We received the file TAB_TOOLBARUPHPER.EXE and detected that TAB_TOOLBARUPHPER.EXE is not good.
TAB_TOOLBARUPHPER.EXE is Adware. You should remove the file TAB_TOOLBARUPHPER.EXE.
Kill the process TAB_TOOLBARUPHPER.EXE and remove TAB_TOOLBARUPHPER.EXE from Windows.
Malware Analysis of TAB_TOOLBARUPHPER.EXE
Full path on a computer: %Program Files%\tab_toolbar\tab_toolbaruphper.exe
Detected by UnHackMe:
TAB_TOOLBARUPHPER.EXE
Default location: %Program Files%\tab_toolbar\tab_toolbaruphper.exe
Removal Results: Success
Number of reboot: 1
TAB_TOOLBARUPHPER.EXE is known as:
Adware.K.TabToolbar, Trojan.ADH.2, Adware.Kraddare.AMN (A), PUP.TabBrowser, Trojan.ADH, a variant of Win32.Adware.Kraddare.DN, unknown virus Win32.DH{IA8kIiUu}
TAB_TOOLBARUPHPER.EXE hash:
- MD5: 74595921d3e6fd5b6bab6c38521a0bfa
The file tries to download information from some web sites.
How to quickly detect TAB_TOOLBARUPHPER.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Classes\CLSID\{109E6ECE-4AC3-44D1-93B2-DF930C2AF422}\InprocServer32\: “C:\PROGRA~1\TAB_TO~1\TAB_TO~1.DLL”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\tab_toolbarhper: “C:\program files\tab_toolbar\tab_toolbaruphper.exe”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\tab_toolbar: “%Program Files%\tab_toolbar\tab_toolbarapp.exe”
Folders:- %Program Files%\tab_toolbar
Files:- %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_000054
- %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_000055
- %Local Appdata%\Google\Chrome\User Data\Default\Web Data-journal
- %Temp%\~DF9BA.tmp
- %Program Files%\tab_toolbar\blockkeyword.dt
- %Program Files%\tab_toolbar\brandkeyword.dt
- %Program Files%\tab_toolbar\breaksite.dt
- %Program Files%\tab_toolbar\breaksitest.dt
- %Program Files%\tab_toolbar\bsvive.dt
- %Program Files%\tab_toolbar\cadoclist.dt
- %Program Files%\tab_toolbar\category.dt
- %Program Files%\tab_toolbar\categorysite.dt
- %Program Files%\tab_toolbar\domainmatch.dt
- %Program Files%\tab_toolbar\dtab.dt
- %Program Files%\tab_toolbar\except.dt
- %Program Files%\tab_toolbar\info.dt
- %Program Files%\tab_toolbar\navilock.dt
- %Program Files%\tab_toolbar\op.dt
- %Program Files%\tab_toolbar\potalsite.dt
- %Program Files%\tab_toolbar\sponserlink.dt
- %Program Files%\tab_toolbar\tab_toolbar.dll
- %Program Files%\tab_toolbar\tab_toolbarapp.exe
- %Program Files%\tab_toolbar\tab_toolbarcb.exe
- %Program Files%\tab_toolbar\tab_toolbardel.exe
- %Program Files%\tab_toolbar\tab_toolbarup.exe
- %Program Files%\tab_toolbar\tab_toolbaruphper.exe
- %Program Files%\tab_toolbar\urlmatchquery.dt
- %Program Files%\tab_toolbar\vd.dat
- %Temp%\tab_toolbarup.exe