Sunday, November 16, 2008

IEPlugin Adware

How To Remove IEPlugin?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
IEPlugin is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.
Trojans-downloaders downloads and installs new malware or adware on the computer.

IEPlugin It also known as:

[Kaspersky]TrojanDownloader.Win32.OneClickNetSearch.c,TrojanDownloader.Win32.OneClickNetSearch.f;
[Panda]Adware/IEPlugin,Trj/Downloader.MO;
[Computer Associates]Win32.Imiserv.F

IEPlugin Symptoms:

Files:
[%SYSTEM%]\ieplugin.dll
[%WINDOWS%]\Desktop Toolbar.dsk
[%WINDOWS%]\wdskctl.exe
[%WINDOWS%]\wupdt.exe
[%PROFILE_TEMP%]\systb.dll
[%SYSTEM%]\systb.dll
[%SYSTEM%]\winobject.dll
[%WINDOWS%]\system\ieplugin.dll
[%WINDOWS%]\system\systb.dll
[%WINDOWS%]\system\winobject.dll
[%SYSTEM%]\ieplugin.dll
[%WINDOWS%]\Desktop Toolbar.dsk
[%WINDOWS%]\wdskctl.exe
[%WINDOWS%]\wupdt.exe
[%PROFILE_TEMP%]\systb.dll
[%SYSTEM%]\systb.dll
[%SYSTEM%]\winobject.dll
[%WINDOWS%]\system\ieplugin.dll
[%WINDOWS%]\system\systb.dll
[%WINDOWS%]\system\winobject.dll

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{01F44A8A-8C97-4325-A378-76E68DC4AB2E}
HKEY_CLASSES_ROOT\CLSID\{1C896551-8B92-4907-8C06-15DB2D1F874A}
HKEY_CLASSES_ROOT\CLSID\{D36F70B1-7DF5-4FD4-A765-70CCC8F72CD7}
HKEY_CLASSES_ROOT\CLSID\{E2BF1BF3-1FDB-4C93-8874-0B09E71C594C}
HKEY_CLASSES_ROOT\CLSID\{F3155057-4C2C-4078-8576-50486693FD49}
HKEY_CLASSES_ROOT\IMIToolbar.BottomFrame
HKEY_CLASSES_ROOT\IMIToolbar.BottomFrame.1
HKEY_CLASSES_ROOT\IMIToolbar.LeftFrame
HKEY_CLASSES_ROOT\IMIToolbar.LeftFrame.1
HKEY_CLASSES_ROOT\IMIToolbar.PopupBrowser
HKEY_CLASSES_ROOT\IMIToolbar.PopupBrowser.1
HKEY_CLASSES_ROOT\IMIToolbar.PopupWindow
HKEY_CLASSES_ROOT\IMIToolbar.PopupWindow.1
HKEY_CLASSES_ROOT\Interface\{220959EA-B54C-4201-8DF2-1CFAC8B59FD7}
HKEY_CLASSES_ROOT\Interface\{6A288140-3E1C-4CD9-AAC5-E20FDD4F5D64}
HKEY_CLASSES_ROOT\Interface\{7371AD3F-C419-4DC0-8E8A-E21FAFAD53E0}
HKEY_CLASSES_ROOT\Interface\{98B2DDBA-6DA2-4421-AF2B-814E98F53649}
HKEY_CURRENT_USER\Software\dsktb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01F44A8A-8C97-4325-A378-76E68DC4AB2E}
HKEY_CLASSES_ROOT\clsid\{01f44a8a-8c97-4325-a378-76e68dc4ab2e}
HKEY_CLASSES_ROOT\clsid\{1c896551-8b92-4907-8c06-15db2d1f874a}
HKEY_CLASSES_ROOT\clsid\{556dde35-e955-11d0-a707-000000521958}
HKEY_CLASSES_ROOT\clsid\{914afb33-550b-4bd0-b4ef-8da185504836}
HKEY_CLASSES_ROOT\clsid\{d36f70b1-7df5-4fd4-a765-70ccc8f72cd7}
HKEY_CLASSES_ROOT\clsid\{e2bf1bf3-1fdb-4c93-8874-0b09e71c594c}
HKEY_CLASSES_ROOT\clsid\{f3155057-4c2c-4078-8576-50486693fd49}
HKEY_CLASSES_ROOT\imitoolbar.bottomframe
HKEY_CLASSES_ROOT\imitoolbar.bottomframe.1
HKEY_CLASSES_ROOT\imitoolbar.leftframe
HKEY_CLASSES_ROOT\imitoolbar.leftframe leftframe class
HKEY_CLASSES_ROOT\imitoolbar.leftframe.1
HKEY_CLASSES_ROOT\imitoolbar.leftframe.1 leftframe class
HKEY_CLASSES_ROOT\imitoolbar.popupbrowser
HKEY_CLASSES_ROOT\imitoolbar.popupbrowser popupbrowser class
HKEY_CLASSES_ROOT\imitoolbar.popupbrowser.1
HKEY_CLASSES_ROOT\imitoolbar.popupbrowser.1 popupbrowser class
HKEY_CLASSES_ROOT\imitoolbar.popupwindow
HKEY_CLASSES_ROOT\imitoolbar.popupwindow popupwindow class
HKEY_CLASSES_ROOT\imitoolbar.popupwindow.1
HKEY_CLASSES_ROOT\imitoolbar.popupwindow.1 popupwindow class
HKEY_CLASSES_ROOT\interface\{220959ea-b54c-4201-8df2-1cfac8b59fd7}
HKEY_CLASSES_ROOT\interface\{6a288140-3e1c-4cd9-aac5-e20fdd4f5d64}
HKEY_CLASSES_ROOT\interface\{7371ad3f-c419-4dc0-8e8a-e21fafad53e0}
HKEY_CLASSES_ROOT\interface\{98b2ddba-6da2-4421-af2b-814e98f53649}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{914afb33-550b-4bd0-b4ef-8da185504836}
HKEY_CURRENT_USER\software\dsktb
HKEY_LOCAL_MACHINE\software\classes\clsid\{914afb33-550b-4bd0-b4ef-8da185504836}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{01f44a8a-8c97-4325-a378-76e68dc4ab2e}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{914afb33-550b-4bd0-b4ef-8da185504836}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]\wupdt.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls\[%WINDOWS%]

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Net.Antrax Backdoor Information

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)