Adware.Vonteera
Posted: August 28, 2013
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 2,984 |
|---|---|
| Threat Level: | 2/10 |
| Infected PCs: | 238,060 |
| First Seen: | August 28, 2013 |
|---|---|
| Last Seen: | October 16, 2023 |
| OS(es) Affected: | Windows |
Adware:Win32/Vonteera is adware that injects advertisements into your browser promoting various products and services, such as free media players. Because the formats of advertisements favored by Adware:Win32/Vonteera make it unclear what content is delivered by Adware:Win32/Vonteera, and because these advertisements also may be used to deliver potentially unsafe content to your browser, SpywareRemove.com malware researchers recommend removing Adware:Win32/Vonteera as a general security risk that should be dealt with by good anti-malware programs. However, if you minimize any contact with Adware:Win32/Vonteera's advertisements and remove Adware:Win32/Vonteera as soon as possible, your PC is more likely than not to survive a temporary Adware:Win32/Vonteera infection unscathed.
The Advertisements Coming for Any Browser You Happen to Like
Adware:Win32/Vonteera uses a generous installation plan that supports compatibility with Internet Explorer, Chrome and Firefox – although SpywareRemove.com malware experts haven't seen any evidence of its having compatibility with any non-Windows Web browsers. After installing itself, Adware:Win32/Vonteera may display advertisements in any of these three browsers. Rather than delivering its advertisements as pop-ups, Adware:Win32/Vonteera injects its advertisements into unrelated sites, such as Facebook, Yahoo or Youtube. Adware:Win32/Vonteera's advertisements also are not clearly marked to let you distinguish them from any normal website content, which is a significant warning sign of its potential security issues.
Adware:Win32/Vonteera advertisements are varied but have been known to promote some types of software that are favorite disguises for low and high-level PC threats, such as rogue defragmenters and fake anti-virus scanners. SpywareRemove.com malware researchers would recommend that you avoid downloading software through Adware:Win32/Vonteera's advertisements – or, at a bare minimum, research any new program before you trust it enough to put it on your hard drive.
Trimming the Vonteera Invasion Back from Your Browsers
Since Adware:Win32/Vonteera modifies multiple browsers to support its advertisement delivery functions, SpywareRemove.com malware research team warns that any effort at removing Adware:Win32/Vonteera will have to take into account all affected browsers, instead of just a single browser – regardless of whether you use your alternative browsers or leave them to collect dust. Anti-malware programs with system-scanning functions provide the easiest ways of removing Adware:Win32/Vonteera, although you also should be careful to keep all affected browsers closed during any scans.
Infection methods favored by Adware:Win32/Vonteera and similar adware-based PC threats usually are non-consensual. Adware:Win32/Vonteera may be installed along with another program, installed through unreliable Web exploits or installed with the help from a Trojan. Besides the obvious recourse of using anti-malware tools to block all of these attacks, SpywareRemove.com malware researchers also find it wise to research a download before installing it, since a quick look into a site or program's history may help you find out whether or not Adware:Win32/Vonteera and other programs often are bundled with such links.
