Updated: February 13, 2007 11:40:42 AM
Type: Adware
Publisher: Qual Net Communications
Risk Impact: Medium
File Names: IE_InstllC.exe
BHO2.dll
MSNIE.dll (definitions prior to 11/19/2004 detect this threat as Download.
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
Adware.HighTraffic is a browser helper object DLL that another program must install. This program name is known as IE_InstllC.exe.
When Adware.HighTraffic is executed, it performs the following actions:
- Creates the following registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BHO.clsUrlSearch
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53E10C2C-43B2-4657-BA29-AAE179E7D35C}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A959F206-CF51-40B2-9E19-589DD5D24E42}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7D36AF1A-08CA-451E-AA06-4308917A1034}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C236F07C-3868-47E6-8C9D-A971580764D9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MsnIeSfty.Update
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5631DCE7-6AE2-4A3D-B960-7D0417812FE9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{853B6F42-EE7D-49A1-84E6-960942D2A073}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53E10C2C-43B2-4657-BA29-AAE179E7D35C}
- Monitors outgoing requests to search engines.
- Downloads advertisements from www.hightrafficads.com.
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
