Categories: Trojan,Adware,Toolbar
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.
[Kaspersky]AdWare.Win32.Softomate.q,AdWare.Win32.Softomate.ac,Trojan-Downloader.Win32.Agent.bca,Trojan-Downloader.Win32.Adload.jm;
[McAfee]Matcash.dll,Adware-Softomate.dr;
[Other]Adware.MaxSearch,Freeprod/Toolbar888,maxfiles,Win32/Matcash.F,Bar888 (threat-c),Win32/Matcash SVisible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\win??.tmp.exe
[%PROGRAM_FILES%]\ToolBar888\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{1C75006C-0A77-1033-0714-030703030001}\services.dll
[%PROGRAM_FILES_COMMON%]\{30653D7B-07D5-1043-1002-04102803001f}\Uninstall.exe
[%PROGRAM_FILES_COMMON%]\{3077408C-0576-1033-0818-040308200001}\888.dll
[%PROGRAM_FILES_COMMON%]\{344EB741-07C6-1033-0628-05020410002c}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{344EB741-07C6-1033-0628-05020410002c}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0965-2057-0530-03112020002c}\Activate.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0965-2057-0530-03112020002c}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{34500D1F-0965-2057-0530-03112020002c}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0966-2057-0530-03112020002c}\Activate.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0966-2057-0530-03112020002c}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{34500D1F-0966-2057-0530-03112020002c}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{382F72E4-0824-1033-0209-040504130001}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{38705AA3-067A-2070-0128-03100402015f}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{3C4DF659-05D7-1033-0225-040306270001}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{3C75006C-0A77-1033-0714-030703030001}\v1
[%PROGRAM_FILES_COMMON%]\{D44EB741-07C6-1033-0628-05020410002c}\services.dll
[%PROGRAM_FILES_COMMON%]\{E4500D1F-0965-2057-0530-03112020002c}\services.dll
[%PROGRAM_FILES_COMMON%]\{E4500D1F-0966-2057-0530-03112020002c}\services.dll
[%SYSTEM%]\ddabb.dll
[%SYSTEM%]\rqrolij.dll
[%SYSTEM%]\tdc.exe
[%SYSTEM%]\xxyvtsr.dll
[%WINDOWS%]\autoupdate.bat
[%PROGRAM_FILES_COMMON%]\{1862B760-0A21-1033-0729-050001}\services.dll
[%PROGRAM_FILES_COMMON%]\{1862B760-0A21-1033-0729-050001}\Update.exe
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-050001}\Activate.exe
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-050001}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-050001}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-0529050001}\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-0529050001}\UnInstall.exe
[%PROGRAM_FILES_COMMON%]\{84C4D3AE-0BB0-1033-0729-050001}\Update.exe
[%SYSTEM%]\slfxlkqu.exe
[%SYSTEM%]\ssqnkki.dll
[%SYSTEM%]\winiyc32.dll
[%PROFILE_TEMP%]\win??.tmp.exe
[%PROGRAM_FILES%]\ToolBar888\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{1C75006C-0A77-1033-0714-030703030001}\services.dll
[%PROGRAM_FILES_COMMON%]\{30653D7B-07D5-1043-1002-04102803001f}\Uninstall.exe
[%PROGRAM_FILES_COMMON%]\{3077408C-0576-1033-0818-040308200001}\888.dll
[%PROGRAM_FILES_COMMON%]\{344EB741-07C6-1033-0628-05020410002c}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{344EB741-07C6-1033-0628-05020410002c}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0965-2057-0530-03112020002c}\Activate.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0965-2057-0530-03112020002c}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{34500D1F-0965-2057-0530-03112020002c}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0966-2057-0530-03112020002c}\Activate.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0966-2057-0530-03112020002c}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{34500D1F-0966-2057-0530-03112020002c}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{382F72E4-0824-1033-0209-040504130001}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{38705AA3-067A-2070-0128-03100402015f}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{3C4DF659-05D7-1033-0225-040306270001}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{3C75006C-0A77-1033-0714-030703030001}\v1
[%PROGRAM_FILES_COMMON%]\{D44EB741-07C6-1033-0628-05020410002c}\services.dll
[%PROGRAM_FILES_COMMON%]\{E4500D1F-0965-2057-0530-03112020002c}\services.dll
