Systweak Spyware Library
Systweak Spyware Library text
More than 21875 spyware signatures and growing
Microsoft Gold Certified Partner
Search in:
Adware-Toolbar.mywebsearch Analysis Report
Threat Submitted On: 1/14/2009 8:55:30 AM
Threat Analysed On: 1/14/2009 1:55:30 PM
Threat Updated On: 1/27/2011 11:25:40 PM
Type : Adware-Toolbar
Symptoms of mywebsearch
  • Bundles as an adware program with the installed toolbar.
  • Normally, it has buttons and links that are directed to advertisers' Web pages.
  • Shows sponsored links with the search results.
Information
Alias : webtoolbar.win32.mywebsearch.dr
Md5 Hash : [Not Available]
File Size : [ Not Available ]

Technical Details

Here are the Technical findings of our analysis team after analyzing this malware in detail :-

Creates the following infected Files on user's System
Note:
Delete the following Files to remove Infection
File: freenote online knowledge base.lnk
Path : %allusersprofile%\start menu\programs\freenote

Md5Hash :533975b3995e35152cecd8c73620c328 ( 449 bytes)
File: freenote.lnk
Path : %allusersprofile%\start menu\programs\freenote

Md5Hash :b4afb24595d79a67ef0400f73ee90eaf ( 683 bytes)
File: version history.lnk
Path : %allusersprofile%\start menu\programs\freenote

Md5Hash :c4e3bb82b6d6fd3e3458f224983226d0 ( 676 bytes)
File: freerip on the web.lnk
Path : %allusersprofile%\start menu\programs\freerip

Md5Hash :2cc487fc3c37cc56c83900eba98acdcb ( 459 bytes)
File: freerip user community.lnk
Path : %allusersprofile%\start menu\programs\freerip

Md5Hash :44e7c880f62e314db42c3ae5eb53e526 ( 469 bytes)
File: freerip.lnk
Path : %allusersprofile%\start menu\programs\freerip

Md5Hash :01d8c60c7c24550a92da5c4245703e03 ( 683 bytes)
File: manual.lnk
Path : %allusersprofile%\start menu\programs\freerip

Md5Hash :cf2d3dc1107de8afbb76ba06a8917898 ( 683 bytes)
File: cliprex ds dvd player.lnk
Path : %homepath%\desktop

Md5Hash :0dfc901000fce86ac5ad2836d2ebaae6 ( 807 bytes)
File: v2rssmnu.dll
Path : %programfiles%\asksbar\bar\1.bin

Md5Hash :9d83238402d7635689fca5c3183042fe ( 53248 bytes)
File: cliprex.exe
Path : %programfiles%\cliprex ds dvd player

Md5Hash :8ba5eb27d5f86e79fd89e245d711b6aa ( 626176 bytes)
File: ffdshow.exe
Path : %programfiles%\cliprex ds dvd player\filters

Md5Hash :1058dd48e725ab70355776c2e4913308 ( 711373 bytes)
File: movie.ico
Path : %programfiles%\cliprex ds dvd player\icons

Md5Hash :295b8875271aa9a3643c1e8f89ad43b5 ( 3638 bytes)
File: options.ini
Path : %programfiles%\cliprex ds dvd player

Md5Hash :fd920585973c7a8f660b0245b0a1dfde ( 371 bytes)
File: reg.exe
Path : %programfiles%\cliprex ds dvd player

Md5Hash :f18b8b47952b3cacccc8e6d74ef0a91f ( 388096 bytes)
File: uninstall.exe
Path : %programfiles%\cliprex ds dvd player

Md5Hash :2a52da900b3bd8feb1f282d204c58d53 ( 37612 bytes)
File: website.url
Path : %programfiles%\cliprex ds dvd player

Md5Hash :91f3a80ba73dd70a148757b50942a3c1 ( 352 bytes)
File: f3setup1.exe
Path : %programfiles%\f3setupinstall

Md5Hash :a9e18bceffe3a7d0a649733595c783b9 ( 127070 bytes)
File: catalan.lang
Path : %programfiles%\freenote

Md5Hash :e008bd133de9b0ebd15e37ecd6c59c0e ( 5589 bytes)
File: comm.url
Path : %programfiles%\freenote

