Neobar

Category: Adware and PUAs Protection available since:20 Jan 2016 14:45:00 (GMT)
Type: Unspecified PUA Last Updated:12 Jul 2017 13:07:23 (GMT)

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Neobar include:

Example 1

File Information

Size
1.9M
SHA-1
00b605bba1c487066d3366b8ff4de483e96c76c6
MD5
c3d50937f093a35dcb9f647d20fe487b
CRC-32
34b3ee94
File type
Windows executable
First seen
2012-01-27

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\extensionInstallerHelperFolder_install_122954\test_item.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\extensionInstallerHelperFolder_403814\InstallerHelper.dll
  • C:\Program Files\VK Downloader\files\_locales\sw\messages.json
  • C:\Program Files\VK Downloader\files\_locales\fa\messages.json
  • C:\Program Files\VK Downloader\files\_locales\fil\messages.json
  • C:\Program Files\VK Downloader\files\background.html
  • C:\Program Files\VK Downloader\files\_locales\lv\messages.json
  • C:\Program Files\VK Downloader\files\_locales\es\messages.json
  • c:\Documents and Settings\test user\Local Settings\Temp\nsf4.tmp\System.dll
  • C:\Program Files\VK Downloader\files\_locales\ms\messages.json
  • C:\Program Files\VK Downloader\files\_locales\sk\messages.json
  • C:\Program Files\VK Downloader\files\_locales\te\messages.json
  • C:\Program Files\VK Downloader\Uninstaller.exe
  • C:\Program Files\VK Downloader\update.xml
  • C:\Program Files\VK Downloader\Loader.exe
  • C:\Program Files\VK Downloader\files\_locales\be\messages.json
  • C:\Program Files\VK Downloader\files\_locales\en_US\messages.json
  • C:\Program Files\VK Downloader\Basement\ExtensionUpdaterService.exe
    Size
    135K
    SHA-1
    fea825213f54584d0b036b58ffc4184655739650
    MD5
    c9f64e6153ddc831ac32fe6cd2530891
    CRC-32
    ddb7dc4c
    File type
    Windows executable
    First seen
    2015-02-16
  • C:\Program Files\VK Downloader\files\_locales\en_GB\messages.json
  • c:\Documents and Settings\test user\Local Settings\Temp\extensionInstallerHelperFolder_403814\InstallerSearchHelper.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\extensionInstallerHelperFolder_403814\Chromium.dll
  • C:\Program Files\VK Downloader\files\_locales\ja\messages.json
  • C:\Program Files\VK Downloader\files\BrowsersFix.js
  • C:\Program Files\VK Downloader\BackgroundSingleton.exe
  • C:\Program Files\VK Downloader\files\files\foreground.js
  • C:\Program Files\VK Downloader\files\_locales\de\messages.json
  • C:\Program Files\VK Downloader\files\_locales\hi\messages.json
  • C:\Program Files\VK Downloader\files\_locales\ko\messages.json
  • C:\Program Files\VK Downloader\BackgroundSingleton.tlb
  • C:\Program Files\VK Downloader\files\_locales\bg\messages.json
  • C:\Program Files\VK Downloader\files\_locales\ar\messages.json
  • c:\Documents and Settings\test user\Local Settings\Temp\extensionInstallerHelperFolder_403814\KompexSQLiteWrapper.dll
  • C:\Program Files\VK Downloader\install.bat
  • C:\Program Files\VK Downloader\files\Kernel.js
  • C:\Program Files\VK Downloader\files\_locales\sv\messages.json
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc7.tmp\nsProcess.dll
  • C:\Program Files\VK Downloader\files\_locales\am\messages.json
  • C:\Program Files\VK Downloader\files\_locales\fr\messages.json
  • C:\Program Files\VK Downloader\install.html
  • C:\Program Files\VK Downloader\files\_locales\he\messages.json
  • C:\Program Files\VK Downloader\files\_locales\id\messages.json
  • C:\Program Files\VK Downloader\files\_locales\th\messages.json
  • C:\Program Files\VK Downloader\files\_locales\zh_TW\messages.json
  • C:\Program Files\VK Downloader\files\_locales\cs\messages.json
  • C:\Program Files\VK Downloader\files\_locales\ca\messages.json
  • C:\Program Files\VK Downloader\files\files\background.js
  • C:\Program Files\VK Downloader\files\_locales\en\messages.json
  • C:\Program Files\VK Downloader\files\_locales\hr\messages.json
  • C:\Program Files\VK Downloader\files\_locales\it\messages.json
