What is Advanced Elite Ad-ware

I’ve been working with Advanced Elite Ad-ware on my network lately.This is ad-ware that inserts ads on webpages no matter what browser you use.

Here on my Google drive I have a MalwareBytes scan result and the actual program files.

https://drive.google.com/folderview?id=0BwUyKwf0cAX0bUs5ZU1lcUNJdHc&usp=sharing

The program files are:
AdvanceElite.BOAS.exe
AdvanceElite.BOASHelper.exe
AdvanceElite.BOASPRT.exe
AdvanceElite.BrowserAdapter.exe
AdvanceElite.BrowserAdapter64.exe
AdvanceElite.PurBrowse64.exe
utilAdvanceElite.exe

The program comes bundled with silly software the user might install. Similar how Ask toolbar comes with a java update. You have to opt-out of the install of this annoying ad-ware.

For my domain I did a MD5 hash block for the programs mentioned in hopes it would prevent it from coming back. Our antivirus (Microsoft) does not catch this type of program (yet).

Malwarebytes scan text:

Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 10/7/2014 Scan Time: 10:50:30 AM Logfile: farner scan.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.10.07.08 Rootkit Database: v2014.09.19.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: farnerce Scan Type: Threat Scan Result: Completed Objects Scanned: 389434 Time Elapsed: 14 min, 30 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 9 PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinutilAdvanceElite.exe, 2680, , [c91bcd448eee0036bdd8d7edbd44c937] PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceEliteupdateAdvanceElite.exe, 3756, , [7f65df32fc80ac8a22732e967a8724dc] PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.BOAS.exe, 940, , [60847899304ce155d453a7da030157a9] PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.BOAS.exe, 2880, , [60847899304ce155d453a7da030157a9] PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.BOASHelper.exe, 3900, , [60847899304ce155d453a7da030157a9] PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.BOASPRT.exe, 2468, , [60847899304ce155d453a7da030157a9] PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.BOASPRT.exe, 2620, , [60847899304ce155d453a7da030157a9] PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.BrowserAdapter.exe, 3556, , [60847899304ce155d453a7da030157a9] PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.BrowserAdapter64.exe, 2132, , [60847899304ce155d453a7da030157a9] Modules: 4 PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceEliteAdvanceElitebho.dll, , [00e4858c4f2d989efe96893b24ddb848], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinbb7b7a60f57447c28a0b.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebin{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebin{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}.dll, , [60847899304ce155d453a7da030157a9], Registry Keys: 30 PUP.Optional.AdvanceElite.A, HKLMSYSTEMCURRENTCONTROLSETSERVICESUtil AdvanceElite, , [c91bcd448eee0036bdd8d7edbd44c937], PUP.Optional.AdvanceElite.A, HKLMSYSTEMCURRENTCONTROLSETSERVICESUpdate AdvanceElite, , [7f65df32fc80ac8a22732e967a8724dc], PUP.Optional.AdvanceElite.A, HKLMSOFTWAREWOW6432NODECLASSESCLSID{3b2cb4c8-72ab-4b25-8fa1-219b36a60bed}, , [00e4858c4f2d989efe96893b24ddb848], PUP.Optional.AdvanceElite.A, HKLMSOFTWARECLASSESTYPELIB{9303da31-7a21-45fd-bd61-03ea56853012}, , [00e4858c4f2d989efe96893b24ddb848], PUP.Optional.AdvanceElite.A, HKLMSOFTWARECLASSESINTERFACE{D6625FAD-EF8D-465C-B9D3-81BB22C40253}, , [00e4858c4f2d989efe96893b24ddb848], PUP.Optional.AdvanceElite.A, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{D6625FAD-EF8D-465C-B9D3-81BB22C40253}, , [00e4858c4f2d989efe96893b24ddb848], PUP.Optional.AdvanceElite.A, HKLMSOFTWAREWOW6432NODECLASSESTYPELIB{9303da31-7a21-45fd-bd61-03ea56853012}, , [00e4858c4f2d989efe96893b24ddb848], PUP.Optional.AdvanceElite.A, HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWSCURRENTVERSIONEXPLORERBROWSER HELPER OBJECTS{3B2CB4C8-72AB-4B25-8FA1-219B36A60BED}, , [00e4858c4f2d989efe96893b24ddb848], PUP.Optional.AdvanceElite.A, HKUS-1-5-21-244836192-1037287325-2641844300-10184-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREMICROSOFTWINDOWSCURRENTVERSIONEXTSETTINGS{3B2CB4C8-72AB-4B25-8FA1-219B36A60BED}, , [00e4858c4f2d989efe96893b24ddb848], PUP.Optional.AdvanceElite.A, HKUS-1-5-21-244836192-1037287325-2641844300-10184-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREMICROSOFTWINDOWSCURRENTVERSIONEXTSTATS{3B2CB4C8-72AB-4B25-8FA1-219B36A60BED}, , [00e4858c4f2d989efe96893b24ddb848], PUP.Optional.BrowseFox.A, HKLMSOFTWARECLASSESCLSID{4AA46D49-459F-4358-B4D1-169048547C23}, , [8c58c34e0f6d8fa7ca6b864a31d1ff01], PUP.Optional.BrowseFox.A, HKLMSOFTWAREWOW6432NODECLASSESCLSID{4AA46D49-459F-4358-B4D1-169048547C23}, , [8c58c34e0f6d8fa7ca6b864a31d1ff01], PUP.Optional.AdvanceElite.A, HKLMSOFTWAREMICROSOFTWINDOWSCURRENTVERSIONUNINSTALLAdvanceElite, , [697b13fe215bc96d682dd2f23fc2ba46], PUP.Optional.AdvanceElite.A, HKLMSOFTWAREMICROSOFTWINDOWSCURRENTVERSIONUNINSTALL{ac225167-00fc-452d-94c5-bb93600e7d9a}, , [697b13fe215bc96d682dd2f23fc2ba46], PUP.Optional.Sanbreel.A, HKLMSYSTEMCURRENTCONTROLSETSERVICES{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64, , [9f4554bd0e6ea6907372dc3f0cf72ed2], PUP.Optional.AdvanceElite.A, HKLMSOFTWAREWOW6432NODECLASSESCLSID{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, HKLMSOFTWARECLASSESCLSID{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, HKLMSOFTWARECLASSESTYPELIB{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, HKLMSOFTWARECLASSESINTERFACE{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, HKLMSOFTWARECLASSESINTERFACE{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, HKLMSOFTWAREWOW6432NODECLASSESTYPELIB{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, HKLMSOFTWAREWOW6432NODEAdvanceElite, , [f1f37f92aad2e650e2466d14a3615ba5], PUP.Optional.Softonic.A, HKUS-1-5-21-2009179079-572883417-2954481424-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWARESOFTONICUniversal