This site will look much better in a browser that supports web standards, but it is accessible to any browser or Internet device.

Sandi's Site

Intelligent Explorer aka IEPLUGIN aka IEPL

WARNING!! One of the pop-up advertisements generated by the software bundled with Intelligent Explorer was extreme, high-end pornography. Do NOT install this software, even for testing purposes, if your computer can be accessed by anyone under 21, or anybody (including yourself) that may be offended by the type of pictures that are generally only legally viewable by adults.

REMOVAL:  Follow the troubleshooting steps I have outlined here

9 January 2005... a long time has passed since I last tested Intelligent Explorer.  It is time to give it another go.  I didn't think things could get more complicated than my initial experience, but they did. A year ago, Intelligent Explorer included a lot of spyware, BUT the spyware was removable and did not automatically reinstall, like it does now (see below).

I note that the email address is no longer mentioned in the "IE Plugin Limited License and Privacy Agreement" at Instead, we are told to use an online form at I also note that that the contact pages capture "REMOTE_HOST,REMOTE_ADDR,HTTP_USER_AGENT".

Just like last time, I downloaded Intelligent Explorer from My notes follow.

Spyware, crapware, malware detected by Adaware (over 11 megabytes):

180Solutions(TAC index:8):49 references
BargainBuddy(TAC index:8):252 references
ClipGenie(TAC index:4):1 reference
DownloadWare(TAC index:8):7 references
ImIServer IEPlugin(TAC index:5):73 references
MRU List(TAC index:0):60 references
NetworkEssentials(TAC index:7):58 references
Other(TAC index:5):35 references
Possible Browser Hijack attempt(TAC index:3):103 references
Rads01.Quadrogram(TAC index:6):1 reference
Roings(TAC index:5):1 reference
SahAgent(TAC index:9):20 references
SCBAR(TAC index:3):55 references
Search Relevancy(TAC index:5):14 references
SurfSideKickBHO(TAC index:7):1 reference
WindUpdates(TAC index:8):2 references
Winpup32(TAC index:6):1 reference

Control Panel (add/remove programs) listings and uninstallation behaviour:

IEPLUGIN - no add/remove program listing - used automatic uninstallation at

BMSE dbl (0.82 MB) (are you sure window) reappeared on reboot

IEC System (0.82 MB) (are you sure window) reappeared on reboot

SE Assistant (0.82 MB) (are you sure window) reappeared on reboot

SE Help (0.82 MB) (are you sure window) reappeared on reboot

Search Assistant (0.82 MB) (are you sure window)

Search Function (0.82 MB) (are you sure window) reappeared on reboot

IE Help (are you sure window) reappeared on reboot

Sidebar Search (0.82 MB) (are you sure window)

DeskAd Service (0.11 MB) Multiple prompt windows; opened window to page advertising 'Adware Remover Gold', 'Email Spam Block' and 'Data Shredder Gold' (note that Addware Remover Gold, of and is mentioned at Spywarewarrior as a rogue antispyware application - you can find more information here -

Search Relevancy (0.25 MB). Uninstall wizard, 3 prompt windows, confusing text, same advertising window as DeskAd Service, uninstall froze add/remove programs and control panel.

CashBack by BargainBuddy [eXact Advertising) (0.33 MB) (uninstall wizard, 3 prompt windows, confusing text) Accessed internet during uninstall.

NaviSearch [eXact Advertising) (0.16 MB) Same uninstall wizard to Cashback by BargainBuddy. Accessed internet during uninstall.

The BullsEye Network [eXact Advertising] (2.01 MB) same uninstall wizard, confusing text, survey window, accessed internet.

DownloadWare (1.58 MB) (prompt window), Clipgenie survey window opened, new window diverted to, prompt 'download our FREE SOFTWARE while surfing our site'. Prompt 'Click ok to download our free software while browsing the site and take advantage of our Spectacular $225 bonus (Dragon Rouge Casino pop up window), uninstall froze. Froze entire add/remove control panel.

Recommended Hotfix - 421701D (1.05 MB) prompt window 'This will change your current browsing functions. Are you sure you wish to continue?' Accessed internet during removal.

Uninstall 180searchAssistant (connected to internet during uninstall), popup uninstall window.

Additional cleanup steps

I used the Microsoft Antispyware Beta to restore all IE default page settings. Nothing left in control panel. Desktop Toolbar icon on desktop (damaged spyware install) remains. Deleted manually.


Tests after reboot

SearchEnhancement tried to reinstall (blocked using Microsoft Antispyware Beta)

Numerous attempts to change search engine settings from IE defaults captured (blocked using Microsoft Antispyware Beta)

The following entries had reappeared in Control Panel (Add/Remove Programs):

BMSE dbl
IE Help
IEC System
SE Assistant
SE Help
Search Function

Malware favorites had not been removed.

Parasite detection script ( detected Transponder/BTGrab and ShopAtHomeSelect.