Md5Hash :57bd29dd188dcea52ab9cabd26a7c889 ( 62 bytes)
File: czech.lang
Path : %programfiles%\freenote

Md5Hash :0498150f2301481a9f4ddfbd6c2bf5ca ( 5445 bytes)
File: danish.lang
Path : %programfiles%\freenote

Md5Hash :b1a6153b32ede159bd1f77ff939e3921 ( 5337 bytes)
File: deutsch.lang
Path : %programfiles%\freenote

Md5Hash :f577d09df2458547ccbf3a424786fb5f ( 6012 bytes)
File: english.lang
Path : %programfiles%\freenote

Md5Hash :78c6eb5fe143b024fca5dd727d195bda ( 5808 bytes)
File: francais.lang
Path : %programfiles%\freenote

Md5Hash :87a3e82cbc77b34aa840bd424803ba06 ( 5713 bytes)
File: freenote.exe
Path : %programfiles%\freenote

Md5Hash :e21042ef0d1c7c18e47d586e69bbb8c8 ( 835584 bytes)
File: greek.lang
Path : %programfiles%\freenote

Md5Hash :c25addd65f3a013c0f42d2a5fb3d41ec ( 5437 bytes)
File: hungarian.lang
Path : %programfiles%\freenote

Md5Hash :1e0e57461dac111c72537c83e925b392 ( 5451 bytes)
File: is-d2vvv.tmp
Path : %programfiles%\freenote

Md5Hash :fd218e6d04d9887f5f47b06a9cfa3269 ( bytes)
File: italiano.lang
Path : %programfiles%\freenote

Md5Hash :cc9b17ffc8e8ae9599431cd8b4cb1c8c ( 5904 bytes)
File: kbase.url
Path : %programfiles%\freenote

Md5Hash :8eb53462509ccf0b68d3eb44fe10d9db ( 64 bytes)
File: mgsstyle.css
Path : %programfiles%\freenote

Md5Hash :1f2d2091d572d3d75259759f045153c9 ( 833 bytes)
File: nederlands.lang
Path : %programfiles%\freenote

Md5Hash :cdfd94790ef733373c8f0df074be13da ( 5935 bytes)
File: norsk.lang
Path : %programfiles%\freenote

Md5Hash :5ec50da6d811e1f45cc242ec9b9f72c7 ( 5315 bytes)
File: polski.lang
Path : %programfiles%\freenote

Md5Hash :a8ccbea494b0249c4a35e2eba4869f9c ( 5522 bytes)
File: portugues_brasil.lang
Path : %programfiles%\freenote

Md5Hash :ead5cf7e3829d9cc6e4b57825674d174 ( 5742 bytes)
File: russian.lang
Path : %programfiles%\freenote

Md5Hash :6aa12df23ab1a2d227298ea7cfc7967a ( 5565 bytes)
File: s_chinese.lang
Path : %programfiles%\freenote

Md5Hash :5e0ac943cdb73d09ad1cf297a2614afe ( 4536 bytes)
File: s4setp.exe
Path : %programfiles%\freenote

Md5Hash :fd218e6d04d9887f5f47b06a9cfa3269 ( 331776 bytes)
File: spanish.lang
Path : %programfiles%\freenote

Md5Hash :228f6fc2c48e0387a14bf5a6e749e1d3 ( 5803 bytes)
File: svenska.lang
Path : %programfiles%\freenote

Md5Hash :da824a03864fd5ed3053572dd9d11a07 ( 5361 bytes)
File: türkçe.lang
Path : %programfiles%\freenote

Md5Hash :e619b36587ee6c5e3436d58bd5e0bf1a ( 5174 bytes)
File: unins000.dat
Path : %programfiles%\freenote

Md5Hash :4c5f1308b17343b71850c512de421acd ( 5346 bytes)
File: build.ini
Path : %programfiles%\freerip2

Md5Hash :( bytes)
File: bulgarian.lang
Path : %programfiles%\freerip2

Md5Hash :dc6a0bbb6b5071d617210cec36781068 ( 22669 bytes)
File: catalan.lang
Path : %programfiles%\freerip2

Md5Hash :9174080b3296f563783b8652649ccd3a ( 23645 bytes)
File: community.url
Path : %programfiles%\freerip2

