Adware.Grabrez

Adware.Grabrez Description

Adware.Grabrez is adware that may display pop-up advertisements, offers, deals, discount coupons and sponsored links in a form of a pop-up box on shopping-related and social networking websites that are visited by computer users. The pop-up advertisements and banners of Adware.Grabrez may be displayed as boxes, which may include various offers and deals, which when clicked, may continuously divert computer users to unidentified websites that may be created for commercial intentions that is to bost website traffic and urge PC users to click on ads in order to make money. Adware.Grabrez may embed an add-on, browser extension or plug-in in the Web browser such as Mozilla Firefox, Internet Explorer and Google Chrome when PC users install free software that might had included into their installation Adware.Grabrez. When computer users install any free software, Adware.Grabrez may also be installed.

Infected with Adware.Grabrez? Scan Your PC for Free

Download SpyHunter’s Spyware Scanner
to Detect Adware.Grabrez

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in 'Safe Mode with Networking' and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

Infection Statistics


Our MalwareTracker shows malware activity across the world. Explore real-time data of Adware.Grabrez outbreaks and other threats from global to local level.

File System Details

Adware.Grabrez creates the following file(s):
# File Name Size MD5 Detection Count
1 %PROGRAMFILES(x86)%\GrabRez\updateGrabRez.exe 103,192 518abee84a85c0cf2f74d760afbb8ec3 979
2 system32\drivers\wStLibG64.sys 61,112 2079e80b76d1de88a5e149863a917a55 125
3 %PROGRAMFILES(x86)%\GrabRez\bin\GrabRez.BrowserAdapter.exe 95,512 57b0336f5fae4a408ee501b05a73911d 111
4 %PROGRAMFILES%\GrabRez\bin\utilGrabRez.exe 80,152 ea3e4adbb0a22a728ba2262d45b33f8c 95
5 %PROGRAMFILES(x86)%\GrabRez\bin\XTLSApp.exe 78,616 59fa299343ff8de7fa1af3aa5aec84be 89
6 %PROGRAMFILES%\GrabRez\GrabRezbho.dll 249,624 7aeaf8b388774f1a8029c0cae434bf8a 73
7 %PROGRAMFILES%\GrabRez\bin\GrabRezBrowserFilter.exe 42,264 afc0081b89de3cc7840154fd5d149353 61
8 %PROGRAMFILES%\GrabRez\bin\GrabRez.PurBrowse.exe 239,384 7aca8bd6e9203d693091e496cf85500d 54
9 %PROGRAMFILES(x86)%\GrabRez\bin\GrabRez.PurBrowse64.exe 287,000 e2c6ffc4a7d91cff502a472bb1893d21 54
10 %LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\ankgikcaabhnbjopedljgmgmdbkbdimn 25
11 %PROGRAMFILES(x86)%\GrabRez\bin\FilterApp_C64.exe 287,000 b842cce1362e5ad6c0968aa270acea4f 22
12 %PROGRAMFILES(x86)%\GrabRez\GrabRez.FirstRun.exe 1,088,792 0f0e88205aad22b77cbe39209db6879b 22
13 %PROGRAMFILES%\GrabRez\bin\FilterApp_C.exe 238,872 ceb4c3a1f96dac01e4de0f7fcbd0ed0f 11
14 %TEMP%\GrabRez\GrabRez_Setup.exe 2,169,624 39ec6a335acdf1292816746fb2ca1eae 3
15 %WINDIR%\System32\drivers\wStLibG.sys 52,920 32241f10e465c84b6bcfca76b87d69a6 1,510

More files

Registry Details

Adware.Grabrez creates the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
SYSTEM\ControlSet002\services\Update GrabRez
SYSTEM\CurrentControlSet\services\eventlog\Application\Update GrabRez
SYSTEM\CurrentControlSet\services\Update GrabRez
SYSTEM\ControlSet002\services\eventlog\Application\Update GrabRez
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E1420D09-ACC8-4EFD-9965-E7AE3C5B977C}
Software\GrabRez
Software\Microsoft\Internet Explorer\Approved Extensions, value: {E1420D09-ACC8-4EFD-9965-E7AE3C5B977C}
SOFTWARE\Microsoft\Tracing\updateGrabRez_RASMANCS
SOFTWARE\Wow6432Node\Microsoft\Tracing\updateGrabRez_RASMANCS
SOFTWARE\Microsoft\Tracing\updateGrabRez_RASAPI32
SOFTWARE\Microsoft\Tracing\GrabRez_RASMANCS
SOFTWARE\Microsoft\Tracing\GrabRez_RASAPI32
SOFTWARE\Wow6432Node\Microsoft\Tracing\GrabRez_RASAPI32
SOFTWARE\Wow6432Node\GrabRez
Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID, value: {e1420d09-acc8-4efd-9965-e7ae3c5b977c}
SYSTEM\ControlSet001\services\eventlog\Application\Update GrabRez
HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}
GrabRez
The following CLSID's were found:
HKEY..\..\{CLSID Path}
{6C7BB828-4CF1-4C42-8028-7D15996DEA0E}
{A7A47A0B-0338-407A-88CC-04F303AE7BBC}
{e1420d09-acc8-4efd-9965-e7ae3c5b977c}

Site Disclaimer

Leave a Reply

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as-is:
What is 7 + 7 ?