Time to pull out the big guns
Before the uninstall processes listed above Adaware detected 4 processes, 7 modules, 116 registry keys, 332 registry values, 222 files and 24 folders:

After attempted uninstalls above Adaware scans detects 1 process, 54 registry keys, 101 registry values, 88 files and 7 folders:

180Solutions(TAC index:8):4 references
BargainBuddy(TAC index:8):47 references
BookedSpace(TAC index:10):12 references
ClipGenie(TAC index:4):1 reference
DownloadWare(TAC index:8):5 references
ImIServer IEPlugin(TAC index:5):46 references
MRU List(TAC index:0):60 references
NetworkEssentials(TAC index:7):21 references
Other(TAC index:5):13 references
Rads01.Quadrogram(TAC index:6):1 references
SahAgent(TAC index:9):20 references
SCBAR(TAC index:3):39 references
SurfSideKickBHO(TAC index:7):1 reference
Tracking Cookie(TAC index:3):32 references
Winpup32(TAC index:6):1 reference

In short, IEPLUGIN's 'automatic removal' does not touch any of the extra software that the Intelligent Explorer site installed. To add insult to injury, the individual uninstall protocols for the spyware/adware/malware that was installed with Intelligent Explorer were worthless. It took a combination of AdAware, HijackThis, CWShredder, Microsoft Antispyware Beta, unhack.def, some specialised Windows process examination programs, and manual removal (in safe mode) to get rid (I hope) of the malware. I also had to manually empty my 'temp' files in various directories. A lot of the spyware in question was installed to, and running from, temp file directories. Time will tell if I have (finally) been successful after 4 hours of solid work.


14 September 2003

My curiosity about this product was first aroused after discovering that  no longer exists and that has had all information removed while a "legal response to its [ieplugin's] manufacturers" is worked out [there's nothing like a hint of mystery to get the blood moving].

I installed "Intelligent Explorer" by downloading it direct from I ran various tests before and after the installation, and after 'automatic' removal as supplied at the same site, using several different products, including AdAware, HijackThis and BHOCop.


The files involved (that I know of) are systb.dll, winobject.dll, wupdt.exe, winserv.exe (accesses internet), lycos.exe (accesses internet), bargains.exe (accesses internet), sidesearch1211.dll, apuc.dll. A massive system slowdown caused by the installation of "Intelligent Explorer" left my computer virtually un-useable. The system is a dual monitor Intel Pentium III 804 MHz with 384MB RAM and a NVIDIA GeForce4 Ti 4200 - admittedly its not top of the range but it is certainly MORE than sufficient to run Outlook, FrontPage, Outlook Express and Internet Explorer at the same time - something that it was easily able to do before the install of "Intelligent Explorer" but which it was unable to do afterwards.

Both monitors flashed constantly, seemingly trying to reduce all programmes to the taskbar and expose the desktop. No matter what programme I was working in at any given time, something in the background was constantly stealing focus - I'd be typing an email, and suddenly the cursor was gone; I'd be editing this page in FrontPage, and suddenly the cursor was gone; I'd be trying to use the right click context menu in IE, but it kept disappearing. I couldn't even copy a URL from the address bar because IE couldn't keep focus long enough to highlight the address with the cursor. The massive slowdown is bad enough but at least with patience things eventually happen... this flashing between programmes makes the computer virtually impossible to use unless you have a LOT of patience and run only one programme at a time.

New "Search" toolbar installed in the IE window.

Something called "Intelligent Desktop" (aka Onscreen Portal) was installed on (of course) my desktop. It couldn't be moved but could be turned off (my computer went completely haywire after I closed it - my monitors and both desktops kept flashing, with a grey space where the "Intelligent Desktop" should be on the main monitor).

Prompt window appeared titled "Add Item to Active Desktop" (which I don't even use) - this window was hidden for nearly all of my testing - text follows:

You have chosen to make this channel available offline and add it to your Active Desktop Interface (yadayadayada) Url:

Lycos Sidepane shortcut on desktop (jeez, the monitor flashing is driving me up the WALL!! Forgive me if this analysis is not as detailed as it could be - I've GOT to get this cr*p off my system).

Home page settings seem to be unaffected.

The IE search pane took A VERY LONG TIME to open, but when it does the settings have been changed to a new search engine "IEPL".

Here is a (cleaned up) HijackThis Log

BHOCop detected (when I could finally get it to RUN, which took about 5 minutes!!!):

Intelligent Explorer plugin (systb.dll); Sidesearch BHO (sidesearch1211.dll); URL Catcher (apuc.dll).

Doxdesk parasite checker detected:

"Your browser appears to have the "BargainBuddy/Apuc" parasite installed. This software can present you with unwanted advertising and compromise your computer's security, and may invade your online privacy. It might have been installed without your knowledge. Information and removal instructions at (the system was flashing so badly I couldn't do a right click to copy the URL - had to copy type it - thank god for dual monitor systems)

Add/Remove Programmes showed:

Bargain Buddy
Lycos Side Search


Removal instructions were originally at . I have preserved those instructions, available HERE (if it were me, I'd stick to AdAware etc).

