1. /
  2. Security Response/
  3. Adware.HyperBar

Adware.HyperBar

Updated:
February 13, 2007 11:43:04 AM
Type:
Adware
Version:
1.0.1.1
Publisher:
StartNow
Risk Impact:
Low
File Names:
SNToolbar.msi NavHelper.msi StartNow.msi Hyperbar.dll HyperBarSS1.dll HyperBarSS2.dll HyperB
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP

When Adware.HyperBar is installed, it performs the following actions:
  1. Creates the following files:

    • %ProgramFiles%\Common Files\Hyperbar\Hyperbar.dll
    • %ProgramFiles%\Common Files\Hyperbar\HyperbarSS1.dll
    • %ProgramFiles%\Common Files\Hyperbar\HyperbarSS2.dll
    • %ProgramFiles%\Common Files\Hyperbar\HyperbarSS3.dll

      Note: %ProgramFiles% is a variable that refers to the Program Files folder. By default, this is C:\Program Files.

  2. Modifies the value:

    "Start Page" = "http:/ /www.startnow.com"

    in the registry subkey:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main

    so that the Internet Explorer home page is changed.

  3. Creates the following registry subkeys:


    HKEY_CLASSES_ROOT\AppID\Hyperbar.DLL
    HKEY_CLASSES_ROOT\AppID\HyperbarSS1.DLL
    HKEY_CLASSES_ROOT\AppID\HyperbarSS2.DLL
    HKEY_CLASSES_ROOT\AppID\HyperbarSS3.DLL
    HKEY_CLASSES_ROOT\AppID\HyperbarAdv.DLL
    HKEY_CLASSES_ROOT\AppID\{047E7D40-FD9B-483A-934B-361C2A581506}
    HKEY_CLASSES_ROOT\AppID\{191F8DE5-0703-4A2A-A5B1-71C84CE51864}
    HKEY_CLASSES_ROOT\AppID\{AE6286A9-0D91-4A45-A1F2-73EE5CAFCDC9}
    HKEY_CLASSES_ROOT\AppID\{C4AC1481-6C39-433E-BD39-2A05FBF45BA7}
    HKEY_CLASSES_ROOT\CLSID\{03BB57D6-9C96-4B55-9BBF-54060A7CB0EC}
    HKEY_CLASSES_ROOT\CLSID\{1BC1FC4B-B0D2-4D8D-9307-2E40E2A8C257}
    HKEY_CLASSES_ROOT\CLSID\{1EDF3CEE-B9DA-4508-B900-44EB34191465}
    HKEY_CLASSES_ROOT\CLSID\{2925BAA3-CC06-4808-A308-32D5AFB0DDFE}
    HKEY_CLASSES_ROOT\CLSID\{2B89BA5F-362D-448E-AC71-CCE59C8F840E}
    HKEY_CLASSES_ROOT\CLSID\{2F6F5329-6B57-4D2D-B6AB-662793AEB986}
    HKEY_CLASSES_ROOT\CLSID\{39CDE95F-7466-463A-81DE-CA0CDD7F6687}
    HKEY_CLASSES_ROOT\CLSID\{414162F2-8BEE-44BD-A79F-A5121B3C911F}
    HKEY_CLASSES_ROOT\CLSID\{52612A25-88CA-42C8-8337-B9E555BAD6D4}
    HKEY_CLASSES_ROOT\CLSID\{60549BE9-A4A5-4a40-94EC-C19EAC88AD99}
    HKEY_CLASSES_ROOT\CLSID\{60BF88CD-D2C0-49C1-A260-408545E11FD5}
    HKEY_CLASSES_ROOT\CLSID\{6D4C2692-B5CE-4159-9A91-C76AFE24DA70}
    HKEY_CLASSES_ROOT\CLSID\{90B3F2FC-413E-4B1A-AD4B-E9130B9A54FD}
    HKEY_CLASSES_ROOT\CLSID\{948C9FD5-B95A-41D6-B753-EFA9CFB1912E}
    HKEY_CLASSES_ROOT\CLSID\{B91EF050-6DE4-4CD9-8789-93084E6D98F0}
    HKEY_CLASSES_ROOT\CLSID\{C851F631-0D35-4238-9EA7-D48B6DADAB14}
    HKEY_CLASSES_ROOT\CLSID\{D361E196-6667-49D0-A34B-779519463540}
    HKEY_CLASSES_ROOT\CLSID\{D41802BC-9085-4AB7-90F6-084C1DE1A944}