Md5Hash :8c9cbfb2b44b67ba6b829fca2497524c ( 48 bytes)
File: czech.lang
Path : %programfiles%\freerip2

Md5Hash :6c69055ef43be71a95d3c006a67ca204 ( 22131 bytes)
File: danish.lang
Path : %programfiles%\freerip2

Md5Hash :2a9591939f298f5bce34fdc431ad5b9b ( 22533 bytes)
File: deutsch.lang
Path : %programfiles%\freerip2

Md5Hash :879e008b80008e17f2ae5cddeaa023e0 ( 23972 bytes)
File: english.lang
Path : %programfiles%\freerip2

Md5Hash :5c6ea51578e3642ccc4d2e759ddea431 ( 22573 bytes)
File: espanol.lang
Path : %programfiles%\freerip2

Md5Hash :f8c6b8d308b280f91c14e0bfd2bdb8ed ( 21783 bytes)
File: finnish.lang
Path : %programfiles%\freerip2

Md5Hash :76d6e989004e329694e52483fa32d81f ( 22022 bytes)
File: francais.lang
Path : %programfiles%\freerip2

Md5Hash :f35d136ffdf61b7cba8fbc773f103ec3 ( 22768 bytes)
File: freerip.url
Path : %programfiles%\freerip2

Md5Hash :fff3d8a37b442a504b9bb20051934709 ( 52 bytes)
File: freerip2.exe
Path : %programfiles%\freerip2

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
3e92e429f32966fd02f7a2e3520bf237 ( 419840 bytes)
4ac43fde19245724cc06816a5ea3a495 ( 2084352 bytes)
57c6e199f105b3e5448a3d97b2c1f215 ( 2081792 bytes)
File: freerip2.hlp
Path : %programfiles%\freerip2

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
719dfa0b526d2309bfcdbbc2e7000e3a ( 37608 bytes)
be84afd8a743b28a25fd266736be5aa8 ( 32438 bytes)
File: griechisch.lang
Path : %programfiles%\freerip2

Md5Hash :85bc15fb427c709215fa99a3c0ad6dd5 ( 22698 bytes)
File: hebrew.lang
Path : %programfiles%\freerip2

Md5Hash :936d4336adc17ca88cb44c31fcaa22aa ( 21270 bytes)
File: hungarian.lang
Path : %programfiles%\freerip2

Md5Hash :ba6af25c073024f668bacceedc0f2485 ( 23547 bytes)
File: is-kguqm.tmp
Path : %programfiles%\freerip2

Md5Hash :fd218e6d04d9887f5f47b06a9cfa3269 ( bytes)
File: italiano.lang
Path : %programfiles%\freerip2

Md5Hash :8d36184fd1cad5a8cef62279a150d9a9 ( 24172 bytes)
File: kbase.url
Path : %programfiles%\freerip2

Md5Hash :8eb53462509ccf0b68d3eb44fe10d9db ( 64 bytes)
File: korean.lang
Path : %programfiles%\freerip2

Md5Hash :be9f48df2ef32b331a2097ece3ee09e7 ( 22932 bytes)
File: lame_enc.dll
Path : %programfiles%\freerip2

Md5Hash :f33ca9a37b606c69ce3149d42151d8bd ( 266240 bytes)
File: latvian.lang
Path : %programfiles%\freerip2

Md5Hash :76fceecd03881e27270490da4251be60 ( 22930 bytes)
File: nederlands.lang
Path : %programfiles%\freerip2

Md5Hash :ccbc25ecd1671eaac583ac01c9fcc694 ( 22248 bytes)
File: norsk.lang
Path : %programfiles%\freerip2

Md5Hash :6d27f222570f4422861742737f6568c9 ( 22126 bytes)
File: polski.lang
Path : %programfiles%\freerip2

Md5Hash :f856f06e17011b90c6ba0096e96f7001 ( 21781 bytes)
File: portugues_brasil.lang
Path : %programfiles%\freerip2

Md5Hash :ca6c9aa763460dff7af02718b665b18c ( 23365 bytes)
File: russian.lang
Path : %programfiles%\freerip2

Md5Hash :e28ccd97b0ebdfc37b721aaf17284ed3 ( 23538 bytes)
File: s_chinese.lang
Path : %programfiles%\freerip2