  • C:\Program Files\VK Downloader\files\files\main.css
  • C:\Program Files\VK Downloader\files\_locales\pt\messages.json
  • C:\Program Files\VK Downloader\files\files\com.ab.vksaver.custom\download.png
  • C:\Program Files\VK Downloader\files\files\proxy.js
  • C:\Program Files\VK Downloader\files\_locales\nl\messages.json
  • C:\Program Files\VK Downloader\files\_locales\sl\messages.json
  • C:\Program Files\VK Downloader\files\_locales\hu\messages.json
  • C:\Program Files\VK Downloader\files\_locales\pt_BR\messages.json
  • C:\Program Files\VK Downloader\files\_locales\lt\messages.json
  • C:\Program Files\VK Downloader\files\_locales\el\messages.json
  • C:\Program Files\VK Downloader\files\_locales\pt_PT\messages.json
  • C:\Program Files\VK Downloader\files\_locales\da\messages.json
  • C:\Program Files\VK Downloader\files\_locales\ro\messages.json
  • C:\Program Files\VK Downloader\files\_locales\ml\messages.json
  • C:\Program Files\VK Downloader\files\_locales\fi\messages.json
  • C:\Program Files\VK Downloader\files\_locales\es_419\messages.json
  • C:\WINDOWS\system32\GroupPolicy\Adm\chrome.adm
  • C:\Program Files\VK Downloader\files\_locales\mr\messages.json
  • C:\Program Files\VK Downloader\files\_locales\gu\messages.json
  • C:\Program Files\VK Downloader\Interfaces32.dll
  • C:\Program Files\VK Downloader\files\_locales\bn\messages.json
  • C:\Program Files\VK Downloader\files\_locales\pl\messages.json
  • C:\Program Files\VK Downloader\files\_locales\kn\messages.json
  • C:\Program Files\VK Downloader\files\_locales\ru\messages.json
  • C:\Program Files\VK Downloader\files\_locales\et\messages.json
  • C:\Program Files\VK Downloader\files\_locales\sq\messages.json
  • C:\Program Files\VK Downloader\uninstall.exe
  • C:\Program Files\VK Downloader\files\_locales\ta\messages.json
  • C:\Program Files\VK Downloader\files\_locales\vi\messages.json
  • C:\Program Files\VK Downloader\Interfaces64.dll
  • C:\Program Files\VK Downloader\Toolbar64.dll
  • C:\Program Files\VK Downloader\files\_locales\sr\messages.json
  • C:\Program Files\VK Downloader\files\_locales\uk\messages.json
  • C:\Program Files\VK Downloader\Toolbar32.dll
  • C:\Program Files\VK Downloader\Toolbar32.tlb
  • C:\Program Files\VK Downloader\info.json
  • C:\Program Files\VK Downloader\Toolbar64.tlb
  • C:\Program Files\VK Downloader\files\_locales\no\messages.json
  • C:\Program Files\VK Downloader\files\_locales\zh_CN\messages.json
  • C:\Program Files\VK Downloader\install.inf
  • C:\Program Files\VK Downloader\files\_locales\tr\messages.json
  • C:\Program Files\VK Downloader\files\_locales\mk\messages.json
Modified Files
  • %SYSTEM%\GroupPolicy\Machine\Registry.pol
    • Changed the file contents
  • %SYSTEM%\GroupPolicy\gpt.ini
    • Changed the file contents
Registry Keys Created
  • HKCR\CLSID\{D64A468C-280F-4A9A-8BFF-E3C724F0C0F9}
    (Default)
    BackgroundScriptEngine Class
  • HKCR\TypeLib\{01037FC2-4778-455C-A8F9-C1BAEBC46268}\1.0
    (Default)
    BackgroundSingleton 1.0 Type Library
  • HKCR\Interface\{780F8653-BB91-4985-BF11-621F9EC3BFAF}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\CLSID\{3C6CF3C0-D800-4B4D-A3D8-8ADE406523B6}\Programmable
    (Default)
  • HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks
    {3C6CF3C0-D800-4B4D-A3D8-8ADE406523B6}
  • HKCR\Interface\{B79EC7F1-700B-4159-AC2F-40B976B9F256}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKLM\SYSTEM\CurrentControlSet\Services\Update Service for VK Downloader
    ObjectName
    LocalSystem
  • HKCR\TypeLib\{01037FC2-4778-455C-A8F9-C1BAEBC46268}\1.0\HELPDIR
    (Default)
    C:\Program Files\VK Downloader
  • HKCR\Interface\{B79EC7F1-700B-4159-AC2F-40B976B9F256}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\TypeLib\{77EC5F61-3E67-46B5-86D0-21A0B6286C66}\1.0\0\win32
    (Default)
    C:\Program Files\VK Downloader\Toolbar32.dll
  • HKCR\Interface\{905BD9A6-01E4-416D-B0DE-E20F0A096F60}
    (Default)
