SuperUtilbar Spyware Profile

SuperUtilbar is a spyware program disguised as a toolbar add-on for your browser.  It was first discovered on January 24 of 2007.  It is probably created by Baidu, it’s of Chinese origin, and is powered by the web servers baidu.com, 9991.com and shiyongsousou.com.

SuperUtilbar is installed on your computer as part of an ad-supported freeware bundle.  Once installed, it starts delivering pop-ups, hijacks your browser and can download other files, including more malware.

SuperUtilbar also has spyware data mining capabilities.  That is, it can search through your browsing history and monitor your browsing so it can collect data to send to its servers.  It can also provide a remote hacker access to your computer and all your files.

The activity of SuperUtilbar can seriously slow down your computer’s performance.  It can also potentially cause your Internet browser to crash.  It also presents a potential privacy risk.  Any supposed benefits it promises, which are mostly illegible, are not worth compromising your computer and your privacy.

If you are infected with SuperUtilbar, you should remove it immediately with SpyZooka.

Also Known As:
Adware/6781ToolBar [Panda]
Trojan.Downloader.QQHelper.OY
Adware-Baidu [McAfee]
ADSPY/Superutil.A.2 (Avira)
Backdoor.CVM
[Kaspersky] Trojan-Clicker.Win32.Agent.io
BrowserModifier:Win32.SuperUtilBar
6781Toolbar
Adware.SuperUtilBar

Spyware Type:
Toolbar, Browser Hijacker, Trojan Downloader, Data Miner

Associated Files:
%windows%toolsp.exe
%program_files%common filessystemupdaterun.exe
%program_files%superutilbaruninst.exe
vt.adware.superutil.c-7502638d9ca22027488b02b024f5d42f.exe
temp.exe
bar.exe
%system%wbemkblfu.dll
%system%lqbag.dll
%system%agyst.dll
%system%advport.dll
%program_files%superutilbarsuperutilbar.dll
vt.adware.superutil.c-b677b0a8ab09a046f566f37e9f2fa798.dll
%system%wbemvicqr.dll
%system%wbemocmor.dll
HKEY_CLASSES_ROOT6781.toolbar
HKEY_CLASSES_ROOT6781.toolbar.1
HKEY_CLASSES_ROOT6781.toolbar.1clsid
HKEY_CLASSES_ROOT6781.toolbarclsid
HKEY_CLASSES_ROOT6781.toolbarcurver
HKEY_CLASSES_ROOT6781.toolbarloader
HKEY_CLASSES_ROOT6781.toolbarloader.1
HKEY_CLASSES_ROOT6781.toolbarloader.1clsid
HKEY_CLASSES_ROOT6781.toolbarloaderclsid
HKEY_CLASSES_ROOT6781.toolbarloadercurver
HKEY_CLASSES_ROOTclsid{03465ff5-00ae-411a-9c34-960ed566ec03}
HKEY_CLASSES_ROOTclsid{03465ff5-00ae-411a-9c34-960ed566ec03}inprocserver32
HKEY_CLASSES_ROOTclsid{03465ff5-00ae-411a-9c34-960ed566ec03}inprocserver32 threadingmodel
HKEY_CLASSES_ROOTclsid{03465ff5-00ae-411a-9c34-960ed566ec03}progid
HKEY_CLASSES_ROOTclsid{03465ff5-00ae-411a-9c34-960ed566ec03}programmable
HKEY_CLASSES_ROOTclsid{03465ff5-00ae-411a-9c34-960ed566ec03}typelib
HKEY_CLASSES_ROOTclsid{03465ff5-00ae-411a-9c34-960ed566ec03}versionindependentprogid
HKEY_CLASSES_ROOTclsid{6cfd436c-7aad-4e50-992f-c0c87a94cad2}
HKEY_CLASSES_ROOTclsid{6cfd436c-7aad-4e50-992f-c0c87a94cad2}inprocserver32
HKEY_CLASSES_ROOTclsid{6cfd436c-7aad-4e50-992f-c0c87a94cad2}inprocserver32 threadingmodel
HKEY_CLASSES_ROOTclsid{6cfd436c-7aad-4e50-992f-c0c87a94cad2}progid
HKEY_CLASSES_ROOTclsid{6cfd436c-7aad-4e50-992f-c0c87a94cad2}programmable
HKEY_CLASSES_ROOTclsid{6cfd436c-7aad-4e50-992f-c0c87a94cad2}typelib
HKEY_CLASSES_ROOTclsid{6cfd436c-7aad-4e50-992f-c0c87a94cad2}versionindependentprogid
HKEY_CLASSES_ROOTtypelib{03d0c547-ebad-43d9-8b57-de16e7a93b52}
HKEY_CLASSES_ROOTtypelib{03d0c547-ebad-43d9-8b57-de16e7a93b52}.0
HKEY_CLASSES_ROOTtypelib{03d0c547-ebad-43d9-8b57-de16e7a93b52}.0
HKEY_CLASSES_ROOTtypelib{03d0c547-ebad-43d9-8b57-de16e7a93b52}.0win32
HKEY_CLASSES_ROOTtypelib{03d0c547-ebad-43d9-8b57-de16e7a93b52}.0flags
HKEY_CLASSES_ROOTtypelib{03d0c547-ebad-43d9-8b57-de16e7a93b52}.0helpdir
HKEY_LOCAL_MACHINEsoftwaremicrosoftinternet explorertoolbar {03465ff5-00ae-411a-9c34-960ed566ec03}
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorerbrowser helper objects{6cfd436c-7aad-4e50-992f-c0c87a94cad2}
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionuninstallテƒツェテ‚ツオテƒツウテƒツ」テƒツォテƒツアテƒツォテƒツキテ‚ツケテ‚ツ、テ‚ツセテƒナクテƒツャテƒツオ
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionuninstallテƒツェテ‚ツオテƒツウテƒツ」テƒツォテƒツアテƒツォテƒツキテ‚ツケテ‚ツ、テ‚ツセテƒナクテƒツャテƒツオ displayname
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionuninstallテƒツェテ‚ツオテƒツウテƒツ」テƒツォテƒツアテƒツォテƒツキテ‚ツケテ‚ツ、テ‚ツセテƒナクテƒツャテƒツオ displayversion
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionuninstallテƒツェテ‚ツオテƒツウテƒツ」テƒツォテƒツアテƒツォテƒツキテ‚ツケテ‚ツ、テ‚ツセテƒナクテƒツャテƒツオ publisher
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionuninstallテƒツェテ‚ツオテƒツウテƒツ」テƒツォテƒツアテƒツォテƒツキテ‚ツケテ‚ツ、テ‚ツセテƒナクテƒツャテƒツオ uninstallstring
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionuninstallテƒツェテ‚ツオテƒツウテƒツ」テƒツォテƒツアテƒツォテƒツキテ‚ツケテ‚ツ、テ‚ツセテƒナクテƒツャテƒツオ urlinfoabout

Download Free Scan

Leave a Reply

Your email address will not be published. Required fields are marked *

Products

Company

Info

Contact

css.php