Vonteera

Category: Adware and PUAs Protection available since:15 Sep 2013 15:49:16 (GMT)
Type: Adware Last Updated:28 Oct 2014 17:11:15 (GMT)

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Vonteera include:

Example 1

File Information

Size
1.1M
SHA-1
1fffa428b9d29ffa65a021c86cdca73789fa3d3f
MD5
46471c09dfea909f645a681416157f5a
CRC-32
271debd5
File type
Windows executable
First seen
2013-09-06

Other vendor detection

Avira
Adware/Voontera.A

Runtime Analysis

Dropped Files
  • C:\Program Files\Volaro\Updater\Win7\Close.ico
  • C:\Program Files\Volaro\Updater\Win7\Tray.ico
  • C:\Program Files\VonteeraAddon\Vonteera.dll
  • C:\Program Files\Volaro\Updater\XP\Tray.ico
  • C:\Program Files\VonteeraAddon\uninstall.exe
  • C:\Program Files\VonteeraAddon\onload.js
  • C:\Program Files\Volaro\Updater\XP\Close.ico
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\Vonteera-16-16.png
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\Vonteera-128-128.png
  • C:\Program Files\Volaro\Updater\Win7\theme.ini
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\manifest.json
  • C:\Program Files\Volaro\Updater\XP\theme.ini
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\_locales\en\messages.json
  • c:\Documents and Settings\test user\Local Settings\Temp\alnaddy_config.dat
  • C:\Program Files\Volaro\Updater\Win7\Msg.ico
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jfhbklndhffnahdploecdffbedhgjnce_0.localstorage
  • C:\Program Files\Volaro\Updater\Win7\closeSel.ico
  • C:\Program Files\Volaro\Updater\Updater.exe
  • C:\Program Files\Volaro\Updater\uninstall.exe
  • C:\Documents and Settings\All Users\Start Menu\Programs\Vonteera\Uninstall.lnk
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\main.js
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\bg.html
  • c:\Documents and Settings\test user\Local Settings\Temp\aln2.tmp
  • C:\Program Files\Volaro\Updater\XP\Msg.ico
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\Vonteera-48-48.png
  • C:\Program Files\Volaro\Updater\XP\closeSel.ico
Registry Keys Created
  • HKCR\Vonteera.Vonteera.1\CLSID
    (Default)
    {437B9306-2FDE-4054-A3C9-6B49507C12D0}
  • HKCU\Software\Volaro\Data
    Path
    C:\Program Files\VonteeraAddon
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013091820130919
    CacheRepair
    0x00000000
  • HKCU\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID
    {437B9306-2FDE-4054-A3C9-6B49507C12D0}
    1
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Volaro Update
    C:\Program Files\Volaro\Updater\Updater.exe
  • HKLM\SOFTWARE\Vontera
    default
    1
  • HKCR\Vonteera.Vonteera
    (Default)
    Vonteera Class
  • HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID
    {437B9306-2FDE-4054-A3C9-6B49507C12D0}
    1
  • HKCU\Software\Microsoft\Internet Explorer\SearchScopes
    DefaultScope
    {756D1D40-E491-4E1D-9BC6-5B37CEDE646E}
  • HKCU\Software\Volaro
    Interval
    0x00015180
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}\TypeLib
    (Default)
    {F0CF2525-8FA4-4f38-A06B-F02183A4D51E}
  • HKCR\TypeLib\{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}\1.0\0\win32
    (Default)
    C:\Program Files\VonteeraAddon\Vonteera.dll
  • HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    DefaultScope
    {756D1D40-E491-4E1D-9BC6-5B37CEDE646E}
  • HKLM\SOFTWARE\Volaro Updater
    Path
    C:\Program Files\Volaro\Updater
  • HKCR\Interface\{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}
    (Default)
    IVonteeraBHO
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}\InprocServer32
    ThreadingModel
    Apartment
