We received the file V4BAR.DLL and detected that V4BAR.DLL is not good.
V4BAR.DLL is Adware. You should remove the file V4BAR.DLL.
Kill the process V4BAR.DLL and remove V4BAR.DLL from Windows.
Malware Analysis of V4BAR.DLL
Full path on a computer: %Program Files%\DictionaryBoss\bar\1.bin\v4bar.dll
Detected by UnHackMe:
V4BAR.DLL
Default location: %Program Files%\DictionaryBoss\bar\1.bin\v4bar.dll
Removal Results: Success
Number of reboot: 1
V4BAR.DLL is known as:
Adware.MyWebSearch
V4BAR.DLL hash:
- MD5: f86336c978311761bc3e2a80b08d46bc
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect V4BAR.DLL presence?
Image may be NSFW.
Clik here to view.
Registry:
Clik here to view.
Registry:- HKLM\Software\Classes\CLSID\{032416f0-0007-481b-9df8-9bcd1bf357f0}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4feedmg.dll”
- HKLM\Software\Classes\CLSID\{045c5f24-9e13-4ea8-ab93-fddab34f3fa5}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4uabtn.dll”
- HKLM\Software\Classes\CLSID\{13119113-0854-469d-807A-171568457991}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4sknlcr.dll”
- HKLM\Software\Classes\CLSID\{23f28f6b-50a2-4327-9450-7d3d2f33daae}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4httpct.dll”
- HKLM\Software\Classes\CLSID\{272143f8-3dbe-424c-949f-20acd11e5a6d}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4skin.dll”
- HKLM\Software\Classes\CLSID\{2c72f7a5-8160-4024-94d8-e0995d547bb0}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4dyn.dll”
- HKLM\Software\Classes\CLSID\{3042df7a-e900-4389-9b94-923df0daa57e}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4bar.dll”
- HKLM\Software\Classes\CLSID\{33119133-0854-469d-807A-171568457991}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4sknlcr.dll”
- HKLM\Software\Classes\CLSID\{488c2712-1482-42ad-bc4d-681e5832f0c2}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4datact.dll”
- HKLM\Software\Classes\CLSID\{58376892-60e7-4f63-aca0-0f686af554d6}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4SrcAs.dll”
- HKLM\Software\Classes\CLSID\{5b610696-32b6-416c-bf5c-ca4f60a345dd}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4skin.dll”
- HKLM\Software\Classes\CLSID\{6d0c6f55-e3eb-4d6b-8f52-996b4da196d9}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4msg.dll”
- HKLM\Software\Classes\CLSID\{6eb534fb-2001-45c4-b860-bc904865a379}\InprocServer32\: “C:\PROGRA~1\DICTIO~2\bar\1.bin\v4bar.dll”
- HKLM\Software\Classes\CLSID\{715321aa-a1fc-4058-8ffa-668d687b6e32}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4radio.dll”
- HKLM\Software\Classes\CLSID\{73a7cce6-ff3a-4c7f-9a3e-db9bd92be292}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4skin.dll”
- HKLM\Software\Classes\CLSID\{82481cff-738f-4410-bffb-77595d5d9faa}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4radio.dll”
- HKLM\Software\Classes\CLSID\{8eb0aaa0-2ffe-4326-8331-efe2d5d15ec7}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4bar.dll”
- HKLM\Software\Classes\CLSID\{afed4702-7932-4426-aea4-9b248189c7a3}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4script.dll”
- HKLM\Software\Classes\CLSID\{b160a11e-8cde-47dd-bc20-2d67921fe5c6}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4bprtct.dll”
- HKLM\Software\Classes\CLSID\{b4ea8204-ee81-4f73-a240-ec4aeb8ad3de}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4mlbtn.dll”
- HKLM\Software\Classes\CLSID\{da08805b-ba32-426b-ad14-ecac8235a8aa}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4dlghk.dll”
- HKLM\Software\Classes\CLSID\{e001b32e-5acb-4cce-9910-2d379ce0a6d6}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4tpinst.dll”
