Thursday, December 4, 2008

YuupSearch Toolbar

Removing YuupSearch
Categories: Toolbar
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.
Visible Symptoms:
Files in system folders:
[%DESKTOP%]\NiceViewer.lnk
[%PROFILE_TEMP%]\ie_agent.exe
[%PROFILE_TEMP%]\yuups_toolbar.exe
[%SYSTEM%]\run_dll.exe
[%DESKTOP%]\NiceViewer.lnk
[%PROFILE_TEMP%]\ie_agent.exe
[%PROFILE_TEMP%]\yuups_toolbar.exe
[%SYSTEM%]\run_dll.exe

How to detect YuupSearch:

Files:
[%DESKTOP%]\NiceViewer.lnk
[%PROFILE_TEMP%]\ie_agent.exe
[%PROFILE_TEMP%]\yuups_toolbar.exe
[%SYSTEM%]\run_dll.exe
[%DESKTOP%]\NiceViewer.lnk
[%PROFILE_TEMP%]\ie_agent.exe
[%PROFILE_TEMP%]\yuups_toolbar.exe
[%SYSTEM%]\run_dll.exe

Folders:
[%PROGRAM_FILES%]\nicespy system expert
[%PROGRAM_FILES%]\yuupsearch toolbar

Registry Keys:
HKEY_CLASSES_ROOT\toolband.toolhelper
HKEY_CLASSES_ROOT\toolband.toolhelper.1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{bbbe1c1a-89f7-4af6-abd1-f8fbcfa47408}
HKEY_CLASSES_ROOT\clsid\{03418cc8-4835-495b-b872-712373fcb9e8}
HKEY_CLASSES_ROOT\clsid\{0d821067-fcf9-4704-9287-0d8f76fe6513}
HKEY_CLASSES_ROOT\clsid\{0df4f2ea-bb82-4b39-b6b1-76380a2bd511}
HKEY_CLASSES_ROOT\clsid\{0ea6b21c-d079-4496-811b-f65f789584b6}
HKEY_CLASSES_ROOT\clsid\{10e321cc-683e-4060-b938-4f53234d9593}
HKEY_CLASSES_ROOT\clsid\{1cbf31fc-3c23-4ba6-af16-2cec501bd837}
HKEY_CLASSES_ROOT\clsid\{53deca78-c334-4235-9165-1fe7d8912a76}
HKEY_CLASSES_ROOT\clsid\{61a97ab1-549d-4be0-b996-95dac5cf266f}
HKEY_CLASSES_ROOT\clsid\{64c7dbcc-aa2a-46de-bec2-d38bdc7de2b2}
HKEY_CLASSES_ROOT\clsid\{6c36fad9-05d1-4fee-9801-c0d8de072231}
HKEY_CLASSES_ROOT\clsid\{7ccea6b7-9fa5-4943-97d2-10d023cf0861}
HKEY_CLASSES_ROOT\clsid\{81ca5571-c109-47ae-be1c-2df9cb8999ff}
HKEY_CLASSES_ROOT\clsid\{82782bc8-fa2c-4be4-bb97-edbfbe5d7a96}
HKEY_CLASSES_ROOT\clsid\{8738b430-6cf3-4b27-86d3-6d3c5e70702a}
HKEY_CLASSES_ROOT\clsid\{8ea58d13-80d3-4d37-a348-6f54f221dbe6}
HKEY_CLASSES_ROOT\clsid\{90d0a753-ad45-40fd-8c6e-555600ee5eb4}
HKEY_CLASSES_ROOT\clsid\{93f6d1d2-e82d-446f-975a-8b2ceee9ae9d}
HKEY_CLASSES_ROOT\clsid\{9e5e31a2-b318-452a-9383-b21393234f1d}
HKEY_CLASSES_ROOT\clsid\{a62c8bdb-d1fc-4fdd-a2a2-eeff73262a41}
HKEY_CLASSES_ROOT\clsid\{a68d4f55-3a3f-4d36-97a6-e73def853dac}
HKEY_CLASSES_ROOT\clsid\{ac3f1977-cd10-41b2-9977-7693a4c13377}
HKEY_CLASSES_ROOT\clsid\{aed3a6b3-2171-11d2-b77c-0008c73aca8f}
