1. /
  2. Security Response/
  3. Adware.YourSiteBar

Adware.YourSiteBar

Updated:
February 13, 2007 11:46:28 AM
Type:
Adware
Publisher:
Integrated Search Technologies
Risk Impact:
Low
File Names:
ysb.dll
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows NT, Windows Server 2003, Windows XP

When Adware.YourSiteBar is executed, it performs the following actions:
  1. Creates the following files:
    • %ProgramFiles%\YourSiteBar\ysb.dll
    • %ProgramFiles%\YourSiteBar\imagemap_normal.bmp
    • %ProgramFiles%\YourSiteBar\version.txt
    • %ProgramFiles%\YourSiteBar\yoursitebar.xml

      Note: %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.

  2. Creates the following registry keys:

    HKEY_CLASSES_ROOT\CLSID\{86227D9C-0EFE-4F8A-AA55-30386A3F5686}
    HKEY_CLASSES_ROOT\Interface\{03B800F9-2536-4441-8CDA-2A3E6D15B4F8}
    HKEY_CLASSES_ROOT\Interface\{DFBCC1EB-B149-487E-80C1-CC1562021542}
    HKEY_CLASSES_ROOT\Interface\{7B9A715E-9D87-4C21-BF9E-F914F2FA953F}
    HKEY_CLASSES_ROOT\Interface\{EAF2CCEE-21A1-4203-9F36-4929FD104D43}
    HKEY_CLASSES_ROOT\TypeLib\{4EE12B71-AA5E-45EC-8666-2DB3AD3FDF44}

    HKEY_CLASSES_ROOT\Typelib\{6D3F5DE4-E980-4407-A10F-9AC771ABAAE6}
    HKEY_CLASSES_ROOT\Ysb.YsbObj
    HKEY_CLASSES_ROOT\Ysb.YsbObj.1
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YourSiteBar
    HKEY_LOCAL_MACHINE\SOFTWARE\YourSiteBar

  3. Adds the value:

    "{86227D9C-0EFE-4f8a-AA55-30386A3F5686}" = ""

    to the registry keys:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar  
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser

  4. Adds the following toolbar to all Internet Explorer windows:





Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver