Recipe Rewards Toolbar Spyware Profile

Recipe Rewards Toolbar is a spyware toolbar and Browser Hijacker program that may be an an EZTracks/aavalue.com Browser Hijacker variant.  It is distributed by aavalue.com and reciperewards.com.  It was first discovered on February 27 of 2006.
Recipe Rewards Toolbar can be manually downloaded.  It uses a disguise as a search enhancing tool to fool users into downloading it.  It may also be bundled with other programs.  It can also silently be installed by drive-by downloads.
Recipe Rewards is spyware.  It monitors your browsing habits and collects information about the pages you visit.  It can do this by keystroke logging and screen snapshots.  It sends this information to a remote server at reciperewards.aavalue.com to be processed.  It then delivers targeted ads to your computer in the form of redirected browsing.
If you have Recipe Rewards Toolbar on your computer, you should remove it immediately with SpyZooka.a

Also Known As:
Adware.Recipe_Rewards_Toolbar,
Adware.Win32.Recipe Rewards Toolbar,
Generic Toolbar.b, not-a-virus:AdWare.Win32.Mostofate.e,
TROJ_AGENT.HJA, not-a-virus:WebToolbar.Win32.Toolbar.a,
Downloader.Toolbar.A,
Adware.Toolbar!sd5

Spyware Type: Toolbar, Browser Hijacker

Associated Files:
%Temp%\rr-toolbar.exe
%ProgramFiles%\RecipeRewards\Toolbar\basis.xml %ProgramFiles%\RecipeRewards\Toolbar\icons. %ProgramFiles%\RecipeRewards\Toolbar\rr-toolbar. %ProgramFiles%\RecipeRewards\Toolbar\rr-toolbar.dll %ProgramFiles%\RecipeRewards\Toolbar\rr. %ProgramFiles%\RecipeRewards\Toolbar\search. %ProgramFiles%\RecipeRewards\Toolbar\tb_settings.xml %ProgramFiles%\RecipeRewards\Toolbar\version.txt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{151A7846-0140-4379-BD22-D413D946100A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{151A7846-0140-4379-BD22-D413D946100A}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{151A7846-0140-4379-BD22-D413D946100A}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{151A7846-0140-4379-BD22-D413D946100A}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{151A7846-0140-4379-BD22-D413D946100A}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{151A7846-0140-4379-BD22-D413D946100A}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9285901C-2731-4E57-8F17-6B016168CA98}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9285901C-2731-4E57-8F17-6B016168CA98}\Implemented Categories
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9285901C-2731-4E57-8F17-6B016168CA98}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9285901C-2731-4E57-8F17-6B016168CA98}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9285901C-2731-4E57-8F17-6B016168CA98}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9285901C-2731-4E57-8F17-6B016168CA98}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9285901C-2731-4E57-8F17-6B016168CA98}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9285901C-2731-4E57-8F17-6B016168CA98}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9285901C-2731-4E57-8F17-6B016168CA98}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{245CB8AE-89B0-4EC3-BAEA-BAE608224378}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{245CB8AE-89B0-4EC3-BAEA-BAE608224378}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{245CB8AE-89B0-4EC3-BAEA-BAE608224378}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{245CB8AE-89B0-4EC3-BAEA-BAE608224378}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1BB589A-C67B-455B-82AF-15F5B8D7E9FE}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1BB589A-C67B-455B-82AF-15F5B8D7E9FE}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1BB589A-C67B-455B-82AF-15F5B8D7E9FE}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1BB589A-C67B-455B-82AF-15F5B8D7E9FE}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7BB722E2-3234-4A47-A62D-6F569F10958E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7BB722E2-3234-4A47-A62D-6F569F10958E}\1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7BB722E2-3234-4A47-A62D-6F569F10958E}\1.0\0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7BB722E2-3234-4A47-A62D-6F569F10958E}\1.0\0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7BB722E2-3234-4A47-A62D-6F569F10958E}\1.0\FLAGS
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7BB722E2-3234-4A47-A62D-6F569F10958E}\1.0\HELPDIR
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTB02559
