Category:Adware,BHO,Hijacker
Adblaster Detection :
Files:
[%SYSTEM%]\ngsh35.dll
[%SYSTEM%]\sms_msn.exe
[%WINDOWS%]\Sngsh40.dll
[%WINDOWS%]\stup2-2.exe
[%WINDOWS%]\stup3.exe
[%SYSTEM%]\ngpw34.dll
[%SYSTEM%]\ngpw40.exe
[%SYSTEM%]\ngsw31.dll
[%SYSTEM%]\sms_msn40.exe
[%WINDOWS%]\sngpw40.exe
[%WINDOWS%]\system\ngpw34.dll
[%WINDOWS%]\system\ngsw31.dll
[%WINDOWS%]\system\sngsh35.dll
[%SYSTEM%]\ngsh35.dll
[%SYSTEM%]\sms_msn.exe
[%WINDOWS%]\Sngsh40.dll
[%WINDOWS%]\stup2-2.exe
[%WINDOWS%]\stup3.exe
[%SYSTEM%]\ngpw34.dll
[%SYSTEM%]\ngpw40.exe
[%SYSTEM%]\ngsw31.dll
[%SYSTEM%]\sms_msn40.exe
[%WINDOWS%]\sngpw40.exe
[%WINDOWS%]\system\ngpw34.dll
[%WINDOWS%]\system\ngsw31.dll
[%WINDOWS%]\system\sngsh35.dll
Registry Keys:
HKEY_CLASSES_ROOT\clsid\{2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71}
HKEY_CLASSES_ROOT\clsid\{9f34843f-7a90-499f-828f-90e0e63a1aff}
HKEY_CLASSES_ROOT\clsid\{e9147a0a-a866-4214-b47c-da821891240f}
HKEY_CLASSES_ROOT\interface\{9bc9a51c-ea57-413e-a4f4-7413c6050ae0}
HKEY_CLASSES_ROOT\ngsh35.clsdw
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9147a0a-a866-4214-b47c-da821891240f}
HKEY_CLASSES_ROOT\clsid\{1d3a8f36-1267-46f7-8b77-7661df9161c3}
HKEY_CLASSES_ROOT\clsid\{279a1b41-6cac-4abf-b39c-72c8e489f685}
HKEY_CLASSES_ROOT\clsid\{7d9cb362-375b-4fb9-8024-e55079cc69d1}
HKEY_CLASSES_ROOT\clsid\{eb6d8baa-704a-415b-bc0a-3468bfae924e}
HKEY_CLASSES_ROOT\iexplorr11.clsdw
HKEY_CLASSES_ROOT\iexplorr11.clsis
HKEY_CLASSES_ROOT\iexplorr22.clsdw
HKEY_CLASSES_ROOT\iexplorr22.clsis
HKEY_CLASSES_ROOT\interface\{0b60cef5-2431-4f92-82cf-03fee5bdc762}
HKEY_CLASSES_ROOT\interface\{54ac7e87-e1ad-44fb-93e5-b87981c50854}
HKEY_CLASSES_ROOT\interface\{7fb04de1-4340-4002-9d9e-3b6913ae6953}
HKEY_CLASSES_ROOT\interface\{ad4860a8-4f0f-4659-9e5c-a570c2439102}
HKEY_CLASSES_ROOT\interface\{d5c1b7ed-60ec-4de6-8c93-68796d8c0e15}
HKEY_CLASSES_ROOT\ngsh35.clsis
HKEY_CLASSES_ROOT\ngsh40.clsdw
HKEY_CLASSES_ROOT\ngsh40.clsis
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{e9147a0a-a866-4214-b47c-da821891240f}
HKEY_CLASSES_ROOT\typelib\{33198daa-bb5e-4f9d-aa4a-03da4bd4ca87}
HKEY_CLASSES_ROOT\typelib\{57ffdab5-d0ca-460b-9119-c934147cccde}
HKEY_CLASSES_ROOT\typelib\{b224aff4-0561-4b35-a91a-6f339152a482}
HKEY_CLASSES_ROOT\typelib\{d6862a20-1dd6-11d3-bb7c-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{279a1b41-6cac-4abf-b39c-72c8e489f685}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{e9147a0a-a866-4214-b47c-da821891240f}
Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\search
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\search
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\search
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Removing Adblaster:
you can run trial version of ExterminateIt, or remove Adblaster manually..ExterminateIt effectively and automatically removes Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware) from you computer.
Download ExterminateIt! to instantly get rid of Adblaster!
Also Be Aware of the Following Threats:
Bionix Trojan Information
Webber!downloader Trojan Cleaner
Fictional.Daemon RAT Symptoms
Win32.Scapur Trojan Information
Remove Guppy Trojan