    IToolbarButton
  • HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D64A468C-280F-4A9A-8BFF-E3C724F0C0F9}
    Policy
    0x00000003
  • HKCR\CLSID\{3C6CF3C0-D800-4B4D-A3D8-8ADE406523B6}\InprocServer32
    ThreadingModel
    Apartment
  • HKLM\SYSTEM\CurrentControlSet\Services\Update Service for VK Downloader\Security
    Security
    □□□@□□□□□□□□□□□□□□@□□□□□□□□□□□ □□□□□□□□□□□ □□@□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□@□□□□□□□□@□□□□□ □□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□@□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□0□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□ □□□□□
  • HKCU\Software\VK Downloader\Components
    Main
    1
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C6CF3C0-D800-4B4D-A3D8-8ADE406523B6}
    NoExplorer
    0x00000001
  • HKCR\Interface\{780F8653-BB91-4985-BF11-621F9EC3BFAF}\TypeLib
    Version
    1.0
  • HKCU\Software\VK Downloader
    Uninstalled
    1
  • HKCR\Interface\{905BD9A6-01E4-416D-B0DE-E20F0A096F60}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\TypeLib\{77EC5F61-3E67-46B5-86D0-21A0B6286C66}\1.0
    (Default)
    Toolbar 1.0 Type Library
  • HKCR\CLSID\{3C6CF3C0-D800-4B4D-A3D8-8ADE406523B6}
    TypeLib
    {1D5A4199-956E-49BC-B89F-6A35C57C0D13}
  • HKCR\CLSID\{D64A468C-280F-4A9A-8BFF-E3C724F0C0F9}\LocalServer32
    (Default)
    C:\Program Files\VK Downloader\BackgroundSingleton.exe
  • HKLM\SOFTWARE\VK Downloader
    Uninstalled
    1
  • HKCR\TypeLib\{01037FC2-4778-455C-A8F9-C1BAEBC46268}\1.0\FLAGS
    (Default)
  • HKCR\CLSID\{D64A468C-280F-4A9A-8BFF-E3C724F0C0F9}\Programmable
    (Default)
  • HKCR\TypeLib\{77EC5F61-3E67-46B5-86D0-21A0B6286C66}\1.0\FLAGS
    (Default)
  • HKCR\Interface\{780F8653-BB91-4985-BF11-621F9EC3BFAF}
    (Default)
    IToolbarHelperObject
  • HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3C6CF3C0-D800-4B4D-A3D8-8ADE406523B6}
    TopResultURLFallback
  • HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION
    BackgroundSingleton.exe
    0x0000270f
  • HKCR\Interface\{C1AE68D2-03A5-46EE-B766-961771B09CE4}\ProxyStubClsid32
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\TypeLib\{01037FC2-4778-455C-A8F9-C1BAEBC46268}\1.0\0\win32
    (Default)
    C:\Program Files\VK Downloader\BackgroundSingleton.exe
  • HKCR\Interface\{C1AE68D2-03A5-46EE-B766-961771B09CE4}\TypeLib
    Version
    1.0
  • HKCR\TypeLib\{77EC5F61-3E67-46B5-86D0-21A0B6286C66}\1.0\HELPDIR
    (Default)
    C:\Program Files\VK Downloader
  • HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D64A468C-280F-4A9A-8BFF-E3C724F0C0F9}
    Policy
    0x00000003
  • HKLM\SOFTWARE\VK Downloader\Components
    Main
    1
  • HKLM\SYSTEM\CurrentControlSet\Services\Update Service for VK Downloader\Enum
    NextInstance
    0x00000001
  • HKCR\Interface\{B79EC7F1-700B-4159-AC2F-40B976B9F256}
    (Default)
    IBackgroundSingleton
  • HKCR\Interface\{905BD9A6-01E4-416D-B0DE-E20F0A096F60}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{C1AE68D2-03A5-46EE-B766-961771B09CE4}
    (Default)
    _IBackgroundSingletonEvents
  • HKCR\Interface\{C1AE68D2-03A5-46EE-B766-961771B09CE4}\ProxyStubClsid
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\Interface\{905BD9A6-01E4-416D-B0DE-E20F0A096F60}\TypeLib
    Version
    1.0
  • HKCR\Interface\{780F8653-BB91-4985-BF11-621F9EC3BFAF}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\Interface\{B79EC7F1-700B-4159-AC2F-40B976B9F256}\TypeLib
    Version
    1.0
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VK Downloader
    NoRepair
    0x00000001
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
    1406
    0x00000000
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
    1406
    0x00000000
Processes Created
  • c:\program files\vk downloader\backgroundsingleton.exe
  • c:\program files\vk downloader\basement\extensionupdaterservice.exe
  • c:\program files\vk downloader\uninstaller.exe
  • c:\windows\system32\regsvr32.exe
DNS Requests
  • installsyst.com