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID
    {437B9306-2FDE-4054-A3C9-6B49507C12D0}
    1
  • HKLM\SOFTWARE\Vonteera
    Path
    C:\Program Files\VonteeraAddon
  • HKCR\Interface\{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}\ProgID
    (Default)
    Vonteera.Vonteera.1
  • HKCU\Software\Vonteera
    LastStat
    0x5238e52c
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vonteera
    NoRepair
    0x00000001
  • HKCR\Vonteera.Vonteera.1
    (Default)
    Vonteera Class
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
    NoExplorer
    0x00000001
  • HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}
    URL
    http://www.arabyonline.com/search/?q={searchTerms}
  • HKCR\TypeLib\{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}\1.0\FLAGS
    (Default)
  • HKCR\Interface\{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}\TypeLib
    Version
    1.0
  • HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}
    URL
    http://www.arabyonline.com/search/?q={searchTerms}
  • HKCR\TypeLib\{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}\1.0\HELPDIR
    (Default)
    C:\Program Files\VonteeraAddon
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}\VersionIndependentProgID
    (Default)
    Vonteera.Vonteera
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Volaro Updater
    NoRepair
    0x00000001
  • HKCR\TypeLib\{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}\1.0
    (Default)
    Vonteera 1.0 Type Library
  • HKCR\Interface\{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\AppID\{93D0B762-03DD-416f-AA26-B65F55B8914D}
    (Default)
    Vonteera
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID
    {437B9306-2FDE-4054-A3C9-6B49507C12D0}
    1
  • HKCR\Vonteera.Vonteera\CurVer
    (Default)
    Vonteera.Vonteera.1
  • HKCR\Vonteera.Vonteera\CLSID
    (Default)
    {437B9306-2FDE-4054-A3C9-6B49507C12D0}
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
    NoExplorer
    0x00000001
  • HKCR\AppID\Vonteera.DLL
    AppID
    {93D0B762-03DD-416f-AA26-B65F55B8914D}
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
    (Default)
    Vonteera Class
Registry Keys Modified
  • HKCU\Software\Microsoft\Internet Explorer\Main
    Start Page
    http://www.arabyonline.com/?src=110RCUSK1379460387
  • HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
    Start Page
    http://www.arabyonline.com/?src=110RCUSK1379460387
Processes Created
  • c:\docume~1\support\locals~1\temp\aln2.tmp
  • c:\docume~1\support\locals~1\temp\fixshortcuts.exe
  • c:\docume~1\support\locals~1\temp\nss8.tmp\chinstall\chromereset.exe
  • c:\docume~1\support\locals~1\temp\searchinstaller.exe
  • c:\docume~1\support\locals~1\temp\vonteeraaddonsetup.exe
  • c:\program files\volaro\updater\volaroupdatersetup.exe
HTTP Requests
  • http://srv1.adnetworkme.com/analytics.js
  • http://srv3.adnetworkme.com/updinst
  • http://www.acdcads.com/aff/thanks/Amonetize-thanks.php
  • http://www.ftparaby.com/DATA/getdata.php
  • http://www.ftparaby.com/DATA/win.bmp
  • http://www.google-analytics.com/__utm.gif
  • http://www.google-analytics.com/analytics.js
  • http://www.google-analytics.com/collect
  • http://www.google-analytics.com/ga.js
  • http://www.yeildmenger.com/t/von/new
DNS Requests
  • s3.amazonaws.com
  • srv1.adnetworkme.com
  • srv3.adnetworkme.com
  • www.acdcads.com
  • www.ftparaby.com
  • www.google-analytics.com
  • www.yeildmenger.com

Example 2

File Information

Size
1.3M
SHA-1
2fd223f526012e942567098789fb98b8a0c39e58
MD5
3b4fe7fa316894f938038107e1a1a909
CRC-32
77877f69
File type
application/x-ms-dos-executable
First seen
2007-09-20

