Adware.SweetBar
|
Description:
|
Adware
|
|
Risk Level:
|
Critical
|
|
Date of First Occurence:
|
Monday, April 14, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Adaware
Software that is displaying pop-up/pop-under windows containing advertisements when the primary user interface is not visible or displayed advertisements are not related to the product.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SCAN & REMOVE NOW »
Geographical Distribution of Threat "Adware.SweetBar"
Threat Info
View All
Detected Items
- Detected Files:
- Detected Files with variable Filenames:
MD5: 759983A88E4EEA7A304438858AD019B6 Size: 548992
%PROGRAMFILES%\Macrogaming\SweetIMBarForIE\toolbar.dll
%PROGRAMFILES%\Trend Micro\HijackThis\backups\backup-20071211-202336-524.dll
%SystemDiskRoot%\System Volume Information\_restore{FA906FF9-B958-4E77-99B9-82378B242D92}\RP5\A0000491.dll
%SystemDiskRoot%\Config.Msi\2805cd.rbf
%SystemDiskRoot%\System Volume Information\_restore{9B7BB700-9269-4E60-AD1A-F3FF79A0262A}\RP246\A0198081.rbf
%SystemDiskRoot%\Config.Msi\1e87174.rbf
%SystemDiskRoot%\Config.Msi\974616.rbf
k:\System Volume Information\_restore{91D9F219-F148-4376-9C05-005CACAC5ABC}\RP269\A0025536.dll
%SystemDiskRoot%\Config.Msi\6fb7b0.rbf
%SystemDiskRoot%\System Volume Information\_restore{02D39832-7763-40DE-8591-64613C864700}\RP241\A0086614.rbf
%SystemDiskRoot%\System Volume Information\_restore{1AA694A6-2A3E-4EB8-8371-D0628C10B13D}\RP302\A0111590.dll
and next 16 variations.
Detecting items list:
- Files by Name
%sysdir%\inetcomm.exe
%sysdir%\InetSvrHelper.dll
%sysdir%\InetSvr.dll
%sysdir%\SweetSetup.exe
%ProgramFiles%\SweetBox\SweetBox.exe
%ProgramFiles%\SweetBox\SweetBrowser.exe
%ProgramFiles%\SweetBox\SweetActive.ocx
%ProgramFiles%\SweetBox\SweetStyle.dll
- Files by MD5
MD5: 759983A88E4EEA7A304438858AD019B6 Size: 548992
- Files by Directories
%ProgramFiles%\SweetBox
- Files by CLSID or Name
CLSID=68A7F9FA-A202-4D45-AABA-A10DCAC0D899
- Registry Keys
HKCR\Classes\Interface\{61297440-4879-4264-9602-59DBB717778F}
HKCR\Classes\TypeLib\{1D366026-28E1-4B07-8140-B8FB929A1C19}
HKLM\SOFTWARE\Classes\SweetBarBHO.CInetSvrHelper
HKLM\SOFTWARE\Classes\SweetBarBHO.CInetSvrHelper.1
HKLM\SOFTWARE\SweetBar
HKLM\SYSTEM\ControlSet001\Services\IPRIP
HKLM\SYSTEM\CurrentControlSet\Services\IPRIP
«
Go to Software Database