Kill Computer Virus: ImIServer.IEPlugin Adware

How To Remove ImIServer.IEPlugin?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.

ImIServer.IEPlugin is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.Trojans-downloaders downloads and installs new malware or adware on the computer.

ImIServer.IEPlugin It also known as:


[Kaspersky]TrojanDownloader.Win32.OneClickNetSearch.b,Trojan-Downloader.Win32.OneClickNetSearch.h;
[Panda]Adware/ClickTrack,Adware/IEPlugin,Adware/Imibar,Trj/Imiserv.B;
[Computer Associates]Win32.Imiserv.C,Win32.Imiserv.D,Win32.Imiserv.I,Win32/Imiserv.C!Trojan,Win32/Imiserv.C.DLL!Trojan,Win32/Imiserv.DLL!Trojan,Win32/Imiserv.I!Trojan

ImIServer.IEPlugin Symptoms:

Files: [%PROGRAM_FILES%]\Network Monitor\netmon.exe [%PROGRAM_FILES%]\Network Monitor\netmon.exe~ [%WINDOWS%]\dsr.dll [%WINDOWS%]\dsr.exe [%WINDOWS%]\extract.exe [%WINDOWS%]\ieunst.exe [%WINDOWS%]\rgrt.exe [%WINDOWS%]\systb.dll [%WINDOWS%]\systb.dll_ [%WINDOWS%]\systb.dll_tobedeleted [%WINDOWS%]\systb.exe [%WINDOWS%]\ts.exe [%WINDOWS%]\uninstall_nmon.vbs [%WINDOWS%]\wupdt.exe [%PROFILE_TEMP%]\thi1ce1.tmp\wupdt.exe [%WINDOWS%]\temp\wupdt.exe [%WINDOWS%]\vvpvww.dat [%PROGRAM_FILES%]\Network Monitor\netmon.exe [%PROGRAM_FILES%]\Network Monitor\netmon.exe~ [%WINDOWS%]\dsr.dll [%WINDOWS%]\dsr.exe [%WINDOWS%]\extract.exe [%WINDOWS%]\ieunst.exe [%WINDOWS%]\rgrt.exe [%WINDOWS%]\systb.dll [%WINDOWS%]\systb.dll_ [%WINDOWS%]\systb.dll_tobedeleted [%WINDOWS%]\systb.exe [%WINDOWS%]\ts.exe [%WINDOWS%]\uninstall_nmon.vbs [%WINDOWS%]\wupdt.exe [%PROFILE_TEMP%]\thi1ce1.tmp\wupdt.exe [%WINDOWS%]\temp\wupdt.exe [%WINDOWS%]\vvpvww.dat

Folders: [%DESKTOP%]\desktop toolbar [%PROGRAM_FILES_COMMON%]\zumr [%WINDOWS%]\zumr

