December 29, 2010

Browser Modifier

This is some kind of adware which attacks the browser. It keeps on giving pop-ups and advertisements that has different obscuring infections. This will block certain other advertisements and changes the internet explorer settings for search option. This particular block will result in giving unwanted pages or browser redirects; when we want to go to particular website it will land on other site.





Effects: 

It installs a toolbar with a name Baidubar and creates entry in registry in the following hives:

  • HKEY_CLASSES_ROOT\.
  • HKEY_CLASSES_ROOT\CLSID
  • HKEY_CLASSES_ROOT\INTERFACE
  • HKEY_CLASSES_ROOT\TypeLib
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sobar\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdGuard
  • HKEY_LOCAL_MACHINE\Software\Classes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
It creates different entries in the above hives with names BaiduBar.Tool, BaiduBar.Baidu.1, BaiduBar.Baidu, BaiduBarEx.BandIE.1.

It will also create a folder in %Program Files% with the name Baidu bar and many sub-folders.

These has three other names W32/BaiduBar.A, ADW_BAIDUBAR and Adware-BDSearch. BrowserModifier:Win32/Baidu.Sobar may also prevent its removal by protecting its installed files and registry keys.

Prevention : 
For preventing this you can visit this site that has preventive measure.

0 comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...

Search This Blog

Followers

Categories

Twitter Delicious Facebook Digg Stumbleupon Favorites More