iWebar

iWebar Description

iWebar is adware that may show a variety of random pop-up ads containing discount coupons and offers on the screen of the PC while the computer user is browsing the Web. iWebar can access web browsers such as Internet Explorer, Mozilla Firefox and Google Chrome. When iWebar invades the computer system, it may start displaying annoying pop-up advertisements while the PC user is surfing shopping related websites, social networking websites or other popular websites. If the computer user clicks on any pop-up advertisements shown by iWebar, he may get repeatedly diverted to suspicious websites that may display commercial advertisements. The main aim of iWebar may be to benefit from increased traffic of questionable ads-related websites and clicks on relevant ads. iWebar may proliferate and invade the PC through packed freeware. Computer users may evade the download of iWebar if they are careful while installing other free software and unchecking all options which may urge to install additional unidentified applications. However, many computer users often miss the installation steps because of a rush. iWebar may collect details about the computer user's browsing habits and may then transfer this data to the third parties and use it for a variety of marketing associated intentions.

Infected with iWebar? Scan Your PC for Free

Download SpyHunter’s Spyware Scanner
to Detect iWebar

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in 'Safe Mode with Networking' and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

Infection Statistics


Our MalwareTracker shows malware activity across the world. Explore real-time data of iWebar outbreaks and other threats from global to local level.

File System Details

iWebar creates the following file(s):
# File Name Size MD5 Detection Count
1 %PROGRAMFILES(x86)%\iWebar\iWebar-firefoxinstaller.exe 767,344 ab6e16dc074de0e3e134d26171928a91 762
2 %PROGRAMFILES(x86)%\iWebar\iWebar-bho64.dll 966,000 ea293d166d5c6ac387151ecb358fcae3 721
3 %PROGRAMFILES%\iWebar\iWebar-bho.dll 641,392 73cb36f5453c9bc359df80d03c85a2f4 333
4 %WINDIR%\System32\Tasks\iWebar-chromeinstaller 45
5 %PROGRAMFILES(x86)%\iWebar 44
6 %PROGRAMFILES%\iWebar 43
7 %LOCALAPPDATA%\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam 42
8 %UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam 41
9 %LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam 40
10 %UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_cigiagpbkapepgklncnajbakkpkopmam_0 37
11 %TEMP%\Install_8110\iwebar.exe 6,951,112 b195fa2aa96731de5951c436e583a164 2
12 %PROGRAMFILES(x86)%\iWebar\iWebar-enabler.exe 338,288 c896952d0eee6929f51aa8c178e09df1 1,488
13 %PROGRAMFILES(x86)%\iWebar\iWebar-codedownloader.exe 518,000 32d0d5490b6d63afd22bb63d50f09d4a 1,427
14 %PROGRAMFILES(x86)%\iWebar\iWebar-updater.exe 350,064 03ca3705d8007b3b7aa53e723c9b1a03 1,420
15 %PROGRAMFILES(x86)%\iWebar\iWebar-chromeinstaller.exe 501,616 d8273e7b20afaeacadac3540c79448d9 1,415

More files

Registry Details

iWebar creates the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311551110}
SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION, value: iWebar-bg.exe
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{002255df-f361-4e29-b00b-d20403cebc16}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2303d253-7251-4c26-bde8-29941d07d921}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40f50b0f-5362-4fc7-8f5d-bbab91a9361a}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95d1b1f6-13ab-4066-9e02-d6f81fb5940d
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c799a01a-6514-4856-a605-2bddf8e4094b}
SOFTWARE\iWebar
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION, value: iWebar-bg.exe
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B3B82794-35E5-4BA8-AB75-F2A770563A59}
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iWebar-chromeinstaller
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iWebar-codedownloader
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iWebar-enabler
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iWebar-firefoxinstaller
SOFTWARE\Classes\CrossriderApp0035510.BHO
SOFTWARE\Classes\CrossriderApp0035510.BHO.1
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93367617-8523-4205-ADC9-684EC70F2888}
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA983DFD-9882-44F5-BD07-C38602A21F41}
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE844BCF-185B-413D-B2EB-EBF4A947B2A9}
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3B82794-35E5-4BA8-AB75-F2A770563A59}
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4AED1555-B803-44D4-8DC6-52DC4326CCD0}
Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration, value: {11111111-1111-1111-1111-110311551110}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{002255df-f361-4e29-b00b-d20403cebc16}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{740F8B78-8D3E-4B86-97A0-D222562AFCB}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95d1b1f6-13ab-4066-9e02-d6f81fb5940d}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE021B3C-DCF1-4F1E-896A-2CC26ECA3477}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c799a01a-6514-4856-a605-2bddf8e4094b}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E50B8771-1370-4A7B-9A63-C9873C4E4DC6}
CrossriderApp0035510.BHO
CrossriderApp0035510.BHO.1
Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
Software\InstalledBrowserExtensions\iWebar
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9e799fb7-8c3d-4dbf-8d52-c4420bf0ae18}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94573f2c-7948-4a62-a279-254930e526f6}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8529ef48-2a25-4db8-bd46-8e8a8e0febfd}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{323ba568-5bdd-4660-a515-539fc3a87e54}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2837e313-a40f-4c02-b2d1-b7fbdf8884f9}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551110}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94573f2c-7948-4a62-a279-254930e526f6}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D65776-E971-422F-8D48-DCC1278C1BE4}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8529ef48-2a25-4db8-bd46-8e8a8e0febfd}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71748A28-CCA7-43DE-B02D-2BDE94E97C}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59DF6DB1-CCAA-4522-B3AC-E6E8D2548FEE}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{323ba568-5bdd-4660-a515-539fc3a87e54}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2837e313-a40f-4c02-b2d1-b7fbdf8884f9}
Software\Microsoft\Internet Explorer\Approved Extensions, value: {11111111-1111-1111-1111-110311551110}
Software\InstalledBrowserExtensions\21836, value: 35510
SOFTWARE\InstalledBrowserExtensions\21836
SOFTWARE\Wow6432Node\InstalledBrowserExtensions\21836
.DEFAULT\Software\AppDataLow\Software\iWebar
.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
SOFTWARE\Wow6432Node\iWebar-nv
SOFTWARE\iWebar-nv
SOFTWARE\Classes\68671f62832e4803b34065d441f9a2210065123.BHO
SOFTWARE\Classes\68671f62832e4803b34065d441f9a2210065123.BHO.1
SOFTWARE\Classes\68671f62832e4803b34065d441f9a2210065123.Sandbox
SOFTWARE\Classes\68671f62832e4803b34065d441f9a2210065123.Sandbox.1
68671f62832e4803b34065d441f9a2210065123.BHO
68671f62832e4803b34065d441f9a2210065123.BHO.1
68671f62832e4803b34065d441f9a2210065123.Sandbox
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Installer_iwebar
HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}
iWebar
The following CLSID's were found:
HKEY..\..\{CLSID Path}
{11111111-1111-1111-1111-110311551110}
{22222222-2222-2222-2222-220322552210}
{44444444-4444-4444-4444-440344554410}
{55555555-5555-5555-5555-550355555510}
{66666666-6666-6666-6666-660366556610}

Site Disclaimer

Leave a Reply

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as-is:
What is 14 + 8 ?