Aliases
Crypt4.BUKX [AVG]Trojan.Crypt4 [Ikarus]Artemis!3040BD1410AC [McAfee]Artemis!Trojan [McAfee-GW-Edition]Win32:Dropper-gen [Drp] [Avast]Riskware/PUP [Fortinet]Win32.SuspectCrc [Ikarus]Trj/CI.A [Panda]PUP-FSI [McAfee]Adware/Win32.Vonteera [AhnLab-V3]BehavesLike.Win32.Trojan.mh [McAfee-GW-Edition]Adware.Volaro.1 [DrWeb]UnclassifiedMalware [Comodo]Win32:Adware-gen [Adw] [Avast]
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%APPDATA%\VolIE\IE\Shopify_64.dll
File name: Shopify_64.dllSize: 163.96 KB (163968 bytes)
MD5: 03685f17472c4f0b529b97556ac15fa9
Detection count: 90
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%APPDATA%\VolIE\IE\Shopify_32.dll
File name: Shopify_32.dllSize: 138.75 KB (138752 bytes)
MD5: 507f5272c5b6b61e2e14bade74005898
Detection count: 86
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%LOCALAPPDATA%\RemoveTool.exe
File name: RemoveTool.exeSize: 572.33 KB (572334 bytes)
MD5: 7fb75ab23a99adb0eed40432f503db32
Detection count: 86
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\VolIE\IE\Shopify_64.dll
File name: Shopify_64.dllSize: 157.18 KB (157184 bytes)
MD5: 436fa5d435a408cf8b3453d337fede50
Detection count: 81
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%APPDATA%\VolIE\IE\Shopify_64.dll
File name: Shopify_64.dllSize: 163.96 KB (163968 bytes)
MD5: b4752216cb3d7ae83ec488e32e5558d2
Detection count: 80
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%APPDATA%\VolIE\IE\Shopify_64.dll
File name: Shopify_64.dllSize: 163.96 KB (163968 bytes)
MD5: bfdc2ded1b21c54af0b4f4a2a9d63157
Detection count: 73
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%APPDATA%\VolIE\IE\Shopify_64.dll
File name: Shopify_64.dllSize: 163.96 KB (163968 bytes)
MD5: 90c0f94ed65f39991da2c0a93cd9bdf2
Detection count: 66
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%APPDATA%\VolIE\IE\Shopify_64.dll
File name: Shopify_64.dllSize: 163.96 KB (163968 bytes)
MD5: fe98d108e76a700759a08837bc281b03
Detection count: 61
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%APPDATA%\VolIE\IE\Shopify_32.dll
File name: Shopify_32.dllSize: 145.53 KB (145536 bytes)
MD5: ae34782c4b97ccf8c0e560347b6cfd50
Detection count: 54
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%SystemDrive%\Users\<username>\AppData\Roaming\VolIE\IE\Shopify_64.dll
File name: Shopify_64.dllSize: 163.96 KB (163968 bytes)
MD5: e4014a77c95cbe572c193a7bcc4e80d0
Detection count: 52
File type: Dynamic link library
Mime Type: unknown/dll
Path: %SystemDrive%\Users\<username>\AppData\Roaming\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%APPDATA%\VolIE\IE\Shopify_32.dll
File name: Shopify_32.dllSize: 145.53 KB (145536 bytes)
MD5: 9eca6dedd2e8ea15160a1d5f723255f0
Detection count: 43
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%APPDATA%\Flasher\c32s.exe
File name: c32s.exeSize: 188.93 KB (188935 bytes)
MD5: b777d581ade0658e5ee5cbb58455f783
Detection count: 40
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Flasher
Group: Malware file
Last Updated: March 25, 2016
%APPDATA%\VolIE\IE\Shopify_32.dll
File name: Shopify_32.dllSize: 145.53 KB (145536 bytes)
MD5: 73a32704ec93399fda7135d1a50f89e0
Detection count: 25
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%APPDATA%\Flasher\c32s.exe
File name: c32s.exeSize: 152.57 KB (152576 bytes)
MD5: 51c02b5cf5d3722ab175f02315db8f44
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Flasher
Group: Malware file
Last Updated: March 25, 2016
%APPDATA%\VolIE\IE\Shopify_64.dll
File name: Shopify_64.dllSize: 157.18 KB (157184 bytes)
MD5: 6bc082328413860284979162b6179b7e
Detection count: 13