HKEY_CLASSES_ROOT\clsid\{af027b74-640d-4dc9-a512-7b40ab718541}
HKEY_CLASSES_ROOT\clsid\{b10bf17c-f7ec-4ee2-ad7a-6f42816aec0f}
HKEY_CLASSES_ROOT\clsid\{b1cc9084-0177-4136-9b1b-c06c061f1e1d}
HKEY_CLASSES_ROOT\clsid\{b3a0acb9-3d8c-4999-9e6b-3e44372e11dd}
HKEY_CLASSES_ROOT\clsid\{b4b8efd3-e3f5-4cfb-a658-3eb23d3394f7}
HKEY_CLASSES_ROOT\clsid\{dbaaea4b-ad29-47bd-8776-c787d5be28aa}
HKEY_CLASSES_ROOT\clsid\{e4a124c5-02e1-4556-83e0-cba6bcf69d98}
HKEY_CLASSES_ROOT\clsid\{e5ff9f62-0e7c-4372-8ad5-da7d2418070c}
HKEY_CLASSES_ROOT\clsid\{e9ee4194-a178-4f1a-8374-3488b3839dd1}
HKEY_CLASSES_ROOT\clsid\{ebb60944-8d04-4293-93d7-8f9c92c7b0f2}
HKEY_CLASSES_ROOT\clsid\{f812b147-0e26-4222-8ee4-9f753cd2b39c}
HKEY_CLASSES_ROOT\interface\{08b9999c-dad2-4353-b25b-8ccaffca4d16}
HKEY_CLASSES_ROOT\interface\{0c21b3b1-2b11-45f2-8a9e-dcc5032de98a}
HKEY_CLASSES_ROOT\interface\{0d5cc8ae-0bb0-49c3-ba33-ba4508ea44cc}
HKEY_CLASSES_ROOT\interface\{14e61a41-8846-11d2-b7e4-0008c73aca8f}
HKEY_CLASSES_ROOT\interface\{1e6d8684-755d-4847-bf40-68ec5e4bc1e9}
HKEY_CLASSES_ROOT\interface\{23e86816-772b-4b28-a924-a135cff6469a}
HKEY_CLASSES_ROOT\interface\{3a037057-57f0-4904-a1e0-ad0ea2fb564e}
HKEY_CLASSES_ROOT\interface\{41dba1fa-44f6-4bd5-82df-1a7fdea0475d}
HKEY_CLASSES_ROOT\interface\{56930358-ad72-408f-83c4-a2b0dc8037b2}
HKEY_CLASSES_ROOT\interface\{607a06fe-2fda-4adc-854d-d016d98d83db}
HKEY_CLASSES_ROOT\interface\{65c53be7-ed21-4c25-b189-da0e8fad5231}
HKEY_CLASSES_ROOT\interface\{684130b2-2b8a-4e8d-be71-8f4052882076}
HKEY_CLASSES_ROOT\interface\{821aafe5-2f19-47eb-aca9-3b4c1d64ac27}
HKEY_CLASSES_ROOT\interface\{952f0b99-50b6-44b3-ae0d-700d5b98b416}
HKEY_CLASSES_ROOT\interface\{aed3a6b1-2171-11d2-b77c-0008c73aca8f}
HKEY_CLASSES_ROOT\interface\{b89d0e7a-0f5b-40ee-8af3-08fa2ed9534f}
HKEY_CLASSES_ROOT\interface\{cf2ed965-e0ba-4fe4-ade2-38bd48f112e8}
HKEY_CLASSES_ROOT\interface\{e05aea1e-bcb1-473a-8b2a-4829d9e1ad23}
HKEY_CLASSES_ROOT\jmail.attachment
HKEY_CLASSES_ROOT\jmail.attachments
HKEY_CLASSES_ROOT\jmail.headers
HKEY_CLASSES_ROOT\jmail.mailmerge
HKEY_CLASSES_ROOT\jmail.message
HKEY_CLASSES_ROOT\jmail.messages
HKEY_CLASSES_ROOT\jmail.pgpdecoderesult
HKEY_CLASSES_ROOT\jmail.pgpdecoderesultcollection
HKEY_CLASSES_ROOT\jmail.pgpdecoderesults
HKEY_CLASSES_ROOT\jmail.pop3
HKEY_CLASSES_ROOT\jmail.recipient
