BargainBuddy

Description:	Adware
Risk Level:	High
Date of First Occurence:	Tuesday, April 15, 2008
Software Developer:	Exact Advertising, LLC
Brief Info:	BargainBuddy is an adware program that downloads and displays advertisements.
Removal:	This threat can be removed using "Spyware Terminator"

ENTFERNEN SPYWARE »

Geographical Distribution of Threat "BargainBuddy"

Threat Info

View All

Detected Items

Detected Files: %SYSDIR%\netut80ex.vxd MD5: EED9ABE03A0D35E9130340F0C3BAB65E Size:167171 MD5: 83495BAD042972D7F78AE9F3FE995622 Size:174194 MD5: 84DA330AC6037048C5A289D5364EE3C3 Size:173203 MD5: B6214150DAB81E26EFCA5ABDA00F8375 Size:166378 MD5: AD7A6CFCB794BCC59145EDE593D4D2F4 Size:170732 MD5: 4A0E9568CAF22C2AB1ADBE1B9457246D Size:143215 MD5: 42BD427F30293DFB2BB0439A4767A887 Size:167064 MD5: 91E8AFCB7094C03CE149A4630D2E177C Size:169303 MD5: A6E8637BDCACA424F03423058591AF3D Size:175176 MD5: 690282D9CFCC74F238ED51DA8329FF21 Size:145354 MD5: E5C849199355BB09AAE93D39BDD2F3B5 Size:166375 MD5: E7673B2E4B61A827F0B7447A8F073B4C Size:166414 and more.... %SYSDIR%\msexreg.exe MD5: ED626B1A2D7497B43C3DD299EF2C41AB Size:20480 %PROGRAMFILES%\bullseye network\bin\adx.exe MD5: 7F4BC36ED19EFEDEC73A453A151659C3 Size:40960 MD5: 9711CEB0574A98A197C1D6F6740C961B Size:32768 %PROGRAMFILES%\bullseye network\bin\adv.exe MD5: 97F0E5C74FBF4DFB6CA0AAB3102AE6D4 Size:40960 MD5: 7BAF0838B8D88A3F220D8CD3FB5BEF46 Size:45056 %PROGRAMFILES%\bullseye network\Uninstall.exe MD5: 00FCF054860D82FA7710450346011728 Size:62554 MD5: 7ACA74847F03D627759698F09E80CF4E Size:79794 MD5: 8368DB6D6664EEC1CB6863B46F9F3345 Size:63374 MD5: 36D43424608D4C16D910394454AEAC53 Size:62546 MD5: 849181D9473188C4FBF4B33CAC62501A Size:80265 %PROGRAMFILES%\bullseye network\adp8034.exe MD5: FEABE78CA66D4A2265DBFAE3C3A52333 Size:318600 %PROGRAMFILES%\bullseye network\adp8035.exe MD5: D137D5709C0F26B7BC612BAB6DAE10FA Size:314952 %SYSDIR%\exclean.exe MD5: 9F51CDF75D08B49ED39EBC05E3374BD0 Size:32378 MD5: C77362A118921BD3509E5EFCB026349D Size:32548 %SYSDIR%\apuc.dll MD5: 2C50C788EF2FB5F7948F0A6C99DEB2B8 Size:110592 %PROGRAMFILES%\BullsEye Network\bin\bargains.exe MD5: CBF2E7BCDE189792DB5548EF0CBF90A0 Size:323584 MD5: 1324F06A1F67EE82EF2DCA8D942D9EB4 Size:221184 MD5: C4E2DA2229A7CA4A704916C9F7C61485 Size:229376 MD5: F1C1C0F9A7B393762FD80ABD45DBECD3 Size:262144 MD5: 48B40FA698D2F32912E0EABF2F4C8B2E Size:315392 %PROGRAMFILES%\bullseye network\adp8049.exe MD5: 50013EA313153051A63FF4927A34AF67 Size:22624 %PROGRAMFILES%\DeskMates\DeskMateAutoUpdate.exe