Home Malware Programs Adware Adware.AdAgent


Posted: June 22, 2011

Adware.AdAgent is a Browser Helper Object that monitors your web-browsing habits to create 'appropriate' pop-up advertisements based on which sites you visit. Some Adware.AdAgent infections may pretend to be legitimate add-ons for your browser, but Adware.AdAgent doesn't have any beneficial features, and may expose you to dangerous pop-ups that use drive-by download scripts, fake infection warnings, and other malicious capabilities. You should remove Adware.AdAgent from your PC at once, preferably with some help from an anti-malware program of good repute.

The Plentiful Names and Infection Routes of Adware.AdAgent

Different variations of Adware.AdAgent may try to infect your computer in a hidden manner or trick you into believing that Adware.AdAgent is a legitimate browser plugin. To protect yourself from the former, disable scripts for untrustworthy sites and keep your browser and anti-virus software up to date. For the latter, avoid downloading browser plugins without verifying that they're safe by checking with several independent sources beforehand.

Some well-known Adware.AdAgent aliases include Adware.Roogoo, Adware-Surfbar and Adware.Win32.AdAgent.d. Regardless of just which type of Adware.AdAgent you get on your PC, Adware.AdAgent will always use the form of a BHO or Browser Helper Object. BHOs like Adware.AdAgent can launch themselves whenever you use your browser. Adware.AdAgent doesn't need to request your permission to launch, nor does Adware.AdAgent need to show any visual cues that it's active.

What You Should Be Ready for If Your Browser's Got the Adware.AdAgent Bug

Adware.AdAgent is capable of infecting most Windows operating systems including: Windows 95, 98, NT, 2000, ME, 2003, XP and Vista. After Adware.AdAgent has infected your PC you'll be victimized by:

  • Having your online browsing habits monitored. This includes, at a minimum, Adware.AdAgent tracking which websites you visit, and may also extend to recording more personal information. This ongoing monitoring activity can slow down your browser and computer, due to the usage of excessive system resources and is, obviously, a violation of your privacy.
  • Adware.AdAgent may also create pop-up windows, even if your web browser isn't open. Pop-ups may pay affiliate money to the criminals that designed Adware.AdAgent, or they may a contain harmful code that can attack your computer. Common pop-up-based attacks include fake infection warnings that encourage you to download rogue security software and malicious Flash, or Java scripts that force you to download a Trojan.

You should remove Adware.AdAgent as soon as you suspect that Adware.AdAgent is on your PC. Although Adware.AdAgent may have an uninstallation procedure, the most reliable method of deleting Adware.AdAgent is to use a good anti-virus program to scan your PC while in Safe Mode. This will guarantee that all components of the Adware.AdAgent infection, including Registry entries and other problematic data, are fully removed.

File System Modifications

  • The following files were created in the system:
    # File Name File Size (bytes) File Hash
    1 %appdata%\microsoft\internet explorer\quick launch\Adware.Adware.AdAgent .lnk N/A N/A
    2 %commonprograms%\Adware.Adware.AdAgent \about.lnk N/A N/A
    3 %commonprograms%\Adware.Adware.AdAgent \activate.lnk N/A N/A
    4 %desktop%\Adware.Adware.AdAgent .lnk N/A N/A
    5 %desktop%\Adware.Adware.AdAgent support.lnk N/A N/A
    6 %programfiles\Adware.Adware.AdAgent \about.ico N/A N/A
    7 %programfiles\Adware.Adware.AdAgent \activate.ico N/A N/A
    8 %programfiles\Adware.Adware.AdAgent \buy.ico N/A N/A
    9 %programfiles\Adware.Adware.AdAgent \def.db N/A N/A
    10 %programfiles\Adware.Adware.AdAgent \defext.dll N/A N/A
    11 %programfiles\Adware.Adware.AdAgent \defhook.dll N/A N/A
    12 adlaunch32.dll 83,992 ca8df29bbac6f0c1cf435bb82090c7c6

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSNTCURRENTVERSIONWINDOWSAPPINIT_DLLS AppInit_DLLsHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Universal Disk ManagerHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Universal Disk ManagerHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Universal Disk ManagerHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Universal Disk Manager