Adware.Grabrez
Posted: February 5, 2014
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 11,597 |
|---|---|
| Threat Level: | 2/10 |
| Infected PCs: | 44,165 |
| First Seen: | February 5, 2014 |
|---|---|
| Last Seen: | October 16, 2023 |
| OS(es) Affected: | Windows |
Adware.Grabrez is adware that may show pop-up ads, discount coupons, deals, offers and sponsored links via a pop-up box on social networking and online shopping websites that PC users are visiting. The Adware.Grabrez pop-up advertisements and messages may be shown as boxes, which may encompass a variety of deals and offers which, when clicked, may forcibly reroute PC users to unknown websites that may be commercial. The websites affiliated with Adware.Grabrez were designed to probably generate advertising revenue from clicks on ads and raised website traffic. When installed on the PC, Adware.Grabrez may insert a browser extension, add-on or plug-in for Internet Explorer, Mozilla Firefox and Google Chrome Web browsers when computer users install a variety of freeware that might had added into their installation Adware.Grabrez. When PC users install freeware, they may also install Adware.Grabrez on the computer system.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%WINDIR%\System32\drivers\wStLibG64.sys
File name: wStLibG64.sysSize: 61.11 KB (61112 bytes)
MD5: a5dba1cb7be608c49b5465678a45265d
Detection count: 2,054
File type: System file
Mime Type: unknown/sys
Path: %WINDIR%\System32\drivers
Group: Malware file
Last Updated: December 28, 2018
%PROGRAMFILES%\GrabRez\bin\utilGrabRez.exe
File name: utilGrabRez.exeSize: 348.44 KB (348440 bytes)
MD5: bccce5be3aa9ed6d2de8b766a166121c
Detection count: 639
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES(x86)%\GrabRez\bin\utilGrabRez.exe
File name: utilGrabRez.exeSize: 350.48 KB (350488 bytes)
MD5: 3dde3d5daa659403a5923791a820aa77
Detection count: 548
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES(x86)%\GrabRez\bin\XTLSApp.exe
File name: XTLSApp.exeSize: 94.48 KB (94488 bytes)
MD5: ba82153e9ddc8d11c3f00d6c144fb66b
Detection count: 333
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES%\GrabRez\bin\XTLSApp.exe
File name: XTLSApp.exeSize: 78.61 KB (78616 bytes)
MD5: bc0b25919e0891d2f90158302432291d
Detection count: 279
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES(x86)%\GrabRez\bin\GrabRez.BrowserAdapter.exe
File name: GrabRez.BrowserAdapter.exeSize: 95.51 KB (95512 bytes)
MD5: 57b0336f5fae4a408ee501b05a73911d
Detection count: 260
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES(x86)%\GrabRez\bin\utilGrabRez.exe
File name: utilGrabRez.exeSize: 350.48 KB (350488 bytes)
MD5: 2c1a32548e630ae05f367495cfa3ebad
Detection count: 232
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES%\GrabRez\bin\utilGrabRez.exe
File name: utilGrabRez.exeSize: 350.48 KB (350488 bytes)
MD5: 188bd632138a8aa50e8df4e44279025a
Detection count: 178
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES(x86)%\GrabRez\bin\utilGrabRez.exe
File name: utilGrabRez.exeSize: 350.48 KB (350488 bytes)
MD5: df50f0cf6d97b8ad0646d3db605cf7eb
Detection count: 159
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES%\GrabRez\bin\utilGrabRez.exe
File name: utilGrabRez.exeSize: 317.72 KB (317720 bytes)
MD5: 68fcab96e71e2720a15dbadaa9dc4bde
Detection count: 143
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GrabRez\bin
Group: Malware file
Last Updated: February 22, 2020
%PROGRAMFILES(x86)%\GrabRez\bin\utilGrabRez.exe
File name: utilGrabRez.exeSize: 316.69 KB (316696 bytes)
MD5: c6f7056a7d97e6900db19154cd9a0263
Detection count: 141
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES%\GrabRez\bin\GrabRez.BrowserAdapter.exe
File name: GrabRez.BrowserAdapter.exeSize: 96.02 KB (96024 bytes)
MD5: 090573046ed9567d0d5a264a70f35f75
Detection count: 131
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES(x86)%\GrabRez\bin\utilGrabRez.exe
File name: utilGrabRez.exeSize: 316.69 KB (316696 bytes)
MD5: 98495373da9c8214b2fd2c7a89f6a0d7
Detection count: 129
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: May 1, 2019
%PROGRAMFILES(x86)%\GrabRez\bin\XTLSApp.exe
File name: XTLSApp.exeSize: 94.48 KB (94488 bytes)
MD5: e3720b115d553550d61dc0a2a6c71c94
Detection count: 126
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES(x86)%\GrabRez\bin\GrabRez.PurBrowse64.exe
File name: GrabRez.PurBrowse64.exeSize: 287 KB (287000 bytes)
MD5: e2c6ffc4a7d91cff502a472bb1893d21
Detection count: 126
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES%\GrabRez\bin\GrabRez.PurBrowse.exe
File name: GrabRez.PurBrowse.exeSize: 239.38 KB (239384 bytes)
MD5: 7aca8bd6e9203d693091e496cf85500d
Detection count: 126
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES%\GrabRez\bin\GrabRez.BrowserAdapter.exe
File name: GrabRez.BrowserAdapter.exeSize: 95.51 KB (95512 bytes)
MD5: 95a9e9b8dbca22a6986839d94b6ed5f5
Detection count: 110
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES(x86)%\GrabRez\bin\GrabRez.BrowserAdapter.exe