[%PROGRAM_FILES_COMMON%]\{E4500D1F-0966-2057-0530-03112020002c}\services.dll
[%SYSTEM%]\ddabb.dll
[%SYSTEM%]\rqrolij.dll
[%SYSTEM%]\tdc.exe
[%SYSTEM%]\xxyvtsr.dll
[%WINDOWS%]\autoupdate.bat
[%PROGRAM_FILES_COMMON%]\{1862B760-0A21-1033-0729-050001}\services.dll
[%PROGRAM_FILES_COMMON%]\{1862B760-0A21-1033-0729-050001}\Update.exe
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-050001}\Activate.exe
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-050001}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-050001}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-0529050001}\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-0529050001}\UnInstall.exe
[%PROGRAM_FILES_COMMON%]\{84C4D3AE-0BB0-1033-0729-050001}\Update.exe
[%SYSTEM%]\slfxlkqu.exe
[%SYSTEM%]\ssqnkki.dll
[%SYSTEM%]\winiyc32.dll How to detect Toolbar888:
Files:
[%PROFILE_TEMP%]\win??.tmp.exe
[%PROGRAM_FILES%]\ToolBar888\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{1C75006C-0A77-1033-0714-030703030001}\services.dll
[%PROGRAM_FILES_COMMON%]\{30653D7B-07D5-1043-1002-04102803001f}\Uninstall.exe
[%PROGRAM_FILES_COMMON%]\{3077408C-0576-1033-0818-040308200001}\888.dll
[%PROGRAM_FILES_COMMON%]\{344EB741-07C6-1033-0628-05020410002c}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{344EB741-07C6-1033-0628-05020410002c}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0965-2057-0530-03112020002c}\Activate.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0965-2057-0530-03112020002c}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{34500D1F-0965-2057-0530-03112020002c}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0966-2057-0530-03112020002c}\Activate.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0966-2057-0530-03112020002c}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{34500D1F-0966-2057-0530-03112020002c}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{382F72E4-0824-1033-0209-040504130001}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{38705AA3-067A-2070-0128-03100402015f}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{3C4DF659-05D7-1033-0225-040306270001}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{3C75006C-0A77-1033-0714-030703030001}\v1
[%PROGRAM_FILES_COMMON%]\{D44EB741-07C6-1033-0628-05020410002c}\services.dll
[%PROGRAM_FILES_COMMON%]\{E4500D1F-0965-2057-0530-03112020002c}\services.dll
[%PROGRAM_FILES_COMMON%]\{E4500D1F-0966-2057-0530-03112020002c}\services.dll
[%SYSTEM%]\ddabb.dll
[%SYSTEM%]\rqrolij.dll
[%SYSTEM%]\tdc.exe
[%SYSTEM%]\xxyvtsr.dll
[%WINDOWS%]\autoupdate.bat
[%PROGRAM_FILES_COMMON%]\{1862B760-0A21-1033-0729-050001}\services.dll
[%PROGRAM_FILES_COMMON%]\{1862B760-0A21-1033-0729-050001}\Update.exe
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-050001}\Activate.exe
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-050001}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-050001}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-0529050001}\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-0529050001}\UnInstall.exe
[%PROGRAM_FILES_COMMON%]\{84C4D3AE-0BB0-1033-0729-050001}\Update.exe
[%SYSTEM%]\slfxlkqu.exe
[%SYSTEM%]\ssqnkki.dll
[%SYSTEM%]\winiyc32.dll
[%PROFILE_TEMP%]\win??.tmp.exe
[%PROGRAM_FILES%]\ToolBar888\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{1C75006C-0A77-1033-0714-030703030001}\services.dll
[%PROGRAM_FILES_COMMON%]\{30653D7B-07D5-1043-1002-04102803001f}\Uninstall.exe
[%PROGRAM_FILES_COMMON%]\{3077408C-0576-1033-0818-040308200001}\888.dll
[%PROGRAM_FILES_COMMON%]\{344EB741-07C6-1033-0628-05020410002c}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{344EB741-07C6-1033-0628-05020410002c}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0965-2057-0530-03112020002c}\Activate.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0965-2057-0530-03112020002c}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{34500D1F-0965-2057-0530-03112020002c}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0966-2057-0530-03112020002c}\Activate.exe
