IELoader

Posted: March 28, 2006

IELoader is an adware application that serves unwanted commercial advertisements to user desktop using many pop-ups, web browser windows or additional toolbars. Moreover, it is able to track user activity in the Internet, modify default browser settings and gather personal user information. It can be installed along with the ad-supported software or through some unsafe web sites. IELoader alters essential computer settings so it could start on every Windows startup and remain active in background.

File System Modifications

The following files were created in the system:

#	File Name
1	[profile
2	[profile path]local settingsemporary internet filescontent.ie5uyaay2gqiagold[1].exe
3	[profilepath]localsettingsemporaryinternetfilescontent.ie5uyaay2gqzzb[1].exe
4	[system
5	[systemroot]emporaryinternetfilescontent.ie5cp2fghijbb[1].exe
6	[systemroot]emporaryinternetfilescontent.ie5ctz3j296py[1].exe
7	[systemroot]system32iagold.exe
8	[systemroot]system32mstbl.ocx
9	[systemroot]system32zzb.exe
10	[systemroot]systemaaa.exe
11	[systemroot]systempy.exe
12	filescontent.ie5cp2fghijbb[1].exe
13	filescontent.ie5ctz3j296py[1].exe
14	filescontent.ie5uyaay2gqzzb[1].exe
15	internet
16	path]local
17	root]emporary
18	root]system32iagold.exe
19	root]system32zzb.exe
20	root]systemaaa.exe
21	root]systempy.exe
22	settingsemporary

Registry Modifications

The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionunzzbunzzbHKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversion

IELoader

File System Modifications

Registry Modifications

Leave a Reply