InnbannerBrowserEnhancer Spyware Profile

Title: InnbannerBrowserEnhancer

Also Known as: Trojan-Downloader.Win32.Agent.akwa

Severity scale: 78 (78 / 100)

InnbannerBrowserEnhancer is a spyware program that installs as a Browser Helper Object. It pretends to be a Browser Enhancing tool, but it only collects personal information and delivers pop-up ads. It was first discovered on October 16, 2008.

InnbannerBrowserEnhancer is a Trojan Downloader. It is not only capable of downloading updates and pop-up ads, it can also download other spyware, adware, viruses and worms. It is a highly dangerous program and should be removed immediately.

InnbannerBrowserEnhancer makes efforts to avoid detection and prevent removal. Manual removal instructions are not recommended. Instead, you should rely on a trusted antispyware program such as SpyZooka.

Download InnbannerBrowserEnhancer Remover

Also Known As:
Trojan-Downloader.Win32.Small.buy,
Trojan-Downloader.Win32.Agent.akwa,
not-a-virus:AdWare.Win32.Agent.fwv [Kaspersky Lab],
AdDestination, Trojan-Clicker.agent.eof,
trojan-clicker.win32.agent.eof,
RON Tool Innbanner

Associated Files:
%workingdir%[RandomName].exe
Md5 :00b1f9e2e585bdbd2f7461e613216e05
%workingdir%[RandomName].exe
Md5 :090d5e59d751407f56edc817d12df622
%workingdir%[RandomName].exe
Md5 :22dc9eb37c48287ed254e88e3de0bb39
%workingdir%[RandomName].exe
Md5 :25b67566e959e6b399db407caefeb4a3
%workingdir%[RandomName].exe
Md5 :421186dc932aa66a4807b65dc3af53bf
%workingdir%[RandomName].exe
Md5 :465a99f0543557f70f9129c99ac66ee2
%workingdir%[RandomName].exe
Md5 :6f74ea66f1952e44d74bff63fd01de0b
%workingdir%[RandomName].exe
Md5 :6f765393d3935695343c28681e91869c
%workingdir%[RandomName].exe
Md5 :a1a0d23e09120bcba0dc4d123b14316f
%workingdir%[RandomName].exe
Md5 :a255806d59b86dd0cce0acc5f3bd7960
%workingdir%[RandomName].exe
Md5 :a42f8db176ce5d4856e1a84870f72098
%workingdir%[RandomName].exe
Md5 :ac0d49c97ca2f09cc941b07a4a0e86b1
%workingdir%[RandomName].exe
Md5 :c358f55a57326fb43a0068f66c38c194
%workingdir%[RandomName].exe
Md5 :e1a893c6bd216548c24f4e17a7fb989d
%workingdir%[RandomName].exe
Md5 :e44de7e6ce319bd180b9972a2a9305b8
%workingdir%[RandomName].exe
Md5 :f2063570c44f8ba23714b9e7967b42f6
%temp%activation_key
Md5 :
%temp%ax125d8.tmp
Md5 :2f5a9cadd23ff63d1a70083cf6e65586
%temp%ax13048.tmp
Md5 :13c0f40c96466a48253ec92475bf8e75
%temp%ax14154.tmp
Md5 :9811fcb5e7ed249a08fda6ad99bc4684
%temp%ax16e26.tmp
Md5 :c6bd7f9bb8d22fde936c96dbb60f5f37
%temp%ax19ca5.tmp
Md5 :41ddf2d1f79e3826d763dbe21bc4ae31
%temp%ax1a766.tmp
Md5 :e8999ef60240187bf3b2e84d5923c652
%temp%ax1e97.tmp
Md5 :c62188f6a3267db53d4a151910be792c
%temp%ax1fbef.tmp
Md5 :83fb2eeef21622299a9a00d6a241e891
%temp%nsa18.tmp
Md5 :ed1d34418c3fedc50a9a1ceb2806c9eb
%temp%nsa3.tmp
Md5 :459a505852f393a995b0029fd3e1d40a
%temp%nsc18.tmp
Md5 :77982b05666201ae40b030e86c84fe83
%temp%nsc3.tmp
Md5 :662a2c9db2ac802d4d73fb6675610f62
%temp%nsf3.tmp
Md5 :61052c013e337398a0dba1c63a52445c
%temp%nsg18.tmp
Md5 :91b8df6766b26ddcf7edc0537e753601
%temp%nsh18.tmp
Md5 :3ffc43f56a6e066749bf50fdae479357
%temp%nsh3.tmp
Md5 :cf48a181189cf370e2b95a058d07e284
%temp%nsk3.tmp
Md5 :eb13265a45f1caae325baf923fe19847
%temp%nsl3.tmp
Md5 :211959a245089217c47e4558c6d1f138
%temp%nsl3.tmp
Md5 :cb3817cef8c4e2327efd05d5ed1819ac
%temp%nsn3.tmp
Md5 :1e92cfec025ccc70c70568a6bb80677e
%temp%nso18.tmp
Md5 :863761421c7318f4d981a070831bee9b
%temp%nsp3.tmp
Md5 :4263c02007b0e6f9959c557d5d562d3d
%temp%nsp3.tmp
Md5 :da1a6e277b5e88046691a06e21f0a11d
%temp%nsq3.tmp
Md5 :614913fc3125728fe52335d648ec68b1
%temp%nss18.tmp
Md5 :f443ab697eec87b9347a1ffea6caccc8
%temp%nsu18.tmp
Md5 :2efaef09e32367687b6a983c5ab77311
%temp%nsv3.tmp
Md5 :b9b88b5807a79dded782b8559d629b2c
%temp%nsv3.tmp
Md5 :ff3c9a3ddd985da74cdb4db5ad7054d8
%temp%nsx3.tmp
Md5 :ead6c58594d031800187a54be60cf12d
%temp%nsy3.tmp
Md5 :703332ab925b5ba4842c5e17d78de5ba
%userprofile%application datamicrosoftcryptorsas-1-5-21-1224276844-362458291-1934301488-1010
%userprofile%application datamicrosoftcryptorsas-1-5-21-24353318-3302364644-979050433-1010
%userprofile%application datamicrosoftcryptorsas-1-5-21-289085736-2271787734-4103687552-1010
%userprofile%application datamicrosoftcryptorsas-1-5-21-2988256311-3946079640-51841651-1010
%userprofile%application datamicrosoftcryptorsas-1-5-21-3225304627-1580765293-4017860140-1010
%userprofile%application datamicrosoftcryptorsas-1-5-21-3511687862-2401999178-1656882943-1010
%userprofile%application datamicrosoftcryptorsas-1-5-21-3844214322-2610908656-3284161240-1010
%userprofile%application datamicrosoftcryptorsas-1-5-21-3940780282-119073973-2237615918-1010

