Updated: February 13, 2007 11:40:58 AM
Type: Trackware
Version: 1.0.0.1
Publisher: Perfect Presence Inc.
Risk Impact: Medium
File Names: iserstararcticsbar.dll,bazookabar.exe
Systems Affected: Windows 2000, Windows 3.x, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
When BazookaBar is executed, it performs the following actions:
- Creates the following files:
- %ProgramFiles%\BazookaBar\ActiveWin32.exe
- %ProgramFiles%\BazookaBar\Bar.exe (included in installer, detected as Trackware.Bazookabar)
- %ProgramFiles%\BazookaBar\BazookaBar.exe (installs an uninstaller, the full installer is also named Bazookabar.exe)
- %ProgramFiles%\BazookaBar\CloseExplorer.exe (closes Explorer and Internet Explorer)
- %ProgramFiles%\BazookaBar\CloseExploreru.exe (closes Explorer and Internet Explorer)
- %ProgramFiles%\BazookaBar\RegMfc.exe (sets the registry values)
- %ProgramFiles%\BazookaBar\userstararticsbar.dll (Internet Explorer Toolbar, detected as Trackware.Bazookabar)
Note: %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.
- Creates the following registry entries:
HKEY_CLASSES_ROOT\BazookaBar.BazookaBarBand.1
HKEY_CLASSES_ROOT\BazookaBar.BazookaBarBand
HKEY_CLASSES_ROOT\CLSID\{7891DA15-428E-11D7-BCC1-00A024831A8C}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\{7891DA15-428E-11D7-BCC1-00A024831A8C}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BazookaBar
HKEY_CLASSES_ROOT\TypeLib\{DCB8F6AD-65FD-42BF-B0F8-549FCFE717C0}
HKEY_CLASSES_ROOT\Interface\{D4242DC5-1AEF-46C1-A09A-9136E5F9871E}
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