Registry Keys: HKEY_CLASSES_ROOT\CLSID\{69135BDE-5FDC-4B61-98AA-82AD2091BCCC} HKEY_CLASSES_ROOT\IMIToolbar.imiTool HKEY_CLASSES_ROOT\IMIToolbar.imiTool.1 HKEY_CLASSES_ROOT\Interface\{3E589169-86AD-44FE-B426-F0BF105D5582} HKEY_CLASSES_ROOT\Interface\{E4458B4A-6149-4450-84F2-864ADB7E8C52} HKEY_CLASSES_ROOT\Interface\{F9B9C9A3-9D2D-423D-ABA5-80D83A915023} HKEY_CLASSES_ROOT\TypeLib\{57ADD57B-173E-418A-8F70-17E5C9F2BCC9} HKEY_CLASSES_ROOT\Typelib\{58D419E8-1321-4DD2-A6FC-7B41C14DCD79} HKEY_CLASSES_ROOT\Wbho.Band HKEY_CLASSES_ROOT\Wbho.Band.1 HKEY_CURRENT_USER\Software\intexp HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{556DDE35-E955-11D0-A707-000000521958} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69135BDE-5FDC-4B61-98AA-82AD2091BCCC} HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3877C2CD-F137-4144-BDB2-0A811492F920} HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{a394e835-c8d6-4b4b-884b-d2709059f3be} HKEY_CLASSES_ROOT\clsid\{69135bde-5fdc-4b61-98aa-82ad2091bccc} HKEY_CLASSES_ROOT\imitoolbar.imitool HKEY_CLASSES_ROOT\imitoolbar.imitool.1 HKEY_CLASSES_ROOT\interface\{3e589169-86ad-44fe-b426-f0bf105d5582} HKEY_CLASSES_ROOT\interface\{e4458b4a-6149-4450-84f2-864adb7e8c52} HKEY_CLASSES_ROOT\interface\{f9b9c9a3-9d2d-423d-aba5-80d83a915023} HKEY_CLASSES_ROOT\typelib\{57add57b-173e-418a-8f70-17e5c9f2bcc9} HKEY_CLASSES_ROOT\typelib\{58d419e8-1321-4dd2-a6fc-7b41c14dcd79} HKEY_CLASSES_ROOT\wbho.band HKEY_CLASSES_ROOT\wbho.band.1 HKEY_CURRENT_USER\software\intexp HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{556dde35-e955-11d0-a707-000000521958} HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{a80f2db2-80a9-4834-8f5a-4ab70f4ef4c3} HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{69135bde-5fdc-4b61-98aa-82ad2091bccc} HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}

Registry Values: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_CLASSES_ROOT\clsid\{dabc6f13-64fd-4f33-9d3b-948d31c87a64}\inprocserver32 HKEY_LOCAL_MACHINE\36 HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run, hxr93f3e=rundll32.exe w38a581b.dll HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\internet explorer toolbar - intelligent explorer HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\internet explorer toolbar - intelligent explorer, uninstallstring=rundll32 url.dll HKEY_LOCAL_MACHINE\software\policies HKEY_LOCAL_MACHINE\software\policies HKEY_LOCAL_MACHINE\software\zumr HKEY_LOCAL_MACHINE\software\zumr HKEY_LOCAL_MACHINE\software\zumr HKEY_LOCAL_MACHINE\software\zumr HKEY_LOCAL_MACHINE\software\zumr HKEY_LOCAL_MACHINE\software\zumr HKEY_LOCAL_MACHINE\software\zumr HKEY_LOCAL_MACHINE\software\zumr HKEY_LOCAL_MACHINE\software\zumr HKEY_LOCAL_MACHINE\software\zumr HKEY_LOCAL_MACHINE\software\zumr\update HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_network_monitor HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_network_monitor\0000 HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_network_monitor\0000 HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_network_monitor\0000 HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_network_monitor\0000 HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_network_monitor\0000 HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_network_monitor\0000\control HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_network_monitor\0000\control HKEY_LOCAL_MACHINE\system\currentcontrolset\services\network monitor HKEY_LOCAL_MACHINE\system\currentcontrolset\services\network monitor HKEY_LOCAL_MACHINE\system\currentcontrolset\services\network monitor HKEY_LOCAL_MACHINE\system\currentcontrolset\services\network monitor HKEY_LOCAL_MACHINE\system\currentcontrolset\services\network monitor HKEY_LOCAL_MACHINE\system\currentcontrolset\services\network monitor HKEY_LOCAL_MACHINE\system\currentcontrolset\services\network monitor\enum HKEY_LOCAL_MACHINE\system\currentcontrolset\services\network monitor\enum HKEY_LOCAL_MACHINE\system\currentcontrolset\services\network monitor\enum

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:

Kill Computer Virus

Saturday, November 8, 2008

ImIServer.IEPlugin Adware

ImIServer.IEPlugin Symptoms:

No comments:

Blog Archive

About Me