Example 2

File Information

Size
1.9M
SHA-1
2fd76b4b8193c169fbac618ac255f2f853e92d26
MD5
cc3b410102d01c8830f9ad440237bd17
CRC-32
76ffb0e0
File type
Windows executable
First seen
2007-10-18

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\extensionInstallerHelperFolder_install_176304\test_item.exe
Dropped Files
  • C:\Program Files\VK Downloader\Loader.exe
  • C:\Program Files\VK Downloader\files\_locales\ko\messages.json
  • C:\Program Files\VK Downloader\files\files\foreground.js
  • C:\Program Files\VK Downloader\files\_locales\el\messages.json
  • C:\Program Files\VK Downloader\files\files\com.ab.vksaver.custom\download.png
  • C:\Program Files\VK Downloader\files\_locales\be\messages.json
  • C:\Program Files\VK Downloader\files\_locales\et\messages.json
  • C:\Program Files\VK Downloader\files\_locales\pt_PT\messages.json
  • C:\Program Files\VK Downloader\info.json
  • C:\Program Files\VK Downloader\files\_locales\sk\messages.json
  • C:\Program Files\VK Downloader\files\_locales\lt\messages.json
  • C:\Program Files\VK Downloader\files\files\main.css
  • C:\Program Files\VK Downloader\files\_locales\it\messages.json
  • c:\Documents and Settings\test user\Local Settings\Temp\extensionInstallerHelperFolder_975046\Chromium.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\extensionInstallerHelperFolder_975046\InstallerSearchHelper.dll
  • C:\Program Files\VK Downloader\files\_locales\es\messages.json
  • c:\Documents and Settings\test user\Local Settings\Temp\extensionInstallerHelperFolder_975046\InstallerHelper.dll
  • C:\Program Files\VK Downloader\files\_locales\pl\messages.json
  • C:\Program Files\VK Downloader\files\_locales\en_GB\messages.json
  • C:\Program Files\VK Downloader\files\files\proxy.js
  • C:\Program Files\VK Downloader\files\_locales\es_419\messages.json
  • C:\Program Files\VK Downloader\files\_locales\nl\messages.json
  • C:\Program Files\VK Downloader\files\_locales\fa\messages.json
  • C:\Program Files\VK Downloader\files\_locales\ar\messages.json
  • C:\Program Files\VK Downloader\files\_locales\ta\messages.json
  • C:\Program Files\VK Downloader\files\_locales\fr\messages.json
  • C:\Program Files\VK Downloader\files\_locales\ms\messages.json
  • C:\Program Files\VK Downloader\files\_locales\sw\messages.json
  • C:\Program Files\VK Downloader\files\_locales\zh_CN\messages.json
  • C:\Program Files\VK Downloader\update.xml
  • C:\Program Files\VK Downloader\Interfaces64.dll
  • C:\Program Files\VK Downloader\files\_locales\hu\messages.json
  • c:\Documents and Settings\test user\Local Settings\Temp\nsq7.tmp\nsProcess.dll
  • C:\Program Files\VK Downloader\install.bat
  • C:\Program Files\VK Downloader\files\_locales\mk\messages.json
  • C:\Program Files\VK Downloader\files\background.html
  • C:\Program Files\VK Downloader\Toolbar64.dll
  • C:\Program Files\VK Downloader\Toolbar32.tlb
  • C:\Program Files\VK Downloader\files\_locales\bg\messages.json
  • C:\Program Files\VK Downloader\Basement\ExtensionUpdaterService.exe
