Adware/Ablank
Analysis
Adware/Ablank.V original filename is tqwqw.dll. Once this dll Adware redirector is hook to a system, it may forward the following default pages to a customized pages integrated inside the dll file. | ||
| ||
The entire javascript code is encrypted. By using unescape and eval functions of javascript, it can decrypt the code and text and write it to the browser. | ||
This particular redirector uses a pin 37O49. And redirect most request to askthenet.net site. This also sends a hit count to www.trackhits.cc site. | ||
The dll file has the visible text in it. | ||
| ||