Threat Database Adware Adware.Vonteera

Adware.Vonteera

By CagedTech in Adware

Threat Scorecard

Ranking: 2,992
Threat Level: 20 % (Normal)
Infected Computers: 102,018
First Seen: August 28, 2013
Last Seen: September 30, 2024
OS(es) Affected: Windows

Aliases

14 security vendors flagged this file as malicious.

Anti-Virus Software Detection
AVG Crypt4.BUKX
Ikarus Trojan.Crypt4
McAfee Artemis!3040BD1410AC
McAfee-GW-Edition Artemis!Trojan
Avast Win32:Dropper-gen [Drp]
Fortinet Riskware/PUP
Ikarus Win32.SuspectCrc
Panda Trj/CI.A
McAfee PUP-FSI
AhnLab-V3 Adware/Win32.Vonteera
McAfee-GW-Edition BehavesLike.Win32.Trojan.mh
DrWeb Adware.Volaro.1
Comodo UnclassifiedMalware
Avast Win32:Adware-gen [Adw]

File System Details

Adware.Vonteera may create the following file(s):
# File Name MD5 Detections
1. autochr.exe 6522ec874770d6750e1c0816d251d9e8 56
2. Shopify_64.dll 56640a8c0663a779d5be30f0f62f311e 6
3. Shopify_32.dll f99db7db53dd6a6cb97a14dcc37a7de7 2
4. Shopify_64.dll 43a9faca8f9b7be55e13a4ef11e4dc02 1
5. Shopify_64.dll 6bc082328413860284979162b6179b7e 1
6. Shopify_64.dll 03685f17472c4f0b529b97556ac15fa9 1
7. Shopify_64.dll fe98d108e76a700759a08837bc281b03 1
8. Shopify_64.dll 90c0f94ed65f39991da2c0a93cd9bdf2 1
9. Shopify_64.dll f592e8a6c729c050b64818e9ccd6e32f 1
10. Shopify_32.dll 507f5272c5b6b61e2e14bade74005898 1
11. Shopify_32.dll 9eca6dedd2e8ea15160a1d5f723255f0 1
12. Shopify_64.dll 436fa5d435a408cf8b3453d337fede50 1
13. Shopify_32.dll 73a32704ec93399fda7135d1a50f89e0 1
14. Shopify_64.dll 25a3a22f70489cb43eae2320140c8e2e 1
15. c32s.exe b777d581ade0658e5ee5cbb58455f783 1
16. Shopify_64.dll f7c73ab624d49fb366ed9b1090edb317 1
17. Shopify_64.dll bfdc2ded1b21c54af0b4f4a2a9d63157 1
18. Shopify_64.dll 6f83c1b0a233b6f3c744d97bdb2460dd 1
19. Shopify_64.dll e4014a77c95cbe572c193a7bcc4e80d0 1
20. Shopify_32.dll 5849a516685ca4d01c1ebb289ff3cab1 1
21. Shopify_64.dll b4752216cb3d7ae83ec488e32e5558d2 1
22. c32s.exe 72ac196cb212341d49b86dde4e668a83 1
23. c32s.exe 51c02b5cf5d3722ab175f02315db8f44 1
24. Shopify_32.dll ae34782c4b97ccf8c0e560347b6cfd50 1
25. noodle.exe 6cd76db541cdb6767c7fec7a591dad0f 1
26. Shopify_32.dll 204c4b28e7f059f2f005db7ef861697a 1
27. RemoveTool.exe 7fb75ab23a99adb0eed40432f503db32 1
28. RemoveTool.exe a62df77c0605d7fc3f0b28930950a132 1
More files