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%APPDATA%\VolIE\IE\Shopify_64.dll
File name: Shopify_64.dllSize: 163.96 KB (163968 bytes)
MD5: 25a3a22f70489cb43eae2320140c8e2e
Detection count: 13
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%LOCALAPPDATA%\RemoveTool.exe
File name: RemoveTool.exeSize: 51.44 KB (51446 bytes)
MD5: a62df77c0605d7fc3f0b28930950a132
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\VolIE\IE\Shopify_64.dll
File name: Shopify_64.dllSize: 163.96 KB (163968 bytes)
MD5: 43a9faca8f9b7be55e13a4ef11e4dc02
Detection count: 10
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%APPDATA%\VolIE\IE\Shopify_64.dll
File name: Shopify_64.dllSize: 163.96 KB (163968 bytes)
MD5: 6f83c1b0a233b6f3c744d97bdb2460dd
Detection count: 10
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
C:\Users\<username>\AppData\Roaming\VolIE\IE\Shopify_32.dll
File name: Shopify_32.dllSize: 145.53 KB (145536 bytes)
MD5: f99db7db53dd6a6cb97a14dcc37a7de7
Detection count: 5
File type: Dynamic link library
Mime Type: unknown/dll
Path: C:\Users\<username>\AppData\Roaming\VolIE\IE\Shopify_32.dll
Group: Malware file
Last Updated: October 31, 2021
%SystemDrive%\Users\<username>\AppData\Roaming\VolIE\IE\Shopify_32.dll
File name: Shopify_32.dllSize: 145.53 KB (145536 bytes)
MD5: 5849a516685ca4d01c1ebb289ff3cab1
Detection count: 5
File type: Dynamic link library
Mime Type: unknown/dll
Path: %SystemDrive%\Users\<username>\AppData\Roaming\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%APPDATA%\homerj\c32s.exe
File name: c32s.exeSize: 152.57 KB (152576 bytes)
MD5: 72ac196cb212341d49b86dde4e668a83
Detection count: 4
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\homerj
Group: Malware file
Last Updated: March 25, 2016
%APPDATA%\VolIE\IE\Shopify_32.dll
File name: Shopify_32.dllSize: 138.75 KB (138752 bytes)
MD5: 204c4b28e7f059f2f005db7ef861697a
Detection count: 4
File type: Dynamic link library
Mime Type: unknown/dll
Path: %APPDATA%\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
%SystemDrive%\Users\<username>\AppData\Roaming\VolIE\IE\Shopify_64.dll
File name: Shopify_64.dllSize: 157.18 KB (157184 bytes)
MD5: f592e8a6c729c050b64818e9ccd6e32f
Detection count: 1
File type: Dynamic link library
Mime Type: unknown/dll
Path: %SystemDrive%\Users\<username>\AppData\Roaming\VolIE\IE
Group: Malware file
Last Updated: February 6, 2016
More files
Registry Modifications
The following newly produced Registry Values are:
CLSID{2ED35963-FCC9-4698-B619-787FE1C75079}{3FC2D59A-5C76-1E97-30DC-1EC6784419E5}{437B9306-2FDE-4054-A3C9-6B49507C12D0}{598AC71E-BE58-3981-B78A-5C138F423AD6}{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}{63D2A451-3351-178C-7BC4-13C4D58A7652}{934B156A-3D17-3981-B78A-5C138F423AD6}{93D0B762-03DD-416f-AA26-B65F55B8914D}{ACEC5B69-F74E-445A-AC6C-CF621C680893}{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}Regexp file mask%ALLUSERSPROFILE%\Convertor\Convertor.exe%ALLUSERSPROFILE%\Drv\Drv.exe%ALLUSERSPROFILE%\Kirin\Kirin.exe%AppData%\addonVont.zip%APPDATA%\Crown\SPK.exe%AppData%\htcon\Updater.exe%APPDATA%\SPK\SPK.exe%LOCALAPPDATA%\diag\Chomp.exe%PROGRAMFILES(x86)%\GeniusXXAddon%PROGRAMFILES(x86)%\onewebsearch%windir%\System32\Tasks\4CEFD9B73D6C-1CRMOI2%windir%\System32\Tasks\5FOFD9B73D6C-2CRMOI6%WINDIR%\System32\Tasks\Volaro UpdateHKEY..\..\..\..