Md5Hash :04c48036c3345328e270f8c653e98d51 ( 20434 bytes)
File: s4setp.exe
Path : %programfiles%\freerip2

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
3b142add7b08272293b5f5468f29baf6 ( 664720 bytes)
fd218e6d04d9887f5f47b06a9cfa3269 ( 331776 bytes)
File: slovak.lang
Path : %programfiles%\freerip2

Md5Hash :22a966b009d58d807f2bc94bda9f0dc3 ( 22307 bytes)
File: srpski.lang
Path : %programfiles%\freerip2

Md5Hash :67ba5766f87aa3a0d6d250521c8e6789 ( 21653 bytes)
File: svenska.lang
Path : %programfiles%\freerip2

Md5Hash :61735c291ebe3c38d6928987d5a73044 ( 21041 bytes)
File: t_chinese.lang
Path : %programfiles%\freerip2

Md5Hash :39dcb9f02baf7624deba9e681e51e596 ( 20613 bytes)
File: türkçe.lang
Path : %programfiles%\freerip2

Md5Hash :b45dc3f017f01a83cf1cf5a8948a3f0b ( 22794 bytes)
File: unins000.dat
Path : %programfiles%\freerip2

Md5Hash :0dc58a696808657e6b0e6887e8c458e5 ( 3927 bytes)
File: f3ezsetp.dll
Path : %programfiles%\funwebproducts\installr\1.bin

Md5Hash :f3ed25e48ad95ebae7c5003410f5595f ( 102487 bytes)
File: m9ffxtbr.jar
Path : %programfiles%\myglobalsearch\bar\1.bin

Md5Hash :f9315d0ec9cdacb8c7a6b020717f4659 ( 4924 bytes)
File: m9plugin.dll
Path : %programfiles%\myglobalsearch\bar\1.bin

Md5Hash :744beef2a528a1e55b9b16d55dbf4b8e ( 45056 bytes)
File: mgsbar.dll
Path : %programfiles%\myglobalsearch\bar\1.bin

Md5Hash :e4b97477f752432cb1ebbe42e0a2358a ( 225280 bytes)
File: npmyglsh.dll
Path : %programfiles%\myglobalsearch\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
aa5514b5f5820a878605a2ab2a4b3497 ( 24576 bytes)
c8eab8e56258155cfd8e3b5a16afcc3a ( 24576 bytes)
File: f3htmlmu.dll
Path : %programfiles%\myway\mybar\1.bin

Md5Hash :e8c66cdb849dd4515b7486dd5c02b686 ( 81920 bytes)
File: my2ns.exe
Path : %programfiles%\myway\mybar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
5d610acd7c10c57fc3dd523f93b6eaf2 ( 24576 bytes)
b04354865d4ac1afd6bfbf7da525b45d ( 24576 bytes)
File: mybar.dll
Path : %programfiles%\myway\mybar\1.bin

Md5Hash :68c40b0790f9b02f452bacbc016873a3 ( 233472 bytes)
File: partner.dat
Path : %programfiles%\myway\mybar\1.bin

Md5Hash :83a2e1286cb46cf4d8b47ee104f22342 ( 121 bytes)
File: partner2.dat
Path : %programfiles%\myway\mybar\1.bin

Md5Hash :26dd2e3fd77d20ef00a665b63f1924cb ( 122 bytes)
File: partner.dat
Path : %programfiles%\myway\srchastt\1.bin

