Home Malware Programs Bad Toolbars Swirlz Toolbar

Swirlz Toolbar

Posted: December 2, 2013

Threat Metric

Threat Level: 2/10
Infected PCs: 201
First Seen: December 2, 2013
Last Seen: January 17, 2023
OS(es) Affected: Windows

The Swirlz Toolbar is a browser hijacker used to promote Conduit.com, a search site that uses similar toolbars as its primary means of getting traffic. With its installation tending to be ones that don't ask for your permission before modifying your browser, the Swirlz Toolbar usually will be an unwelcome guest that redirects your searches away from intended search engines, and often is installed along with other Potentially Unwanted Programs. Most PUPs should be deleted without any hesitation, and malware researchers recommend the same for the Swirlz Toolbar, which should be deleted with anti-malware tools able to detect any other unwanted software that could have been installed along with the Swirlz Toolbar.

Swirling Your Browser Down to Conduit

If the Swirlz Toolbar can be summarized as a tidal force relentlessly dragging your browser down to a central point, Conduit.com can be said to be the eye of that whirlpool. Conduit.com has come under extended previous analysis by malware researchers as a consequence of its toolbar-oriented business model, which employs regular 'new' browser add-ons that hijack Web searches and redirect them to that website. Although Conduit.com isn't automatically threatening in the same way that a hacked site or a malware site would be, the fact that the Swirlz Toolbar prevents you from controlling your own search engine is a legitimate security issue.

Other than its search hijacks and a few general buttons to other sites, the Swirlz Toolbar doesn't have any noteworthy features on offer. Despite being a newer variant of a Conduit.com search hijacker, the Swirlz Toolbar also is quite similar to other efforts within the same 'family' such as the Energy Community Toolbar, the Systweak Toolbar, the Crizbuzz Toolbar, the shARES Toolbar, the Mini001 Toolbar, the MySavings Toolbar and the Muvic Toolbar. Although the Swirlz Toolbar is ultimately considered a PUP instead of a threat, the Swirlz Toolbar doesn't have any meaningful features for your benefit and should be considered a net drawback to your PC's Web-browsing safety.

Pulling Away from a Browser-Ensnaring Current

Even when, unlike a Swirlz Toolbar, they have meaningful positive functions, malware researchers find that allowing third parties to control the sites your browser loads always to be terrible ideas for your computer's safety. Although the distribution methods in use by Swirlz Toolbars currently are unidentified, software bundles shown through torrent networks and free software sites often are at fault for these low-level PC threats. Files sources that aren't implicitly trustworthy always should be avoided, or, if that's not possible, verified by appropriate file-scanning utilities that can check for the potential of a Swirlz Toolbar-installing bundle.

Removing the Swirlz Toolbar through appropriate security tools such as an anti-malware scanner, also should remove any side effects on your Web browsers, such as search engine redirects. On the other hand, malware experts find it ineffective to try to remove the Swirlz Toolbar and other Conduit toolbars by way of the Control Panel or other standard software-uninstallation techniques – since these solutions tend to result in incomplete deletions that don't attend to the browser-based symptoms.

Technical Details

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{RegistryKeys}Software\Microsoft\Internet Explorer\Approved Extensions\{4cb3c467-0d72-44e6-9237-750b9b8b5ac9}SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4cb3c467-0d72-44e6-9237-750b9b8b5ac9}Software\Microsoft\Internet Explorer\URLSearchHooks\{4cb3c467-0d72-44e6-9237-750b9b8b5ac9}SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{4cb3c467-0d72-44e6-9237-750b9b8b5ac9}