Saturday, January 24, 2009

RXToolbar Adware

How To Remove RXToolbar?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
RXToolbar is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

RXToolbar Symptoms:

Files:
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume_sel.bmp
[%PROGRAM_FILES%]\rxtoolbar\CacheCatalog.rx
[%PROGRAM_FILES%]\rxtoolbar\CacheCatolog.rx
[%PROGRAM_FILES%]\rxtoolbar\graphics\additional.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\additional_active.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\background.jpg
[%PROGRAM_FILES%]\rxtoolbar\graphics\blue_hr_horz.GIF
[%PROGRAM_FILES%]\rxtoolbar\graphics\gray_hr_horz.GIF
[%PROGRAM_FILES%]\rxtoolbar\graphics\thumbtack.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\thumbtack_active.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\thumbtack_click.gif
[%PROGRAM_FILES%]\rxtoolbar\html\content.htm
[%PROGRAM_FILES%]\rxtoolbar\html\main.htm
[%PROGRAM_FILES%]\rxtoolbar\rx.xml
[%PROGRAM_FILES%]\rxtoolbar\rxtoolbar.cfg
[%PROGRAM_FILES%]\rxtoolbar\RXToolBar.dll
[%PROGRAM_FILES%]\rxtoolbar\rxwebsearches.xsl
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bLabels01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bLabels01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\CustomerSecret.Key
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\CustomerSecret.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\nLabels01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\nLabels01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\SemanticInsight.dat
[%PROGRAM_FILES%]\RXToolBar\Semantic Insight\SemanticInsight.exe
[%PROGRAM_FILES%]\rxtoolbar\sfcont.bin
[%PROGRAM_FILES%]\rxtoolbar\sfcont.dll
[%PROGRAM_FILES%]\rxtoolbar\yahoo.xsl
[%WINDOWS%]\temp\adware\RXToolbar.exe
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume_sel.bmp
[%PROGRAM_FILES%]\rxtoolbar\CacheCatalog.rx
[%PROGRAM_FILES%]\rxtoolbar\CacheCatolog.rx
[%PROGRAM_FILES%]\rxtoolbar\graphics\additional.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\additional_active.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\background.jpg
[%PROGRAM_FILES%]\rxtoolbar\graphics\blue_hr_horz.GIF
[%PROGRAM_FILES%]\rxtoolbar\graphics\gray_hr_horz.GIF
[%PROGRAM_FILES%]\rxtoolbar\graphics\thumbtack.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\thumbtack_active.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\thumbtack_click.gif
[%PROGRAM_FILES%]\rxtoolbar\html\content.htm
[%PROGRAM_FILES%]\rxtoolbar\html\main.htm
[%PROGRAM_FILES%]\rxtoolbar\rx.xml
[%PROGRAM_FILES%]\rxtoolbar\rxtoolbar.cfg
[%PROGRAM_FILES%]\rxtoolbar\RXToolBar.dll
[%PROGRAM_FILES%]\rxtoolbar\rxwebsearches.xsl
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bLabels01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bLabels01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\CustomerSecret.Key
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\CustomerSecret.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\nLabels01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\nLabels01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\SemanticInsight.dat
[%PROGRAM_FILES%]\RXToolBar\Semantic Insight\SemanticInsight.exe
[%PROGRAM_FILES%]\rxtoolbar\sfcont.bin
[%PROGRAM_FILES%]\rxtoolbar\sfcont.dll
[%PROGRAM_FILES%]\rxtoolbar\yahoo.xsl
[%WINDOWS%]\temp\adware\RXToolbar.exe

Folders:
[%PROGRAM_FILES%]\rxtoolbar
[%PROGRAM_FILES%]\aaayoureweb

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{25d8bacf-3de2-4b48-ae22-d659b8d835b0}
HKEY_CLASSES_ROOT\clsid\{2ab289ae-4b90-4281-b2ae-1f4bb034b647}
HKEY_CLASSES_ROOT\clsid\{59879fa4-4790-461c-a1cc-4ec4de4ca483}
HKEY_CLASSES_ROOT\rxresult.rxresultfilter
HKEY_CLASSES_ROOT\rxresult.rxresultfilter.1
HKEY_CLASSES_ROOT\rxresult.rxresulttracker
HKEY_CLASSES_ROOT\rxresult.rxresulttracker.1
HKEY_CLASSES_ROOT\rxtoolbar.tbinfo
HKEY_CLASSES_ROOT\rxtoolbar.tbinfo.1
HKEY_CLASSES_ROOT\typelib\{05563f82-69a7-40a6-8670-153b635a7ef6}
HKEY_CLASSES_ROOT\typelib\{66b20295-dc57-42b6-acdf-52d916e86464}
HKEY_CURRENT_USER\software\rx toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{59879fa4-4790-461c-a1cc-4ec4de4ca483}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\RXToolBar
HKEY_LOCAL_MACHINE\software\rxresults
HKEY_CLASSES_ROOT\rxtoolbar.tbinfo rx toolbar
HKEY_CLASSES_ROOT\rxtoolbar.tbinfo.1 rx toolbar
HKEY_CURRENT_USER\software\aaayoureweb
HKEY_LOCAL_MACHINE\software\aaayoureweb
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar {25d8bacf-3de2-4b48-ae22-d659b8d835b0}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\rxtoolbar
HKEY_LOCAL_MACHINE\software\rtrmin

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\aaayoureweb toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\aaayoureweb toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\aaayoureweb toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\aaayoureweb toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\aaayoureweb toolbar

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Kilamp Trojan Removal instruction
Dyfuca.dm Downloader Symptoms

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)