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jfhbklndhffnahdploecdffbedhgjnce_0.localstorage
  • C:\Program Files\VonteeraAddon\onload.js
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\Vonteera-128-128.png
  • C:\Program Files\Volaro\Updater\Win7\Close.ico
  • C:\Program Files\Volaro\Updater\Win7\Tray.ico
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\bg.html
  • C:\Program Files\Volaro\Updater\XP\Close.ico
  • C:\Program Files\Volaro\Updater\Updater.exe
  • C:\Program Files\VonteeraAddon\Vonteera.dll
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\manifest.json
  • C:\Program Files\Volaro\Updater\Win7\theme.ini
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\Vonteera-48-48.png
  • C:\Program Files\Volaro\Updater\XP\closeSel.ico
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\main.js
  • C:\Program Files\VonteeraAddon\uninstall.exe
  • C:\Documents and Settings\All Users\Start Menu\Programs\Vonteera\Uninstall.lnk
  • C:\Program Files\Volaro\Updater\XP\Msg.ico
  • C:\Program Files\Volaro\Updater\uninstall.exe
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\_locales\en\messages.json
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\Vonteera-16-16.png
  • c:\Documents and Settings\test user\Local Settings\Temp\aln2.tmp
    Size
    1.3M
    SHA-1
    be31cf66103b5aa839278fafce61640dc67c708e
    MD5
    ac2f661483f890e48fdaa0b49198ae6e
    CRC-32
    da31085d
    File type
    Windows executable
    First seen
    2013-07-17
  • C:\Program Files\Volaro\Updater\XP\theme.ini
  • C:\Program Files\Volaro\Updater\Win7\closeSel.ico
  • C:\Program Files\Volaro\Updater\Win7\Msg.ico
  • C:\Program Files\Volaro\Updater\XP\Tray.ico
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
    NoExplorer
    0x00000001
  • HKCR\Interface\{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}\TypeLib
    Version
    1.0
  • HKCR\TypeLib\{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}\1.0
    (Default)
    Vonteera 1.0 Type Library
  • HKCR\Vonteera.Vonteera\CLSID
    (Default)
    {437B9306-2FDE-4054-A3C9-6B49507C12D0}
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\Interface\{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}
    (Default)
    IVonteeraBHO
  • HKCR\TypeLib\{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}\1.0\FLAGS
    (Default)
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Volaro Update
    C:\Program Files\Volaro\Updater\Updater.exe
  • HKLM\SOFTWARE\Volaro Updater
    Path
    C:\Program Files\Volaro\Updater
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vonteera
    NoRepair
    0x00000001
  • HKCU\Software\Volaro\Data
    Path
    C:\Program Files\VonteeraAddon
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}\VersionIndependentProgID
    (Default)
    Vonteera.Vonteera
  • HKCR\AppID\Vonteera.DLL
    AppID
    {93D0B762-03DD-416f-AA26-B65F55B8914D}
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Volaro Updater
    NoRepair
    0x00000001
  • HKCR\Vonteera.Vonteera
    (Default)
    Vonteera Class
  • HKCR\Vonteera.Vonteera\CurVer
    (Default)
    Vonteera.Vonteera.1
  • HKCR\AppID\{93D0B762-03DD-416f-AA26-B65F55B8914D}
    (Default)
    Vonteera
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
    NoExplorer
    0x00000001
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}\TypeLib
    (Default)
    {F0CF2525-8FA4-4f38-A06B-F02183A4D51E}
  • HKCU\Software\Volaro
    Interval
    0x00015180
  • HKCR\Interface\{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKLM\SOFTWARE\Vonteera
    Path
    C:\Program Files\VonteeraAddon
  • HKCR\Vonteera.Vonteera.1\CLSID
    (Default)
    {437B9306-2FDE-4054-A3C9-6B49507C12D0}
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}\ProgID
    (Default)
    Vonteera.Vonteera.1
  • HKCR\TypeLib\{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}\1.0\0\win32
    (Default)
    C:\Program Files\VonteeraAddon\Vonteera.dll
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
    (Default)
    Vonteera Class
  • HKCR\Vonteera.Vonteera.1
    (Default)
    Vonteera Class
  • HKLM\SOFTWARE\Vontera
    default
    1
  • HKCR\TypeLib\{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}\1.0\HELPDIR
    (Default)
    C:\Program Files\VonteeraAddon
Registry Keys Modified
  • HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
    Start Page
  • HKCU\Software\Microsoft\Internet Explorer\Main
    Start Page
Processes Created
  • c:\docume~1\support\locals~1\temp\aln2.tmp
  • c:\docume~1\support\locals~1\temp\fixshortcuts.exe
  • c:\docume~1\support\locals~1\temp\nsu6.tmp\chinstall\chromereset.exe
  • c:\docume~1\support\locals~1\temp\searchinstaller.exe
  • c:\docume~1\support\locals~1\temp\vonteeraaddonsetup.exe
  • c:\program files\volaro\updater\volaroupdatersetup.exe
HTTP Requests
  • http://gogostats.info/t/von/new
  • http://srv3.adnetworkme.com/updinst
  • http://www.ftparaby.com/DATA/getdata.php
DNS Requests
  • gogostats.info
  • srv3.adnetworkme.com
  • www.ftparaby.com