    HKEY_CLASSES_ROOT\CLSID\{D5C414B7-3ECB-4F31-8668-4DEE30E1D363}
    HKEY_CLASSES_ROOT\CLSID\{D7A75BAF-8A04-4e33-9FDA-7D91672CFF74}
    HKEY_CLASSES_ROOT\CLSID\{DB3F4F59-4819-41C8-8AFC-921D58DF2787}
    HKEY_CLASSES_ROOT\CLSID\{E032016B-D840-4B66-B6A5-25B42BBB8B33}
    HKEY_CLASSES_ROOT\CLSID\{E1B3CC06-67CB-40A6-B2F5-CD529255DB9F}
    HKEY_CLASSES_ROOT\CLSID\{E895F3C1-632E-4AFF-8DED-3FFCB2A3D096}
    HKEY_CLASSES_ROOT\CLSID\{F21C02EF-C46F-4FBD-A100-8A22104700ED}
    HKEY_CLASSES_ROOT\CLSID\{F410FF2F-C7CD-490C-990D-F40027FDA104}
    HKEY_CLASSES_ROOT\CLSID\{F4297A06-1332-4ED0-B176-0CE3D9BC6AE6}
    HKEY_CLASSES_ROOT\CLSID\{F6886667-986D-4F60-AA0B-9AA54A2D3C26}
    HKEY_CLASSES_ROOT\CLSID\{FB3A747D-A8BA-45FB-8196-1D442668796C}
    HKEY_CLASSES_ROOT\CLSID\{FC4D3457-9125-4EA1-9525-E48B1B5E69CE}
    HKEY_CLASSES_ROOT\Installer\Features\BCB587F252B231D418CDE97CFE7DD207
    HKEY_CLASSES_ROOT\Installer\Products\BCB587F252B231D418CDE97CFE7DD207
    HKEY_CLASSES_ROOT\Installer\UpgradeCodes\E7A3130764622F042A1F33B474430850
    HKEY_CLASSES_ROOT\Interface\{05C3780D-3A0C-485A-B3CF-3AF35061C8C1}
    HKEY_CLASSES_ROOT\Interface\{0CBEE0CC-8F2C-47EF-99A3-ED603EB17E7F}
    HKEY_CLASSES_ROOT\Interface\{0E3450CD-9281-48FB-9CBF-AF9ADCDDC472}
    HKEY_CLASSES_ROOT\Interface\{10FB9211-83C0-49B3-A780-4B6FBBADE434}
    HKEY_CLASSES_ROOT\Interface\{12D0B72F-E3E1-4031-8C7E-0AE5DD2BF85A}
    HKEY_CLASSES_ROOT\Interface\{2C1B2722-1D57-448D-BB11-D3BF81AFB3B5}
    HKEY_CLASSES_ROOT\Interface\{465F46B0-B181-49CB-AD28-B764CD24DCA1}
    HKEY_CLASSES_ROOT\Interface\{4682934D-BFCE-4647-9E61-3D95BD163B6C}
    HKEY_CLASSES_ROOT\Interface\{4978EC50-10E6-4733-BEC0-01C06EB24513}
    HKEY_CLASSES_ROOT\Interface\{516EF947-2FF0-4D22-BA46-B08CEB7B3EDF}
    HKEY_CLASSES_ROOT\Interface\{572A7CAA-2D6B-4461-B471-D47E4CDD37F2}
    HKEY_CLASSES_ROOT\Interface\{5C1DDAAC-B007-40E4-9854-322492AD2B58}
    HKEY_CLASSES_ROOT\Interface\{65237135-B929-444F-8034-4AF7E7C1D360}
    HKEY_CLASSES_ROOT\Interface\{6E73FDAB-E391-48AF-8646-84921587858A}
    HKEY_CLASSES_ROOT\Interface\{723F03AB-3016-4AED-B5AE-280F3FBF2A47}
    HKEY_CLASSES_ROOT\Interface\{7E10CC6D-FCE6-49BC-A4CB-5B9B2E3E83D0}
    HKEY_CLASSES_ROOT\Interface\{80BE027B-759A-4938-9B1E-E6988654DAC4}
    HKEY_CLASSES_ROOT\Interface\{82155488-DC96-4F98-81C0-884EB720081A}
    HKEY_CLASSES_ROOT\Interface\{88D43288-6FEF-4202-8D87-BD992D1F602F}
    HKEY_CLASSES_ROOT\Interface\{89ABAF9E-2C51-47A3-93D3-D563EAF847B0}
    HKEY_CLASSES_ROOT\Interface\{9C3ABDA0-EB06-41E7-A426-5836D30485CB}
    HKEY_CLASSES_ROOT\Interface\{9E37CB08-105A-4B32-A0DE-05FE4F66322E}
    HKEY_CLASSES_ROOT\Interface\{A702688F-E3E0-406A-BB3E-ED2CA4F7F563}
    HKEY_CLASSES_ROOT\Interface\{C1419F7E-F0B8-4781-9D62-F307FC010ED6}
