I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
IBSetup.exe – Trojan Generic removal
File | Virus Alias |
---|---|
IBSetup.exe | Trojan Generic |
IBSetup.exe | Trojan Agent |
IBSetup.exe | Trojan Downloader |
IBSetup.exe | Trojan Siggen |
Created files:
%Program Files%\Instant Buzz\IBBar.dll – Trojan Generic
%Program Files%\Instant Buzz\IBDaemon.exe – Trojan Generic
%Program Files%\Instant Buzz\IBMH.dll – Trojan Generic
%Program Files%\Instant Buzz\IBSetup.exe – Trojan Generic
Autostart registry keys:
HKLM\Software\Classes\CLSID\{7475D3FD-5D85-49DB-8B9B-6968467B2D80}\InprocServer32 : C:\PROGRA~1\INSTAN~1\IBBar.dll
HKLM\Software\Classes\CLSID\{B8D60EBB-5565-4392-957B-7164BA087AD4}\InprocServer32 : C:\PROGRA~1\INSTAN~1\IBBar.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Instant Buzz Daemon: %Program Files%\Instant Buzz\IBDaemon.exe
HKLM\System\CurrentControlSet\Services\mchInjDrv\Type: 01000000
HKLM\System\CurrentControlSet\Services\mchInjDrv\Start: 04000000
HKLM\System\CurrentControlSet\Services\mchInjDrv\ImagePath: \??\%Temp%\mc2271.tmp
HKLM\System\CurrentControlSet\Services\mchInjDrv\DeleteFlag: 01000000
Detected by UnHackMe:
IBSetup.exe
Default location: %Program Files%\Instant Buzz\IBSetup.exe
Dropper information:
SHA256: d846eadc47ccad26a11cda304016fed4f5d61b70078d3b1986155faed60ec4a6
SHA1: c329ac0aba2a3db039a07c6aa13d941a7dbada11
MD5: 68bae9081bb8c0c7dff7bd1812725cb0
File size: 995377 bytes