Sunday, February 1, 2009

RXToolbar Adware

Click here to remove RXToolbar malware
RXToolbar description:
RXToolbar Category:Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

Detection RXToolbar :

RXToolbar Files:
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume_sel.bmp
[%PROGRAM_FILES%]\rxtoolbar\CacheCatalog.rx
[%PROGRAM_FILES%]\rxtoolbar\CacheCatolog.rx
[%PROGRAM_FILES%]\rxtoolbar\graphics\additional.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\additional_active.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\background.jpg
[%PROGRAM_FILES%]\rxtoolbar\graphics\blue_hr_horz.GIF
[%PROGRAM_FILES%]\rxtoolbar\graphics\gray_hr_horz.GIF
[%PROGRAM_FILES%]\rxtoolbar\graphics\thumbtack.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\thumbtack_active.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\thumbtack_click.gif
[%PROGRAM_FILES%]\rxtoolbar\html\content.htm
[%PROGRAM_FILES%]\rxtoolbar\html\main.htm
[%PROGRAM_FILES%]\rxtoolbar\rx.xml
[%PROGRAM_FILES%]\rxtoolbar\rxtoolbar.cfg
[%PROGRAM_FILES%]\rxtoolbar\RXToolBar.dll
[%PROGRAM_FILES%]\rxtoolbar\rxwebsearches.xsl
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bLabels01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bLabels01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\CustomerSecret.Key
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\CustomerSecret.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\nLabels01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\nLabels01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\SemanticInsight.dat
[%PROGRAM_FILES%]\RXToolBar\Semantic Insight\SemanticInsight.exe
[%PROGRAM_FILES%]\rxtoolbar\sfcont.bin
[%PROGRAM_FILES%]\rxtoolbar\sfcont.dll
[%PROGRAM_FILES%]\rxtoolbar\yahoo.xsl
[%WINDOWS%]\temp\adware\RXToolbar.exe
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_closetabs_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_download_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_messageuser_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_newsearch_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_searchuser_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\searchbar_showsearch_sel.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume_dis.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume_over.bmp
[%PROGRAM_FILES%]\Kazaa\Skins\Black Glass\trafficbar_resume_sel.bmp
[%PROGRAM_FILES%]\rxtoolbar\CacheCatalog.rx
[%PROGRAM_FILES%]\rxtoolbar\CacheCatolog.rx
[%PROGRAM_FILES%]\rxtoolbar\graphics\additional.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\additional_active.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\background.jpg
[%PROGRAM_FILES%]\rxtoolbar\graphics\blue_hr_horz.GIF
[%PROGRAM_FILES%]\rxtoolbar\graphics\gray_hr_horz.GIF
[%PROGRAM_FILES%]\rxtoolbar\graphics\thumbtack.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\thumbtack_active.gif
[%PROGRAM_FILES%]\rxtoolbar\graphics\thumbtack_click.gif
[%PROGRAM_FILES%]\rxtoolbar\html\content.htm
[%PROGRAM_FILES%]\rxtoolbar\html\main.htm
[%PROGRAM_FILES%]\rxtoolbar\rx.xml
[%PROGRAM_FILES%]\rxtoolbar\rxtoolbar.cfg
[%PROGRAM_FILES%]\rxtoolbar\RXToolBar.dll
[%PROGRAM_FILES%]\rxtoolbar\rxwebsearches.xsl
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bKPack01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bLabels01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\bLabels01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\CustomerSecret.Key
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\CustomerSecret.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\nLabels01.dat
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\nLabels01.sig
[%PROGRAM_FILES%]\rxtoolbar\semantic insight\SemanticInsight.dat
[%PROGRAM_FILES%]\RXToolBar\Semantic Insight\SemanticInsight.exe
[%PROGRAM_FILES%]\rxtoolbar\sfcont.bin
[%PROGRAM_FILES%]\rxtoolbar\sfcont.dll
[%PROGRAM_FILES%]\rxtoolbar\yahoo.xsl
[%WINDOWS%]\temp\adware\RXToolbar.exe

RXToolbar Folders:
[%PROGRAM_FILES%]\rxtoolbar
[%PROGRAM_FILES%]\aaayoureweb

RXToolbar Registry Keys:
HKEY_CLASSES_ROOT\clsid\{25d8bacf-3de2-4b48-ae22-d659b8d835b0}
HKEY_CLASSES_ROOT\clsid\{2ab289ae-4b90-4281-b2ae-1f4bb034b647}
HKEY_CLASSES_ROOT\clsid\{59879fa4-4790-461c-a1cc-4ec4de4ca483}
HKEY_CLASSES_ROOT\rxresult.rxresultfilter
HKEY_CLASSES_ROOT\rxresult.rxresultfilter.1
HKEY_CLASSES_ROOT\rxresult.rxresulttracker
HKEY_CLASSES_ROOT\rxresult.rxresulttracker.1
HKEY_CLASSES_ROOT\rxtoolbar.tbinfo
HKEY_CLASSES_ROOT\rxtoolbar.tbinfo.1
HKEY_CLASSES_ROOT\typelib\{05563f82-69a7-40a6-8670-153b635a7ef6}
HKEY_CLASSES_ROOT\typelib\{66b20295-dc57-42b6-acdf-52d916e86464}
HKEY_CURRENT_USER\software\rx toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{59879fa4-4790-461c-a1cc-4ec4de4ca483}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\RXToolBar
HKEY_LOCAL_MACHINE\software\rxresults
HKEY_CLASSES_ROOT\rxtoolbar.tbinfo rx toolbar
HKEY_CLASSES_ROOT\rxtoolbar.tbinfo.1 rx toolbar
HKEY_CURRENT_USER\software\aaayoureweb
HKEY_LOCAL_MACHINE\software\aaayoureweb
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar {25d8bacf-3de2-4b48-ae22-d659b8d835b0}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\rxtoolbar
HKEY_LOCAL_MACHINE\software\rtrmin

RXToolbar Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\aaayoureweb toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\aaayoureweb toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\aaayoureweb toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\aaayoureweb toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\aaayoureweb toolbar

Removing RXToolbar:

you can run trial version of ExterminateIt, or remove RXToolbar manually.

To completely manually remove RXToolbar malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with RXToolbar.

Read also:
Pigeon.AGB Trojan Removal

Posted by anycidahaeqyj9318 at 11:40 PM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)