Threat Information for "Appswebservice.com Search Assistant"

Removal Top

StopSign will automatically remove this infection with a paid membership.

Summary Top
  • Name: Appswebservice.com Search Assistant
  • Aliases:
  • Date Discovered: 2005-12-01
  • Protection Added: 2005-12-21
Description Top 
-- Ease of Removal

1: Creates new registry entries with consistent data
2: Consistent file contents
3: Consistently named

-- Damage/Intrusion/Annoyance

1: Autoruns at startup without an option to be disabled
2: Displays a toolbar [SPYWARE ONLY]

-- Propagation/Saturation

1: Creates new files
Technical Details Top
  • Added Directory/File:
    FilePath: %WINDIR%\Prefetch\SNB.EXE*
  • Added Directory/File:
    FilePath: %WINDIR%\unist2.exe
  • Added Directory/File:
    FilePath: %WINDIR%\eltt.dll
  • Added Directory/File:
    FilePath: %TEMPDIR%\snb.exe
  • Added Directory/File:
    FilePath: %WINDIR%\Prefetch\ELTUPT.EXE*
  • Added Directory/File:
    FilePath: %WINDIR%\eltupt.exe
  • Added Directory/File:
    FilePath: %WINDIR%\TEMP\snb.exe
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\CLSID\{5E0910C6-9E45-481c-A2EC-0EC29C96EBEB}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Interface\{8E0C73CC-54BE-4C32-B6AD-8E6E3427C119}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Sntb.BottomFrame
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Sntb.PopupWindow.1
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Interface\{45DA4F3D-2379-45D6-B5C5-C41D33536BC6}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Snb.Band
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Sntb.PopupBrowser.1
  • Added Registry Key:
    Key: HKCU\Software\intexp
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\CLSID\{B424E2AA-4466-41ca-8194-5A83995A9B15}
  • Added Registry Key:
    Key: HKLM\%CURRENTVERSIONREG%\Uninstall\Appswebservice.com Search Assistant
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Sntb.LeftFrame.1
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\TypeLib\{46BD3F46-6E46-43D2-A69D-FD8C05044475}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\CLSID\{79406F24-8E95-4af8-9FEF-2EA2B504E707}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Interface\{C2EA0488-E1B4-4403-AE40-EF4849269A69}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Sntb.BottomFrame.1
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\CLSID\{00027925-0017-4faf-9539-90E4AC0B9EC5}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Interface\{783ED36E-FA7E-4D4F-9F15-9D1431668C32}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Snb.Band.1
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Sntb.PopupWindow
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Interface\{22CACAE9-C999-4695-B47B-B2F092BDF84A}
  • Added Registry Key:
    Key: HKCU\Software\inst
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Sntb.PopupBrowser
  • Added Registry Key:
    Key: HKLM\%BHOREG%\{00027925-0017-4faf-9539-90E4AC0B9EC5}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\CLSID\{8F7D96AA-489A-4194-AB34-21EF42507932}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Interface\{E45C1548-4BD7-404B-830B-F47C1354FE60}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Sntb.LeftFrame
  • Added Registry Value:
    Key: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar Value: {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB}
  • Added Registry Value:
    Key: HKCU\%CURRENTVERSIONREG%\Explorer Value: insid
  • Added Registry Data:
    Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\eltupt.exe