CNWIN.DLL – Adware Cinmus

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

CNWIN.DLL – Adware Cinmus removal

FileMD5Virus Alias
CNWIN.DLL 7b3a1ad439a0438b066da79f1e36bfce Adware Cinmus
CNWIN.DLL 7b3a1ad439a0438b066da79f1e36bfce Trojan Generic
CNWIN.DLL 7b3a1ad439a0438b066da79f1e36bfce Trojan Downloader
CNWIN.DLL 7b3a1ad439a0438b066da79f1e36bfce Trojan Agent

CNWIN.DLL size: 94208 bytes
CNWIN.DLL hash: 7B3A1AD439A0438B066DA79F1E36BFCE

Created files:

%Program Files%\DeskAdTop\deskipn.dll
%Program Files%\DeskAdTop\DeskUn.exe
%Program Files%\DeskAdTop\fshook.dll
%Program Files%\DeskAdTop\Mrup.exe
%Program Files%\DeskAdTop\Run.dll
%Program Files%\DeskAdTop\_uninstall
%SysDir%\cnwin.dll
%TEMP%\204.exe
%TEMP%\ad1760.exe
%TEMP%\bind_50103.exe
%TEMP%\dodolook057.exe
%TEMP%\MIS_724_0.EXE
%TEMP%\mms_724.exe
%TEMP%\setup168.exe
%TEMP%\tdsetup.exe

Autostart registry keys:

HKLM\Software\Classes\CLSID\{08A312BB-5409-49FC-9347-54BB7D069AC6}\InprocServer32 : %Program Files%\DeskAdTop\deskipn.dll
HKLM\Software\Classes\CLSID\{EC497BD8-460F-44F0-B2A4-8C2B2198035B}\InprocServer32 : %WinDir%\System32\cnwin.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\%TEMP%\tdsetup.exe: %TEMP%\tdsetup.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\%TEMP%\bind_50103.exe: %TEMP%\bind_50103.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\%TEMP%\dodolook057.exe: %TEMP%\dodolook057.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\%TEMP%\mms_724.exe: %TEMP%\mms_724.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\%TEMP%\setup168.exe: %TEMP%\setup168.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Desktop: %WinDir%\System32\rundll32.exe “%Program Files%\DeskAdTop\Run.dll” ,Rundll
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\%TEMP%\ad1760.exe: %TEMP%\ad1760.exe

Detected by UnHackMe:

CNWIN.DLL
Default location: %SYSDIR%\CNWIN.DLL

Dropper information:
MD5: 1ce02e2452976b3d9cece806fe6736ec
File size: 995928 bytes

Leave a Reply