Category:Trojan,Downloader
OneClickNetSearch Detection :
Files:
[%WINDOWS%]\dsr.dll
[%WINDOWS%]\dsr.exe
[%WINDOWS%]\extract.exe
[%WINDOWS%]\pxckdlauninstall.exe
[%WINDOWS%]\rgrt.exe
[%WINDOWS%]\snbho.exe
[%WINDOWS%]\systb.dll
[%WINDOWS%]\systb.exe
[%WINDOWS%]\wdskctl.exe
[%WINDOWS%]\wupdt.exe
[%WINDOWS%]\dsr.dll
[%WINDOWS%]\dsr.exe
[%WINDOWS%]\extract.exe
[%WINDOWS%]\pxckdlauninstall.exe
[%WINDOWS%]\rgrt.exe
[%WINDOWS%]\snbho.exe
[%WINDOWS%]\systb.dll
[%WINDOWS%]\systb.exe
[%WINDOWS%]\wdskctl.exe
[%WINDOWS%]\wupdt.exe
Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{00F1D395-4744-40f0-A611-980F61AE2C59}
HKEY_CLASSES_ROOT\CLSID\{01F44A8A-8C97-4325-A378-76E68DC4AB2E}
HKEY_CLASSES_ROOT\CLSID\{1C896551-8B92-4907-8C06-15DB2D1F874A}
HKEY_CLASSES_ROOT\CLSID\{69135BDE-5FDC-4B61-98AA-82AD2091BCCC}
HKEY_CLASSES_ROOT\CLSID\{8B51FC2F-C687-40A3-B54A-BB9EBF8D407F}
HKEY_CLASSES_ROOT\CLSID\{CE27D4DF-714B-4427-95EB-923FE53ADF8E}
HKEY_CLASSES_ROOT\CLSID\{D36F70B1-7DF5-4FD4-A765-70CCC8F72CD7}
HKEY_CLASSES_ROOT\CLSID\{E2BF1BF3-1FDB-4C93-8874-0B09E71C594C}
HKEY_CLASSES_ROOT\CLSID\{E2D2FE40-5674-4B77-802B-EC86B6C2C41D}
HKEY_CLASSES_ROOT\CLSID\{E311D3A5-4A3B-4E49-9E0A-B40FAE1F0B28}
HKEY_CLASSES_ROOT\CLSID\{F3155057-4C2C-4078-8576-50486693FD49}
HKEY_CLASSES_ROOT\DSrch.Band
HKEY_CLASSES_ROOT\DSrch.Band.1
HKEY_CLASSES_ROOT\DSrch.BottomFrame
HKEY_CLASSES_ROOT\DSrch.BottomFrame.1
HKEY_CLASSES_ROOT\DSrch.LeftFrame
HKEY_CLASSES_ROOT\DSrch.LeftFrame.1
HKEY_CLASSES_ROOT\DSrch.PopupBrowser
HKEY_CLASSES_ROOT\DSrch.PopupBrowser.1
HKEY_CLASSES_ROOT\DSrch.PopupWindow
HKEY_CLASSES_ROOT\DSrch.PopupWindow.1
HKEY_CLASSES_ROOT\IMIToolbar.BottomFrame
HKEY_CLASSES_ROOT\IMIToolbar.BottomFrame.1
HKEY_CLASSES_ROOT\IMIToolbar.imiTool
HKEY_CLASSES_ROOT\IMIToolbar.imiTool.1
HKEY_CLASSES_ROOT\IMIToolbar.LeftFrame
HKEY_CLASSES_ROOT\IMIToolbar.LeftFrame.1
HKEY_CLASSES_ROOT\IMIToolbar.PopupBrowser
HKEY_CLASSES_ROOT\IMIToolbar.PopupBrowser.1
HKEY_CLASSES_ROOT\IMIToolbar.PopupWindow
HKEY_CLASSES_ROOT\IMIToolbar.PopupWindow.1
HKEY_CLASSES_ROOT\Interface\{0667935E-6350-4BF3-9F97-952363D87C1F}
HKEY_CLASSES_ROOT\Interface\{0F72A081-4DCA-4288-970E-2F7DBBF8B54C}
HKEY_CLASSES_ROOT\Interface\{220959EA-B54C-4201-8DF2-1CFAC8B59FD7}
HKEY_CLASSES_ROOT\Interface\{3E589169-86AD-44FE-B426-F0BF105D5582}
HKEY_CLASSES_ROOT\Interface\{6A288140-3E1C-4CD9-AAC5-E20FDD4F5D64}
HKEY_CLASSES_ROOT\Interface\{7092C637-9298-4ACD-8E4D-E7C8157ABDCC}
HKEY_CLASSES_ROOT\Interface\{7371AD3F-C419-4DC0-8E8A-E21FAFAD53E0}
HKEY_CLASSES_ROOT\Interface\{98B2DDBA-6DA2-4421-AF2B-814E98F53649}
HKEY_CLASSES_ROOT\Interface\{C43CB2BC-DE30-4FDA-B982-9312ED9940F6}
HKEY_CLASSES_ROOT\Interface\{D2378491-228B-4398-A041-8967952E79EF}
HKEY_CLASSES_ROOT\Interface\{E4458B4A-6149-4450-84F2-864ADB7E8C52}
HKEY_CLASSES_ROOT\Interface\{F8084C00-5E03-4B9F-8846-EFE24334C44A}
HKEY_CLASSES_ROOT\Interface\{F9B9C9A3-9D2D-423D-ABA5-80D83A915023}
HKEY_CLASSES_ROOT\TypeLib\{57ADD57B-173E-418A-8F70-17E5C9F2BCC9}
HKEY_CLASSES_ROOT\Typelib\{58D419E8-1321-4DD2-A6FC-7B41C14DCD79}
HKEY_CLASSES_ROOT\TypeLib\{8F73AC0F-5769-4282-8762-B396A3BFF377}
HKEY_CLASSES_ROOT\Wbho.Band
HKEY_CLASSES_ROOT\Wbho.Band.1
HKEY_CURRENT_USER\Software\dsktb
HKEY_CURRENT_USER\Software\dsrch
HKEY_CURRENT_USER\Software\inst
HKEY_CURRENT_USER\Software\intexp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{666E4D35-E955-11D0-A707-000000521958}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A80F2DB2-80A9-4834-8F5A-4AB70F4EF4C3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00F1D395-4744-40f0-A611-980F61AE2C59}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01F44A8A-8C97-4325-A378-76E68DC4AB2E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69135BDE-5FDC-4B61-98AA-82AD2091BCCC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\intexp
Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Removing OneClickNetSearch:
you can run trial version of ExterminateIt, or remove OneClickNetSearch manually..ExterminateIt effectively and automatically removes Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware) from you computer.
Download ExterminateIt! to instantly get rid of OneClickNetSearch!
Also Be Aware of the Following Threats:
Removing RedHacker Backdoor
Removing ICQ.Port Trojan
Swizzor.bn Trojan Removal
Remove BufferOverrun Trojan
Remove FakeSurf RAT