  • C:\Program Files\VK Downloader\files\Kernel.js
  • C:\Program Files\VK Downloader\files\_locales\te\messages.json
  • C:\Program Files\VK Downloader\Interfaces32.dll
  • C:\Program Files\VK Downloader\files\_locales\sv\messages.json
  • C:\Program Files\VK Downloader\files\_locales\ml\messages.json
  • C:\Program Files\VK Downloader\BackgroundSingleton.exe
  • C:\Program Files\VK Downloader\BackgroundSingleton.tlb
  • c:\Documents and Settings\test user\Local Settings\Temp\nsz4.tmp\System.dll
  • C:\Program Files\VK Downloader\files\_locales\am\messages.json
  • C:\Program Files\VK Downloader\files\_locales\de\messages.json
  • C:\Program Files\VK Downloader\files\_locales\no\messages.json
  • C:\Program Files\VK Downloader\files\_locales\bn\messages.json
  • C:\Program Files\VK Downloader\files\_locales\da\messages.json
  • C:\Program Files\VK Downloader\files\_locales\lv\messages.json
  • C:\Program Files\VK Downloader\files\_locales\hi\messages.json
  • C:\Program Files\VK Downloader\files\_locales\cs\messages.json
  • C:\Program Files\VK Downloader\files\_locales\kn\messages.json
  • C:\Program Files\VK Downloader\files\_locales\pt_BR\messages.json
  • C:\Program Files\VK Downloader\files\_locales\he\messages.json
  • C:\Program Files\VK Downloader\files\_locales\ca\messages.json
  • C:\Program Files\VK Downloader\files\_locales\en\messages.json
  • C:\Program Files\VK Downloader\files\_locales\vi\messages.json
  • C:\Program Files\VK Downloader\files\files\background.js
  • C:\Program Files\VK Downloader\files\_locales\hr\messages.json
  • C:\Program Files\VK Downloader\files\_locales\fi\messages.json
  • C:\Program Files\VK Downloader\files\_locales\ro\messages.json
  • c:\Documents and Settings\test user\Local Settings\Temp\extensionInstallerHelperFolder_975046\KompexSQLiteWrapper.dll
  • C:\Program Files\VK Downloader\files\_locales\mr\messages.json
  • C:\Program Files\VK Downloader\files\_locales\pt\messages.json
  • C:\Program Files\VK Downloader\files\_locales\zh_TW\messages.json
  • C:\Program Files\VK Downloader\files\_locales\gu\messages.json
  • C:\Program Files\VK Downloader\files\_locales\ja\messages.json
  • C:\Program Files\VK Downloader\files\_locales\fil\messages.json
  • C:\Program Files\VK Downloader\files\_locales\uk\messages.json
  • C:\Program Files\VK Downloader\files\_locales\ru\messages.json
  • C:\Program Files\VK Downloader\files\_locales\sq\messages.json
  • C:\Program Files\VK Downloader\files\BrowsersFix.js
  • C:\Program Files\VK Downloader\files\_locales\sr\messages.json
  • C:\Program Files\VK Downloader\files\_locales\id\messages.json
  • C:\Program Files\VK Downloader\files\_locales\en_US\messages.json
  • C:\Program Files\VK Downloader\uninstall.exe
  • C:\Program Files\VK Downloader\files\_locales\sl\messages.json
  • C:\Program Files\VK Downloader\files\_locales\tr\messages.json
  • C:\WINDOWS\system32\GroupPolicy\Adm\chrome.adm
  • C:\Program Files\VK Downloader\Uninstaller.exe
  • C:\Program Files\VK Downloader\Toolbar32.dll
