Home Malware Programs Bad Toolbars WhiteSmoke Toolbar

WhiteSmoke Toolbar

Posted: September 25, 2012

Threat Metric

Ranking: 5,592
Threat Level: 1/10
Infected PCs: 28,276
First Seen: September 25, 2012
Last Seen: October 15, 2023
OS(es) Affected: Windows

WhiteSmoke Toolbar is an untrusted toolbar and translation tool. WhiteSmoke Toolbar is known for being installed without permission from the PC user. Sometimes WhiteSmoke Toolbar is installed without the PC user knowing until they are continually redirected to different types of unwanted and annoying websites. WhiteSmoke Toolbar may hijack a web browser to load random sites, some of which could lead to other malware infections. Uninstallation and removal of WhiteSmoke Toolbar may be accomplished with the help of an antispyware program.

Aliases

PUP/Conduit.A [Panda]

Technical Details

Registry Modifications

The following newly produced Registry Values are:

CLSID{462BE121-2B54-4218-BF00-B9BF8135B23F}{7748CAF2-26F7-4B07-91CB-2A51B5FF2764}File name without pathwhitesmoke-us-new-customized-web-search.xmlHKEY..\..\..\..{RegistryKeys}Software\AppDataLow\Software\WhiteSmoke_US_NewSoftware\AppDataLow\Software\WhiteSmoke_US_New\toolbarSOFTWARE\WhiteSmoke_US_New\toolbarSOFTWARE\Wow6432Node\WhiteSmoke_US_NewHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}WhiteSmoke US New ToolbarWhiteSmoke_US ToolbarWhiteSmoke_US_New Toolbar

Additional Information

The following directories were created:
%LOCALAPPDATA%\whitesmoke%LOCALAPPDATA%\whitesmoke_new%PROGRAMFILES%\WhiteSmoke_B%PROGRAMFILES%\WhiteSmoke_US_New%PROGRAMFILES%\whitesmoke_new%PROGRAMFILES(x86)%\WhiteSmoke_B%PROGRAMFILES(x86)%\WhiteSmoke_Bar%PROGRAMFILES(x86)%\WhiteSmoke_US_New%PROGRAMFILES(x86)%\whitesmoke_new%ProgramFiles%\WhiteSmoke_Bar%USERPROFILE%\Local Settings\Application Data\whitesmoke_new%UserProfile%\AppData\LocalLow\WhiteSmoke_Bar%UserProfile%\AppData\LocalLow\WhiteSmoke_US_New%UserProfile%\AppData\LocalLow\whitesmoke_new

Related Posts

Loading...