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTB02559\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTB02559\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTB02559.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTB02559.1\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.IEToolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.IEToolbar\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.IEToolbar\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.IEToolbar.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.IEToolbar.1\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.XBTB02559
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.XBTB02559\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.XBTB02559\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.XBTB02559.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.XBTB02559.1\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{151A7846-0140-4379-BD22-D413D946100A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XBTB02559.XBTB02559Toolbar
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN
HKEY_CURRENT_USER\Software\Maxthon
HKEY_CURRENT_USER\Software\XBTB02559
HKEY_CURRENT_USER\Software\XBTB02559\Cache
HKEY_CURRENT_USER\Software\XBTB02559\Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{151A7846-0140-4379-BD22-D413D946100A}\VersionIndependentProgID]
(Default) = “ToolBand.XBTB02559”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{151A7846-0140-4379-BD22-D413D946100A}\TypeLib]
(Default) = “{7BB722E2-3234-4a47-A62D-6F569F10958E}”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{151A7846-0140-4379-BD22-D413D946100A}\ProgID]
(Default) = “ToolBand.XBTB02559.1”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{151A7846-0140-4379-BD22-D413D946100A}\InprocServer32]
(Default) = “C:\PROGRA~1\RECIPE~1\Toolbar\RR-TOO~1.DLL”
ThreadingModel = “Apartment”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{151A7846-0140-4379-BD22-D413D946100A}]
(Default) = “XBTB02559 Class”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9285901C-2731-4E57-8F17-6B016168CA98}\VersionIndependentProgID]
(Default) = “XBTB02559.XBTB02559”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9285901C-2731-4E57-8F17-6B016168CA98}\TypeLib]
(Default) = “{7BB722E2-3234-4a47-A62D-6F569F10958E}”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9285901C-2731-4E57-8F17-6B016168CA98}\ProgID]
(Default) = “XBTB02559.XBTB02559.1”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9285901C-2731-4E57-8F17-6B016168CA98}\InprocServer32]
(Default) = “%ProgramFiles%\RecipeRewards\Toolbar\rr-toolbar.dll”
ThreadingModel = “Apartment”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9285901C-2731-4E57-8F17-6B016168CA98}]
(Default) = “Recipe Rewards Toolbar”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{245CB8AE-89B0-4EC3-BAEA-BAE608224378}\TypeLib]
(Default) = “{7BB722E2-3234-4A47-A62D-6F569F10958E}”
Version = “1.0”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{245CB8AE-89B0-4EC3-BAEA-BAE608224378}\ProxyStubClsid32]
(Default) = “{00020424-0000-0000-C000-000000000046}”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{245CB8AE-89B0-4EC3-BAEA-BAE608224378}\ProxyStubClsid]
(Default) = “{00020424-0000-0000-C000-000000000046}”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{245CB8AE-89B0-4EC3-BAEA-BAE608224378}]
(Default) = “IToolHelper”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1BB589A-C67B-455B-82AF-15F5B8D7E9FE}\TypeLib]
(Default) = “{7BB722E2-3234-4A47-A62D-6F569F10958E}”
Version = “1.0”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1BB589A-C67B-455B-82AF-15F5B8D7E9FE}\ProxyStubClsid32]
(Default) = “{00020424-0000-0000-C000-000000000046}”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1BB589A-C67B-455B-82AF-15F5B8D7E9FE}\ProxyStubClsid]
(Default) = “{00020424-0000-0000-C000-000000000046}”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1BB589A-C67B-455B-82AF-15F5B8D7E9FE}]
(Default) = “ISoftomateObj”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7BB722E2-3234-4A47-A62D-6F569F10958E}\1.0\0\win32]
(Default) = “%ProgramFiles%\RecipeRewards\Toolbar\rr-toolbar.dll”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7BB722E2-3234-4A47-A62D-6F569F10958E}\1.0\HELPDIR]
(Default) = “%ProgramFiles%\RecipeRewards\Toolbar\”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7BB722E2-3234-4A47-A62D-6F569F10958E}\1.0\FLAGS]
(Default) = “0”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7BB722E2-3234-4A47-A62D-6F569F10958E}\1.0]
(Default) = “Softomate 1.0 Type Library”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTB02559\CurVer]
(Default) = “ToolBand.XBTB02559.1”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTB02559\CLSID]
(Default) = “{151A7846-0140-4379-BD22-D413D946100A}”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTB02559]
(Default) = “XBTB02559 Class”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTB02559.1\CLSID]
