Win32.BaiduSobar Adware Description
Adware Win32.Baidu Sobar is considered to be a browser modifier version of adware. It ill install a web browser toolbar on your Internet Browser. Once installed it will deliver a significant number of pop-up advertisements and will change your default search engine page. Other common names for BaiduSobar adware are:
ADW_BAIDUBAR (Trend Micro)
Adware-BDSearch (McAfee)
W32/BaiduBar.A (Norman)
Win32.BaiduSobar MalwarePayload
Besides increasing the number of overall and pop-up advertisements on your computer, Baidu.Sobar will also prevent its removal by protecting its installed files and registry keys.
Adware BaiduSobar Symptoms
Besides seeing a significant increase in the number of advertisements on your computer along with the BaiduSobar Internet Browser toolbar, the malware will also install the following files on your computer:
Presence of any of the following files:
%ProgramFiles%\baidu\bar\baidubar.dat
%ProgramFiles%\baidu\bar\BaiduBar.dll
%ProgramFiles%\baidu\bar\BDBar_tmp\baidubar.dat
%ProgramFiles%\baidu\bar\BDBar_tmp\img\imglist.bmp
%ProgramFiles%\baidu\bar\BDBar_tmp\img\logo.bmp
%ProgramFiles%\baidu\bar\img\imglist.bmp
%ProgramFiles%\baidu\bar\img\logo.bmp
%ProgramFiles%\baidu\bar\BDBar_tmp\baidubar.dat
%ProgramFiles%\baidu\bar\BDBar_tmp\BaiduBar.dll
%ProgramFiles%\baidu\bar\BDBar_tmp\BaiduBar.dll
%ProgramFiles%\baidu\bar\BDBar_tmp\img\imglist.bmp
W32.BaiduSobar Adware Processes and Files
BaiduSobar Adware will also make the following registry entries on your computer:
Presence of any of the following registry keys:
HKEY_CLASSES_ROOT\BaiduBar.Baidu.1\
HKEY_CLASSES_ROOT\BaiduBar.Baidu\
HKEY_CLASSES_ROOT\BaiduBar.Tool.1\
HKEY_CLASSES_ROOT\BaiduBar.Tool\
HKEY_CLASSES_ROOT\BaiduBarEx.BandIE.1\
HKEY_CLASSES_ROOT\BaiduBarEx.BandIE\
HKEY_CLASSES_ROOT\BaiduBarEx.DropTarget.1\
HKEY_CLASSES_ROOT\BaiduBarEx.DropTarget\
HKEY_CLASSES_ROOT\CLSID\{77FEF28E-EB96-44FF-B511-3185DEA48697}\
HKEY_CLASSES_ROOT\CLSID\{7C76C055-ED6E-4535-A70F-CD476E727F67}\
HKEY_CLASSES_ROOT\CLSID\{A7F05EE4-0426-454F-8013-C41E3596E9E9}\
HKEY_CLASSES_ROOT\CLSID\{B580CF65-E151-49C3-B73F-70B13FCA8E86}\
HKEY_CLASSES_ROOT\CLSID\{FE14F22E-BE14-4F08-A80F-F27BC3A67B2D}\
HKEY_CLASSES_ROOT\Interface\{464C8A26-31E9-411C-9583-5B858E631DCC}\
HKEY_CLASSES_ROOT\Interface\{89FDCC4B-8D91-49B0-81A6-18BCFF582735}\
HKEY_CLASSES_ROOT\Interface\{96249369-D3DC-4AE6-8A3B-E7109D46E98D}\
HKEY_CLASSES_ROOT\Interface\{A294F8EB-86D9-4C4A-8B3E-909253761C64}\
HKEY_CLASSES_ROOT\TypeLib\{6AFC2761-1253-427C-9A56-385B4609BE1D}\1.0\
HKEY_CURRENT_USER\Software\Baidu\BaiduBar\
HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\BaiduBar\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77FEF28E-EB96-44FF-B511-3185DEA48697}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sobar\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{77FEF28E-EB96-44FF-B511-3185DEA48697}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{89FDCC4B-8D91-49B0-81A6-18BCFF582735}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdGuard
HKEY_LOCAL_MACHINE\Software\Classes\BaiduBar.Tool
HKEY_LOCAL_MACHINE\Software\Classes\BaiduBar.Baidu.1
HKEY_LOCAL_MACHINE\Software\Classes\BaiduBar.Baidu
HKEY_LOCAL_MACHINE\Software\Classes\BaiduBarEx.BandIE
HKEY_LOCAL_MACHINE\Software\Classes\BaiduBarEx.DropTarget.1
HKEY_LOCAL_MACHINE\Software\Classes\BaiduBarEx.DropTarget
HKEY_LOCAL_MACHINE\Software\Classes\clsid\{77FEF28E-EB96-44FF-B511-3185DEA48697}
HKEY_LOCAL_MACHINE\Software\Classes\clsid\{A7F05EE4-0426-454F-8013-C41E3596E9E9}
HKEY_LOCAL_MACHINE\Software\Classes\clsid\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
HKEY_LOCAL_MACHINE\Software\Classes\clsid\{FE14F22E-BE14-4F08-A80F-F27BC3A67B2D}
HKEY_LOCAL_MACHINE\Software\Classes\MimeFilter.AdFilter.1
HKEY_LOCAL_MACHINE\Software\Classes\MimeFilter.AdFilter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\BaiduInstall
BaiduSobar will also modify your computer’s registry to alter the search settings of Internet Explorer:
Adds values:
CustomizeSearch_sb
SearchAssistant_sb
With data: http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
In subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\
Adds values:
CustomizeSearch
SearchAssistant
With data: http://bar.baidu.com/sobar/defaultsearch.html
To subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\
BaiduSobar will also download a kernel mode driver that protects files and registry keys from being removed when you attempt to manually remove the adware.
BaiduSobar Adware Basic Removal Steps
BaiduSobar is a very hard adware program to remove manually. You will likely need to pursue automatic removal using an updated anti-virus program is the recommended means for removal.
Click here for automatic removal instructions for removing the Adware BaiduSobar.
Related posts:
- Adware – Win32.Hotbar Win32.Hotbar Adware Description Adware Hotbar will display a toolbar and...
- Adware – Win32.Game Vance Win32.Game Vance Adware Description Game Vance Adware refers to advertisements...
- Spyware – Win32.ShopAtHome Win32.ShopAtHome Spyware Description Shop at Home is a version of...
- Win32.ZangoShoppingReports Adware Description of ZangoShoppingreports Adware ZangoShoppingReports is an adware that...
- Adware – Clip Genie Clip Genie Adware Description Clip Genie adware is a program...
Related posts brought to you by Yet Another Related Posts Plugin.
