Hijacker . CWS.XPlugin (Summary)
home | requirements | help | contact | scan now  

OVER 8 MILLION PEOPLE WORLDWIDE USE NUKER TO PROTECT THEIR PC!
YOU CAN TRY ITS AUDIT TODAY ABSOLUTELY FREE!

FREE SCAN

Free Anti Spyware Audit
Click Here to scan your PC for
CWS.XPlugin
free of charge
Hijacker . CWS.XPlugin (Summary)

Software Name: CWS.XPlugin
Company Name:
Product Name: CWS.XPlugin
Classification: Hijacker
Website:

Brief:
Silently installed by a false Windows help file. Hijacks browser settings to redirect to hot-searches.com or lender-search.com.

 

IMPORTANT!
Some of the Hijacker.CWS.XPlugin components are listed below. The list is compiled as a reference. The list might not be complete and it doesn't represent instructions for manual removal. We DO NOT recommend manual removal. Incorrect removal of certain software might make your computer unstable or even unusable.
Removal of adware component might affect the related ad-supported software.

If you suspect that you have an unwanted instance of CWS.XPlugin installed on your computer we recommend a free audit of your system with INAC Anti Spyware.

CWS.XPlugin might create following folders (and inject its files inside the folders):

  • %WINDOWS%\nsdb

CWS.XPlugin might create following files (some of the files might be loaded in memory while the software is running):

  • %WINDOWS%\system\xplugin.dll

  • %SYSTEM%\xplugin.dll

  • %WINDOWS%\system\xplugin.dlldreplace-unpacked.dll

  • %WINDOWS%\nsdb\hosts

  • %SYSTEM%\tmksrvu.exe

  • %SYSTEM%\tksrv99.exe

CWS.XPlugin is often accompanied by the following tracking cookies:

n/a

CWS.XPlugin might create following registry keys (and inject subkeys and values):

  • HKEY_CLASSES_ROOT\AppID\XPlugin.DLL

  • HKEY_CLASSES_ROOT\XPlugin.XFilter

  • HKEY_CLASSES_ROOT\XPlugin.XFilter.1

  • HKEY_LOCAL_MACHINE\SOFTWARE\TMKSoft

  • HKEY_CLASSES_ROOT\TypeLib\{EE79D398-AAAF-47B1-8C9E-11F7D4C9111B}

  • HKEY_CLASSES_ROOT\CLSID\{4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB}

  • HKEY_CLASSES_ROOT\AppID\{AC3F36D4-F905-4FE9-A926-EB937E66F591}

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{14A3221B-1678-1982-A355-7263B1281987}

CWS.XPlugin might create following registry values:

  • HKEY_CLASSES_ROOT\AppID\XPlugin.DLL|AppID

CWS.XPlugin might create registry values with following data:

  • HKEY_CLASSES_ROOT\PROTOCOLS\Filter\text/html|(default)|XFilter

  • HKEY_CLASSES_ROOT\PROTOCOLS\Filter\text/html|CLSID|{4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB}

  • HKEY_USERS\*\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyOverride|*hot-searches.com*

CWS.XPlugin might insert following entries in the HOSTS file:

  • 82.179.166.164 lender-search.com

  • 82.179.166.165 hot-searches.com

 

Click here to scan your computer for CWS.XPlugin free of charge
 Download | Order Now | Partners | Index | Hunter's Log | EULA | Privacy Policy   © 2002-2007 TrekBlue, Inc.