CLSID List Results
BHOs, Toolbars, SHs, Explorer Bars
BHOs, Toolbars, SHs, Explorer Bars
CLSID | Name | Filename | Description | Status |
{ccb24e92-62c4-4c53-95d2-65f9eed476bc} | MyStart Toolbar | mystartDx.dll | MyStart Toolbar - a VMN Toolbar variant by Visicom Media, the likes of which may be detected as AdWare.Win32.MegaSearch or Adware.VMN - also see here and here | X BHO, TB |
{A057A204-BACC-4D26-DACB-63A3D4B63BC4} | MyStart Social Toolbar | mystartsocialtoolbar.dll, MYSTAR~1.DLL | MyStart Social Toolbar - a VMN Toolbar variant by Visicom Media, sometimes detected as AdWare.Win32.MegaSearch or Adware.VMN | O BHO, TB |
{2fa12491-ddd9-4c20-bb08-c26de8f347a1} | MyStart Social Toolbar | MystartsocialDx.dll | MyStart Social Toolbar - a Visicom "Dynamic Toolbar", generally detected by ESET's Nod32 antivirus as Win32/Adware.Toolbar.Visicom | O BHO, TB |
{1244deb4-ba40-4a06-94f9-90038436b581} | Updater For MyStart Social Toolbar | mystartsocialAu.dll | MyStart Social Toolbar - a Visicom "Dynamic Toolbar", generally detected by ESET's Nod32 antivirus as Win32/Adware.Toolbar.Visicom | O BHO |
{********-****-****-****-************} | Search-NewTaub, SearCh--NeEwTaub, SeyarrCih-NeWTaab, SEarch-NNewiTeaub, SearcH-yNoeewiTaeb, Searchi-NewTab, Seuarceh-NewwTabi, Seuaorch-NeewTab, Search-NeewwTTabe | [random filename] | Parasite, detected by ESET's Nod32 antivirus as "Win32/Adware.MultiPlug" and by others as "Adware.MegaSearch" - a variant of what Microsoft identifies as Adware.Win32.FastSaveApp | X BHO |
Startup List Results
Startup Entry
Startup Entry
Name | Filename | Description | Status |
My Web Search Bar Search Scope Monitor | m3SrchMn.exe | Added by MyWay An IE Browser Helper Object used by adware WeSearch to add an IE toolbar to provide search features, and hijack browser search requests to its controlling servers run by MyWay. Note: Located in \%Program Files%\MYWEBSEARCH\bar\2.bin\ | X |
Search | srchfnd.exe | Added by the Email-Worm.Win32.VB.je WORM! Note: Located in \%WINDIR%\ | X |
My Search Bar Eq | S4BAREQ.EXE | MySearch bar parasite | X |
My Web Search Bar | MWSBAR.DLL | Added by MyWay An IE Browser Helper Object used by adware WeSearch to add an IE toolbar to provide search features, and hijack browser search requests to its controlling servers run by MyWay. Note: Located in C:\Program Files\MYWEBSEARCH\bar\1.bin\ | X |
Search Bar | taskbar.exe | Added by the W32/OPANKI-F WORM! Note: Located in \%WINDIR%\ | X |
O9 List Results
Internet Explorer Buttons
Internet Explorer Buttons
CLSID | Name | Filename | Description | Status |
{FE5A1910-F121-11d2-BE9E-01C04A7936B1} | SEARCH | Added by a variant of the W32.Wallon.A WORM! A.K.A CoolWebSearch. | X | |
{FE5A1910-F121-11d2-BE9E-01C04A7936B5} | SEARCH | Added by a variant of the W32.Wallon.A WORM! A.K.A CoolWebSearch. | X | |
{0B5F1910-F111-11d2-BB9E-00C04F7956B1} | SEARCH | Added by JS_Fortnight_D_Trojan | X | |
{0B5F1910-F111-11d2-BB9E-00C04F7956B5} | SEARCH | Added by JS_Fortnight_D_Trojan | X | |
{544F12D3-0B83-4DDB-B73A-53E1B4BBA4AF} | Abx Search Toolbar | Added by Adware_ABXToolbar Note: File is found in C:\Program Files\Abx Search Toolbar folder. | X |
O23 List Results
Windows Services
Windows Services
Name | Filename | Description | Status |
Search Indexer (dev) | Psonar.Windows.Services.SearchIndex er.exe | Related to Psonar Limited Manage your music using the Psonar mobile website. Move tracks, create and edit playlists, edit your profile and more. Note: Located in \%ROOT%\psonar2\trunk\Source\Psonar.Windows\Psonar.Windows.Services\Psonar.Windows.Services.SearchIndexer\bin\Debug\ | L |
