Win32/Iyeclore [Threat Name] go to Threat

Win32/Iyeclore.B [Threat Variant Name]

Category trojan
Size 755712 B
Detection created Jan 27, 2010
Detection database version 4809
Aliases Trojan.Win32.Delf.stn (Kaspersky)
  Trojan:Win32/Trufip!rts (Microsoft)
  Generic.dx!ncc.trojan (McAfee)
Short description

Win32/Iyeclore.B is a trojan which tries to promote certain web sites. The trojan sends HTTP requests to simulate clicks on banner advertisements, to inflate web counter statistics etc. The trojan is probably a part of other malware.

Installation

The trojan does not create any copies of itself.

Other information

Win32/Iyeclore.B is a trojan which tries to promote certain web sites.


The trojan contains a list of (7) URLs. It tries to download a file from the addresses.


The file is stored in the following location:

  • %systemdrive%\­Program Files\­Common Files\­System\­Ole DB\­tmp333.tmp

The HTTP protocol is used.


The trojan alters the behavior of the following processes:

  • Internet Explorer
  • Maxthon
  • Tencent Traveler

The trojan changes information related to the following services:

  • MSN

The trojan sends HTTP requests to simulate clicks on banner advertisements, to inflate web counter statistics etc.

Please enable Javascript to ensure correct displaying of this content and refresh this page.