File name: GrabRez.BrowserAdapter.exeSize: 95.51 KB (95512 bytes)
MD5: 1eaf712a625002753969e4ec87ccc82c
Detection count: 105
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES(x86)%\GrabRez\bin\utilGrabRez.exe
File name: utilGrabRez.exeSize: 351 KB (351000 bytes)
MD5: 5cb624604b919b7a84a464f639f03b39
Detection count: 94
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES(x86)%\GrabRez\bin\GrabRez.BrowserAdapter.exe
File name: GrabRez.BrowserAdapter.exeSize: 95.51 KB (95512 bytes)
MD5: c78ed3aff6509ac3b8a31296d3b9b018
Detection count: 91
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES(x86)%\GrabRez\bin\utilGrabRez.exe
File name: utilGrabRez.exeSize: 317.72 KB (317720 bytes)
MD5: c5e7f53c69ba980a5a281da7c2ba8c50
Detection count: 87
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES(x86)%\GrabRez\bin\utilGrabRez.exe
File name: utilGrabRez.exeSize: 317.72 KB (317720 bytes)
MD5: 043c67f7bbed481475682aca90541e2b
Detection count: 87
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES(x86)%\GrabRez\bin\utilGrabRez.exe
File name: utilGrabRez.exeSize: 350.48 KB (350488 bytes)
MD5: c591b29540f0ab1bd4f8591707bba715
Detection count: 84
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
%PROGRAMFILES(x86)%\GrabRez\bin\utilGrabRez.exe
File name: utilGrabRez.exeSize: 317.72 KB (317720 bytes)
MD5: 83444c066ac51a169f7dfe26187253f5
Detection count: 82
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GrabRez\bin
Group: Malware file
Last Updated: June 13, 2014
More files
Registry Modifications
The following newly produced Registry Values are:
CLSID{6C7BB828-4CF1-4C42-8028-7D15996DEA0E}{A7A47A0B-0338-407A-88CC-04F303AE7BBC}{e1420d09-acc8-4efd-9965-e7ae3c5b977c}HKEY..\..\..\..{RegistryKeys}Software\GrabRezSoftware\Microsoft\Internet Explorer\Approved Extensions\{E1420D09-ACC8-4EFD-9965-E7AE3C5B977C}SOFTWARE\Microsoft\Tracing\GrabRez_RASAPI32SOFTWARE\Microsoft\Tracing\GrabRez_RASMANCSSOFTWARE\Microsoft\Tracing\updateGrabRez_RASAPI32SOFTWARE\Microsoft\Tracing\updateGrabRez_RASMANCSSOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{e1420d09-acc8-4efd-9965-e7ae3c5b977c}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E1420D09-ACC8-4EFD-9965-E7AE3C5B977C}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E1420D09-ACC8-4EFD-9965-E7AE3C5B977C}Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{e1420d09-acc8-4efd-9965-e7ae3c5b977c}SOFTWARE\Wow6432Node\GrabRezSOFTWARE\Wow6432Node\Microsoft\Tracing\GrabRez_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\GrabRez_RASMANCSSOFTWARE\Wow6432Node\Microsoft\Tracing\updateGrabRez_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\updateGrabRez_RASMANCSSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{e1420d09-acc8-4efd-9965-e7ae3c5b977c}SYSTEM\ControlSet001\services\eventlog\Application\Update GrabRezSYSTEM\ControlSet001\services\Update GrabRezSYSTEM\ControlSet002\services\eventlog\Application\Update GrabRezSYSTEM\ControlSet002\services\Update GrabRezSYSTEM\CurrentControlSet\services\eventlog\Application\Update GrabRezSYSTEM\CurrentControlSet\services\Update GrabRezHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}GrabRez
CLSID{6C7BB828-4CF1-4C42-8028-7D15996DEA0E}{A7A47A0B-0338-407A-88CC-04F303AE7BBC}{e1420d09-acc8-4efd-9965-e7ae3c5b977c}HKEY..\..\..\..{RegistryKeys}Software\GrabRezSoftware\Microsoft\Internet Explorer\Approved Extensions\{E1420D09-ACC8-4EFD-9965-E7AE3C5B977C}SOFTWARE\Microsoft\Tracing\GrabRez_RASAPI32SOFTWARE\Microsoft\Tracing\GrabRez_RASMANCSSOFTWARE\Microsoft\Tracing\updateGrabRez_RASAPI32SOFTWARE\Microsoft\Tracing\updateGrabRez_RASMANCSSOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{e1420d09-acc8-4efd-9965-e7ae3c5b977c}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E1420D09-ACC8-4EFD-9965-E7AE3C5B977C}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E1420D09-ACC8-4EFD-9965-E7AE3C5B977C}Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{e1420d09-acc8-4efd-9965-e7ae3c5b977c}SOFTWARE\Wow6432Node\GrabRezSOFTWARE\Wow6432Node\Microsoft\Tracing\GrabRez_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\GrabRez_RASMANCSSOFTWARE\Wow6432Node\Microsoft\Tracing\updateGrabRez_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\updateGrabRez_RASMANCSSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{e1420d09-acc8-4efd-9965-e7ae3c5b977c}SYSTEM\ControlSet001\services\eventlog\Application\Update GrabRezSYSTEM\ControlSet001\services\Update GrabRezSYSTEM\ControlSet002\services\eventlog\Application\Update GrabRezSYSTEM\ControlSet002\services\Update GrabRezSYSTEM\CurrentControlSet\services\eventlog\Application\Update GrabRezSYSTEM\CurrentControlSet\services\Update GrabRezHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}GrabRez
Additional Information
The following directories were created:
%ProgramFiles%\GrabRez%ProgramFiles(x86)%\GrabRez
The following URL's were detected:
GrabRez
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.