Md5Hash :507c59e7b3384da7feb981a4a5987c77 ( 131 bytes)
File: f3cjpeg.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :acb88f31279e312f633b24f48f8c0808 ( 139264 bytes)
File: f3dtactl.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :e651be4f6e4dcd99aa66ef80c5cdd28b ( 86096 bytes)
File: f3histsw.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
807d3213938a474995cc69eb73e86de9 ( 278610 bytes)
c6a888e3b75249cb495b5a28f285fb8c ( 278610 bytes)
File: f3hkstub.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :005fe761377c0232ea4248b9e47fced6 ( 24685 bytes)
File: f3htmlmu.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :61059f5398a9c44d7097be901bb83096 ( 159815 bytes)
File: f3httpct.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
3d4294d7ac734805da3d6d99178dcac8 ( 77905 bytes)
b99d34088590a1f7ebe7d29c5d277dfc ( 77906 bytes)
File: f3imstub.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :1375586480385cfdd91a0f27b2e28f3e ( 28672 bytes)
File: f3popswt.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :40f5c8587253ce8f534e53b0bd7bd8fc ( 127057 bytes)
File: f3pssavr.scr
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :4cd346697529efc743a608b2f5d0cc94 ( 28672 bytes)
File: f3reghk.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :9955dbb5873e4b17bcde9e5221e900a1 ( 28776 bytes)
File: f3restub.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :c4ff418909d55a7744b04774a83135c9 ( 24576 bytes)
File: f3schmon.exe
Path : %programfiles%\mywebsearch\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
1a2e51efc702c133e25dc2c8fca3db54 ( 86100 bytes)
56b040dd070e674f438bebdda79e1e1e ( 86100 bytes)
File: f3scrctr.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :d700ef661c52f2f7a3a3c5ad28795b04 ( 299008 bytes)
File: fwpbuddy.png
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :417409802e7286473fc0f146fd8bb4f8 ( 3343 bytes)
File: m3ffxtbr.jar
Path : %programfiles%\mywebsearch\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
24bf210f4b66401c73df15656822cb3a ( 4466 bytes)
2be5d4683be58d54ce8e16b3d85d712e ( 3913 bytes)
92ac8ad6278c0f1c4ecf2696b641b30b ( 3909 bytes)
File: m3highin.exe
Path : %programfiles%\mywebsearch\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
2bf5c28c5467f70205c7561369a4ff06 ( 16502 bytes)
baa18b60aa8f6a6c90c8fb7aea7c4441 ( 16502 bytes)
File: m3html.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :d460eca5d4574507ff4dabcc2cbc5f2e ( 86078 bytes)
File: m3idle.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :86445e5a1c4b02574d8bb1b49ebc1a73 ( 28672 bytes)
File: m3impipe.exe
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :fff6063f3245896a084068cd5d8250fe ( 16384 bytes)
File: m3medint.exe
Path : %programfiles%\mywebsearch\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
9b8cee31ffebbe12180945bf9a0942de ( 16501 bytes)
9e49fb39cd23399bff8161fa1a4de5df ( 16501 bytes)
File: m3msg.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :445ca5e2da8147d1c7bd7c6d5a8fac4f ( 155738 bytes)
File: m3ntstbr.jar
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :ab3215e9a56e91d45753d1bc56682b96 ( 6462 bytes)
File: m3outlcn.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :26f833b7ad465a044a8da50b619775b2 ( 69717 bytes)
File: m3plugin.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
041f075500e868b813499b039bba808d ( 53352 bytes)
252858b53b1b69612a1a19d0cc25ec79 ( 53352 bytes)
bfc58531847b797b813c0ceecc70b78d ( 53352 bytes)
File: m3skin.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :d1a29fbd9263013a3afd6bb24ee92604 ( 131141 bytes)
File: m3skplay.exe
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :0606cbcdc54d2e5971f2b6aec860ff6d ( 28672 bytes)
File: m3slsrch.exe
Path : %programfiles%\mywebsearch\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
2718f9b97b601ebcd9fb4d117546c3d1 ( 24686 bytes)
45eb05eaf87ca0e9368cd819421c41b5 ( 24686 bytes)
97a346ca537583970e9332fb221fe4b7 ( 24686 bytes)
File: m3srchmn.exe
Path : %programfiles%\mywebsearch\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
546eb87a722c968b960fd1d6c724fcdd ( 24688 bytes)
7d82378e11e4ea4bd6b5af002be024b5 ( 24688 bytes)
bb81ab56b5e457e1011e47d9b7fce610 ( 24688 bytes)
File: mwsbar.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
18fa9163cd21c2a3cf051c6fab2211ef ( 434271 bytes)
a36dfcdda8a1c5db05488668bf4497d9 ( 434271 bytes)
b42030f0149c4e83c46434075b9a6c63 ( 434271 bytes)
e2437329e68a9e583efb564f92d3ff10 ( 434271 bytes)
ef7ea40491f0c18344e6ecf828f73bba ( 434271 bytes)
File: mwsoemon.exe
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :9abbe6f791c0b599a7128c9aca27c094 ( 32838 bytes)
File: mwsoeplg.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
306d2dc89a130fdde7c0b5986027edf9 ( 385107 bytes)
4b6eebe9b51fbeeb8f75f85408cd1c16 ( 385107 bytes)
File: mwsoestb.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :0b6e3c1726af3892fa282ae448a50378 ( 45134 bytes)
File: mwssrcas.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
90206ed5ad1fd07060a6834c3cac4357 ( 65536 bytes)
af58780cba2c0b4ea0fd66da848e6c95 ( 65536 bytes)
File: mwssvc.exe
Path : %programfiles%\mywebsearch\bar\1.bin

