Threat Database Adware Adware.Vonteera

Adware.Vonteera

By CagedTech in Adware

Threat Scorecard

Ranking: 3,082
Threat Level: 20 % (Normal)
Infected Computers: 102,202
First Seen: August 28, 2013
Last Seen: May 9, 2025
OS(es) Affected: Windows

Aliases

14 security vendors flagged this file as malicious.

Anti-Virus Software Detection
AVG Crypt4.BUKX
Ikarus Trojan.Crypt4
McAfee Artemis!3040BD1410AC
McAfee-GW-Edition Artemis!Trojan
Avast Win32:Dropper-gen [Drp]
Fortinet Riskware/PUP
Ikarus Win32.SuspectCrc
Panda Trj/CI.A
McAfee PUP-FSI
AhnLab-V3 Adware/Win32.Vonteera
McAfee-GW-Edition BehavesLike.Win32.Trojan.mh
DrWeb Adware.Volaro.1
Comodo UnclassifiedMalware
Avast Win32:Adware-gen [Adw]

File System Details

Adware.Vonteera may create the following file(s):
# File Name MD5 Detections
1. SPK.exe 3a2bddba52a87c9ddaef3c8d341bea38 3,854
2. Office.exe 70516b1af02e441076d114b513b248fb 3,080
3. uninstall.exe 0e59d8ec928df78ee74e4a24b6d6ca2b 2,956
4. SWUpdate.exe 2ca9478488ad609b7761ed95a5c5a93d 657
5. Updater.exe 5203db517872abaaf2e12ea6e8de9f80 482
6. addonVontsf.exe 4fb06684d7593a6c1f3f1dd678cc4f86 474
7. 4EA62A9E-2468-438F-A810-60C49FCD6509 5e58511d29161b72b7d62f9526f2d066 416
8. ProtectMe.dll 625284be70afeed29941da0bc5ead467 250
9. scope.exe c6c58c413b72c2395b4e23fdc19d472b 188
10. Convertor.exe 6a9b253e1183ce37bd3a3d93ad0e6e58 141
11. D48034F7-1609-5D8B-00FC-0C5F2D83749C a3d37971da8b868774035992d6e56226 88
12. advapi.dll c8785b045550e490ca6332f1f0c32a57 82
13. 1.exe 26db852f2a5d7e87a09ad8c2921d5b25 65
14. autochr.exe 6522ec874770d6750e1c0816d251d9e8 56
15. FoxPro_64.dll e6b0b88d7db0cab40cca2cf5fbd19631 35
16. CAD56A99-E3CC-DD4A-D150-5D252B96F20A d8fe00e37123e65466bcfaf7e530a72e 8
17. Shopify_64.dll 56640a8c0663a779d5be30f0f62f311e 6
18. FoxPro_32.dll 9f98dddcd09d51c4923f04ed2ea71590 4
19. hjmjt.exe 209af642985082a43e140b6ed279c44e 2
20. AdSafe_64.dll 6acdcbde45eaf59e6275333aa805a643 1
21. AdSafe_32.dll 81799a3a9f625c51b0fc577c0bf82f83 1
22. GUP.exe 3040bd1410ac7cd009b60e14bdda7975 1
23. RJFC.exe f43b436ddb1545de485716b00c22d373 1
24. job.exe cc40397ee1fa772fad8a1a1ae0f7eab5 1
25. c32s.exe 51c02b5cf5d3722ab175f02315db8f44 1
26. noodle.exe 6cd76db541cdb6767c7fec7a591dad0f 1
27. Shopify_32.dll 204c4b28e7f059f2f005db7ef861697a 1
28. RemoveTool.exe a62df77c0605d7fc3f0b28930950a132 1
More files