Downloader, , [15cf60b19fddbe78f4d5b183a65ded13], PUP.Optional.AdvanceElite.A, HKUS-1-5-21-244836192-1037287325-2641844300-10184-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREAdvanceElite, , [42a20c058fed88ae78b1ec95e81c3cc4], PUP.Optional.InstallCore.A, HKUS-1-5-21-244836192-1037287325-2641844300-10184-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREINSTALLCORE1I1T1Q1S, , [15cf8d84bdbf81b56e1e12338a794eb2], PUP.Optional.InstallCore.A, HKUS-1-5-21-244836192-1037287325-2641844300-10184-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREINSTALLCORE, , [08dc37daea920432bf26d685798ba25e], PUP.Optional.Softonic.A, HKUS-1-5-21-244836192-1037287325-2641844300-10184-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWARESOFTONICUniversal Downloader, , [3ba94cc579030d29fecbd65e13f02dd3], PUP.Optional.Softonic.A, HKUS-1-5-21-244836192-1037287325-2641844300-1458-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWARESOFTONICUniversal Downloader, , [a63e71a0d0ac191d05c43bf904ff07f9], Registry Values: 1 PUP.Optional.InstallCore.A, HKUS-1-5-21-244836192-1037287325-2641844300-10184-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREINSTALLCORE|tb, 0H1K1J1N2U0R1O1F, , [08dc37daea920432bf26d685798ba25e] Registry Data: 0 (No malicious items detected) Folders: 3 PUP.Optional.AdvanceElite.A, C:PROGRAM FILES (X86)AdvanceElite, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:PROGRAM FILES (X86)AdvanceElitebin, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:PROGRAM FILES (X86)AdvanceElitebinplugins, , [60847899304ce155d453a7da030157a9], Files: 42 PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinutilAdvanceElite.exe, , [c91bcd448eee0036bdd8d7edbd44c937], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceEliteupdateAdvanceElite.exe, , [7f65df32fc80ac8a22732e967a8724dc], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceEliteAdvanceElitebho.dll, , [00e4858c4f2d989efe96893b24ddb848], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceEliteAdvanceEliteUn.exe, , [697b13fe215bc96d682dd2f23fc2ba46], PUP.Optional.AdvanceElite.A, C:UsersfarnerceAppDataLocalTempAdvanceEliteUntemp.exe, , [8262c64ba6d626103461fdc737ca0ef2], PUP.Optional.BPlug, C:UsersfarnerceAppDataLocalTempis7655890387759337A_stp.EXE, , [e202ea27641806305da0823ad62bb24e], PUP.Optional.AdvanceElite.A, C:UsersAdministratorAppDataRoamingMozillaFirefoxProfilestkz6b9gy.defaultextensions{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}.xpi, , [05df24edb0cc4fe7701e14fb9370c63a], PUP.Optional.Sanbreel.A, C:WindowsSystem32drivers{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64.sys, , [9f4554bd0e6ea6907372dc3f0cf72ed2], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceEliteAdvanceElite.ico, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElite, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElite7za.exe, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceEliteAdvanceEliteUninstall.exe, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitepkbbmldjcnhopjhpifcocnmkooiadpbb.crx, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceEliteupdateAdvanceElite.InstallState, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinbau, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebin7za.exe, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.BOAS.exe, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.BOAS.zip, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.BOASHelper.exe, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.BOASPRT.exe, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.BrowserAdapter.exe, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.BrowserAdapter64.exe, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.PurBrowse64.exe, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinAdvanceElite.PurBrowseG.zip, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinbb7b7a60f57447c28a0b.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinbb7b7a60f57447c28a0b64.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinBrowserAdapter.7z, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinsqlite3.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebintmpFEB9.tmp, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinutilAdvanceElite.InstallState, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebin{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebin{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}64.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinpluginsAdvanceElite.BOAS.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinpluginsAdvanceElite.Bromon.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinpluginsAdvanceElite.BroStats.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinpluginsAdvanceElite.BrowserAdapter.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinpluginsAdvanceElite.CompatibilityChecker.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinpluginsAdvanceElite.FFUpdate.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinpluginsAdvanceElite.GCUpdate.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinpluginsAdvanceElite.IEUpdate.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinpluginsAdvanceElite.PurBrowseG.dll, , [60847899304ce155d453a7da030157a9], PUP.Optional.AdvanceElite.A, C:Program Files (x86)AdvanceElitebinpluginsAdvanceElite.Repmon.dll, , [60847899304ce155d453a7da030157a9], Physical Sectors: 0 (No malicious items detected) (end)

Be the first to comment

Leave a Reply