(Default) = “{151A7846-0140-4379-BD22-D413D946100A}”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTB02559.1]
(Default) = “XBTB02559 Class”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.IEToolbar\CurVer]
(Default) = “XBTB02559.IEToolbar.1”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.IEToolbar\CLSID]
(Default) = “{9285901C-2731-4E57-8F17-6B016168CA98}”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.IEToolbar]
(Default) = “IE Toolbar”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.IEToolbar.1\CLSID]
(Default) = “{9285901C-2731-4E57-8F17-6B016168CA98}”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.IEToolbar.1]
(Default) = “IE Toolbar”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.XBTB02559\CurVer]
(Default) = “XBTB02559.XBTB02559.1”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.XBTB02559\CLSID]
(Default) = “{9285901C-2731-4E57-8F17-6B016168CA98}”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.XBTB02559]
(Default) = “Recipe Rewards Toolbar”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.XBTB02559.1\CLSID]
(Default) = “{9285901C-2731-4E57-8F17-6B016168CA98}”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB02559.XBTB02559.1]
(Default) = “Recipe Rewards Toolbar”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9285901C-2731-4E57-8F17-6B016168CA98} = 00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{151A7846-0140-4379-BD22-D413D946100A}]
(Default) = “XBTB02559”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XBTB02559.XBTB02559Toolbar]
DisplayName = “Recipe Rewards Toolbar”
UninstallString = “regsvr32 /u /s “%ProgramFiles%\RecipeRewards\Toolbar\rr-toolbar.dll” ”
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]
iexplore.exe = 0x00000000
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
{9285901C-2731-4E57-8F17-6B016168CA98}
[HKEY_CURRENT_USER\Software\XBTB02559\Toolbar]
corruptedMsg = “One of the XML files is corrupted or invalid. Press OK to uninstall.”
uninstallMsg = “This will remove the Recipe Rewards Toolbar from your computer! Are you sure?”
updateMsg = “This will try to update the Recipe Rewards Toolbar from the server. Continue?”
autoUpdateMsg = “New version of the Recipe Rewards Toolbar is available. Would you like to download and install it now?”
versionError = “Can not find current version information.”
connectionError = “Can’t establish a connection.”
lastVersionMsg = “You have the latest version of the Recipe Rewards Toolbar.”
contextMenuItemName = “Recipe Rewards Toolbar search”
closeAllWindowsForUpdate = “All running IE Windows will be closed before updating the GameFiesta Toolbar. Continue?”
PopStop = “Recipe Rewards Toolbar has blocked a Pop-up window”
firstUrl = “http://reciperewards.aavalue.com/bundles/initialize.html”
serverpath = “http://www.reciperewards.com/?refer=RRTBAR2RR”
updateUrl = “”
urlAfterUpdate = “”
urlAfterUninstall = “http://reciperewards.aavalue.com/rr/toolbar/uninstall.html?toolbar_id=%toolbar_id”
contextSearch = “http://search.reciperewards.com/search.html?toolbar=%toolbar_id&keywords=%selection”
OpenNew = “0”
AutoComplete = “0”
KeepHistory = “0”
RunSearchAutomatically = “0”
RunSearchDragAutomatically = “0”
DescriptiveText = “1”
ShowHighlightButton = “0”
ShowFindButtons = “0”
UpdateAutomatically = “0”
ErrorMsg = “Error”
AlertMsg = “Alert”
firstTime = “0”
toolbar_id = “{7EE6F43A-9F59-436f-9156-1575FB6B2837}”
toolbar_version = “Recipe Rewards Toolbar 1.0”
CurrentFont = “Tahoma”
FontSize = 0x0000000D
CurrentLayout = 0x00000000
ToolbarIsFailed = 0x00000000
blockPopups = 0x00000000
updateXML = “1”
Scope = 0x00000018
OldOS = 0x00000000
CountOS = 0x00000000
m_bWorking = “0”
TBShow = “1”
TBPos = 0x00000005
TBWidth = 0x00000000
TBBreak = 0x00000001
[HKEY_CURRENT_USER\Software\XBTB02559\Cache]
http://www.reciperewards.com/toolbar/rr_serverside.xml = 0xFFFFFFFF
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
{0E5CBF21-D15F-11D0-8301-00AA005B4383
ITBarLayout

Download Free Scan

2 Responses

  1. Cain Dolph says:
    April 29, 2010 at 8:08 am

    I can’t find anything that will take this out…it will scan my comp and find it but i have to pay to get it taken out. In add/remove instructions it will not let me delete it and Spybot didn’t take it out. What do i do? I ran hijack this..but everything is the same:(

  2. Kailyn Moore says:
    May 5, 2010 at 8:11 am

    I had something called REcipe Rewards Toolbar and i know it’s spyware or something…I didn’t know how do i get rid of it, but someone told me about SpyZooka and it really helped at the time.

Leave a Reply

Your email address will not be published. Required fields are marked *

Products

Company

Info

Contact

css.php