[%PROGRAM_FILES_COMMON%]\{34500D1F-0966-2057-0530-03112020002c}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{34500D1F-0966-2057-0530-03112020002c}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{382F72E4-0824-1033-0209-040504130001}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{38705AA3-067A-2070-0128-03100402015f}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{3C4DF659-05D7-1033-0225-040306270001}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{3C75006C-0A77-1033-0714-030703030001}\v1
[%PROGRAM_FILES_COMMON%]\{D44EB741-07C6-1033-0628-05020410002c}\services.dll
[%PROGRAM_FILES_COMMON%]\{E4500D1F-0965-2057-0530-03112020002c}\services.dll
[%PROGRAM_FILES_COMMON%]\{E4500D1F-0966-2057-0530-03112020002c}\services.dll
[%SYSTEM%]\ddabb.dll
[%SYSTEM%]\rqrolij.dll
[%SYSTEM%]\tdc.exe
[%SYSTEM%]\xxyvtsr.dll
[%WINDOWS%]\autoupdate.bat
[%PROGRAM_FILES_COMMON%]\{1862B760-0A21-1033-0729-050001}\services.dll
[%PROGRAM_FILES_COMMON%]\{1862B760-0A21-1033-0729-050001}\Update.exe
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-050001}\Activate.exe
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-050001}\MyToolBar.dll
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-050001}\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-0529050001}\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3862B760-0A21-1033-0729-0529050001}\UnInstall.exe
[%PROGRAM_FILES_COMMON%]\{84C4D3AE-0BB0-1033-0729-050001}\Update.exe
[%SYSTEM%]\slfxlkqu.exe
[%SYSTEM%]\ssqnkki.dll
[%SYSTEM%]\winiyc32.dll
Folders:
[%PROGRAM_FILES%]\ToolBar888
[%PROGRAM_FILES_COMMON%]\{1862B760-0AF0-1033-0729-050001}
[%PROGRAM_FILES_COMMON%]\{1862B760-0AF0-1033-0729-0529050001}
[%PROGRAM_FILES_COMMON%]\{3862B760-0AF0-1033-0729-0529050001}
Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA}
HKEY_CLASSES_ROOT\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}
HKEY_CLASSES_ROOT\CLSID\{C1B4DEC2-2623-438e-9CA2-C9043AB28508}
HKEY_CLASSES_ROOT\CLSID\{CBCC61FA-0221-4ccc-B409-CEE865CACA3A}
HKEY_CLASSES_ROOT\interface\{c6f2214e-0b54-45a9-b90d-7dd4ba45ed0b}
HKEY_CLASSES_ROOT\luckytoolbar.luckytoolbarobj
HKEY_CLASSES_ROOT\ToolBar.ToolBarObj
HKEY_CLASSES_ROOT\ToolBar.ToolBarObj.1
HKEY_CLASSES_ROOT\typelib\{569304ba-83ed-4cff-ac26-be3e482f7208}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bar888
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C004DEC2-2623-438E-9CA2-C9043AB28508}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1B4DEC2-2623-438e-9CA2-C9043AB28508}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CBCC61FA-0221-4ccc-B409-CEE865CACA3A}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\toolbar888
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{821f87ff-8245-4972-9e28-732e92ec2f51}
HKEY_CLASSES_ROOT\clsid\{1862b760-0af0-1033-0729-0529050001}
HKEY_CLASSES_ROOT\clsid\{1daefcb9-06c8-47c6-8f20-3fb54b244daa}
HKEY_CLASSES_ROOT\clsid\{6b69e170-f59b-4897-b51c-3bb214d099ae}
HKEY_CLASSES_ROOT\clsid\{c004dec2-2623-438e-9ca2-c9043ab28508}
HKEY_CLASSES_ROOT\clsid\{c1b4dec2-2623-438e-9ca2-c9043ab28508}
HKEY_CLASSES_ROOT\clsid\{cbcc61fa-0221-4ccc-b409-cee865caca3a}
HKEY_CLASSES_ROOT\toolbar.toolbarobj
HKEY_CLASSES_ROOT\toolbar.toolbarobj.1
HKEY_CURRENT_USER\software\classes\clsid\{14c4d3ae-0bb0-1033-0729-0529050001}
HKEY_CURRENT_USER\software\classes\clsid\{1862b760-0af0-1033-0729-0529050001}
HKEY_CURRENT_USER\software\luckytoolbar
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\uninstall\bar888
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{1daefcb9-06c8-47c6-8f20-3fb54b244daa}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{c004dec2-2623-438e-9ca2-c9043ab28508}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{c1b4dec2-2623-438e-9ca2-c9043ab28508}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{cbcc61fa-0221-4ccc-b409-cee865caca3a}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\888bar
Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_CURRENT_USER\clsid\{1862b760-0af0-1033-0729-0529050001}
HKEY_CURRENT_USER\clsid\{1862b760-0af0-1033-0729-0529050001}
HKEY_CURRENT_USER\clsid\{1862b760-0af0-1033-0729-0529050001}
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Removing Toolbar888:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
Remove YXNetScreen Backdoor
PWS.Algus Trojan Symptoms
Bancos.GBU Trojan Information
Softomate Adware Cleaner
MultiCQ Trojan Removal instruction
No comments:
Post a Comment