Example 3

File Information

Size
1.4M
SHA-1
9424ff83c2ff35da9b091e4b04157b1d3140e421
MD5
c6f45be2d79d7325998be9a3c8e6d79c
CRC-32
667c0c25
File type
Windows executable
First seen
2013-08-22

Runtime Analysis

Dropped Files
  • C:\Program Files\VonteeraAddon\Vonteera.dll
  • C:\Program Files\Volaro\Updater\Win7\Tray.ico
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\Vonteera-16-16.png
  • c:\Documents and Settings\test user\Local Settings\Temp\alnaddy_config.dat
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\_locales\en\messages.json
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\manifest.json
  • C:\Documents and Settings\All Users\Start Menu\Programs\Vonteera\Uninstall.lnk
  • C:\Program Files\Volaro\Updater\uninstall.exe
  • C:\Program Files\Volaro\Updater\Win7\Msg.ico
  • C:\Program Files\Volaro\Updater\Win7\Close.ico
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\main.js
  • C:\Program Files\Volaro\Updater\Updater.exe
  • C:\Program Files\VonteeraAddon\onload.js
  • C:\Program Files\Volaro\Updater\XP\Msg.ico
  • C:\Program Files\Volaro\Updater\Win7\closeSel.ico
  • C:\Program Files\Volaro\Updater\XP\Close.ico
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\Vonteera-48-48.png
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jfhbklndhffnahdploecdffbedhgjnce_0.localstorage
  • C:\Program Files\Volaro\Updater\XP\Tray.ico
  • C:\Program Files\VonteeraAddon\uninstall.exe
  • C:\Program Files\Volaro\Updater\Win7\theme.ini
  • C:\Program Files\Volaro\Updater\XP\theme.ini
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\bg.html
  • c:\Documents and Settings\test user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfhbklndhffnahdploecdffbedhgjnce\1.0_0\Vonteera-128-128.png
  • C:\Program Files\Volaro\Updater\XP\closeSel.ico
Registry Keys Created
  • HKCR\TypeLib\{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}\1.0\FLAGS
    (Default)
  • HKCR\TypeLib\{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}\1.0\0\win32
    (Default)
    C:\Program Files\VonteeraAddon\Vonteera.dll
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Volaro Updater
    NoRepair
    0x00000001
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013080520130812
    CacheRepair
    0x00000000
  • HKCR\TypeLib\{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}\1.0
    (Default)
    Vonteera 1.0 Type Library
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}\VersionIndependentProgID
    (Default)
    Vonteera.Vonteera
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}\ProgID
    (Default)
    Vonteera.Vonteera.1
  • HKLM\SOFTWARE\Vonteera
    Path
    C:\Program Files\VonteeraAddon
  • HKCR\Vonteera.Vonteera
    (Default)
    Vonteera Class
  • HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}
    URL
    http://www.arabyonline.com/yahoo.php?q={searchTerms}
  • HKCU\Software\Volaro
    Interval
    0x00015180
  • HKCR\Interface\{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}\TypeLib
    (Default)
    {F0CF2525-8FA4-4f38-A06B-F02183A4D51E}
  • HKCR\Interface\{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}