Other removal instructions can be found at (as you will see below, their "uninstall" was a waste of time!!!!)

While we're on the subject of removal, you will see that 'manual' removal instructions are supplied at the above URL (preserved here), but you will also see that the instructions make no reference to the other files detected by AdAware and BHOCop - sidesearch1211.dll, apuc.dll, nor does it make any mention of bargains.exe or lycos.exe.

I attempted removal as per the URL  - I used the "click here to use automatic uninstall" option, allowed the uninstaller to download, saw the 'successful' dialogue, clicked ok and rebooted.

At first, IE would not work at all!!! That settled down though. A lot of stuff was NOT REMOVED. AdAware (jeez, what a mess it found) detected a stack of stuff even after I used the 'uninstaller' provided at the "Intelligent Explorer" website - it found 58 objects, 32 registry keys, 1 process, 10 registry value, 12 files, 3 folders (again, this is AFTER running the uninstaller) - only 2 keys existed before I installed "Intelligent Explorer" - one for Alexa (which is harmless, being the 'Related Links' option native to Internet Explorer) and one for the Media Player playlist (which is not a problem)).

Lycos SidePane shortcut on desktop was still there.
IE Toolbar was gone.
Search engine was still hijacked.
Pop-up windows were still happening.

AdAware found references to BargainBuddy, lmlserver, lycos sidesearch, hotbar. I accepted the option to remove all the leftovers, and my computer froze after AdAware had finished its business (y'know what's scary? I'm a pro - gawd help those who aren't "computer savy").

All the uninstall at did was remove the search toolbar in IE. You will need to run AdAware to get rid of the junk left by the "uninstaller". Even though my system froze, AdAware has worked fine and cleaned up my system nicely EXCEPT for an active desktop synchronisation setting for the Intelligent Desktop "OnScreen Portal" which was not removed from Synchronisation Manager; it had to be removed manually.

As a side note, check out the terms of service for "IE Plugin" (quotes taken from the page preserved here) - I encourage you to seriously consider whether you are willing to accept such conditions if you are thinking about installing the malware that is Intelligent Explorer.

"You grant to us the right, exercisable by us until you uninstall the Software or this agreement is otherwise terminated, to provide to you the Service of downloading and causing to be displayed advertising material on your computer, through ‘pop-up’ or other display while you use your browser. You acknowledge and agree that installation of the Software may automatically modify toolbars and other settings of your browser. By installing the Software you agree to such modifications."

"2. MINORS AND CHILDREN. If you are thirteen years old or younger, you are prohibited from downloading, registering, or using the Service. If laws in your country prohibit you from entering into a valid and enforceable agreement with us because of your age – in many countries, because you are under eighteen years of age - you are prohibited from downloading, registering, or using the Service.


In addition, parents or guardians of children over the age of thirteen should be aware that the Service is designed to appeal to a broad audience. Accordingly, it is your responsibility to determine whether any portion of the Service is inappropriate for your child.

3. CONSENT TO THIRD PARTY USE. You agree that it is your sole responsibility to inform all users of computer that you have caused the Software to reside on your computer and that you will obtain their consent to this agreement before allowing them to use the computer to connect to the internet

6. UPDATES. You grant IEPL permission to add/remove features and/or functions to the Software and/or Service, or to install new applications, at any time, in IEPL’s sole discretion with or without your knowledge and/or interaction. You also grant IEPL permission to make any changes to the Software and/or Service provided at any time.

7. SERVER INTERACTION. You understand and accept that when the Software is installed, it periodically communicates with server(s) operated by IEPL and/or third party servers.

8. COLLECTION AND USE OF YOUR PERSONAL INFORMATION AND YOUR PRIVACY CONSENT. You understand and grant IEPL permission to assign a unique software identify code to your copy of the Software. You also grant IEPL permission to collect and store information of your internet usage habit, including but not limited to information about every web page you view with the full Uniform Resource Locators, and the content of web page. You understand and accept that Uniform Resource Locators and the content of web pages you view may include your personally identifiable information. You grant IEPL permission to collect and store information on which toolbar buttons you click on, your response to advertising, the search terms you entered on the toolbar and/or all other information relates to your internet usage habit. IEPL may at times ask you for your personally identifiable information, such as name, address, email address, postal/zip code, and telephone number. You hereby grant IEPL permission to store such information in a separate database. You hereby grant IEPL permission to distribute your non personally identifiable information, to the extent permitted by law, to our partners, agents, and/or any third party in IEPL's sole discretion. IEPL does not currently enable users to access, review, edit, or delete information, including internet usage information, collected during use of the Service. By using the IEPL Software and/or Service you agree, to the extent permitted by law, to waive any constitutional, common law, statutory, or regulatory right of access to such information that you might otherwise have or acquire. If you have any further queries relating to our Privacy Policy, or you have a problem or complaint, please contact us by e-mailing us at"