MD5: AA7D36C68B8CF5B26EF57FF6C96B12CA Size:25896 %PROGRAMFILES%\bargai~1\bin\apuc.dll MD5: 3D6ECA43EBF19A47D2E3CB24BBB0DB0B Size:163840 %WINDIR%\dwcg2.exe MD5: B44D4E3B50E6E569678D31A4EE19CC3E Size:222933 %PROGRAMFILES%\CashBack\bin\cashback.exe MD5: 5B7BA3FBF6E0BB6E1A5FEA668A136037 Size:131072 MD5: 6FACB09C2EA09A439C911515A2F32456 Size:131072 MD5: 1EF025879DBA86E91939D8AFB030E257 Size:131072 MD5: C57A599F8CBFED040E5F5305FAC59CDA Size:131072 %WINDIR%\zeta.exe MD5: BE87D695E6206F847E63C9F18FC7CD4C Size:86016 %SYSDIR%\msbe.dll MD5: 17075272EB60A93E6988E7025705AB60 Size:57344 MD5: 91277306CE5F3C18C3DB3EF177766AFB Size:57344 MD5: C0DF070EA8EE15C03552DE3E25756715 Size:53248 %SYSDIR%\exul.exe MD5: 3378117ED10208A165BA69E05FC3E135 Size:36864 MD5: 406A44F4168EB3D6B6BD2016FFC2E292 Size:32768 %SYSDIR%\exdl.exe MD5: 13A0A6DF41AA47F0912943406B35D298 Size:102400 MD5: B871089A6CA00291084CCCD7B6B55074 Size:114688 MD5: AE3D2C568BD21DA399BFB499A8420266 Size:98304 %SYSDIR%\qh4mkbv9.dll MD5: BE9AD20D5FEB0CE6D9EF2C346196169C Size:73728 %SYSDIR%\q17i9a4j.exe MD5: 84DA2C53838D28E17822BE884469893B Size:33280 %PROGRAMFILES%\CashBack\bin\flash.exe MD5: 00CF2D7615A493A05C860B0E732B1FB3 Size:40960 %PROGRAMFILES%\CashBack\Uninstall.exe MD5: ADAB4A6EA3279F5C60EEF2AB316620CE Size:63339 MD5: EF2FC3CD1E4348C2FD035D0F307CFD0F Size:63441 MD5: B5B1706DBC13680305E709D45A0E6B40 Size:63475 %PROGRAMFILES%\bullseye network\adp8043b.exe MD5: 4A1105A5322733B2CAC24A3E857E7591 Size:215024 MD5: 1FA094F20185F147A008A28F78BC2AF8 Size:67392 %PROGRAMFILES%\CashBack\bin\cb.exe MD5: 81CE572DDE5B88CC6BDABB1DF8AA2AA6 Size:40960 %PROGRAMFILES%\CashBack\cb8036.exe MD5: DF71F7346E7F7A744DC21620630E6CDF Size:122808 %SYSDIR%\netut80ex.vxd MD5: 3812680D1F4D063594E39DB386340D71 Size:167181 MD5: EC27354D0FD26594AFC3BFF04B139B74 Size:220484 MD5: 96A984CA242A7FAA030FE88A8A7A22A6 Size:35503 MD5: 03CB7EAF650C351E371DF0CCF2BE6E5B Size:173116 MD5: 9FD9DFC642DEB0C509D93586FBAFD08A Size:168193 MD5: AD276BBB1771E3ED17CB02DDC5B7083C Size:169540 MD5: 66508F393C2B50522A0BCAB0C16ACBCB Size:166849 MD5: 7CB4B135809620942191CE2746BA20B1 Size:173838 MD5: 9D25D7F21233519647F84D57D3E70D64 Size:168333 MD5: E6DF3E083468ED4A7CD5744C42E9F825 Size:166978 MD5: AAF70E36A7D1C1795A8B139C3FA2027E Size:163399 MD5: EFAAE7F61D6AC2FFFF6048E7619DC227 Size:168158 and more.... %SYSDIR%\javexulm.vxd MD5: 653C79645477239D941729B2177C3197 Size:36864 %WINDIR%\ahadp.exe MD5: 5BB98B7F091C5903373D206863FE1643 Size:77021 %SYSDIR%\exdl0.exe