You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
IETray is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.
IETray Symptoms:
Files:
[%WINDOWS%]\web\ers_src.htm
[%SYSTEM%]\iemsg.dll
[%WINDOWS%]\system\iemsg.dll
[%WINDOWS%]\web\ers_def.htm
[%WINDOWS%]\web\ers_src.htm
[%SYSTEM%]\iemsg.dll
[%WINDOWS%]\system\iemsg.dll
[%WINDOWS%]\web\ers_def.htm
Registry Keys:
HKEY_CLASSES_ROOT\iempg.iempgobj
HKEY_CLASSES_ROOT\interface\{ffffffff-ffff-ffff-ffff-5f8507c5f4e8}
HKEY_CLASSES_ROOT\typelib\{ffffffff-ffff-ffff-ffff-5f8507c5f4e7}
HKEY_LOCAL_MACHINE\software\classes\iempg.iempgobj
HKEY_LOCAL_MACHINE\software\classes\interface\{ffffffff-ffff-ffff-ffff-5f8507c5f4e8}
HKEY_LOCAL_MACHINE\software\classes\typelib\{ffffffff-ffff-ffff-ffff-5f8507c5f4e7}
HKEY_CLASSES_ROOT\clsid\{bd51aec6-7991-4a60-94d6-d5febb655d10}
HKEY_CLASSES_ROOT\iempg.iempgobj.1
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{bd51aec6-7991-4a60-94d6-d5febb655d10}
HKEY_LOCAL_MACHINE\software\classes\clsid\{bd51aec6-7991-4a60-94d6-d5febb655d10}
HKEY_LOCAL_MACHINE\software\classes\iempg.iempgobj.1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{bd51aec6-7991-4a60-94d6-d5febb655d10}
Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext
HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.
Also Be Aware of the Following Threats:
Nunci Hijacker Removal instruction
Removing CWS Adware
No comments:
Post a Comment