IMesh Trojan

IMesh description
Also known as:

[Kaspersky]Backdoor.Adbreak.e;
[Panda]Adware/eZula,Adware/RelatedLinks,Trojan Horse
Categories:Trojan,Adware,Backdoor

The IMesh adds a link to its executable file in the system registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
[%WINDOWS%]\ndnuninstall4_85.exe
[%PROFILE_TEMP%]\freepeers-336.exe

Platforms / OS: Windows 2000, Windows XP, Windows 2003, Windows Vista

How to detecting IMesh:

Search Files on the disk:
[%DESKTOP%]\imesh.lnk
[%PROFILE_TEMP%]\EACDownload\ANTIVI~1.EXE
[%PROGRAM_FILES%]\iMeshBar\bar\3.bin\IMESHBAR.DLL
[%PROGRAM_FILES%]\iMesh\iMesh5\iMeshBHO.dll
[%STARTUP%]\imesh.lnk
[%SYSTEM%]\hsenj.ocx
[%WINDOWS%]\lbbho.dll
[%WINDOWS%]\lbbho.ini
[%WINDOWS%]\ndnuninstall4_85.exe
[%DESKTOP%]\imesh.lnk
[%PROFILE%]\administrator\start menu\programs\imesh\imesh.lnk
[%PROFILE_TEMP%]\freepeers-336.exe
[%DESKTOP%]\imesh.lnk
[%PROFILE_TEMP%]\EACDownload\ANTIVI~1.EXE
[%PROGRAM_FILES%]\iMeshBar\bar\3.bin\IMESHBAR.DLL
[%PROGRAM_FILES%]\iMesh\iMesh5\iMeshBHO.dll
[%STARTUP%]\imesh.lnk
[%SYSTEM%]\hsenj.ocx
[%WINDOWS%]\lbbho.dll
[%WINDOWS%]\lbbho.ini
[%WINDOWS%]\ndnuninstall4_85.exe
[%DESKTOP%]\imesh.lnk
[%PROFILE%]\administrator\start menu\programs\imesh\imesh.lnk
[%PROFILE_TEMP%]\freepeers-336.exe

Search Folders on the disk:
[%PROGRAMS%]\imesh
[%PROGRAM_FILES%]\imesh
[%STARTMENU%]\programs\imesh
[%PROFILE%]\start menu\programs\imesh

Search registry keys in system registry:
HKEY_CLASSES_ROOT\.imesh
HKEY_CLASSES_ROOT\.imusr
HKEY_CLASSES_ROOT\imesh.document
HKEY_CLASSES_ROOT\imeshc~1.dochostuihandler
HKEY_CLASSES_ROOT\imusr.document
HKEY_CLASSES_ROOT\mime\database\content type\application\x-imesh
HKEY_CURRENT_USER\software\imesh
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\imesh
HKEY_LOCAL_MACHINE\software\classes\imesh.document
HKEY_LOCAL_MACHINE\software\classes\imeshc~1.dochostuihandler
HKEY_LOCAL_MACHINE\software\classes\imusr.document
HKEY_LOCAL_MACHINE\software\classes\mime\database\content type\application\x-imesh
HKEY_LOCAL_MACHINE\software\classes\mime\database\content type\application\x-imeshusr
HKEY_LOCAL_MACHINE\software\imesh
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\imesh

Search registry values in system registry:
HKEY_CURRENT_USER\software\netscape\netscape navigator\suffixes
HKEY_CURRENT_USER\software\netscape\netscape navigator\suffixes
HKEY_CURRENT_USER\software\netscape\netscape navigator\user trusted external applications
HKEY_CURRENT_USER\software\netscape\netscape navigator\viewers
HKEY_CURRENT_USER\software\netscape\netscape navigator\viewers
HKEY_CURRENT_USER\software\netscape\netscape navigator\suffixes
HKEY_CURRENT_USER\software\netscape\netscape navigator\suffixes
HKEY_CURRENT_USER\software\netscape\netscape navigator\user trusted external applications
HKEY_CURRENT_USER\software\netscape\netscape navigator\viewers
HKEY_CURRENT_USER\software\netscape\netscape navigator\viewers

How To Remove IMesh:

You must download ExterminateIt. It can detect IMesh and prevent infection.

You can run trial version of ExterminateIt to detect,and then remove IMesh manually.

  1. Use Task Manager to terminate the IMesh process.
  2. Delete the original IMesh file and folders.
  3. Delete the system registry key parameters

Note that the easiest way is to buy antivirus software and be protected 24/7/365

This antivirus, ExterminateIt effectively and automatically removes viruses from you computer.

Download ExterminateIt! to instantly get rid of IMesh!

Check now if your PC is infected with IMesh

You can buy full version of ExterminateIt at RegNow.com.

Also Be Aware of the Following Threats:
VNC RAT Information
Dumador.bl Backdoor Symptoms
FDoS.Code DoS Removal instruction
Removing slotchbar Hijacker
Lzm Trojan Cleaner

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)