%windir%system32_ifjmixgtdcqussq.dll
Md5 :895aa31b947cc32eb0f6e5b13eaa0575
%windir%system32_ifjmixgtdcqussq.dll
Md5 :8ac87c4b354c242b11f15e9db0db94ee
%windir%system32_ifjmixgtdcqussq.dll
Md5 :d13e4ad28bd09b738a0184b3413ceb5a
%windir%system32_pvdvjmupepsz.dll
Md5 :b7251daa5f21ef9d2fac6294ac933e62
%windir%system32_ueykzibjrehhqgaft.dll
Md5 :3d51d19529bb965e1b86e7bdc27b0691
%windir%system32_ueykzibjrehhqgaft.dll
Md5 :8a918a8f6ad9cfa5431d0e746afe44b8
%windir%system32_ueykzibjrehhqgaft.dll
Md5 :d677863e4d40643af59c0e5d9d61a468
%windir%system32askxgkxgoclhyr.exe
Md5 :5aadfcc7d3849da47a0856991f440d03
%windir%system32askxgkxgoclhyr.exe
Md5 :70e5a6137c881498ddbde9a32e9dfd38
%windir%system32ifjmixgtdcqussq.dll
Md5 :378fee00c930192598abaa9a88b8e714
%windir%system32ifjmixgtdcqussq.dll
Md5 :4bed0b220916a9c334be761cabb44764
%windir%system32ifjmixgtdcqussq.dll
Md5 :6eb794c4fe0d69cfe3929ec894bbbc70
%windir%system32ifjmixgtdcqussq.dll
Md5 :ab256c1de352360522e145860a00c012
%windir%system32ifjmixgtdcqussq.dll
Md5 :b40f457a69efbf20593717259ae36c33
%windir%system32ifjmixgtdcqussq.dll
Md5 :cf51bf7504baf0899a93e08bd6f5f7af
%windir%system32khoiqpufesoz.exe
Md5 :5aadfcc7d3849da47a0856991f440d03
%windir%system32khoiqpufesoz.exe
Md5 :70e5a6137c881498ddbde9a32e9dfd38
%windir%system32nkusjtleqet.exe
Md5 :5aadfcc7d3849da47a0856991f440d03
%windir%system32pvdvjmupepsz.dll
Md5 :0dec8ebf604195713f6744f2024614f2
%windir%system32pvdvjmupepsz.dll
Md5 :1cabdd145ce5145dec8f50e8abb1a58d
%windir%system32pvdvjmupepsz.dll
Md5 :1dc3f1d0e480c6ab07bfe322a945ec7d
%windir%system32pvdvjmupepsz.dll
Md5 :7166441aa357ba24d098bf9cd33d67a4
%windir%system32qtcmxzodfugjl.dll
Md5 :553da8ccf8709ca964713775adf6f0e7
%windir%system32qtcmxzodfugjl.dll
Md5 :e25c2da209fb32825ade82723dc04237
%windir%system32ueykzibjrehhqgaft.dll
Md5 :9cc9e4db2b1965c8a4a1bcf8a0d22336
%windir%system32ueykzibjrehhqgaft.dll
Md5 :b4ceda2e04a59c7f00b182c8fcbf9521
%windir%system32ueykzibjrehhqgaft.dll
Md5 :cdafb34a4fcba4f21cdb2187c8001a30
%windir%system32ueykzibjrehhqgaft.dll
Md5 :f01cd081695cae1485ee1b1ec8e70ef5
%windir%system32waticucmjmbgpatix.exe
Md5 :5aadfcc7d3849da47a0856991f440d03
%windir%system32waticucmjmbgpatix.exe
Md5 :70e5a6137c881498ddbde9a32e9dfd38
HKEY_CLASSES_ROOTCLSID{017359B3-E3F6-B43A-6C87-029137A236A8}
HKEY_CLASSES_ROOTCLSID{0EDD0048-942B-57B9-4A8E-5FCBEFE8C711}
HKEY_CLASSES_ROOTCLSID{7A20ABE9-D72B-6326-8D11-FBB609C6B10D}
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{017359B3-E3F6-B43A-6C87-029137A236A8}
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0EDD0048-942B-57B9-4A8E-5FCBEFE8C711}
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7A20ABE9-D72B-6326-8D11-FBB609C6B10D}
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionUninstallaskxgkxgoclhyr
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionUninstallkhoiqpufesoz
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionUninstallnkusjtleqet
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionUninstallwaticucmjmbgpatix

