AdRoar
|
Description:
|
Adware
|
|
Risk Level:
|
High
|
|
Date of First Occurence:
|
Monday, April 21, 2008
|
|
Software Developer:
|
AdRoar
|
|
Brief Info:
|
AdRoar is a Browser Helper Object that is used to display pop-up advertisements.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
RIMUOVI SPYWARE »
Geographical Distribution of Threat "AdRoar"
Threat Info
View All
Detected Items
- Detected Files:
%WINDIR%\wast2.exe
MD5: 3D66650A33753F94C82F2B28C8B16AFC Size:134727
MD5: 11C8F7D6187F069667925CB37DAA77C5 Size:245449
MD5: 0D485A547B8ED2F6117EAB97E8AE1641 Size:129156
MD5: 7E5A1F8F5C3E1B59A98B59E09DFD97B1 Size:129154
MD5: BE35DAC44B4353D6C49BFE80E267C7C7 Size:129152
%WINDIR%\arupdate.exe
MD5: 1729466E281FB5C48A17440B36E6CFB2 Size:86016
%WINDIR%\adroar.dll
MD5: 1A0C16F52FF75A104DD3126A195C2EF3 Size:122880
%WINDIR%\cpruninst.exe
MD5: EA989F7EB77A63AFB92D082F30215D43 Size:277788
MD5: E859D53ACA71814523408C8DA858F20A Size:278182
MD5: DEE7117BD33CF585F443E6D26BC1CECA Size:277788
MD5: DC19D7563AB31FB693B0F43475FBE188 Size:275760
MD5: A169FFA68E7AB65FF7D7FC479F351B62 Size:270342
%WINDIR%\AdRoar.dll
MD5: 9F3BDCE8F179CCE91FD076B9075E343C Size:4779
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%windir%\dskrfuoui.dll
%windir%\adroar.dll
%windir%\system\adroar.dll
%windir%\system\cpr.dll
%sysdir%\system32\adroar.dll
%sysdir%\system32\cpr.dll
%windir%\trgen.dll
%windir%\adroar.dll
%windir%\cpr.exe
%windir%\cpruninst.exe
%windir%\arupdate.exe
%windir%\wast2.exe
- Files by CLSID or Name
CLSID=e0f0e0e1-5d45-11d4-bc00-2dcc73302d70
CLSID=fac6e0e1-5d45-4907-bc00-302d702dcc73
CLSID=bdf6ce3d-f5c5-4462-9814-3c8eac330ca8
CLSID=e0f0e0e1-5d45-11d4-bc00-2dcc73302d70
CLSID=fac6e0e1-5d45-4907-bc00-302d702dcc73
CLSID=ace8d3ba-7742-44c4-920d-fd25bd1e8245
CLSID=bdf6ce3d-f5c5-4462-9814-3c8eac330ca8
CLSID=bdf6ce3d-f5c5-4462-9814-3c8eac330ca8
CLSID=bdf6ce3d-f5c5-4462-9814-3c8eac330ca8
CLSID=e0f0e0e1-5d45-11d4-bc00-2dcc73302d70
CLSID=fac6e0e1-5d45-4907-bc00-302d702dcc73
CLSID=bdf6ce3d-f5c5-4462-9814-3c8eac330ca8
CLSID=fac6e0e1-5d45-4907-bc00-302d702dcc73
- Registry Keys
HKCU\software\adroarplugin
HKLM\software\microsoft\windows\currentversion\uninstall\cpr
HKLM\software\microsoft\windows\currentversion\uninstall\cpr\displayname
HKLM\software\microsoft\windows\currentversion\uninstall\cpr\uninstallstring
HKCR\AdRoar.Band
HKCR\AdRoar.Band.1
«
Go to Software Database