HKEY_CLASSES_ROOT\jmail.recipients
HKEY_CLASSES_ROOT\jmail.smtpmail
HKEY_CLASSES_ROOT\jmail.speedmailer
HKEY_CLASSES_ROOT\nicespydll.aboutbox
HKEY_CLASSES_ROOT\nicespydll.aboutbox.1
HKEY_CLASSES_ROOT\nicespydll.appmonitor
HKEY_CLASSES_ROOT\nicespydll.appmonitor.1
HKEY_CLASSES_ROOT\nicespydll.appmonitorbox
HKEY_CLASSES_ROOT\nicespydll.appmonitorbox.1
HKEY_CLASSES_ROOT\nicespydll.explorerbox
HKEY_CLASSES_ROOT\nicespydll.explorerbox.1
HKEY_CLASSES_ROOT\nicespydll.filemonitor
HKEY_CLASSES_ROOT\nicespydll.filemonitor.1
HKEY_CLASSES_ROOT\nicespydll.filemonitorbox
HKEY_CLASSES_ROOT\nicespydll.filemonitorbox.1
HKEY_CLASSES_ROOT\nicespydll.keyboardmonitor
HKEY_CLASSES_ROOT\nicespydll.keyboardmonitor.1
HKEY_CLASSES_ROOT\nicespydll.keyboardmonitorbox
HKEY_CLASSES_ROOT\nicespydll.keyboardmonitorbox.1
HKEY_CLASSES_ROOT\nicespydll.logonmonitor
HKEY_CLASSES_ROOT\nicespydll.logonmonitor.1
HKEY_CLASSES_ROOT\nicespydll.logonmonitorbox
HKEY_CLASSES_ROOT\nicespydll.logonmonitorbox.1
HKEY_CLASSES_ROOT\nicespydll.registerbox
HKEY_CLASSES_ROOT\nicespydll.registerbox.1
HKEY_CLASSES_ROOT\nicespydll.screenmonitor
HKEY_CLASSES_ROOT\nicespydll.screenmonitor.1
HKEY_CLASSES_ROOT\nicespydll.screenmonitorbox
HKEY_CLASSES_ROOT\nicespydll.screenmonitorbox.1
HKEY_CLASSES_ROOT\nicespydll.settingbox
HKEY_CLASSES_ROOT\nicespydll.settingbox.1
HKEY_CLASSES_ROOT\nicespydll.textinputmonitor
HKEY_CLASSES_ROOT\nicespydll.textinputmonitor.1
HKEY_CLASSES_ROOT\nicespydll.textinputmonitorbox
HKEY_CLASSES_ROOT\nicespydll.textinputmonitorbox.1
HKEY_CLASSES_ROOT\nicespydll.webmonitor
HKEY_CLASSES_ROOT\nicespydll.webmonitor.1
HKEY_CLASSES_ROOT\nicespydll.webmonitorbox
HKEY_CLASSES_ROOT\nicespydll.webmonitorbox.1
HKEY_CLASSES_ROOT\typelib\{99bbd747-391d-461f-883b-a3c6d41bb28d}
HKEY_CLASSES_ROOT\typelib\{a5f07b4c-3530-4982-80fe-261f8279ddc9}
HKEY_CLASSES_ROOT\xbtb01500.ietoolbar
HKEY_CLASSES_ROOT\xbtb01500.ietoolbar.1
HKEY_CLASSES_ROOT\xbtb01500.xbtb01500
HKEY_CLASSES_ROOT\xbtb01500.xbtb01500.1
HKEY_CURRENT_USER\software\xbtb01500\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xbtb01500.xbtb01500toolbar

Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing YuupSearch:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Comforest Trojan Removal instruction
Jakposh Trojan Information

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)