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{939b1d4a-e885-609f-4c3c-bc946ca326e1}InProcServer32]
(Default) = “%System%ofxchulshqxfpmsnh.dll”
ThreadingModel = “Apartment”
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{939b1d4a-e885-609f-4c3c-bc946ca326e1}]
(Default) = “innbanner browser enhancer”
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{939b1d4a-e885-609f-4c3c-bc946ca326e1}]
NoExplorer = “”"”
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
mjcdnuhzxlmraj = “%System%Rundll32.exe “%System%ofxchulshqxfpmsnh.dll” EntryPoint”

so that ofxchulshqxfpmsnh.dll runs every time Windows starts
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallqukxtvvyvmhgoxwcy]
DisplayName = “RON Tool Innbanner”
UninstallString = “%System%qukxtvvyvmhgoxwcy.exe”
NoModify = 0×00000000
NoRepair = 0×00000000
DisplayVersion = “2.1.2.5″
[HKEY_CURRENT_USERSoftware{2D410C4C-1755-D0C2-A0B0-8184A14538E5}]
aff_id = “innbanner”
day = 0×0000001D

Download InnbannerBrowserEnhancer Remover

Yes Scan My PcFor FREE!

Recent News

MalwareStopper

MalwareStopper is one of those Rogue Antispyware programs that does the exact opposite of what its name would seem to indicate! Rather than protecting your computer from malware, it is actually actively involved in attacking the hard drive and even taking over control in many ways. The purpose of these types of insidious programs is [...]
Antivirus Pro 2010

Antivirus Pro 2010 is a rogue security program designed to fool you into purchasing a product that does not exist. This malicious application displays aggressive security warnings and alerts to the user, notifying them of infections that exist. Antivirus Pro 2010 is malware, and displays these false warnings in an effort to frighten you.
Any files [...]
Advanced Virus Protection — Should You Trust It?

If you are considering Advanced Virus Protection as a way to protect your computer from worms, spyware, viruses and other infections, think again. This rogue software program is a fake, and created by the hackers for the purpose of increasing their profits, while decreasing your bank account. This program may look like a legitimate spyware [...]
Spyware Profile for Hosfre

There is good reason to remove a backdoor Trojan program such as the one called Hosfre, because these backdoor Trojans open up a computer to be exploited by hackers. They are able to access and in some cases even control a machine through the internet. For this reason, it is a good idea to find [...]

Yes Scan My PcFor FREE!

SpyZooka