Windows Security Tutorials - Herong's Tutorial Examples - v3.01, by Dr. Herong Yang
Diagnosis Results of Malware "Tube Dimmer"
This section provides some diagnosis result on a Windows 7 system infected by malware 'Tube Dimmer'.
Here is what I gather as diagnosis result on a Windows 7 system infected by malware "Tube Dimmer".
HijackThis Report entries:
O2 - BHO: Tube Dimmer - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\TubeDimmer\IE\common.dll O4 - HKLM\..\Run: [Updater] C:\ProgramData\Updater\Updater.exe O4 - HKCU\..\Run: [Updater] C:\ProgramData\Updater\updater.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\adpeakproxy.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\adpeakproxy.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\adpeakproxy.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\adpeakproxy.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\adpeakproxy.dll O23 - Service: AdpeakProxy - Adpeak, Inc. - C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe
Task Manager entries:
updater.exe IeHelper.exe FireFoxHelper.exe ChromeHelper.exe
Uninstalled Program entries:
ScorpionSaver - Adpeak, Inc. ScorpionSaver Services - Adpeak, Inc. Tube Dimmer - Creative Islands Media, LLC Updater - Creative Islands Media, LLC
System Services entries:
AdpeakProxy - Adpeak, Inc. - C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe
Firefox settings:
Extension: Tube Dimmer 2.6.49 - Instantly watch your favorite shows and movies!
IE (Internet Explorer) settings:
Toolbars and Extensions: Tube Dimmer - Creative Islands Media, LLC
Malware Producer Websites:
d.tubedimmerapp.com tubedimmerapp.com scorpionsaver.com adpeak.com
The picture below shows "Tube Dimmer" and "Updater" uninstall program entries on a Windows 7 system:
Table of Contents
About This Windows Security Book
Windows 8: System Security Review
Windows 8: System Security Protection
Windows 8 Defender for Real-Time Protection
Windows 7: System Security Review
Windows 7: System Security Protection
Windows 7 Forefront Client Security
Norton Power Eraser - Anti-Virus Scan Tool
McAfee Virus and Malware Protection Tools
Spybot - Spyware Blocker, Detection and Removal
Keeping IE (Internet Explorer) Secure
Malware (Adware, Spyware, Trojan, Worm, and Virus)
HijackThis - Browser Hijacker Diagnosis Tool
IE Add-on Program Listing and Removal
"Conduit Search" - Malware Detection and Removal
►"Tube Dimmer", "Scorpion Saver" or "Adpeak" Malware
What Is Malware "Tube Dimmer"?
"Search Deals by Injekt" Ads on Google Pages
"Scorpion Saver" Floating Ad on Web Pages
"Scorpion Saver" Adpeak Proxy Attack
Google Ads Hijacked by "Scorpion Saver" Ads
Yahoo! Ads Displaced in Yahoo! Email
"RocketTab Ads" Box on Google Pages
►Diagnosis Results of Malware "Tube Dimmer"
ChromeHelper.exe, FirefoxHelper.exe, and IeHelper.exe
Removing Malware "Tube Dimmer"
Malware Manual Removal Experience
Vundo (VirtuMonde/VirtuMundo) - vtsts.dll Removal
Trojan and Malware "Puper" Description and Removal
VSToolbar (VSAdd-in.dll) - Description and Removal
PWS (Password Stealer) Trojan Infection Removal