{RegistryKeys}active_permissions\{2ED35963-FCC9-4698-B619-787FE1C75079}active_permissions\{598AC71E-BE58-3981-B78A-5C138F423AD6}active_permissions\{934B156A-3D17-3981-B78A-5C138F423AD6}SOFTWARE\Classes\AdSafe.AdSafeSOFTWARE\Classes\AdSafe.AdSafe.1SOFTWARE\Classes\adTech.adTechSOFTWARE\Classes\adTech.adTech.1SOFTWARE\Classes\AppID\AdSafe.DLLSOFTWARE\Classes\AppID\adTech.DLLSOFTWARE\Classes\AppID\DigiAd.DLLSOFTWARE\Classes\AppID\NoVooIT.DLLSOFTWARE\Classes\AppID\Vonteera.DLLSOFTWARE\Classes\AppID\{6DD1B906-45FA-4A57-9AC6-01108C25067F}SOFTWARE\Classes\DigiAd.DigiAdSOFTWARE\Classes\DigiAd.DigiAd.1SOFTWARE\Classes\FoxPro.FoxProSOFTWARE\Classes\FoxPro.FoxPro.1SOFTWARE\Classes\NoVooIT.NoVooITSOFTWARE\Classes\NoVooIT.NoVooIT.1SOFTWARE\Classes\Vonteera.VonteeraSOFTWARE\Classes\Vonteera.Vonteera.1SOFTWARE\Classes\Wow6432Node\AppID\AdSafe.DLLSOFTWARE\Classes\Wow6432Node\AppID\adTech.DLLSOFTWARE\Classes\Wow6432Node\AppID\DigiAd.DLLSOFTWARE\Classes\Wow6432Node\AppID\NoVooIT.DLLSOFTWARE\Classes\Wow6432Node\AppID\Vonteera.DLLSOFTWARE\Classes\Wow6432Node\AppID\{6DD1B906-45FA-4A57-9AC6-01108C25067F}Software\Microsoft\Internet Explorer\Approved Extensions\{437B9306-2FDE-4054-A3C9-6B49507C12D0}Software\Microsoft\Internet Explorer\Approved Extensions\{598AC71E-BE58-3981-B78A-5C138F423AD6}Software\Microsoft\Internet Explorer\Approved Extensions\{934B156A-3D17-3981-B78A-5C138F423AD6}Software\Microsoft\Internet Explorer\SearchScopes\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4CEFD9B73D6C-1CRMOI2SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\5FOFD9B73D6C-2CRMOI6SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9A5A8340-6B15SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Volaro UpdateSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinKitSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Winsta UpdateSoftware\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{437B9306-2FDE-4054-A3C9-6B49507C12D0}Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{598AC71E-BE58-3981-B78A-5C138F423AD6}Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{934B156A-3D17-3981-B78A-5C138F423AD6}Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2ED35963-FCC9-4698-B619-787FE1C75079}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{437B9306-2FDE-4054-A3C9-6B49507C12D0}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{598AC71E-BE58-3981-B78A-5C138F423AD6}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{934B156A-3D17-3981-B78A-5C138F423AD6}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2ED35963-FCC9-4698-B619-787FE1C75079}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{437B9306-2FDE-4054-A3C9-6B49507C12D0}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{598AC71E-BE58-3981-B78A-5C138F423AD6}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{934B156A-3D17-3981-B78A-5C138F423AD6}Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{2ED35963-FCC9-4698-B619-787FE1C75079}Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{598AC71E-BE58-3981-B78A-5C138F423AD6}Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{934B156A-3D17-3981-B78A-5C138F423AD6}Software\NoVooITSoftware\NoVooITSetSoftware\VolaroSOFTWARE\Volaro UpdaterSoftware\VonteeraSoftware\Vonteera Safe adsSOFTWARE\VonteraSOFTWARE\Wow6432Node\Classes\AppID\AdSafe.DLLSOFTWARE\Wow6432Node\Classes\AppID\adTech.DLLSOFTWARE\Wow6432Node\Classes\AppID\DigiAd.DLLSOFTWARE\Wow6432Node\Classes\AppID\NoVooIT.DLLSOFTWARE\Wow6432Node\Classes\AppID\Vonteera.DLLSOFTWARE\Wow6432Node\Classes\AppID\{6DD1B906-45FA-4A57-9AC6-01108C25067F}SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{437B9306-2FDE-4054-A3C9-6B49507C12D0}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{598AC71E-BE58-3981-B78A-5C138F423AD6}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{934B156A-3D17-3981-B78A-5C138F423AD6}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{2ED35963-FCC9-4698-B619-787FE1C75079}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{598AC71E-BE58-3981-B78A-5C138F423AD6}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{934B156A-3D17-3981-B78A-5C138F423AD6}SOFTWARE\Wow6432Node\NoVooITSOFTWARE\Wow6432Node\Volaro UpdaterSOFTWARE\Wow6432Node\VonteeraSOFTWARE\Wow6432Node\VonteraHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}ARHomeGeniusXXVolaro UpdaterVonteeraVonteera Safe ads
