MyStart by Incredibar

MyStart by Incredibar Description


MyStart by Incredibar Screenshot 1MyStart by Incredibar is an adware program that displays advertisements. While similar adware plugins have been known to be bundled with freely-distributed programs, malware experts have also caught websites using browser exploits to install MyStart sans any other software. If you notice symptoms of the presence of Incredibar’s MyStart while you browse the web, you should remove MyStart with anti-malware software that can delete all of MyStart without difficulties, including its Registry-based components. Normal software removal methods have been confirmed to fail on MyStart, although, at this point, malware experts only rank MyStart by Incredibar as a low-level PC threat.

The Not-So-Incredible Services of MyStart by Incredibar


While MyStart would love you to start your day off by using its services to search the web, malware researchers haven’t seen any signs that MyStart has any beneficial features for your PC. Rather than being a search assistant, MyStart is an advertisement-deliverer that generates revenue by redirecting you to irrelevant advertising content. At the time of this writing, the safety levels of advertisements related to MyStart haven’t been verified, and, in most cases, adware-delivered advertisements are potentially hazardous (as in cases of them promoting rogue anti-virus scanners and similar types of scamware).
Download SpyHunter Spyware Scanner
In general, MyStart can be considered a minor nuisance, although the content that MyStart promotes may be more overtly malicious than MyStart itself.

MyStart by Incredibar has also been found to change your homepage, change other browser settings or block your access to unrelated sites (especially Google). However, these symptoms may not be evident in all MyStart infections.

Other PC threats that are closely-associated with MyStart include the Web Assistant toolbar and Incredimail, both of which are low-level adware like MyStart. These PC threats, including MyStart, have been noted for their compatibility with several types of popular browsers, such as Internet Explorer and Firefox. MyStart attacks should be considered an active albeit minor threat.

Ways to Keep Your Day from Starting with MyStart


Avoiding websites that are affiliated with MyStart by Incredibar should always be considered the simplest way to protect your browser from a MyStart infection. Sites that are affiliated with MyStart (such as mystart.incredibar.com) may use browser exploits in their attacks. These exploits can install the MyStart browser hijacker without your consent and are especially likely to exploit outdated versions of JavaScript and Flash.

Updating your browser, if necessary, is also recommended, and malware researchers particularly advise you to keep anti-malware software at work in the background consequently able to block malicious sites and content that could be used to promote MyStart, such as drive-by-download exploits.

Aliases


a variant of Win32/InstallBrain [ESET-NOD32]Riskware.Win32.InstallBrain (A) [Emsisoft]APPL/InstallBrain.Gen5 [AntiVir]ApplicUnwnt.Win32.AdWare.IBrain.B [Comodo]Win32:PUP-gen [PUP] [Avast]TROJ_GEN.R06H1DT [TrendMicro-HouseCall]W32/IBrain.B.gen!Eldorado [F-Prot]Unwanted-Program [K7AntiVirus]PUP.BundleInstaller.IB [Malwarebytes]Win32/InstallBrain (ES) [MicroWorld-eScan]

More aliases (11)


MyStart by Incredibar Automatic Detection Tool (Recommended)


Is your PC infected with MyStart by Incredibar? To safely & quickly detect MyStart by Incredibar, we highly recommend you run the malware scanner listed below.



Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name Detection Count
    1 %PROGRAMFILES(x86)%\Incredibar-Games_EN 696
    2 %UserProfile%\Local Settings\Application Data\Incredibar-Games_EN 689
    3 %UserProfile%\AppData\LocalLow\Incredibar-Games_EN 679
    4 %ALLUSERSPROFILE%\IBUpdaterService 614
    5 %AppData%\Incredibar 614
    6 %PROGRAMFILES%\IB Updater 607
    7 %LOCALAPPDATA%\CRE\dpimglhojapikoeeifcifanbeinephdm.crx 482
    8 %UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dpimglhojapikoeeifcifanbeinephdm 475
    9 %LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\dpimglhojapikoeeifcifanbeinephdm 468
    10 %PROGRAMFILES%\ Incredibar.com\ incredibar\ 1.5.3.27\ bh\ incredibar.dll 9
    11 %Program Files%\Incredibar\Incredibar.exe N/A
    12 %UserProfile%\Desktop\Incredibar.lnk N/A
    13 %UserProfile%\Start Menu\Incredibar\Incredibar.lnk N/A
    14 %UserProfile%\Start Menu\Incredibar\Help.lnk N/A
    15 %UserProfile%\Start Menu\Incredibar\Registration.lnk N/A
    16 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Incredibar.lnk N/A
    17 %Temp%\bh\incredibar.dll N/A
    18 %Temp%\incredibar.crx N/A
    19 %Temp%\incredibarApp.dll N/A
    20 %Temp%\incredibarEng.dll N/A
    21 %Temp%\incredibarsrv.exe N/A
    22 %Temp%\incredibarTlbr.dll N/A
    23 %Temp%\uninstall.exe N/A
    24 C:\Program Files\Incredibar-Games_EN\toolbar.cfg N/A
    25 C:\Program Files\Incredibar-Games_EN\uninstall.exe N/A
    26 C:\Program Files\Incredibar-Games_EN\Incredibar-Games_ENToolbarHelper.exe N/A
    27 C:\Program Files\Incredibar-Games_EN\GottenAppsContextMenu.xml N/A
    28 C:\Program Files\Incredibar-Games_EN\tbIncr.dll N/A
    29 C:\Program Files\Incredibar-Games_EN\prxtbIncr.dll N/A
    30 C:\Program Files\Incredibar-Games_EN\ldrtbIncr.dll N/A
    31 C:\Program Files\Incredibar-Games_EN\ToolbarContextMenu.xml N/A
    32 C:\Program Files\Incredibar-Games_EN\SharedAppsContextMenu.xml N/A
    33 C:\Program Files\Incredibar-Games_EN\OtherAppsContextMenu.xml N/A
    34 %AppData%\[trojan name]\toolbarstat.log N/A
    35 %Temp%\[trojan name]\toolbar-manifest.xml N/A
    36 %AppData%\[trojan name]\toolbarversion.xml N/A
    37 %AppData%\[trojan name]\toolbarcouponsmerchants2.xml N/A
    38 %AppData%\[trojan name]\toolbarcouponsmerchants.xml N/A
    39 %AppData%\[trojan name]\toolbarcouponscategories.xml N/A
    40 %AppData%\[trojan name]\toolbarlog.txt N/A
    41 %AppData%\[trojan name]\toolbardtx.ini N/A
    42 %AppData%\[trojan name]\toolbaruninstallIE.dat N/A
    43 %AppData%\[trojan name]\toolbarstats.dat N/A
    44 %AppData%\[trojan name]\toolbaruninstallStatIE.dat N/A
    45 %AppData%\[trojan name]\toolbarpreferences.dat N/A
    46 %AppData%\[trojan name]\toolbarguid.dat N/A

    More files

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Conduit\RevertSettings "http://mystart.Incredibar.com?a=1ex6GUYANIc&i=38"HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main StartPage "http://mystart.Incredibar.com?a=1ex6GUYANIc&i=38"HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\13376694984709702142491016734454HKEY_CURRENT_USER\Software\IM\38 "PPD"HKEY_CURRENT_USER\Software\ImInstaller\IncredibarHKEY_CURRENT_USER\Software\IncredibarHKEY_CURRENT_USER\Software\Incredibar-Games_ENHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "13376694984709702142491016734454"HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Toolbars "Incredibar-Games EN Toolbar"HKEY_LOCAL_MACHINE\SOFTWARE\Incredibar-Games_EN\toolbarHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar "Incredibar-Games EN Toolbar"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Incredibar-Games EN Toolbar
  • The following CLSID's were detected:
    HKEY..\..\{CLSID Path} {322F82C7-DE90-4579-93AA-971DCF45B5E9}{238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9}
Posted: January 18, 2012 | By
Share:
Follow Me on Pinterest More More
Threat Level: 5/10
1 Star2 Stars3 Stars4 Stars5 Stars (65 votes, average: 2.52 out of 5)
Loading ... Loading ...
Rate this article:
Detection Count: 106,622
Home Malware ProgramsBad Toolbars MyStart by Incredibar

162 Comments

1 2 3 4

Leave a Reply

What is 2 + 12 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)