Threat Database Adware Value Apps

Value Apps

By LoneStar in Adware

Threat Scorecard

Ranking: 2,108
Threat Level: 20 % (Normal)
Infected Computers: 21,988
First Seen: June 11, 2013
Last Seen: September 20, 2023
OS(es) Affected: Windows

Value Apps is a potentially unwanted program/adware application that shows disturbing pop-up advertisements when an attacked web user is surfing online shopping websites. The irritating pop-up advertisements delivered by Value Apps are shown to the victimized PC user as a box carrying discounts, savings coupon, deals, and numerous offers. Value Apps is installed as a browser extension to Internet Explorer, Mozilla Firefox, and Google Chrome. Value Apps usually comes packaged with free programs that web users may download from different websites. When the associated program is installed on the hacked web browser, Value Apps will occur on the desktop of the targeted PC. This specifies that Value Apps has already made some modifications to the hacked Internet browser. Value Apps is run as browser helper object (BHO), so the code does not need to be executed. Value Apps controls the affected computer user's surfing activity and executes when it spots that the web user is accessing shopping websites. Value Apps will use gathered information while the PC user is surfing the Internet to deliver pop-up advertisements that are linked to his/her search phrases or terms.

SpyHunter Detects & Remove Value Apps

File System Details

Value Apps may create the following file(s):
# File Name MD5 Detections
1. ValueApps.exe 7d2ec3601a4125c8e2540059ba73210b 269
2. uninstaller.exe 025429136fd5f1da5d485360eadec9b3 101
3. MonPrx.dll 69880a8e18ca941f1022e2dfc305c621 54
4. MonPrx.dll d0075e642862d3a571ed86cce109ee0b 53
5. valueappsinstaller.exe 8ec732e186233ad1fe9cbeaf5da4fd58 27
6. ValueApps.exe 1450f61df8572cd1c6641e6c1cd081d5 16
7. MonPrx.dll e2956b592d4a7e50bdd3b749d57c138b 7
8. ValueApps.exe 72c4fb246d7dafba9de1b593fe581dc8 1
9. ValueApps.exe 11472354f7726d215e559dcca558767b 1
10. ValueApps.exe 901cc59313284366c4ba290e976c7853 1
11. MonPrx.dll 398d450647bb0fa5fb5f67b5d506d8c3 1

Registry Details

Value Apps may create the following registry entry or registry entries:
CLSID
{4A36AF02-3E2F-47DD-A102-784D22E8C2B8}
{68FD483F-A55D-4B78-AE10-48EF2BBE317E}
{8050556E-4AD3-40BD-B338-7DBB0D5C10C8}
{9011F634-B91C-400D-8CA2-E9E9A1FCC725}
{939A0D04-0E07-48FE-A463-6623B70C3A96}
{93DBF2BB-A2B3-4683-A92E-57E60751F346}
{B71BC738-1C95-4784-B6AF-5B0964B895D9}
{C9A54DFE-051F-49C5-9FC7-ECB81DC6C69F}
{DD7858C7-889A-42E4-9863-E4AA3A0BFE65}
{DEBFDDD0-96AA-400F-B77A-69003A94018B}
{E171D5FB-6763-4100-87CD-5F918979FBEA}
{F63AAEDC-3602-49EF-AA45-262380A98980}
Regexp file mask
%WINDIR%\System32\ValueApps.ini
%WINDIR%\System32\ValueApps64.dll
%WINDIR%\System32\ValueAppsOff.ini
%WINDIR%\SysWoW64\ValueAppsOff.ini
SOFTWARE\Classes\AppID\ValueApps.exe
SOFTWARE\Classes\Wow6432Node\AppID\ValueApps.exe
Software\Microsoft\Internet Explorer\Approved Extensions\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Software\Microsoft\Internet Explorer\Approved Extensions\{F63AAEDC-3602-49EF-AA45-262380A98980}
SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD7858C7-889A-42E4-9863-E4AA3A0BFE65}
SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F63AAEDC-3602-49EF-AA45-262380A98980}
SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\ValueApps.exe
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{F63AAEDC-3602-49EF-AA45-262380A98980}
Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F63AAEDC-3602-49EF-AA45-262380A98980}
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F63AAEDC-3602-49EF-AA45-262380A98980}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F63AAEDC-3602-49EF-AA45-262380A98980}
SOFTWARE\ValueApps
SOFTWARE\Wow6432Node\Classes\AppID\ValueApps.exe
SOFTWARE\Wow6432Node\mamverifier\toolbar\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Approved Extensions\{F63AAEDC-3602-49EF-AA45-262380A98980}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD7858C7-889A-42E4-9863-E4AA3A0BFE65}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F63AAEDC-3602-49EF-AA45-262380A98980}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\ValueApps.exe
Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{F63AAEDC-3602-49EF-AA45-262380A98980}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F63AAEDC-3602-49EF-AA45-262380A98980}
SOFTWARE\Wow6432Node\ValueApps

Directories

Value Apps may create the following directory or directories:

%ALLUSERSPROFILE%\ValueApps
%AppData%\ValueApps
%Homedrive%\ValueApps
%LOCALAPPDATA%\ValueApps
%PROGRAMFILES%\ValueApps
%PROGRAMFILES(x86)%\ValueApps
%USERPROFILE%\Local Settings\Application Data\ValueApps

URLs

Value Apps may call the following URLs:

Value Apps
Value apps

Related Posts

Trending

Most Viewed

Loading...