ROOT\clsid\{2a6a75c2-3c67-5e95-eba8-28a462abd792}
HKEY_CLASSES_ROOT\clsid\{53a6ba45-5944-1b2a-c008-fb29ecdce63c}
HKEY_CLASSES_ROOT\clsid\{b6bcb9ce-7fa1-f173-041b-e367563bb601}
HKEY_CLASSES_ROOT\clsid\{c668ea18-2d58-b7ff-b81a-5dfb1e599256}
HKEY_CLASSES_ROOT\clsid\{f452fa15-98c9-bd51-ac62-418e0c391ec0}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4700f4b2-eb75-07ef-2853-5b264bd6e7db}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{a69b7d98-9dac-21c6-7adb-7ff21d28cec1}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{e897b7a0-ebe4-3a18-7dd3-77e65116b006}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{f452fa15-98c9-bd51-ac62-418e0c391ec0}
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_*00bdo.#*017e*201a*201e*0081*00f5*00d8*00c2*00b4*001e*00e2
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_*008f*0010%af*00e5*0003*0017*001a*00a4*00b6*00c0*00a8
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\__ns_service_3

CWS.Feads Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce

Removing CWS.Feads:

you can run trial version of ExterminateIt, or remove CWS.Feads manually.

To completely manually remove CWS.Feads malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with CWS.Feads.

Also Be Aware of the Following Threats:
Removing Win32.Agent.db Trojan
Claria.WebSecureAlert Adware Removal instruction
Amahkey Trojan Removal
The.Chaos Trojan Cleaner
Removing MsWin.A Trojan

Computer Protect Virus

Wednesday, November 12, 2008

CWS.Feads Trojan

Detection CWS.Feads :

Removing CWS.Feads:

0 Comments:

Previous Posts