- HKLM\Software\Classes\CLSID\{eb2049f6-9dfa-4e51-b2a1-fc5a6e596c80}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\T8HTML.DLL”
- HKLM\Software\Classes\CLSID\{F9A402FD-82C8-4743-991E-BC77E62DA0E5}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4htmlmu.dll”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\DictionaryBoss Search Scope Monitor: “”C:\PROGRA~1\DICTIO~2\bar\1.bin\v4srchmn.exe” /m=2 /w /h”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\DictionaryBoss Browser Plugin Loader: “C:\PROGRA~1\DICTIO~2\bar\1.bin\v4brmon.exe”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DictionaryBossbar Uninstall Firefox\UninstallString: “rundll32 “%Program Files%\DictionaryBoss\bar\1.bin\v4Bar.dll”,O mindsparktoolbarkey=”DictionaryBoss” uninstalltype=”FF”"
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DictionaryBossbar Uninstall Internet Explorer\UninstallString: “rundll32 “%Program Files%\DictionaryBoss\bar\1.bin\v4Bar.dll”,O mindsparktoolbarkey=”DictionaryBoss” uninstalltype=”IE”"
- HKLM\Software\DictionaryBoss\bar\UninstallString: “”%Program Files%\DictionaryBoss\bar\1.bin\v4highin.exe” v4bar.dll,O uninstalltype=”IE”"
- HKLM\System\CurrentControlSet\Services\DictionaryBossService\Security\Security: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
- HKLM\System\CurrentControlSet\Services\DictionaryBossService\Type: 0×00000010
- HKLM\System\CurrentControlSet\Services\DictionaryBossService\Start: 0×00000002
- HKLM\System\CurrentControlSet\Services\DictionaryBossService\ErrorControl: 0×00000001
- HKLM\System\CurrentControlSet\Services\DictionaryBossService\ImagePath: “C:\PROGRA~1\DICTIO~2\bar\1.bin\v4barsvc.exe”
- HKLM\System\CurrentControlSet\Services\DictionaryBossService\DisplayName: “DictionaryBossService”
- HKLM\System\CurrentControlSet\Services\DictionaryBossService\ObjectName: “LocalSystem”
Image may be NSFW.
Clik here to view.![]( "Folders")
Folders:
Clik here to view.
Folders:- %Program Files%\Google\Chrome\Temp
- %Program Files%\Google\Chrome\Temp\source788_18899
- %Program Files%\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}
- %Program Files%\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.57
- %Program Files%\Google\Update\Install\{2A5B303E-2D08-437A-A55E-958631D5B57A}
- %Program Files%\DictionaryBoss
- %Program Files%\DictionaryBoss\bar
- %Program Files%\DictionaryBoss\bar\1.bin
- %Program Files%\DictionaryBoss\bar\1.bin\chrome
- %Program Files%\DictionaryBoss\bar\1.bin\ThirdPartyInstallers
- %Program Files%\DictionaryBoss\bar\Cache
- %Program Files%\DictionaryBoss\bar\gen1
- %Program Files%\DictionaryBoss\bar\History
- %Program Files%\DictionaryBoss\bar\IE9Mesg
- %Program Files%\DictionaryBoss\bar\Message
- %Program Files%\DictionaryBoss\bar\Settings
- %Program Files%\DictionaryBoss\DictionaryBoss
- %Program Files%\DictionaryBoss\DictionaryBoss\Cache
Image may be NSFW.
Clik here to view.![]( "Files")
Files:
Clik here to view.
Files:- %Program Files%\DictionaryBoss\bar\1.bin\NPv4Stub.dll
- %Program Files%\DictionaryBoss\bar\1.bin\T8EXTEX.DLL
- %Program Files%\DictionaryBoss\bar\1.bin\T8EXTPEX.DLL
- %Program Files%\DictionaryBoss\bar\1.bin\T8HTML.DLL
- %Program Files%\DictionaryBoss\bar\1.bin\T8RES.DLL
- %Program Files%\DictionaryBoss\bar\1.bin\T8TICKER.DLL
- %Program Files%\DictionaryBoss\bar\1.bin\v4auxstb.dll
- %Program Files%\DictionaryBoss\bar\1.bin\v4bar.dll
- %Program Files%\DictionaryBoss\bar\1.bin\v4barsvc.exe
- %Program Files%\DictionaryBoss\bar\1.bin\v4bprtct.dll
- %Program Files%\DictionaryBoss\bar\1.bin\v4brmon.exe
- %Program Files%\DictionaryBoss\bar\1.bin\v4brstub.dll
- %Program Files%\DictionaryBoss\bar\1.bin\v4datact.dll