Content

Adware-ESDAds

Type
Program
SubType
Adware
Discovery Date
03/29/2005
Minimum DAT
4326 (02/18/2004)
Updated DAT
5108 (08/29/2007)
Minimum Engine
5.1.00
Description Added
04/26/2004
Description Modified
06/13/2005 3:10 AM (PT)

Tab Navigation

Characteristics

McAfee(R) AVERT(tm) recognizes that this program may have legitimate uses in contexts where an authorized administrator has knowingly installed this application. If you agreed to a license agreement for this, or another bundled application, you may have legal obligations with regard to removing this software, or using the host application without this software. Please contact the software vendor for further information.

See http://vil.nai.com/vil/DATReadme.asp for a list of Program detections added to the DATs.

See http://vil.nai.com/vil/pups/configuration.htm for information about how to enable, disable, and exclude detection of legitimately installed programs.

This is not a virus or a Trojan. It is an adware application from ESD Technologies, Inc .

Installation:

File:      dc695.exe
Hash:    a84f8f156ca39e08763a501238ec54b0

Upon execution it extracts and executes the following files.

File:      Install.exe
Hash:    08c7406c9126c840b9bb547661d9feff

File:      mySetp.exe
Hash:    c5fcef81e77ce4b4a26ecdf3dbd103ea

File:      Register Morpheus Upgrade Suite.exe
Hash:    0f8d71813395e1cb290b7d70c34c844e

File:      Register Morpheus Upgrade Suite3.exe
Hash:    ce9c65758826a79ff8cdce3f559da009

File:      iexplorr11.dll
Hash:    f0125c31b8db34089cac93acdb24fe0a

File:      iexplorr22.dll
Hash:    4400ee38f4f4cf54c4f3c4346e447349

File:      iexplorr23.dll
Hash:    fb386e7bb72792257219c7c348ce517b

MySetp.exe installs MYWAY toolbar with other buttons.



The following files are installed as Browser Helper Object .

  • mybar.dll
  • iexplorr11.dll
  • iexplorr22.dll
  • iexplorr23.dll

Browser Helper Objects are executable files that are loaded when the browser is launched. They can perform various task, such as generating extra pop-up ads, monitoring page navigation, etc.

The following registry entries are added:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Explorer\Browser Helper Objects\
{39AF31DD-EAFC-45EA-A56C-385B52E25CC0}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Explorer\Browser Helper Objects\
{4CEBBC6B-5CEE-4644-80CF-38980BAE93F6}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Explorer\Browser Helper Objects\
{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Explorer\Browser Helper Objects\
{BC0D2038-2DE5-4A6F-92BC-B18A3E0DE32A}

This application may generate pop-up ads while user is browsing the Internet.

Aliases

Aliases

    N/A