Should I remove SwizzleBiz?
What percent of users and experts removed it?
87% remove it13% keep it
What do people think about it?
(click star to rate)
How common is it?
Reach 0.0004%
Lifespan of installation (until removal)
< 11.99 days
353.76 days >
Average installed length: 185.87 days
Versions
Version | Distribution |
2014.05.05.235704 |
14.29% |
|
2014.05.04.023152 |
28.57% |
|
2014.04.07.230239 |
14.29% |
|
2014.04.01.232416 |
14.29% |
|
2014.03.11.234342 |
14.29% |
|
2014.02.26.045520 |
14.29% |
|
Other programs by Yontoo Technology
SwizzleBiz
What is SwizzleBiz?
This adware software (a branded version of the morphing Yontoo adware browser addon) injects itself into the user's web browser (IE, Chrome and Firefox) and will display out-of context advertising on web sites that are not associated with Yontoo or its affiliate partners. Advertisements will be displayed as banner and video ads, search related ads, transitional and in-text ads and links. The software will also periodically self-update and call home for instructions as well as additional ad feeds and reporting of how the user interacts with the software as well as what domains and web pages the user visits.
This web browser toolbar/extension is a 'startpage' hijacker that is designed to modify the browser's homepage, new tab page and default search page and provider in order to generate search-related revenue.
Overview
The most used version is 2014.05.04.023152, with over 98% of all installations currently using this version. It adds a background controller service that is set to automatically run. Delaying the start of this service is possible through the service manager. It adds a Browser Helper Object (BHO) to Internet Explorer. The main program executable is SwizzleBizBHO.dll. Typically most users end up uninstalling this just after a few days. The software installer includes 5 files and is usually about 6.11 MB (6,408,751 bytes).
- Possible malware installed by this program
- Loads into the web browser
- Adds a background Windows Service
- Installed as part of a co-bundle
- Generally known to have a low reputation
- The experts agree, you should remove it!
Warning, multiple anti-virus scanners have detected possible malware in SwizzleBiz.
SwizzleBizBHO.dll (369b9f2e91a4ba96f3de2d6117519175) has been flagged by the following 31 scanners: |
Anti-Virus software | Version | Detection |
Lavasoft Ad-Aware |
960 |
Gen:Variant.Adware.BHO.Agent.4 |
Agnitum Outpost |
7.1.1 |
PUA.Agent |
Avira AntiVir |
7.11.152.28 |
APPL/BrowseFox.Gen2 |
Antiy-AVL |
0.1.0.1 |
GrayWare[AdWare:not-a-virus]/Win32.Agent |
AVG |
2015.0.3438 |
BrowseFox.F |
Baidu-International |
4.0.3.14620 |
Adware.Win32.Agent.akiz |
Bitdefender |
1.0.20.855 |
Gen:Variant.Adware.BHO.Agent.4 |
Comodo Security |
18373 |
Application.Win32.Altbrowse.AK |
Dr.Web |
9.0.0.0171 |
Trojan.BPlug.17 |
Emsisoft Anti-Malware |
8.14.06.20.09 |
Gen:Variant.Adware.BHO.Agent |
ESET-NOD32 |
8.9868 |
a variant of Win32/BrowseFox.F |
Fortinet FortiGate |
6/20/2014 |
Adware/Agent |
F-Secure |
11.2014-20-06_6 |
Gen:Variant.Adware.BHO.Agent.4 |
G Data |
14.6.24 |
Gen:Variant.Adware.BHO.Agent |
IKARUS anti.virus |
t3scan.1.6.1.0 |
not-a-virus:AdWare.Win32.Agent |
K7 AntiVirus |
13.178.12244 |
Unwanted-Program |
K7GW |
13.178.12244 |
Unwanted-Program ( 00454f261 ) |
Kaspersky |
14.0.0.3683 |
not-a-virus:AdWare.Win32.Agent |
Kingsoft AntiVirus |
331020.49267 |
Win32.Troj.Agent.ah.(kcloud) |
Malwarebytes |
v2014.06.20.09 |
PUP.Optional.SwizzleBiz.A |
McAfee |
5600.7094 |
Artemis!369B9F2E91A4 |
McAfee-GW-Edition |
7.7094 |
Artemis!369B9F2E91A4 |
MicroWorld-eScan |
15.0.0.513 |
Gen:Variant.Adware.BHO.Agent.4 |
NANO AntiVirus |
0.28.0.59921 |
Riskware.Win32.Agent.cqycvd |
Panda Antivirus |
14.06.20.09 |
Trj/CI.A |
Sophos |
4.98 |
Generic PUA JF |
SUPERAntiSpyware |
10532 |
Adware.BrowseFox/Variant |
TrendMicro-HouseCall |
7.2.171 |
TROJ_GEN.F47V0503 |
Vba32 AntiVirus |
3.12.26.0 |
AdWare.Agent |
VIPRE Antivirus |
29750 |
Yontoo (fs) |
Zillya |
2.0.0.1805 |
Adware.Agent.Win32.9011 |
updateSwizzleBiz.exe (00fbfc9b50abee96e0e363a45ac4704f) has been flagged by the following 17 scanners: |
Anti-Virus software | Software version | Detection |
Antiy-AVL |
1.0.0.1 |
GrayWare[AdWare:not-a-virus,HEUR]/MSIL.Kranet |
AVG |
14.0.0.4007 |
Agent.V |
AVware |
1.5.0.16 |
Yontoo (fs) |
Baidu-International |
3.5.1.41473 |
Adware.Win32.BrowseFox.BH |
ESET-NOD32 |
10267 |
a variant of Win32/BrowseFox.H |
IKARUS anti.virus |
T3.1.7.5.0 |
PUA.BrowseFox |
K7 AntiVirus |
9.183.13054 |
Trojan ( 0049c6b61 ) |
K7GW |
9.183.13043 |
Trojan ( 0049c6b61 ) |
Kaspersky |
12.0.0.1225 |
not-a-virus:HEUR:AdWare.MSIL.Kranet.heur |
Malwarebytes |
1.75.0.1 |
PUP.Optional.SwizzleBiz.A |
McAfee |
6.0.4.564 |
Artemis!00FBFC9B50AB |
McAfee-GW-Edition |
2013.2 |
Artemis!00FBFC9B50AB |
Panda Antivirus |
10.0.3.5 |
Trj/Chgt.B |
Qihoo-360 |
1.0.0.1015 |
Win32/Virus.Adware.e4c |
Sophos |
4.98.0 |
Generic PUA FG |
TrendMicro-HouseCall |
9.700.0.1001 |
Suspicious_GEN.F47V0813 |
VIPRE Antivirus |
32286 |
Yontoo (fs) |
View all 48 all detections
SwizzleBiz has been found to be bundled with 3rd party software. If you have not purposefully installed this, you should be safe uninstalling it.