MD5: E6D43207AB160A997E30FABC5FC80A88 Size:114688 MD5: DD817E02A62E6B9667C94E1CBE3EEEF4 Size:110592 %PROGRAMFILES%\CashBack\patch8028.exe MD5: 34100C8E57B85BFF1507B36A25263002 Size:7072 %PROGRAMFILES%\CashBack\cb8034.exe MD5: F7384C722721A62A412F19DA2C1BF6FF Size:345392 %PROGRAMFILES%\bullseye network\adp8047f.exe MD5: EB4431C9BCFBBD58FB6D6C69CFDA227A Size:41172 %SYSDIR%\netut80ex.vxd MD5: D064A36E4F3F491796602B6E8D53BEB9 Size:167199 MD5: 21173B1CF376008382D681EFEFA9A3CB Size:156879 MD5: 189E429225B7C11751B2E490C0CDC9AF Size:166541 MD5: B69FCE44A0F4C2DD8819178C2179B00F Size:168932 MD5: F0446CEEA1A0BF8B1FC7A15990B90325 Size:168174 MD5: 36FEF9C694E02C80111A900CCF6962DB Size:169506 MD5: 2D921A54694BEA58BE95D6E9177B980B Size:166505
Detected Files with variable Filenames: MD5: 68D9018BCFA92BE76496C143CE4F9DCE Size: 12560 %SYSDIR%\bbchk.exe %WINDIR%\bbchk.exe MD5: ADBBF8AD153B010CFBDDD6015C016F58 Size: 118784 %SYSDIR%\exdl1.exe %SYSDIR%\mqexdlm.srg %SYSDIR%\exdl.exe %SYSDIR%\exdl2.exe %SYSDIR%\exdl3.exe MD5: 516592BC25193890CA2B4D34EFA631D9 Size: 106496 %SYSDIR%\exdl0.exe %SYSDIR%\mqexdlm.srg MD5: 9B571F4EB622096D7989DFF203B0BBE1 Size: 36864 %SYSDIR%\exul1.exe %SYSDIR%\javexulm.vxd %SYSDIR%\exul.exe MD5: 2F8BDE20B09CA1B254F1F4E3050F95A3 Size: 22624 %PROGRAMFILES%\bullseye network\adp8048.exe %PROGRAMFILES%\CashBack\adp8048.exe MD5: 8D9A9918A759777619839CF275127DE9 Size: 86016 %WINDIR%\zeta.exe %SYSDIR%\angelex.exe MD5: 03E9AC68207F93021CBCB6C7D7E5F327 Size: 200704 %SYSDIR%\mset_bbi80101.dll %SYSDIR%\mset_bbi8010.dll MD5: 4A9DACD2A9320A8E8F32479E314A9424 Size: 110592 %SYSDIR%\exdl2.exe %SYSDIR%\exdl1.exe %SYSDIR%\exdl0.exe %SYSDIR%\mqexdlm.srg %SYSDIR%\exdl.exe MD5: 35378D39D4B69E5F8E9DBFADCCBBEB5B Size: 36864 %SYSDIR%\javexulm.vxd %SYSDIR%\exul.exe MD5: AB169DBFB8FD1581ACD25E142BE5C6FE Size: 114688 %SYSDIR%\exdl1.exe %SYSDIR%\exdl0.exe %SYSDIR%\mqexdlm.srg MD5: B871089A6CA00291084CCCD7B6B55074 Size: 114688 %SYSDIR%\exdl.exe %SYSDIR%\mqexdlm.srg MD5: F1C1C0F9A7B393762FD80ABD45DBECD3 Size: 262144 %PROGRAMFILES%\BullsEye Network\bin\bargains.exe %PROGRAMFILES%\bullseye network\bin\bargains.exe.ren MD5: D84C75A2B9D24FB7051564639DC9D830 Size: 102400 %SYSDIR%\exdl3.exe %SYSDIR%\exdl2.exe %SYSDIR%\exdl1.exe %SYSDIR%\mqexdlm.srg MD5: 4EFB37E6D9F26EA17857B5EA5583F2C3 Size: 101016 %PROGRAMFILES%\bullseye network\patch8027.exe %PROGRAMFILES%\CashBack\patch8027.exe MD5: DD817E02A62E6B9667C94E1CBE3EEEF4 Size: 110592 %SYSDIR%\exdl0.exe %SYSDIR%\mqexdlm.srg %SYSDIR%\exdl.exe