Registry Details

Adware.Vonteera may create the following registry entry or registry entries:
CLSID
{2ED35963-FCC9-4698-B619-787FE1C75079}
{3FC2D59A-5C76-1E97-30DC-1EC6784419E5}
{437B9306-2FDE-4054-A3C9-6B49507C12D0}
{598AC71E-BE58-3981-B78A-5C138F423AD6}
{5CF787D4-66B4-4C7F-B78C-0AF62BA927AB}
{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}
{63D2A451-3351-178C-7BC4-13C4D58A7652}
{934B156A-3D17-3981-B78A-5C138F423AD6}
{93D0B762-03DD-416f-AA26-B65F55B8914D}
{ACEC5B69-F74E-445A-AC6C-CF621C680893}
{F0CF2525-8FA4-4F38-A06B-F02183A4D51E}
Regexp file mask
%ALLUSERSPROFILE%\Convertor\Convertor.exe
%ALLUSERSPROFILE%\Drv\Drv.exe
%ALLUSERSPROFILE%\Kirin\Kirin.exe
%AppData%\addonVont.zip
%APPDATA%\Crown\SPK.exe
%AppData%\htcon\Updater.exe
%APPDATA%\SPK\SPK.exe
%LOCALAPPDATA%\diag\Chomp.exe
%PROGRAMFILES(x86)%\GeniusXXAddon
%PROGRAMFILES(x86)%\onewebsearch
%windir%\System32\Tasks\4CEFD9B73D6C-1CRMOI2
%windir%\System32\Tasks\5FOFD9B73D6C-2CRMOI6
%WINDIR%\System32\Tasks\Volaro Update
active_permissions\{2ED35963-FCC9-4698-B619-787FE1C75079}
active_permissions\{598AC71E-BE58-3981-B78A-5C138F423AD6}
active_permissions\{934B156A-3D17-3981-B78A-5C138F423AD6}
SOFTWARE\Classes\AdSafe.AdSafe
SOFTWARE\Classes\AdSafe.AdSafe.1
SOFTWARE\Classes\adTech.adTech
SOFTWARE\Classes\adTech.adTech.1
SOFTWARE\Classes\AppID\AdSafe.DLL
SOFTWARE\Classes\AppID\adTech.DLL
SOFTWARE\Classes\AppID\DigiAd.DLL
SOFTWARE\Classes\AppID\NoVooIT.DLL
SOFTWARE\Classes\AppID\Vonteera.DLL
SOFTWARE\Classes\AppID\{6DD1B906-45FA-4A57-9AC6-01108C25067F}
SOFTWARE\Classes\DigiAd.DigiAd
SOFTWARE\Classes\DigiAd.DigiAd.1
SOFTWARE\Classes\FoxPro.FoxPro
SOFTWARE\Classes\FoxPro.FoxPro.1
SOFTWARE\Classes\NoVooIT.NoVooIT
SOFTWARE\Classes\NoVooIT.NoVooIT.1
SOFTWARE\Classes\Vonteera.Vonteera
SOFTWARE\Classes\Vonteera.Vonteera.1
SOFTWARE\Classes\Wow6432Node\AppID\AdSafe.DLL
SOFTWARE\Classes\Wow6432Node\AppID\adTech.DLL
SOFTWARE\Classes\Wow6432Node\AppID\DigiAd.DLL
SOFTWARE\Classes\Wow6432Node\AppID\NoVooIT.DLL
SOFTWARE\Classes\Wow6432Node\AppID\Vonteera.DLL
SOFTWARE\Classes\Wow6432Node\AppID\{6DD1B906-45FA-4A57-9AC6-01108C25067F}
Software\Microsoft\Internet Explorer\Approved Extensions\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
Software\Microsoft\Internet Explorer\Approved Extensions\{598AC71E-BE58-3981-B78A-5C138F423AD6}
Software\Microsoft\Internet Explorer\Approved Extensions\{934B156A-3D17-3981-B78A-5C138F423AD6}
Software\Microsoft\Internet Explorer\SearchScopes\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4CEFD9B73D6C-1CRMOI2
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\5FOFD9B73D6C-2CRMOI6
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9A5A8340-6B15
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Volaro Update
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinKit
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Winsta Update
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{598AC71E-BE58-3981-B78A-5C138F423AD6}
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{934B156A-3D17-3981-B78A-5C138F423AD6}
Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2ED35963-FCC9-4698-B619-787FE1C75079}
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{598AC71E-BE58-3981-B78A-5C138F423AD6}
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{934B156A-3D17-3981-B78A-5C138F423AD6}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2ED35963-FCC9-4698-B619-787FE1C75079}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{598AC71E-BE58-3981-B78A-5C138F423AD6}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{934B156A-3D17-3981-B78A-5C138F423AD6}
Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{2ED35963-FCC9-4698-B619-787FE1C75079}
Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{598AC71E-BE58-3981-B78A-5C138F423AD6}
Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{934B156A-3D17-3981-B78A-5C138F423AD6}
Software\NoVooIT
Software\NoVooITSet
Software\Volaro
SOFTWARE\Volaro Updater
Software\Vonteera
Software\Vonteera Safe ads
SOFTWARE\Vontera
SOFTWARE\Wow6432Node\Classes\AppID\AdSafe.DLL
SOFTWARE\Wow6432Node\Classes\AppID\adTech.DLL
SOFTWARE\Wow6432Node\Classes\AppID\DigiAd.DLL
SOFTWARE\Wow6432Node\Classes\AppID\NoVooIT.DLL
SOFTWARE\Wow6432Node\Classes\AppID\Vonteera.DLL
SOFTWARE\Wow6432Node\Classes\AppID\{6DD1B906-45FA-4A57-9AC6-01108C25067F}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{598AC71E-BE58-3981-B78A-5C138F423AD6}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{934B156A-3D17-3981-B78A-5C138F423AD6}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{2ED35963-FCC9-4698-B619-787FE1C75079}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{437B9306-2FDE-4054-A3C9-6B49507C12D0}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{598AC71E-BE58-3981-B78A-5C138F423AD6}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{934B156A-3D17-3981-B78A-5C138F423AD6}
SOFTWARE\Wow6432Node\NoVooIT
SOFTWARE\Wow6432Node\Volaro Updater
SOFTWARE\Wow6432Node\Vonteera
SOFTWARE\Wow6432Node\Vontera