    HKEY_CLASSES_ROOT\Interface\{D639D99D-2377-46B5-81A5-BD91B61C61B0}
    HKEY_CLASSES_ROOT\Interface\{D9A25182-7A92-4511-8981-F4414744DA94}
    HKEY_CLASSES_ROOT\Interface\{E299BC64-1C1B-4F91-B3F4-1B8537BF5ECD}
    HKEY_CLASSES_ROOT\Interface\{F3AEEE73-9116-48ED-8212-5E49EABE0050}
    HKEY_CLASSES_ROOT\Interface\{F4982E3C-93D2-4DFB-85F2-20DB0C91A6B9}
    HKEY_CLASSES_ROOT\Interface\{F8C39983-CEFC-4BD4-BD29-659E4E1D31E1}
    HKEY_CLASSES_ROOT\Interface\{F97B6539-DBCE-4751-8B73-5BB6502EC4C8}
    HKEY_CLASSES_ROOT\TypeLib\{047E7D40-FD9B-483A-934B-361C2A581506}
    HKEY_CLASSES_ROOT\TypeLib\{191F8DE5-0703-4A2A-A5B1-71C84CE51864}
    HKEY_CLASSES_ROOT\TypeLib\{AE6286A9-0D91-4A45-A1F2-73EE5CAFCDC9}
    HKEY_CLASSES_ROOT\TypeLib\{C4AC1481-6C39-433E-BD39-2A05FBF45BA7}
    HKEY_CLASSES_ROOT\Hyperbar.BootstrapService
    HKEY_CLASSES_ROOT\Hyperbar.BootstrapService.1
    HKEY_CLASSES_ROOT\Hyperbar.ClassObjectManager
    HKEY_CLASSES_ROOT\Hyperbar.ClassObjectManager.1
    HKEY_CLASSES_ROOT\Hyperbar.CodeDownloadBindingHelper
    HKEY_CLASSES_ROOT\Hyperbar.CodeDownloadBindingHelper.1
    HKEY_CLASSES_ROOT\Hyperbar.CommandHandlingService
    HKEY_CLASSES_ROOT\Hyperbar.CommandHandlingService.1
    HKEY_CLASSES_ROOT\Hyperbar.ConfigLoader
    HKEY_CLASSES_ROOT\Hyperbar.ConfigLoader.1
    HKEY_CLASSES_ROOT\Hyperbar.HiliteHandler
    HKEY_CLASSES_ROOT\Hyperbar.HiliteHandler.1
    HKEY_CLASSES_ROOT\Hyperbar.HyperBlockerService
    HKEY_CLASSES_ROOT\Hyperbar.HyperBlockerService.1
    HKEY_CLASSES_ROOT\Hyperbar.IEBand
    HKEY_CLASSES_ROOT\Hyperbar.IEBand.1
    HKEY_CLASSES_ROOT\Hyperbar.IEBandFactory
    HKEY_CLASSES_ROOT\Hyperbar.IEBandFactory.1
    HKEY_CLASSES_ROOT\Hyperbar.IEBandInstaller
    HKEY_CLASSES_ROOT\Hyperbar.IEBandInstaller.1
    HKEY_CLASSES_ROOT\Hyperbar.IEBandService
    HKEY_CLASSES_ROOT\Hyperbar.IEBandService.1
    HKEY_CLASSES_ROOT\Hyperbar.IEBHO
    HKEY_CLASSES_ROOT\Hyperbar.IEBHO.1
    HKEY_CLASSES_ROOT\Hyperbar.IEBHOFactory
    HKEY_CLASSES_ROOT\Hyperbar.IEBHOFactory.1
    HKEY_CLASSES_ROOT\Hyperbar.IEBHOInstaller
    HKEY_CLASSES_ROOT\Hyperbar.IEBHOInstaller.1
    HKEY_CLASSES_ROOT\Hyperbar.IEBServicePP
    HKEY_CLASSES_ROOT\Hyperbar.IEBServicePP.1
    HKEY_CLASSES_ROOT\Hyperbar.InstallManager
    HKEY_CLASSES_ROOT\Hyperbar.InstallManager.1
    HKEY_CLASSES_ROOT\Hyperbar.NavHelperSearchHook
    HKEY_CLASSES_ROOT\Hyperbar.NavHelperSearchHook.1
    HKEY_CLASSES_ROOT\Hyperbar.NavHelperService
    HKEY_CLASSES_ROOT\Hyperbar.NavHelperService.1
    HKEY_CLASSES_ROOT\Hyperbar.NavHlpSHFactory
    HKEY_CLASSES_ROOT\Hyperbar.NavHlpSHFactory.1
    HKEY_CLASSES_ROOT\Hyperbar.NavigateHandler
    HKEY_CLASSES_ROOT\Hyperbar.NavigateHandler.1
