AlphaOne Technology Support Forums
Welcome, Guest. Please login or register.
January 07, 2009, 04:48:01 PM

Login with username, password and session length
Search:     Advanced search
1733 Posts in 827 Topics by 5334 Members
Latest Member: CDarenierdorn
* Home Help Search Login Register
AlphaOne Technology Support Forums  |  IMPORTANT ANNOUNCEMENTS  |  Adware Alerts  |  Topic: Adware.SideBySide 0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Adware.SideBySide  (Read 1524 times)
Brad
SysAdmin
Tech Team
Hero Member
********
Offline Offline

Posts: 391



View Profile
Adware.SideBySide
« on: July 07, 2005, 11:12:12 PM »
Behavior
Adware.SideBySide directs web searches to sidebysidesearch.com, and displays pop-up ads.

Symptoms
Your Symantec program detects Adware.SideBySide.

Transmission
The SideBySideSearch installer must be executed.

technical details
File names: sbss.exe

When Adware.SideBySide is executed, it performs the following actions:

   1. Creates the following files:

          * %ProgramFiles%\sbss\sbss.exe
          * %ProgramFiles%\sbss\Stop sbss.lnk
          * %ProgramFiles%\sbss\Uninstall sbss.exe

            Note: %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.

   2. Creates the following registry subkeys:

      HKEY_LOCAL_MACHINE\SOFTWARE\sbss
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sbss

   3. Adds the value:

      "sbss Launcher" =  "%ProgramFiles%\sbss\sbss.exe"

      to the registry subkey:

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

   4. Adds the values:

      "DisplayName" = "sbss"
      "NoModify" = "0x00000001"
      "UninstallString" = "C:\Program Files\sbss\Uninstall sbss.exe"

      to the registry subkey:

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sbss

   5. Adds the values:

      "InstalledTo" = "C:\Program Files\sbss"
      "LogURL" = "www.sidebysidesearch.com\nextvantage"
      "mQuery" = "0x00000000"
      "mGUID" = "{47A2A948-AB0A-4C20-A89F-6E847EDA7314}"
      "mADCODE" = "2089!ascentive"
      "startupflags" = "0x00000001"
      "InstalledVN" = "0x00002710"

      to the registry subkey:

      HKEY_LOCAL_MACHINE\SOFTWARE\sbss

   6. Monitors the user's online activity, sends keyword searches to sidebysidesearch.com, then displays a pop-up window displaying the search results retrieved from sidebysidesearch.com.

   7. Displays pop-up ads.

REMOVAL INSTRUCTIONS
See: http://securityresponse.symantec.com/avcenter/venc/data/adware.sidebyside.html

To delete the values from the registry
   1. Click Start > Run.
   2. Type regedit
      Then click OK.
   3. Navigate to the subkey:
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   4. In the right pane, delete the value:
      "sbss Launcher" =  "%ProgramFiles%\sbss\sbss.exe"
   5. Delete the following subkeys:
      HKEY_LOCAL_MACHINE\SOFTWARE\sbss
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sbss
   6. Exit the Registry Editor.
Logged
Mambo Hosting Resources
Pages: [1] Go Up Print 
AlphaOne Technology Support Forums  |  IMPORTANT ANNOUNCEMENTS  |  Adware Alerts  |  Topic: Adware.SideBySide « previous next »
Jump to:  

Powered by MySQL Powered by PHP AlphaOne Technology Support Forums | Powered by SMF 1.0.7.
© 2001-2005, Lewis Media. All Rights Reserved. 		Valid XHTML 1.0! Valid CSS!