Registry Details

Adware.Vonteera may create the following registry entry or registry entries:
CLSID
{2ED35963-FCC9-4698-B619-787FE1C75079}
{3FC2D59A-5C76-1E97-30DC-1EC6784419E5}
{437B9306-2FDE-4054-A3C9-6B49507C12D0}
{598AC71E-BE58-3981-B78A-5C138F423AD6}
{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}
{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}
{63D2A451-3351-178C-7BC4-13C4D58A7652}
{934B156A-3D17-3981-B78A-5C138F423AD6}
{93D0B762-03DD-416f-AA26-B65F55B8914D}
{ACEC5B69-F74E-445A-AC6C-CF621C680893}
{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}
Regexp file mask
%ALLUSERSPROFILE%\Convertor\Convertor.exe
%ALLUSERSPROFILE%\Drv\Drv.exe
%ALLUSERSPROFILE%\Kirin\Kirin.exe
%AppData%\addonVont.zip
%APPDATA%\Crown\SPK.exe
%AppData%\htcon\Updater.exe
%APPDATA%\SPK\SPK.exe
%LOCALAPPDATA%\diag\Chomp.exe
%PROGRAMFILES(x86)%\GeniusXXAddon
%PROGRAMFILES(x86)%\onewebsearch
%windir%\System32\Tasks\4CEFD9B73D6C-1CRMOI2
%windir%\System32\Tasks\5FOFD9B73D6C-2CRMOI6
%WINDIR%\System32\Tasks\Volaro Update
active_permissions\{2ED35963-FCC9-4698-B619-787FE1C75079}
active_permissions\{598AC71E-BE58-3981-B78A-5C138F423AD6}
active_permissions\{934B156A-3D17-3981-B78A-5C138F423AD6}
SOFTWARE\Classes\AdSafe.AdSafe
SOFTWARE\Classes\AdSafe.AdSafe.1
SOFTWARE\Classes\adTech.adTech
SOFTWARE\Classes\adTech.adTech.1
SOFTWARE\Classes\AppID\AdSafe.DLL
SOFTWARE\Classes\AppID\adTech.DLL
SOFTWARE\Classes\AppID\DigiAd.DLL
SOFTWARE\Classes\AppID\NoVooIT.DLL
SOFTWARE\Classes\AppID\Vonteera.DLL
SOFTWARE\Classes\AppID\{6DD1B906-45FA-4A57-9AC6-01108C25067F}
SOFTWARE\Classes\DigiAd.DigiAd
SOFTWARE\Classes\DigiAd.DigiAd.1
SOFTWARE\Classes\FoxPro.FoxPro
SOFTWARE\Classes\FoxPro.FoxPro.1
SOFTWARE\Classes\NoVooIT.NoVooIT
SOFTWARE\Classes\NoVooIT.NoVooIT.1
SOFTWARE\Classes\Vonteera.Vonteera
SOFTWARE\Classes\Vonteera.Vonteera.1
SOFTWARE\Classes\Wow6432Node\AppID\AdSafe.DLL
SOFTWARE\Classes\Wow6432Node\AppID\adTech.DLL
SOFTWARE\Classes\Wow6432Node\AppID\DigiAd.DLL
SOFTWARE\Classes\Wow6432Node\AppID\NoVooIT.DLL
SOFTWARE\Classes\Wow6432Node\AppID\Vonteera.DLL
SOFTWARE\Classes\Wow6432Node\AppID\{6DD1B906-45FA-4A57-9AC6-01108C25067F}
Software\Microsoft\Internet Explorer\Approved Extensions\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
Software\Microsoft\Internet Explorer\Approved Extensions\{598AC71E-BE58-3981-B78A-5C138F423AD6}
Software\Microsoft\Internet Explorer\Approved Extensions\{934B156A-3D17-3981-B78A-5C138F423AD6}
Software\Microsoft\Internet Explorer\SearchScopes\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4CEFD9B73D6C-1CRMOI2
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\5FOFD9B73D6C-2CRMOI6
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9A5A8340-6B15
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Volaro Update
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinKit
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Winsta Update
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{598AC71E-BE58-3981-B78A-5C138F423AD6}
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{934B156A-3D17-3981-B78A-5C138F423AD6}
Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2ED35963-FCC9-4698-B619-787FE1C75079}
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{598AC71E-BE58-3981-B78A-5C138F423AD6}
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{934B156A-3D17-3981-B78A-5C138F423AD6}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2ED35963-FCC9-4698-B619-787FE1C75079}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{598AC71E-BE58-3981-B78A-5C138F423AD6}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{934B156A-3D17-3981-B78A-5C138F423AD6}
Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{2ED35963-FCC9-4698-B619-787FE1C75079}
Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{598AC71E-BE58-3981-B78A-5C138F423AD6}
Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{934B156A-3D17-3981-B78A-5C138F423AD6}
Software\NoVooIT
Software\NoVooITSet
Software\Volaro
SOFTWARE\Volaro Updater
Software\Vonteera
Software\Vonteera Safe ads
SOFTWARE\Vontera
SOFTWARE\Wow6432Node\Classes\AppID\AdSafe.DLL
SOFTWARE\Wow6432Node\Classes\AppID\adTech.DLL
SOFTWARE\Wow6432Node\Classes\AppID\DigiAd.DLL
SOFTWARE\Wow6432Node\Classes\AppID\NoVooIT.DLL
SOFTWARE\Wow6432Node\Classes\AppID\Vonteera.DLL
SOFTWARE\Wow6432Node\Classes\AppID\{6DD1B906-45FA-4A57-9AC6-01108C25067F}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{598AC71E-BE58-3981-B78A-5C138F423AD6}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{934B156A-3D17-3981-B78A-5C138F423AD6}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{2ED35963-FCC9-4698-B619-787FE1C75079}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{598AC71E-BE58-3981-B78A-5C138F423AD6}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{934B156A-3D17-3981-B78A-5C138F423AD6}
SOFTWARE\Wow6432Node\NoVooIT
SOFTWARE\Wow6432Node\Volaro Updater
SOFTWARE\Wow6432Node\Vonteera
SOFTWARE\Wow6432Node\Vontera