Detecting items list:

Files by Name %WINDIR%\exdl.exe %WINDIR%\exul.exe %WINDIR%\bbchk.exe %WINDIR%\dwcg2.exe %sysDIR%\exdl.exe %sysDIR%\mqexdlm.srg %sysDIR%\exul.exe %sysDIR%\javexulm.vxd %sysDIR%\bbchk.exe %WINDIR%\exclean.exe %SYSDIR%\exclean.exe %WINDIR%\cb8040_CASHBACK.exe %PROGRAMFILES%\CashBack\mscb.dll %PROGRAMFILES%\CashBack\cashback.exe %PROGRAMFILES%\CashBack\cb.exe %PROGRAMFILES%\CashBack\flash.exe %PROGRAMFILES%\CashBack\bin\cashback.exe %PROGRAMFILES%\CashBack\bin\cb.exe %PROGRAMFILES%\CashBack\bin\flash.exe %sysdir%\msbe.dll %TEMP%\bargain*.exe %TEMP%\bbi8032.exe %programfiles%\bargai~1\bin\apuc.dll %programfiles%\bargain buddy\bbchk.exe %programfiles%\bargain buddy\bbi8015.exe %programfiles%\bargain buddy\bbi8018.exe %programfiles%\bargain buddy\bbi8024.exe %programfiles%\bargain buddy\bin\apuc.dll %programfiles%\bargain buddy\bin\bargains.exe %programfiles%\bargain buddy\bin\cb.exe %programfiles%\bargain buddy\bin2\apuc.dll %programfiles%\bargain buddy\bin2\bargains.exe %programfiles%\bargain buddy\bin2\cb.exe %programfiles%\bargain buddy\uninst.exe %programfiles%\blue haven media\kazoom\bargainbuddy.exe %programfiles%\bullseye network\adp8035.exe %programfiles%\bullseye network\bin\adv.exe %programfiles%\bullseye network\bin\adx.exe %programfiles%\bullseye network\bin\bargains.exe %programfiles%\bullseye network\uninstall.exe %programfiles%\crazymates\euni_bbi8015.exe %programfiles%\crazymates\fleok\msbb.exe %programfiles%\crazymates\isinstalldonecrazy.exe %programfiles%\crazymates\kahlisetup_demo.exe %programfiles%\crazymates\keenpostback.exe %programfiles%\crazymates\msbb.exe %programfiles%\crazymates\msbbhook.dll %programfiles%\crazymates\nlnp49.exe %programfiles%\crazymates\oskasetup_demo.exe %programfiles%\crazymates\tahnisetup_demo.exe %programfiles%\neoaudio\nnstp_bbi6009.exe %windir%\ahadp.exe %windir%\system\apuc.dll %sysdir%\apuc.dll %sysdir%\bbchk.exe %sysdir%\exclean.exe %sysdir%\exul.exe %sysdir%\exul1.exe %sysdir%\javexulm.vxd %sysdir%\msbb.dll %sysdir%\msbb1.dll %sysdir%\mset_bbi8010.dll %sysdir%\mset_bbi80101.dll %sysdir%\mset_bbi80102.dll %sysdir%\mset_bbi80103.dll %sysdir%\msexreg.exe %sysdir%\netut80ex.vxd %sysdir%\q17i9a4j.exe %sysdir%\q17i9a4j.ini %sysdir%\qh4mkbv9.dll %windir%\temp\backup-20040105-225929-414.dll %windir%\zeta.exe %sysdir%\exdl*.exe %ProgramFiles%\Bargain Buddy\bin\apuc.dll %ProgramFiles%\DeskMates\DESKMATEAUTOUPDATE.EXE
Files by MD5 MD5: 8D9A9918A759777619839CF275127DE9 Size: 86016
Files by Directories %PROGRAMFILES%\CashBack %programfiles%\bullseye network %programfiles%\bargain buddy %programfiles%\bullseye network %programfiles%\bullseye network\bin %programfiles%\cashback %programfiles%\crazymates %programfiles%\iemenuextension
Files by CLSID or Name CLSID=CE188402-6EE7-4022-8868-AB25173A3E14 CLSID=F4E04583-354E-4076-BE7D-ED6A80FD66DA CLSID=8eee58d5-130e-4cbd-9c83-35a0564e1357 CLSID=4eb7bbe8-2e15-424b-9ddb-2cdb9516c2e3 CLSID=CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1
Registry Keys HKLM\SOFTWARE\eXactUtil HKLM\SOFTWARE\CashBack

« Go to Software Database

Suchen Sie unsere Software Datenbank

Surfen Sie die Software Datenbank

Neueste Malware Nachrichten

23. September 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Ältere Malware Nachrichten »