Md5Hash :319f6520eeace462c0fbfeb6ab400332 ( 28762 bytes)
File: npmywebs.dll
Path : %programfiles%\mywebsearch\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
4fc4254f6eb68842e4cd5dead10d93d6 ( 24684 bytes)
8706d60a9f5a46e76fdd7f03415833ed ( 24684 bytes)
e53ff34e049277304ecdf217b900662a ( 24684 bytes)
File: common.f3s
Path : %programfiles%\mywebsearch\bar\notifier

Md5Hash :fd8a7de5ce05eda235b4d29c0e64fbff ( 301118 bytes)
File: mwssrcas.dll
Path : %programfiles%\mywebsearch\srchastt\1.bin

Md5Hash :0b5be129ea571fe9597189cde54c02d7 ( 57344 bytes)
File: a2setup.exe
Path : %temp%\bar.0

Md5Hash :2c57deb92cef44638eef4d47da506c4f ( bytes)
File: a2srcsp.exe
Path : %temp%\bar.0

Md5Hash :b4cac43e9b8b04009489cb0dc0e9c4b2 ( bytes)
File: cliprex_whenusave_installerinst.exe
Path : %temp%

Md5Hash :7f09964d7991ef176c970c458d034801 ( 122464 bytes)
File: mgssetp.cliprex.exe
Path : %temp%

Md5Hash :2f4e431c889d1af8f8bf5b7bfb16ff84 ( 331776 bytes)
File: mwssetup.exe
Path : %temp%

Md5Hash :51c686f0c0926158242d1cf23a270b7b ( bytes)
File: mysrchsp.exe
Path : %temp%\mybar.0

Md5Hash :1f7b066728408d02eca8bac96cae5123 ( bytes)
File: freenote.ini
Path : %userprofile%\application data

Md5Hash :09a29624d4e97f4eabfcc36370580b7a ( 1863 bytes)
File: cliprex ds dvd player.lnk
Path : %userprofile%\application data\microsoft\internet explorer\quick launch

Md5Hash :8c76f903dfa000e0b5cefe6239971860 ( 825 bytes)
File: cliprex ds dvd player.lnk
Path : %userprofile%\start menu

Md5Hash :0dfc901000fce86ac5ad2836d2ebaae6 ( 807 bytes)
File: (www.cliprex.com) .. cliprex - video software.lnk
Path : %userprofile%\start menu\programs\cliprex ds dvd player

Md5Hash :1fce47282bae220bbe6b2c3228739912 ( 819 bytes)
File: cliprex ds dvd player.lnk
Path : %userprofile%\start menu\programs\cliprex ds dvd player

Md5Hash :0d0da8ee2b33182a493ab411fce02cc1 ( 819 bytes)
File: uninstall.lnk
Path : %userprofile%\start menu\programs\cliprex ds dvd player

Md5Hash :42413362e779cbd11d6461be39d5e49e ( 1505 bytes)
File: f3pssavr.scr
Path : %windir%\system32

Md5Hash :4cd346697529efc743a608b2f5d0cc94 ( 28672 bytes)
File: [randomname].exe
Path : %workingdir%