CLSID{2ED35963-FCC9-4698-B619-787FE1C75079}{3FC2D59A-5C76-1E97-30DC-1EC6784419E5}{437B9306-2FDE-4054-A3C9-6B49507C12D0}{598AC71E-BE58-3981-B78A-5C138F423AD6}{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}{63D2A451-3351-178C-7BC4-13C4D58A7652}{934B156A-3D17-3981-B78A-5C138F423AD6}{93D0B762-03DD-416f-AA26-B65F55B8914D}{ACEC5B69-F74E-445A-AC6C-CF621C680893}{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}Regexp file mask%ALLUSERSPROFILE%\Convertor\Convertor.exe%ALLUSERSPROFILE%\Drv\Drv.exe%ALLUSERSPROFILE%\Kirin\Kirin.exe%AppData%\addonVont.zip%APPDATA%\Crown\SPK.exe%AppData%\htcon\Updater.exe%APPDATA%\SPK\SPK.exe%LOCALAPPDATA%\diag\Chomp.exe%PROGRAMFILES(x86)%\GeniusXXAddon%PROGRAMFILES(x86)%\onewebsearch%windir%\System32\Tasks\4CEFD9B73D6C-1CRMOI2%windir%\System32\Tasks\5FOFD9B73D6C-2CRMOI6%WINDIR%\System32\Tasks\Volaro UpdateHKEY..\..\..\..{RegistryKeys}active_permissions\{2ED35963-FCC9-4698-B619-787FE1C75079}active_permissions\{598AC71E-BE58-3981-B78A-5C138F423AD6}active_permissions\{934B156A-3D17-3981-B78A-5C138F423AD6}SOFTWARE\Classes\AdSafe.AdSafeSOFTWARE\Classes\AdSafe.AdSafe.1SOFTWARE\Classes\adTech.adTechSOFTWARE\Classes\adTech.adTech.1SOFTWARE\Classes\AppID\AdSafe.DLLSOFTWARE\Classes\AppID\adTech.DLLSOFTWARE\Classes\AppID\DigiAd.DLLSOFTWARE\Classes\AppID\NoVooIT.DLLSOFTWARE\Classes\AppID\Vonteera.DLLSOFTWARE\Classes\AppID\{6DD1B906-45FA-4A57-9AC6-01108C25067F}SOFTWARE\Classes\DigiAd.DigiAdSOFTWARE\Classes\DigiAd.DigiAd.1SOFTWARE\Classes\FoxPro.FoxProSOFTWARE\Classes\FoxPro.FoxPro.1SOFTWARE\Classes\NoVooIT.NoVooITSOFTWARE\Classes\NoVooIT.NoVooIT.1SOFTWARE\Classes\Vonteera.VonteeraSOFTWARE\Classes\Vonteera.Vonteera.1SOFTWARE\Classes\Wow6432Node\AppID\AdSafe.DLLSOFTWARE\Classes\Wow6432Node\AppID\adTech.DLLSOFTWARE\Classes\Wow6432Node\AppID\DigiAd.DLLSOFTWARE\Classes\Wow6432Node\AppID\NoVooIT.DLLSOFTWARE\Classes\Wow6432Node\AppID\Vonteera.DLLSOFTWARE\Classes\Wow6432Node\AppID\{6DD1B906-45FA-4A57-9AC6-01108C25067F}Software\Microsoft\Internet Explorer\Approved Extensions\{437B9306-2FDE-4054-A3C9-6B49507C12D0}Software\Microsoft\Internet Explorer\Approved Extensions\{598AC71E-BE58-3981-B78A-5C138F423AD6}Software\Microsoft\Internet Explorer\Approved Extensions\{934B156A-3D17-3981-B78A-5C138F423AD6}Software\Microsoft\Internet Explorer\SearchScopes\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4CEFD9B73D6C-1CRMOI2SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\5FOFD9B73D6C-2CRMOI6SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9A5A8340-6B15SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Volaro UpdateSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinKitSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Winsta