    Size
    246K
    SHA-1
    e856c766fe5ec973a5eb73dbdb5fbd11b43698a6
    MD5
    64d51fc886919277867d3702bad9f4f7
    CRC-32
    8c037867
    File type
    Windows executable
    First seen
    2015-03-04
  • C:\Program Files\VK Downloader\Toolbar64.tlb
  • C:\Program Files\VK Downloader\install.html
  • C:\Program Files\VK Downloader\install.inf
  • C:\Program Files\VK Downloader\files\_locales\th\messages.json
Modified Files
  • %SYSTEM%\GroupPolicy\gpt.ini
    • Changed the file contents
  • %SYSTEM%\GroupPolicy\Machine\Registry.pol
    • Changed the file contents
Registry Keys Created
  • HKCR\CLSID\{D64A468C-280F-4A9A-8BFF-E3C724F0C0F9}\Programmable
    (Default)
  • HKCR\TypeLib\{01037FC2-4778-455C-A8F9-C1BAEBC46268}\1.0
    (Default)
    BackgroundSingleton 1.0 Type Library
  • HKCR\Interface\{780F8653-BB91-4985-BF11-621F9EC3BFAF}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\CLSID\{3C6CF3C0-D800-4B4D-A3D8-8ADE406523B6}\Programmable
    (Default)
  • HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks
    {3C6CF3C0-D800-4B4D-A3D8-8ADE406523B6}
  • HKCR\Interface\{B79EC7F1-700B-4159-AC2F-40B976B9F256}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\TypeLib\{01037FC2-4778-455C-A8F9-C1BAEBC46268}\1.0\HELPDIR
    (Default)
    C:\Program Files\VK Downloader
  • HKLM\SYSTEM\CurrentControlSet\Services\Update Service for VK Downloader
    ObjectName
    LocalSystem
  • HKCR\Interface\{B79EC7F1-700B-4159-AC2F-40B976B9F256}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\TypeLib\{77EC5F61-3E67-46B5-86D0-21A0B6286C66}\1.0\0\win32
    (Default)
    C:\Program Files\VK Downloader\Toolbar32.dll
  • HKCR\Interface\{905BD9A6-01E4-416D-B0DE-E20F0A096F60}
    (Default)
    IToolbarButton
  • HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D64A468C-280F-4A9A-8BFF-E3C724F0C0F9}
    Policy
    0x00000003
  • HKCR\CLSID\{3C6CF3C0-D800-4B4D-A3D8-8ADE406523B6}\InprocServer32
    ThreadingModel
    Apartment
  • HKCU\Software\VK Downloader\Components
    Main
    1
  • HKLM\SYSTEM\CurrentControlSet\Services\Update Service for VK Downloader\Security
    Security
    □□□@□□□□□□□□□□□□□□@□□□□□□□□□□□ □□□□□□□□□□□ □□@□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□@□□□□□□□□@□□□□□ □□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□@□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□0□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□ □□□□□
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C6CF3C0-D800-4B4D-A3D8-8ADE406523B6}
    NoExplorer
    0x00000001
  • HKCR\Interface\{780F8653-BB91-4985-BF11-621F9EC3BFAF}\TypeLib
    Version
    1.0
  • HKCU\Software\VK Downloader
    Uninstalled
    1
  • HKCR\TypeLib\{77EC5F61-3E67-46B5-86D0-21A0B6286C66}\1.0
    (Default)
    Toolbar 1.0 Type Library
  • HKCR\Interface\{905BD9A6-01E4-416D-B0DE-E20F0A096F60}\ProxyStubClsid32
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\CLSID\{3C6CF3C0-D800-4B4D-A3D8-8ADE406523B6}
    TypeLib
    {1D5A4199-956E-49BC-B89F-6A35C57C0D13}