Program details
Displayed publisher: SwizzleBiz
URL: swizzlebiz.biz/support
Installation folder: C:\Program Files\SwizzleBiz
Uninstaller: C:\Program Files\SwizzleBiz\SwizzleBizuninstall.exe
Estimated size: 6.11 MB
Files installed by SwizzleBiz
Program module: | SwizzleBizBHO.dll (Malware detected) |
Name: | SwizzleBiz |
Path: | C:\Program Files\SwizzleBiz\SwizzleBizBHO.dll |
MD5: | 369b9f2e91a4ba96f3de2d6117519175 |
Additional files:
-
(Malware detected) SwizzleBizBHO.dll - SwizzleBiz
-
7za.exe (by Igor Pavlov) - 7-Zip (7-Zip Standalone Console)
-
SwizzleBizUninstall.exe
-
(Malware detected) updateSwizzleBiz.exe
Behaviors exhibited
Internet Explorer BHO
- SwizzleBizBHO.dll is installed in Internet Explorer as a BHO (Browser Helper Object) under the name 'SwizzleBiz' with the class of {27a57ba3-9326-4f5b-8892-f48fc038fc59}.
Service
- updateSwizzleBiz.exe runs as a service named 'Update SwizzleBiz' (Update SwizzleBiz).
How do I remove SwizzleBiz?
You can uninstall SwizzleBiz from your computer by using the Add/Remove Program feature in the Window's Control Panel.
- On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
- Windows Vista/7/8/10: Click Uninstall a Program.
- Windows XP: Click Add or Remove Programs.
- When you find the program SwizzleBiz, click it, and then do one of the following:
- Windows Vista/7/8/10: Click Uninstall.
- Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
- Follow the prompts. A progress bar shows you how long it will take to remove SwizzleBiz.
- If for some reason uninstallation fails, please install Microsoft's uninstall fixer utility which will help fix problems with programs that can't be uninstalled at support.microsoft.com.
How do I reset my web browser?
If your web browser homepage and search settings have been modfied by SwizzleBiz you can restore them to their previous default settings.
Microsoft Internet Explorer
- Open Internet Explorer and click the Tools button, and then click Internet options.
- Click the Advanced tab, and then click Reset. Select the Delete personal settings check box if you would also like to remove search providers, Accelerators and home pages. When Internet Explorer finishes applying default settings, click Close, and then click OK.
- The changes will take effect the next time you open IE.
Mozilla Firefox
- At the top of the Firefox window, click the Firefox button, go over to the Help sub-menu and select Troubleshooting Information.
- To continue, click Reset Firefox in the confirmation window that opens. It will close and be reset.
- When it's done, a window will list the information that was imported. Click Finish and Firefox will open.
Google Chrome
- Open Chrome and click the Chrome menu on the browser toolbar.
- Select Settings. In the "Search" section, click Manage search engine. Check if (Default) is displayed next to your preferred search engine. If not, mouse over it and click Make default. Mouse over any other suspicious search engine entries that are not familiar and click X to remove them.
- When the "Show Home button" checkbox is selected, a web address appears below it. If you want the Homepage button to open up a different webpage, click Change to enter a link.
- Restart Google Chrome.
OS VERSIONS
Win 7 (SP1) 71%
Win 7 14%
|
|
HOW IT RUNS
Windows Service? Yes
(Installs a service)
|
|
USER ACTIONS
|
Uninstall it 87%
Keep it 13%
|
|
Windows
Which Windows OS versions does it run on?
Windows 7 |
85.71% |
|
Windows Vista |
14.29% |
|
Which OS releases does it run on? |
Windows 7 Home Premium |
50.00% |
|
Windows 7 Professional |
33.33% |
|
Windows Vista Home Premiu... |
16.67% |
|
Geography
81.82% of installs come from the United States
Which countries install it?
United States |
81.82% |
Brazil |
9.09% |
India |
9.09% |
PC manufacturers
What PC manufacturers (OEMs) have it installed?
Hewlett-Packard |
66.67% |
|
Dell |
16.67% |
|
Lenovo |
16.67% |
|
Common models |
Hewlett-Packard Presario ... |
25.00% |
|
Dell Dell System Inspir... |
25.00% |
|
HP-Pavilion KQ436AA-ABA I... |
25.00% |
|
HP Pavilion dv6 Notebook ... |
25.00% |
|
About Yontoo Technology
Yontoo, a subsidiary/alias of ad-hijacker Sambreel, is a publisher of ad-supported web browser extensions designed to inject and display advertisements within the browser.
Publisher URL: www.yontoo.com