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
009bd842af5050218773b403c0441b5e ( 2421272 bytes)
09261999ff455a59f245125173ba3d3b ( 24688 bytes)
0bec77543e8ed6dd0c86f63fb0b0c9d1 ( 2030834 bytes)
0e6ceac7a87790530353ba47765b9876 ( 65536 bytes)
14a8e673990b59041a3d71a22cddcfc5 ( 2754016 bytes)
1e45fa039f760ed648a14c42e4abb66a ( 132776 bytes)
25d191ee5d02a7ab529921dbc1c8b3a6 ( 131072 bytes)
26c663c31261297c5a47f873d1f40539 ( 118784 bytes)
26f833b7ad465a044a8da50b619775b2 ( 69717 bytes)
27ade5e16a52d73628e4566ab3277521 ( 132792 bytes)
2cd22a8aca8e983dc3a7c400e57aa58f ( 90112 bytes)
3f3208679e2f5570203accaf940f8dbb ( 434636 bytes)
424e044fd204ff7beb61d0d6a277ca71 ( 307200 bytes)
439a9eb8cd1f797f75f24f2eecc0f836 ( 30000 bytes)
4aaf80acffa0bf66ee659bd9e214c700 ( 88594 bytes)
58c5276f582cbfbe918e64eaee882c57 ( 2762208 bytes)
634abd934e9e17884c97d6dd57771ddc ( 653855 bytes)
68cbdada6ceecc6f8745de870a622547 ( 5230592 bytes)
72d911befc0e2c5daa2851ccbe654d0b ( 24688 bytes)
73d3ac5e745ceafc576348dddb639e1a ( 1827447 bytes)
778ef0a532078fb10038ba91593e5ba8 ( 1255877 bytes)
7d82378e11e4ea4bd6b5af002be024b5 ( 24688 bytes)
86445e5a1c4b02574d8bb1b49ebc1a73 ( 28672 bytes)
8675878e2c3d90aebcaa9d0431ae4653 ( 2758112 bytes)
9320a376c99f9640dcf029aab99fa7ba ( 24688 bytes)
952d6a8ae3dc01a17b43fcf061b0302e ( 132768 bytes)
99fd46b1981fdbbcf24c5ca028104c43 ( 405588 bytes)
9d72af65c2a445a121d20bc317d94eb3 ( 24668 bytes)
9f74744064ef1db660639944170fa383 ( 552960 bytes)
a73b857b1d99de3df01a1b5daa04c98e ( 132768 bytes)
a9c103ac05fe80048382d01f8aebabc4 ( 53248 bytes)
a9e18bceffe3a7d0a649733595c783b9 ( 127070 bytes)
aa1744c89831de5c46fc8395efa3f2a2 ( 61440 bytes)
ab0ba4c6555ea9496a267e1d82493a68 ( 434271 bytes)
ac17b14e79c15f5e44df0f572efe755e ( 61440 bytes)
b006e30238c25a0c5ae89315c9e11032 ( 5300224 bytes)
bc20376f0bdc852760f8465fd57fcb4c ( 5300224 bytes)
c8ac9d56d1419092b5c9b580798deb7d ( 5300224 bytes)
d5b46ca03340f2851f750063d05bf157 ( 1161517 bytes)
d8ddca94a26244aa83aeffc35b65ce71 ( 122880 bytes)
da8557c26574fec70d56d58044709467 ( 167960 bytes)
df3af1925713f65b7ba1b6520317a7af ( 327680 bytes)
e55b0d3e5fceca89e8675c3f9e5ea1c0 ( 111976 bytes)
e651be4f6e4dcd99aa66ef80c5cdd28b ( 86096 bytes)
ec17fac388e824ebe130178b309b5d58 ( 132784 bytes)
eedcb5bf695d0008e977f6cc8aef2a79 ( 24576 bytes)
ef4e1e02786039fcbd653e7612aa6fa6 ( 393216 bytes)
f618d90e845ec46f8bd06f9e7748647c ( 20480 bytes)
f66c2b610c204ac28dbea587672bf929 ( 77824 bytes)
fd6013ada0fb06b86d6d4f038ac512f3 ( 389120 bytes)
ff2d63823491a2b622c16d085a764a2a ( 94208 bytes)
Also creates the following files on user's System which are also created by Genuine Software :-
Note:
These file(s) can be kept as they are also created by genuine Software.
File : a2highin.exe
Path : %programfiles%\asksbar\bar\1.bin

Md5Hash :c446ef641a765613fd247d1d54b3db9d ( 16501 bytes)
File : a2plugin.dll
Path : %programfiles%\asksbar\bar\1.bin

Md5Hash :e9503d70ae664b6609f4c4f35c70aef1 ( 49255 bytes)
File : asksbar.dll
Path : %programfiles%\asksbar\bar\1.bin

