What is Video ActiveX Object?
- Type: Virus
- Category: Trojans and viruses
- Discovered: 07 December 2007
- Removal tools: Malwarebytes' Anti-Malware, Spyware Doctor
1. Introduction
It is an infection pretending to be a video codec. User is not allowed to watch video content without this codec, so he is prompted to download it from by Video ActiveX Object Error dialog-box appeared: "Your browser cannot display this video file. You need to download new version of Video ActiveX Object to play this video file." A trojan will be installed on PC as well, that generates fake computer security alerts about virus and spyware found on victims machine. These alerts are being displayed in the effect to scare user and force him into buying rogue anti-spyware software.
After Video ActiveX Object download, Security Toolbar 7.1 has been added in Internet Explorer and home page has been changed to asecurityassurance.com.
Related rogue sites:
http://videosoftonline.com
asecurityassurance.com
http://ismymovies.com
http://www.tvsetmp3.com
After Video ActiveX Object download, Security Toolbar 7.1 has been added in Internet Explorer and home page has been changed to asecurityassurance.com.
Related rogue sites:
http://videosoftonline.com
asecurityassurance.com
http://ismymovies.com
http://www.tvsetmp3.com
1.1. Video ActiveX Object download popups:
1.2. Video ActiveX Object Error:
2. Video ActiveX Object removal tools:
- Malwarebytes' Anti-Malware (for the installation guide click here)
- Spyware Doctor (for the installation guide click here)
3. Video ActiveX Object files:
ictmdl.dll, iesplugin.dll, isadd.dll, isaddon.dll, isfmdl.dll, VideoAccessCodecInstall.exe (setup file)4. Hijackthis entries:
O2 Entries:
O2 - BHO: (no name) - {B499D34E-58EF-4927-AB9F-7AF52B2C4C82} - C:\Program Files\Online Video Add-on\isfmdl.dll *
* can also be found under these CLSIDs:
{CFE15135-C591-4000-A55E-A50E5F9F82BC}
{D579A683-0CC7-4023-BAE7-0544D0D1DA3A}
O2 - BHO: (no name) - {1a1ddc19-5893-43ab-a73f-f41a0f34d115} - C:\Program Files\Video ActiveX Object\isaddon.dll
O2 - BHO: (no name) - {A6ACAE64-F798-4930-AD86-BD3FB32038DB} - C:\Program Files\Video ActiveX Object\isadd.dll *
* can also be found under these CLSIDs:
{67982BB7-0F95-44C5-92DC-E3AF3DC19D6D}
O2 - BHO: (no name) - {D34F5D71-99E4-4D96-91CA-F4104F69B8AE} - C:\Program Files\Video AX Object\bpvol.dll *
* can also be found under these CLSIDs:
{1FC80E00-41B0-4F74-BC16-2C83ED49CAC9}
O3 Entries:
O3 - Toolbar: IE Custom Tools - {6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16} - C:\Program Files\Video Add-on\ictmdl.dll *
* can also be found under these CLSIDs:
{062F3F8B-CB94-4D76-A98A-EF800A438F01}
{23ED2206-856D-461A-BBCF-1C2466AC5AE3}
{41F6170D-6AF8-4188-8D92-9DDAB3C71A78}
O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video ActiveX Object\iesplugin.dll *
* can also be found under these CLSIDs:
{5d4831e0-5a7c-4a46-afd5-a79ab8ce36c2}
O2 - BHO: (no name) - {B499D34E-58EF-4927-AB9F-7AF52B2C4C82} - C:\Program Files\Online Video Add-on\isfmdl.dll *
* can also be found under these CLSIDs:
{CFE15135-C591-4000-A55E-A50E5F9F82BC}
{D579A683-0CC7-4023-BAE7-0544D0D1DA3A}
O2 - BHO: (no name) - {1a1ddc19-5893-43ab-a73f-f41a0f34d115} - C:\Program Files\Video ActiveX Object\isaddon.dll
O2 - BHO: (no name) - {A6ACAE64-F798-4930-AD86-BD3FB32038DB} - C:\Program Files\Video ActiveX Object\isadd.dll *
* can also be found under these CLSIDs:
{67982BB7-0F95-44C5-92DC-E3AF3DC19D6D}
O2 - BHO: (no name) - {D34F5D71-99E4-4D96-91CA-F4104F69B8AE} - C:\Program Files\Video AX Object\bpvol.dll *
* can also be found under these CLSIDs:
{1FC80E00-41B0-4F74-BC16-2C83ED49CAC9}
O3 Entries:
O3 - Toolbar: IE Custom Tools - {6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16} - C:\Program Files\Video Add-on\ictmdl.dll *
* can also be found under these CLSIDs:
{062F3F8B-CB94-4D76-A98A-EF800A438F01}
{23ED2206-856D-461A-BBCF-1C2466AC5AE3}
{41F6170D-6AF8-4188-8D92-9DDAB3C71A78}
O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video ActiveX Object\iesplugin.dll *
* can also be found under these CLSIDs:
{5d4831e0-5a7c-4a46-afd5-a79ab8ce36c2}