    (Default)
    IVonteeraBHO
  • HKCR\Interface\{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}\TypeLib
    Version
    1.0
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vonteera
    NoRepair
    0x00000001
  • HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}
    URL
    http://www.arabyonline.com/yahoo.php?q={searchTerms}
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013082220130823
    CacheRepair
    0x00000000
  • HKCU\Software\Microsoft\Internet Explorer\SearchScopes
    DefaultScope
    {756D1D40-E491-4E1D-9BC6-5B37CEDE646E}
  • HKCU\Software\Volaro\Data
    Path
    C:\Program Files\Volaro-Addon
  • HKCR\Vonteera.Vonteera\CurVer
    (Default)
    Vonteera.Vonteera.1
  • HKCR\AppID\{93D0B762-03DD-416f-AA26-B65F55B8914D}
    (Default)
    Vonteera
  • HKCR\Vonteera.Vonteera.1
    (Default)
    Vonteera Class
  • HKCR\Vonteera.Vonteera\CLSID
    (Default)
    {437B9306-2FDE-4054-A3C9-6B49507C12D0}
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Volaro Update
    C:\Program Files\Volaro\Updater\Updater.exe
  • HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    DefaultScope
    {756D1D40-E491-4E1D-9BC6-5B37CEDE646E}
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
    (Default)
    Vonteera Class
  • HKCR\Vonteera.Vonteera.1\CLSID
    (Default)
    {437B9306-2FDE-4054-A3C9-6B49507C12D0}
  • HKCU\Software\Vonteera
    LastStat
    0x52157e73
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
    NoExplorer
    0x00000001
  • HKCR\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\AppID\Vonteera.DLL
    AppID
    {93D0B762-03DD-416f-AA26-B65F55B8914D}
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
    NoExplorer
    0x00000001
  • HKCR\TypeLib\{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}\1.0\HELPDIR
    (Default)
    C:\Program Files\VonteeraAddon
  • HKCR\Interface\{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKLM\SOFTWARE\Volaro Updater
    Path
    C:\Program Files\Volaro\Updater
Registry Keys Modified
  • HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
    Start Page
    http://www.arabyonline.com/?src=105
  • HKCU\Software\Microsoft\Internet Explorer\Main
    Start Page
    http://www.arabyonline.com/?src=105
Processes Created
  • c:\docume~1\support\locals~1\temp\nsh5.tmp\chinstall\chromereset.exe
  • c:\docume~1\support\locals~1\temp\searchinstaller.exe
  • c:\docume~1\support\locals~1\temp\volaroupdatersetup.exe
  • c:\docume~1\support\locals~1\temp\vonteeraaddonsetup.exe
HTTP Requests
  • http://srv1.adnetworkme.com/analytics.js
  • http://www.acdcads.com/aff/thanks/softo-thanks.php
  • http://www.ftparaby.com/DATA/getdata.php
  • http://www.ftparaby.com/DATA/win.bmp
  • http://www.google-analytics.com/__utm.gif
  • http://www.google-analytics.com/analytics.js
  • http://www.google-analytics.com/collect
  • http://www.google-analytics.com/ga.js
DNS Requests
  • s3-eu-west-1.amazonaws.com
  • srv1.adnetworkme.com
  • www.acdcads.com
  • www.ftparaby.com
  • www.google-analytics.com

download Try Sophos products for free
Download now