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
803e508910eca7ded7bed8fe645addb1 ( 262144 bytes)
ccc67b6b51bf3b004c6186c2da2faa2e ( 262144 bytes)
File : dvdaudio.ax
Path : %programfiles%\cliprex ds dvd player\filters

Md5Hash :17b00f8763005491968cee615a91f957 ( 65536 bytes)
File : dvdvideo.ax
Path : %programfiles%\cliprex ds dvd player\filters

Md5Hash :6603d23d14d736141bc56b58b7b3cb8a ( 86528 bytes)
File : unins000.exe
Path : %programfiles%\freenote

Md5Hash :3c68ecbcad97a38b1cc705c797c615b0 ( 667914 bytes)
File : lame_enc.dll
Path : %programfiles%\freerip2

Md5Hash :bd5ff559b487a14d4947018f6dd485d4 ( 167424 bytes)
File : mpglib.dll
Path : %programfiles%\freerip2

Md5Hash :0cfb6e702fc589ea104e5920940dd431 ( 65024 bytes)
File : unins000.exe
Path : %programfiles%\freerip2

Skip Navigation Links.
Collapse Md5Hash :Md5Hash :
5a6447879340f20ede1bda055ab2c88e ( 76751 bytes)
d6abc3c44e97beeea534e33e93ae97b4 ( 673546 bytes)
File : actsplash.ocx
Path : %windir%\system32

Md5Hash :cb37a59c71dde79c62f1009b6719eff5 ( 188416 bytes)
The following Registry Values are added to the provided Registry Keys :-
Note:
Delete the added Values from the Key to remove Infection
|__ Value Added :
{00A6FAF6-072E-44cf-8957-5838F569A31D} = ""
|__ Value Added :
{00a6faf6-072e-44cf-8957-5838f569a31d} = ""
|__ Value Added :
freenote = "%programfiles%\freenote\freenote.exe"
|__ Value Added :
MyWebSearch Email Plugin = "%SYSTEMDRIVE%\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe"
|__ Value Added :
mywebsearch email plugin = "%SYSTEMDRIVE%\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe"
|__ Value Added :
{0494d0d9-f8e0-41ad-92a3-14154ece70ac} = ""
|__ Value Added :
{07b18ea9-a523-4961-b6bb-170de4475cca} = ""
|__ Value Added :
{37b85a29-692b-4205-9cad-2626e4993404} = ""
|__ Value Added :
My Web Search Bar = "rundll32 %SYSTEMDRIVE%\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S"
|__ Value Added :
my web search bar = "rundll32 %SYSTEMDRIVE%\progra~1\mywebs~1\bar\1.bin\mwsbar.dll,s"
|__ Value Added :
mywebsearch email plugin = "%SYSTEMDRIVE%\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe"
|__ Value Added :
mywebsearch plugin = "rundll32 %SYSTEMDRIVE%\progra~1\mywebs~1\bar\1.bin\m3plugin.dll,upf"

NOTE:

1. %allusersprofile% Refers to the windows all users profile folder. By default it is 'C:\Documents and Settings\All Users'
2. %homepath% Refers to the windows current user's profile folder. By default it is 'C:\Documents and Settings\[user]'
3. %programfiles% Refers to the program files folder. By default it is 'C:\Program Files'
4. %temp% Refers to the windows temp folder. By default it is 'C:\Documents and Settings\[user]\Local Settings\Temp'
5. %userprofile% Refers to the windows current user's profile folder. By default it is 'C:\Documents and Settings\[user]'
6. %windir% Refers to the windows root folder. By default it is 'C:\Windows'
7. %workingdir% Refers to the current directory in which user is working.

Important: We strongly recommend that you backup the Registry before making any changes to it. Incorrect changes to the Registry can result in permanent data loss or corrupted Files. Modify the malicious\suspicious Subkeys only.

Click Here for more spywarelib.com recommended PC Security and Optimization Tools

To modify registry entries in Windows Operating System:
Follow Steps:
1. Click Start > Run
2. Type “regedit” : to open registry editor
3. Navigate to required registry Key from the Left Tree control and modify accordingly.


Microsoft Gold Certified Partner

© Systweak Inc., 1999-2011 All rights reserved.