Content

Adware-Bazookabar

Type
Program
SubType
Adware
Discovery Date
06/21/2005
Minimum DAT
4518 (06/21/2005)
Updated DAT
4589 (09/23/2005)
Minimum Engine
5.1.00
Description Added
06/21/2005
Description Modified
09/23/2005 5:47 AM (PT)

Tab Navigation

Characteristics

McAfee(R) AVERT recognizes that this program may have legitimate uses in contexts where an authorized administrator has knowingly installed this application. If you agreed to a license agreement for this, or another bundled application, you may have legal obligations with regard to removing this software, or using the host application without this software. Please contact the software vendor for further information.

See http://vil.nai.com/vil/DATReadme.asp for a list of Program detections added to the DATs.

See http://vil.nai.com/vil/pups/configuration.htm for information about how to enable, disable, and exclude detection of legitimately installed programs.

Summary

This is not a virus or a Trojan.
It is an adware application and may generate extra pop-up ads while using Internet Explorer. This kind of application generally comes bundled with another program, which usually discloses the fact that it is ad-supported


Privacy

A license agreement is displayed during installation.

System Changes

File Name : bazookabar.exe
MD5Hash : b6c69f17166fe4f2605d1993179fac67

Upon execution of the application, a toolbar is installed in the Internet Explorer. While browsing internet some connections are made with "myarmory.com".

Following directory is added:

  • %Program Files%\BazookaBar

 Following files are added:

  • ActiveWin32.exe
  • Bar.exe
  • CloseExplorer.exe
  • CloseExplorerU.exe
  • RegMfc.exe
  • UsersstarArticsBar.dll

Following registry entries are added:

  • HKEY_CLASSES_ROOT\BazookaBar.BazookaBarBand
  • HKEY_CLASSES_ROOT\BazookaBar.BazookaBarBand.1
  • HKEY_CLASSES_ROOT\CLSID\{7891DA15-428E-11D7-BCC1-
    00A024831A8C} displayname="Bazooka "
  • HKEY_CLASSES_ROOT\Interface\{D4242DC5-1AEF-46C1-A09A-
    9136E5F9871E} displayname="IKBBarBand"
  • HKEY_CLASSES_ROOT\TypeLib\{DCB8F6AD-65FD-42BF-B0F8-
    549FCFE717C0}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
    BazookaBar.BazookaBarBand
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
    BazookaBar.BazookaBarBand.1
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\
    Toolbar "{7891DA15-428E-11D7-BCC1-00A024831A8C}"
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
    CurrentVersion\Uninstall\BazookaBar

Network Impact

Additional overhead in bandwidth due to download of content.


Aliases

Aliases

  • Spyware.Bazookabar : Symantec