Directories

Adware.Vonteera may create the following directory or directories:

%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\NoVooITSet
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Vonteera
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Vonteera Safe ads
%APPDATA%\Convertor
%APPDATA%\Fixs
%APPDATA%\Flasher
%APPDATA%\NewNotepad
%APPDATA%\NoVooIT
%APPDATA%\NoVooITAddon
%APPDATA%\Notepader
%APPDATA%\PlusN
%APPDATA%\SoftAd
%APPDATA%\VolIE
%APPDATA%\WinKit
%APPDATA%\Winsta
%APPDATA%\denc
%APPDATA%\homerj
%APPDATA%\jellylam
%APPDATA%\miaul
%APPDATA%\myNotepad
%APPDATA%\npp
%APPDATA%\twr
%AppData%\Microsoft\Windows\Start Menu\Programs\GeniusXX
%LOCALAPPDATA%\Hoffer
%LOCALAPPDATA%\Wixer
%LOCALAPPDATA%\recoveredfiles
%PROGRAMFILES%\AdsFree
%PROGRAMFILES%\GeniusXXAddon
%PROGRAMFILES%\Mozilla Firefox\distribution\bundles\addon@Vonteera.com
%PROGRAMFILES%\Mozilla Firefox\distribution\bundles\addonFF@AdvanT.com
%PROGRAMFILES%\Mozilla Firefox\distribution\bundles\jason@schober.net
%PROGRAMFILES%\NoVooIT
%PROGRAMFILES%\NoVooITAddon
%PROGRAMFILES%\Volaro
%PROGRAMFILES%\VonteeraAddon
%PROGRAMFILES%\VonteeraSafeAds
%PROGRAMFILES%\Winsta
%PROGRAMFILES(x86)%\AdsFree
%PROGRAMFILES(x86)%\AppUpd
%PROGRAMFILES(x86)%\GeniusXXAddon
%PROGRAMFILES(x86)%\Mozilla Firefox\distribution\bundles\addon@Vonteera.com
%PROGRAMFILES(x86)%\Mozilla Firefox\distribution\bundles\addonFF@AdvanT.com
%PROGRAMFILES(x86)%\Volaro
%PROGRAMFILES(x86)%\VonteeraAddon
%PROGRAMFILES(x86)%\VonteeraSafeAds
%PROGRAMFILES(x86)%\Winsta
%appdata%\orlando
%appdata%\pdfie

URLs

Adware.Vonteera may call the following URLs:

Vonteera
exclusivetechnews.com
newsouts.com

Trending

Most Viewed

Loading...