What is Video ActiveX Object?
Type: Virus | Category: Trojans and viruses | Discovered: 07 December 2007
It is an infection pretending to be a video codec. User is not allowed to watch video content without this codec, so he is prompted to download it from by Video ActiveX Object Error dialog-box appeared: "Your browser cannot display this video file. You need to download new version of Video ActiveX Object to play this video file." A trojan will be installed on PC as well, that generates fake computer security alerts about virus and spyware found on victims machine. These alerts are being displayed in the effect to scare user and force him into buying rogue anti-spyware software.
After Video ActiveX Object download, Security Toolbar 7.1 has been added in Internet Explorer and home page has been changed to asecurityassurance.com.
Related rogue sites:
http://videosoftonline.com
asecurityassurance.com
http://ismymovies.com
http://www.tvsetmp3.com
Video ActiveX Object download popups:
Video ActiveX Object Error:
After Video ActiveX Object download, Security Toolbar 7.1 has been added in Internet Explorer and home page has been changed to asecurityassurance.com.
Related rogue sites:
http://videosoftonline.com
asecurityassurance.com
http://ismymovies.com
http://www.tvsetmp3.com
Video ActiveX Object download popups:
Video ActiveX Object Error:
Video ActiveX Object removal tool:
- Spyware Doctor (see here for the installation guide)
Video ActiveX Object Entries:
The following dll files are created: ictmdl.dll, iesplugin.dll, isadd.dll, isaddon.dll, isfmdl.dll, VideoAccessCodecInstall.exe (setup file)
Hijackthis Entries:
O2 Entries:
O2 - BHO: (no name) - {B499D34E-58EF-4927-AB9F-7AF52B2C4C82} - C:\Program Files\Online Video Add-on\isfmdl.dll *
* can also be found under these CLSIDs:
{CFE15135-C591-4000-A55E-A50E5F9F82BC}
{D579A683-0CC7-4023-BAE7-0544D0D1DA3A}
O2 - BHO: (no name) - {1a1ddc19-5893-43ab-a73f-f41a0f34d115} - C:\Program Files\Video ActiveX Object\isaddon.dll
O2 - BHO: (no name) - {A6ACAE64-F798-4930-AD86-BD3FB32038DB} - C:\Program Files\Video ActiveX Object\isadd.dll *
* can also be found under these CLSIDs:
{67982BB7-0F95-44C5-92DC-E3AF3DC19D6D}
O2 - BHO: (no name) - {D34F5D71-99E4-4D96-91CA-F4104F69B8AE} - C:\Program Files\Video AX Object\bpvol.dll *
* can also be found under these CLSIDs:
{1FC80E00-41B0-4F74-BC16-2C83ED49CAC9}
O3 Entries:
O3 - Toolbar: IE Custom Tools - {6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16} - C:\Program Files\Video Add-on\ictmdl.dll *
* can also be found under these CLSIDs:
{062F3F8B-CB94-4D76-A98A-EF800A438F01}
{23ED2206-856D-461A-BBCF-1C2466AC5AE3}
{41F6170D-6AF8-4188-8D92-9DDAB3C71A78}
O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video ActiveX Object\iesplugin.dll *
* can also be found under these CLSIDs:
{5d4831e0-5a7c-4a46-afd5-a79ab8ce36c2}
O2 - BHO: (no name) - {B499D34E-58EF-4927-AB9F-7AF52B2C4C82} - C:\Program Files\Online Video Add-on\isfmdl.dll *
* can also be found under these CLSIDs:
{CFE15135-C591-4000-A55E-A50E5F9F82BC}
{D579A683-0CC7-4023-BAE7-0544D0D1DA3A}
O2 - BHO: (no name) - {1a1ddc19-5893-43ab-a73f-f41a0f34d115} - C:\Program Files\Video ActiveX Object\isaddon.dll
O2 - BHO: (no name) - {A6ACAE64-F798-4930-AD86-BD3FB32038DB} - C:\Program Files\Video ActiveX Object\isadd.dll *
* can also be found under these CLSIDs:
{67982BB7-0F95-44C5-92DC-E3AF3DC19D6D}
O2 - BHO: (no name) - {D34F5D71-99E4-4D96-91CA-F4104F69B8AE} - C:\Program Files\Video AX Object\bpvol.dll *
* can also be found under these CLSIDs:
{1FC80E00-41B0-4F74-BC16-2C83ED49CAC9}
O3 Entries:
O3 - Toolbar: IE Custom Tools - {6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16} - C:\Program Files\Video Add-on\ictmdl.dll *
* can also be found under these CLSIDs:
{062F3F8B-CB94-4D76-A98A-EF800A438F01}
{23ED2206-856D-461A-BBCF-1C2466AC5AE3}
{41F6170D-6AF8-4188-8D92-9DDAB3C71A78}
O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video ActiveX Object\iesplugin.dll *
* can also be found under these CLSIDs:
{5d4831e0-5a7c-4a46-afd5-a79ab8ce36c2}