ColdFusion MX 7 Search Server | k2admin.exe | Related to Cold_Fusion from Adobe Systems Incorporated. Note: Located in \%ROOT%\Apps\Macromedia\CFusionMX7\verity\k2\_nti40\bin\ | L |
My Web Search Service (MyWebSearchService) | mwssvc.exe | Related to MyWebSearch Toolbar. Note: Located in \%Program Files%\MYWEBS~1\bar\1.bin\ | X |
OneStep Search Service | onestep.exe, onestep.dll | OneStepSearch or OneStep_Search | X |
ColdFusion 9 Search Server | k2admin.exe | Related to Adobe ColdFusion products. Note: Located in \%ROOT%\coldfusion9\verity\k2\_nti40\bin\ | L |
O16 List Results
ActiveX
ActiveX
SEH List Results
ShellExecuteHook
ShellExecuteHook
CLSID | Name | Filename | Description | Status |
{56F9679E-7826-4C84-81F3-532071A8BCC5} | Windows Desktop Search Namespace Manager | %ProgramFiles%\Windows Desktop Search\MSNLNamespaceMgr.dll | Windows Desktop Search | L |
Drivers List Results
Driver Entry
Driver Entry
Name | Filename | Description | Status |
ColdFusion 8 Search Server | k2admin.exe | Related to xk2admin.exe Adobe ColdFusion from Adobe Systems Inc. | L |
FF Extensions List Results
Firefox Extension
Firefox Extension
CLSID | Name | Filename | Description | Status |
{607b689f-7600-45e4-b8e5-887f72dab15c} | MyStart Toolbar | MyStart Toolbar browser hijacker, detected by Malwarebytes Anti-Malware as "PUP.Optional.MySearchTB". | X | |
jid1-y9Xhw9SOsZoCfA@jetpack | Clear Search Bar Text On Search | jid1-y9Xhw9SOsZoCfA@jetpack.xpi | Clear Search Bar Text On Search will clear the Search Bar's text on enter key pressed or on search button clicked. However the add-on will not prevent the search text to be kept into search history. | L |
jid1-ntNo7JXm5OGExA@jetpack | Search History with Search Engine | jid1-ntNo7JXm5OGExA@jetpack.xpi | Search History with Search Engine lets you automatically search with the same keywords in 'History' sidebar (need to open beforehand) when search in search bar. | L |
@search-links | Search Links - speeds up search | @search-links.xpi | Search Links - speeds up search is the set of items in the context menu. They allow you to quickly jump to search pages in various search engines and social networks, with auto-insertion of selected text. | L |
@si-defaultsearch-listed | Search Incognito - Default Search | @si-defaultsearch-listed.xpi | Search Incognito - Default Search sets your default search engine to searchincognito.com that claims to protect your privacy. The dubious search engine is associated with browser hijacking, redirections and deceptive marketing tactics. See here, here, here. Note: Version from ext.searchincognito.com uses different ID: @searchincognito. | X |
Active Setup List Results
Active Setup - Installed Component
Active Setup - Installed Component
CLSID | Name | Filename | Description | Status |
{5DDF9537-6A9D-43F7-B5C0-25053C478E65} | Google Search Provider, Google search plugin | ivzmdl.dll | Infostealer trojan, detected as TrojanSpy:Win32/Ambler | X |
{CDE470A3-C647-44DF-8A0D-8876ED3D61B2} | Google Search Provider, Google search plugin | gfdt4.dll | Infostealer trojan, detected as TrojanSpy:Win32/Ambler | X |
{3C2B5C27-2243-468C-BBB2-1E6E07D757F3} | IE search bar | pasuw8.dll | Infostealer trojan, detected as TrojanSpy:Win32/Ambler.D | X |
{6469DA4E-803C-432F-8244-694856608FAA} | Search Helper | yzzc14.dll | Infostealer trojan, detected as TrojanSpy:Win32/Ambler | X |
{2F9AF804-B2F1-4F2B-9093-D4C19C5DA9CE} | Search Helper | pm.dll | Infostealer trojan, detected as Troj/Ambler-L | X |