UpdateSoftware\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{437B9306-2FDE-4054-A3C9-6B49507C12D0}Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{598AC71E-BE58-3981-B78A-5C138F423AD6}Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{934B156A-3D17-3981-B78A-5C138F423AD6}Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2ED35963-FCC9-4698-B619-787FE1C75079}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{437B9306-2FDE-4054-A3C9-6B49507C12D0}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{598AC71E-BE58-3981-B78A-5C138F423AD6}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{934B156A-3D17-3981-B78A-5C138F423AD6}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2ED35963-FCC9-4698-B619-787FE1C75079}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{437B9306-2FDE-4054-A3C9-6B49507C12D0}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{598AC71E-BE58-3981-B78A-5C138F423AD6}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{934B156A-3D17-3981-B78A-5C138F423AD6}Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{2ED35963-FCC9-4698-B619-787FE1C75079}Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{598AC71E-BE58-3981-B78A-5C138F423AD6}Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{934B156A-3D17-3981-B78A-5C138F423AD6}Software\NoVooITSoftware\NoVooITSetSoftware\VolaroSOFTWARE\Volaro UpdaterSoftware\VonteeraSoftware\Vonteera Safe adsSOFTWARE\VonteraSOFTWARE\Wow6432Node\Classes\AppID\AdSafe.DLLSOFTWARE\Wow6432Node\Classes\AppID\adTech.DLLSOFTWARE\Wow6432Node\Classes\AppID\DigiAd.DLLSOFTWARE\Wow6432Node\Classes\AppID\NoVooIT.DLLSOFTWARE\Wow6432Node\Classes\AppID\Vonteera.DLLSOFTWARE\Wow6432Node\Classes\AppID\{6DD1B906-45FA-4A57-9AC6-01108C25067F}SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{437B9306-2FDE-4054-A3C9-6B49507C12D0}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{598AC71E-BE58-3981-B78A-5C138F423AD6}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{934B156A-3D17-3981-B78A-5C138F423AD6}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{2ED35963-FCC9-4698-B619-787FE1C75079}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{598AC71E-BE58-3981-B78A-5C138F423AD6}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{934B156A-3D17-3981-B78A-5C138F423AD6}SOFTWARE\Wow6432Node\NoVooITSOFTWARE\Wow6432Node\Volaro UpdaterSOFTWARE\Wow6432Node\VonteeraSOFTWARE\Wow6432Node\VonteraHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}ARHomeGeniusXXVolaro UpdaterVonteeraVonteera Safe ads
Additional Information
The following directories were created:
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\NoVooITSet%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Vonteera%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Vonteera Safe ads%APPDATA%\Convertor%APPDATA%\Fixs%APPDATA%\Flasher%APPDATA%\NewNotepad%APPDATA%\NoVooIT%APPDATA%\NoVooITAddon%APPDATA%\Notepader%APPDATA%\PlusN%APPDATA%\SoftAd%APPDATA%\VolIE%APPDATA%\WinKit%APPDATA%\Winsta%APPDATA%\denc%APPDATA%\homerj%APPDATA%\jellylam%APPDATA%\miaul%APPDATA%\myNotepad%APPDATA%\npp%APPDATA%\twr%AppData%\Microsoft\Windows\Start Menu\Programs\GeniusXX%LOCALAPPDATA%\Hoffer%LOCALAPPDATA%\Wixer%LOCALAPPDATA%\recoveredfiles%PROGRAMFILES%\AdsFree%PROGRAMFILES%\GeniusXXAddon%PROGRAMFILES%\Mozilla Firefox\distribution\bundles\addon@Vonteera.com%PROGRAMFILES%\Mozilla Firefox\distribution\bundles\addonFF@AdvanT.com%PROGRAMFILES%\Mozilla Firefox\distribution\bundles\jason@schober.net%PROGRAMFILES%\NoVooIT%PROGRAMFILES%\NoVooITAddon%PROGRAMFILES%\Volaro%PROGRAMFILES%\VonteeraAddon%PROGRAMFILES%\VonteeraSafeAds%PROGRAMFILES%\Winsta%PROGRAMFILES(x86)%\AdsFree%PROGRAMFILES(x86)%\AppUpd%PROGRAMFILES(x86)%\GeniusXXAddon%PROGRAMFILES(x86)%\Mozilla Firefox\distribution\bundles\addon@Vonteera.com%PROGRAMFILES(x86)%\Mozilla Firefox\distribution\bundles\addonFF@AdvanT.com%PROGRAMFILES(x86)%\Volaro%PROGRAMFILES(x86)%\VonteeraAddon%PROGRAMFILES(x86)%\VonteeraSafeAds%PROGRAMFILES(x86)%\Winsta%appdata%\orlando%appdata%\pdfie
The following URL's were detected:
Vonteeradeltaweather.comexclusivetechnews.comnewsouts.com
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.