high
Summary
Summary
Action- More Information
| Affected operating systems | Windows |
|---|---|
| Characteristics |
|
| Protection available since | 13 September 2005 10:12:34 (GMT) |
| Last updated | 23 September 2005 21:21:20 (GMT) |
| Detected by | All Sophos products |
Sophos beta program
- Endpoint Security and Control 9.0
- Small business solutions 4.0
Action
- Summary
- Action
- More Information
Please follow the instructions for removing Trojans.
More Information
Troj/Iefeat-AN is a Trojan for the Windows platform.
When run Troj/Iefeat-AN may drop a helper component into the Windows system folder using any of the following filenames:
msproto3.dll
msxmlpp.dll
msvsres.dll
The helper component is detected by Sophos as Troj/Dloader-AQ.
The Troj/Iefeat-AN DLL is registered as a COM object, plugin and Browser Helper Object (BHO) for Microsoft Internet Explorer, creating registry entries under:
HKCR\CLSID\{4CBC0CFC-1EE3-16BA-346D-DCBE5DB10FF9}
HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\
{4CBC0CFC-1EE3-16BA-346D-DCBE5DB10FF9}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
Browser Helper Objects\{4CBC0CFC-1EE3-16BA-346D-DCBE5DB10FF9}
Registry entries are created under:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HSA
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SE
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SW
Troj/Iefeat-AN provides an uninstall option which can be accessed via the Add or Remove Programs dialog in the Windows Control Panel. The software is listed as: "Home Search Assistent ", "Search Extender " and "Shopping Wizard ".
|