  • HKCR\CLSID\{D64A468C-280F-4A9A-8BFF-E3C724F0C0F9}\LocalServer32
    (Default)
    C:\Program Files\VK Downloader\BackgroundSingleton.exe
  • HKLM\SOFTWARE\VK Downloader
    Uninstalled
    1
  • HKCR\TypeLib\{77EC5F61-3E67-46B5-86D0-21A0B6286C66}\1.0\FLAGS
    (Default)
  • HKCR\Interface\{780F8653-BB91-4985-BF11-621F9EC3BFAF}
    (Default)
    IToolbarHelperObject
  • HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3C6CF3C0-D800-4B4D-A3D8-8ADE406523B6}
    TopResultURLFallback
  • HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION
    BackgroundSingleton.exe
    0x0000270f
  • HKCR\Interface\{C1AE68D2-03A5-46EE-B766-961771B09CE4}\ProxyStubClsid32
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\Interface\{C1AE68D2-03A5-46EE-B766-961771B09CE4}\TypeLib
    Version
    1.0
  • HKCR\TypeLib\{01037FC2-4778-455C-A8F9-C1BAEBC46268}\1.0\0\win32
    (Default)
    C:\Program Files\VK Downloader\BackgroundSingleton.exe
  • HKCR\TypeLib\{77EC5F61-3E67-46B5-86D0-21A0B6286C66}\1.0\HELPDIR
    (Default)
    C:\Program Files\VK Downloader
  • HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D64A468C-280F-4A9A-8BFF-E3C724F0C0F9}
    Policy
    0x00000003
  • HKLM\SOFTWARE\VK Downloader\Components
    Main
    1
  • HKLM\SYSTEM\CurrentControlSet\Services\Update Service for VK Downloader\Enum
    NextInstance
    0x00000001
  • HKCR\Interface\{B79EC7F1-700B-4159-AC2F-40B976B9F256}
    (Default)
    IBackgroundSingleton
  • HKCR\Interface\{905BD9A6-01E4-416D-B0DE-E20F0A096F60}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\TypeLib\{01037FC2-4778-455C-A8F9-C1BAEBC46268}\1.0\FLAGS
    (Default)
  • HKCR\Interface\{B79EC7F1-700B-4159-AC2F-40B976B9F256}\TypeLib
    Version
    1.0
  • HKCR\Interface\{C1AE68D2-03A5-46EE-B766-961771B09CE4}\ProxyStubClsid
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\Interface\{905BD9A6-01E4-416D-B0DE-E20F0A096F60}\TypeLib
    Version
    1.0
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VK Downloader
    NoRepair
    0x00000001
  • HKCR\Interface\{780F8653-BB91-4985-BF11-621F9EC3BFAF}\ProxyStubClsid
    (Default)
    {00020424-0000-0000-C000-000000000046}
  • HKCR\CLSID\{D64A468C-280F-4A9A-8BFF-E3C724F0C0F9}
    (Default)
    BackgroundScriptEngine Class
  • HKCR\Interface\{C1AE68D2-03A5-46EE-B766-961771B09CE4}
    (Default)
    _IBackgroundSingletonEvents
Registry Keys Modified
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
    1406
    0x00000000
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
    1406
    0x00000000
Processes Created
  • c:\program files\vk downloader\backgroundsingleton.exe
  • c:\program files\vk downloader\basement\extensionupdaterservice.exe
  • c:\program files\vk downloader\uninstaller.exe
  • c:\windows\system32\regsvr32.exe
DNS Requests
  • installsyst.com

Example 3

File Information

Size
135K
SHA-1
8600a6db134d13bee2b08e535b2c33b68f47cbe5
MD5
440a4d6d13ba265ef1348593effa99cf
CRC-32
255c3973
File type
Windows executable
First seen
2015-02-16

download Try Sophos products for free
Download now