    HKEY_CLASSES_ROOT\Hyperbar.ProductManager
    HKEY_CLASSES_ROOT\Hyperbar.ProductManager.1
    HKEY_CLASSES_ROOT\Hyperbar.PropSheetHandler
    HKEY_CLASSES_ROOT\Hyperbar.PropSheetHandler.1
    HKEY_CLASSES_ROOT\Hyperbar.ResourceManager
    HKEY_CLASSES_ROOT\Hyperbar.ResourceManager.1
    HKEY_CLASSES_ROOT\Hyperbar.SearchService
    HKEY_CLASSES_ROOT\Hyperbar.SearchService.1
    HKEY_CLASSES_ROOT\Hyperbar.ServiceManager
    HKEY_CLASSES_ROOT\Hyperbar.ServiceManager.1
    HKEY_CLASSES_ROOT\Hyperbar.ServiceSite
    HKEY_CLASSES_ROOT\Hyperbar.ServiceSite.1
    HKEY_CLASSES_ROOT\Hyperbar.ToolbarService
    HKEY_CLASSES_ROOT\Hyperbar.ToolbarService.1
    HKEY_CLASSES_ROOT\Hyperbar.TopResultsService
    HKEY_CLASSES_ROOT\Hyperbar.TopResultsService.1
    HKEY_CLASSES_ROOT\HyperToolbar.BindStatusCallbackHelper
    HKEY_CLASSES_ROOT\HyperToolbar.BindStatusCallbackHelper.1
    HKEY_CLASSES_ROOT\Hyperbar.EnumUnknown
    HKEY_CLASSES_ROOT\Hyperbar.EnumUnknown.1
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F785BCB-2B25-4D13-81DC-9EC7EFD72D70}
    HKEY_LOCAL_MACHINE\SOFTWARE\Igor V. Gunko
    HKEY_ALL_USERS\SOFTWARE\Igor V. Gunko
    HKEY_CLASSES_ROOT\CLSID\{4B2F5308-2CB0-40E2-8030-59936ED5D22C}
    HKEY_CLASSES_ROOT\CLSID\{D9ED23A8-5DAD-44EB-8CC3-F91D285A001D}
    HKEY_CLASSES_ROOT\CLSID\{DADAAC10-11C5-470A-824F-26F3E75EBD58}
    HKEY_CLASSES_ROOT\Installer\Features\220DC05A09C0EBD4EA5EC894A28417D2
    HKEY_CLASSES_ROOT\Installer\Products\220DC05A09C0EBD4EA5EC894A28417D2
    HKEY_CLASSES_ROOT\Installer\UpgradeCodes\9325A794C1DE5B040B30A970D8B14F03
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B2F5308-2CB0-40E2-8030-59936ED5D22C}
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\9325A794C1DE5B040B30A970D8B14F03
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\220DC05A09C0EBD4EA5EC894A28417D2
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A50CD022-0C90-4DBE-AEE5-8C492A48712D}
    HKEY_LOCAL_MACHINE\SOFTWARE\Fukka-Round, Inc.
    HKEY_ALL_USERS\Software\Fukka-Round, Inc.

  4. Adds the value:

    "{D9ED23A8-5DAD-44EB-8CC3-F91D285A001D}" = "HyperSearchHook"

    to the subkey:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks

  5. Adds the value:

    "C:\Program Files\Startnow\Navigation Helper" = "1"

    to the subkey:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders

  6. Adds the value:

    "220DC05A09C0EBD4EA5EC894A28417D2" = ""

    to the subkey:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\9325A794C1DE5B040B30A970D8B14F03

  7. Adds the value:

    "{D9ED23A8-5DAD-44EB-8CC3-F91D285A001D}" = "HyperSearchHook"

    to the subkey:

    HKEY_ALL_USERS\Software\Microsoft\Internet Explorer\URLSearchHooks

Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver