Adware.Grabrez

Adware.Grabrez Description

Adware.Grabrez is adware that may display pop-up advertisements, offers, deals, discount coupons and sponsored links in a form of a pop-up box on shopping-related and social networking websites that are visited by computer users. The pop-up advertisements and banners of Adware.Grabrez may be displayed as boxes, which may include various offers and deals, which when clicked, may continuously divert computer users to unidentified websites that may be created for commercial intentions that is to bost website traffic and urge PC users to click on ads in order to make money. Adware.Grabrez may embed an add-on, browser extension or plug-in in the Web browser such as Mozilla Firefox, Internet Explorer and Google Chrome when PC users install free software that might had included into their installation Adware.Grabrez. When computer users install any free software, Adware.Grabrez may also be installed.

Technical Information

File System Details

Adware.Grabrez creates the following file(s):
# File Name Size MD5 Detection Count
1 %WINDIR%\System32\drivers\wStLibG64.sys 61,112 53b96ea5a332ca4df80ccc8e278e0a3f 1,838
2 %WINDIR%\System32\drivers\wStLibG.sys 52,920 32241f10e465c84b6bcfca76b87d69a6 1,511
3 %PROGRAMFILES(x86)%\GrabRez\updateGrabRez.exe 103,192 518abee84a85c0cf2f74d760afbb8ec3 979
4 %PROGRAMFILES(x86)%\GrabRez\bin\GrabRez.BrowserAdapter.exe 95,512 57b0336f5fae4a408ee501b05a73911d 111
5 %PROGRAMFILES(x86)%\GrabRez\bin\XTLSApp.exe 78,616 59fa299343ff8de7fa1af3aa5aec84be 89
6 %PROGRAMFILES(x86)%\GrabRez\bin\GrabRez.PurBrowse64.exe 287,000 e2c6ffc4a7d91cff502a472bb1893d21 54
7 %PROGRAMFILES%\GrabRez\bin\GrabRez.PurBrowse.exe 239,384 7aca8bd6e9203d693091e496cf85500d 54
8 %PROGRAMFILES(x86)%\GrabRez\GrabRez.FirstRun.exe 1,088,792 0f0e88205aad22b77cbe39209db6879b 22
9 %PROGRAMFILES(x86)%\GrabRez\bin\FilterApp_C64.exe 287,000 b842cce1362e5ad6c0968aa270acea4f 22
10 %PROGRAMFILES%\GrabRez\bin\FilterApp_C.exe 238,872 ceb4c3a1f96dac01e4de0f7fcbd0ed0f 11
11 %PROGRAMFILES%\GrabRez\GrabRezbho.dll 249,624 7aeaf8b388774f1a8029c0cae434bf8a 6
12 %TEMP%\GrabRez\GrabRez_Setup.exe 2,169,624 39ec6a335acdf1292816746fb2ca1eae 3
13 %PROGRAMFILES%\GrabRez\bin\GrabRezBrowserFilter.exe 42,264 afc0081b89de3cc7840154fd5d149353 1
14 %PROGRAMFILES%\GrabRez\bin\utilGrabRez.exe 80,152 ea3e4adbb0a22a728ba2262d45b33f8c 1
More files

Registry Details

Adware.Grabrez creates the following registry entry or registry entries:
Directory
%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\ankgikcaabhnbjopedljgmgmdbkbdimn
%ProgramFiles%\GrabRez
%ProgramFiles(x86)%\GrabRez
Registry key
Software\GrabRez
Software\Microsoft\Internet Explorer\Approved Extensions\{E1420D09-ACC8-4EFD-9965-E7AE3C5B977C}
SOFTWARE\Microsoft\Tracing\GrabRez_RASAPI32
SOFTWARE\Microsoft\Tracing\GrabRez_RASMANCS
SOFTWARE\Microsoft\Tracing\updateGrabRez_RASAPI32
SOFTWARE\Microsoft\Tracing\updateGrabRez_RASMANCS
SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{e1420d09-acc8-4efd-9965-e7ae3c5b977c}
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E1420D09-ACC8-4EFD-9965-E7AE3C5B977C}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E1420D09-ACC8-4EFD-9965-E7AE3C5B977C}
Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{e1420d09-acc8-4efd-9965-e7ae3c5b977c}
SOFTWARE\Wow6432Node\GrabRez
SOFTWARE\Wow6432Node\Microsoft\Tracing\GrabRez_RASAPI32
SOFTWARE\Wow6432Node\Microsoft\Tracing\GrabRez_RASMANCS
SOFTWARE\Wow6432Node\Microsoft\Tracing\updateGrabRez_RASAPI32
SOFTWARE\Wow6432Node\Microsoft\Tracing\updateGrabRez_RASMANCS
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{e1420d09-acc8-4efd-9965-e7ae3c5b977c}
SYSTEM\ControlSet001\services\eventlog\Application\Update GrabRez
SYSTEM\ControlSet001\services\Update GrabRez
SYSTEM\ControlSet002\services\eventlog\Application\Update GrabRez
SYSTEM\ControlSet002\services\Update GrabRez
SYSTEM\CurrentControlSet\services\eventlog\Application\Update GrabRez
SYSTEM\CurrentControlSet\services\Update GrabRez
Uninstaller
GrabRez
CLSID
{6C7BB828-4CF1-4C42-8028-7D15996DEA0E}
{A7A47A0B-0338-407A-88CC-04F303AE7BBC}
{e1420d09-acc8-4efd-9965-e7ae3c5b977c}

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.