Directories

Adware.Vonteera may create the following directory or directories:

%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\NoVooITSet
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Vonteera
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Vonteera Safe ads
%APPDATA%\Convertor
%APPDATA%\Fixs
%APPDATA%\Flasher
%APPDATA%\NewNotepad
%APPDATA%\NoVooIT
%APPDATA%\NoVooITAddon
%APPDATA%\Notepader
%APPDATA%\PlusN
%APPDATA%\SoftAd
%APPDATA%\VolIE
%APPDATA%\WinKit
%APPDATA%\Winsta
%APPDATA%\denc
%APPDATA%\homerj
%APPDATA%\jellylam
%APPDATA%\miaul
%APPDATA%\myNotepad
%APPDATA%\npp
%APPDATA%\twr
%AppData%\Microsoft\Windows\Start Menu\Programs\GeniusXX
%LOCALAPPDATA%\Hoffer
%LOCALAPPDATA%\Wixer
%LOCALAPPDATA%\recoveredfiles
%PROGRAMFILES%\AdsFree
%PROGRAMFILES%\GeniusXXAddon
%PROGRAMFILES%\Mozilla Firefox\distribution\bundles\addon@Vonteera.com
%PROGRAMFILES%\Mozilla Firefox\distribution\bundles\addonFF@AdvanT.com
%PROGRAMFILES%\Mozilla Firefox\distribution\bundles\jason@schober.net
%PROGRAMFILES%\NoVooIT
%PROGRAMFILES%\NoVooITAddon
%PROGRAMFILES%\Volaro
%PROGRAMFILES%\VonteeraAddon
%PROGRAMFILES%\VonteeraSafeAds
%PROGRAMFILES%\Winsta
%PROGRAMFILES(x86)%\AdsFree
%PROGRAMFILES(x86)%\AppUpd
%PROGRAMFILES(x86)%\GeniusXXAddon
%PROGRAMFILES(x86)%\Mozilla Firefox\distribution\bundles\addon@Vonteera.com
%PROGRAMFILES(x86)%\Mozilla Firefox\distribution\bundles\addonFF@AdvanT.com
%PROGRAMFILES(x86)%\Volaro
%PROGRAMFILES(x86)%\VonteeraAddon
%PROGRAMFILES(x86)%\VonteeraSafeAds
%PROGRAMFILES(x86)%\Winsta
%appdata%\orlando
%appdata%\pdfie

URLs

Adware.Vonteera may call the following URLs:

Vonteera
deltaweather.com
exclusivetechnews.com
newsouts.com

Trending

Most Viewed

Loading...