Home Malware Programs Potentially Unwanted Programs (PUPs) StudyHQ Toolbar

StudyHQ Toolbar

Posted: August 27, 2015

Threat Metric

Ranking: 4,817
Threat Level: 1/10
Infected PCs: 4,316
First Seen: August 17, 2015
Last Seen: October 17, 2023
OS(es) Affected: Windows

StudyHQ Toolbar is a potentially unwanted program (PUP) and Google Chrome toolbar that offers features for finding flashcards for math facts, languages, history and other subject matter. StudyHQ Toolbar is marketed by MindSpark Interactive Network as a means of quickly finding items to assist with taking quizzes and tests. Made up as an add-on toolbar for Google Chrome, Internet Explorer and Firefox, StudyHQ Toolbar offers many quick function buttons and a search feature that aggregates flashcard results through another service. StudyHQ Toolbar is not a harmful add-on to your computer or web browser. However, disabling or removing StudyHQ Toolbar can be done manually through the settings of your web browser application in Internet Explorer or through the add-on extensions menu in Internet Explorer or Firefox.

Technical Details

Registry Modifications

The following newly produced Registry Values are:

CLSID{02D14FE2-FFC2-45E4-BCE4-F87A880507F0}{0C48959C-25DD-4565-9A0B-79C52B19E531}{0EA68B45-8C1C-4F54-A6AD-3DF9783C6FE7}{13686ab8-c2bb-4d4f-9a57-675b28758820}{1CEEFD25-74B2-4CF6-93CD-3DCB1BCEB3B4}{24F9D44C-AF57-4764-8210-B8656892667F}{307a9615-00f6-4978-9ce2-17bd2641f61a}{33b19512-500c-4ef1-b178-7fe2968e0ed1}{3c56a3fe-9ff9-4539-95cd-b4781237459b}{3D41DE63-FC7E-4EE1-BAA5-4F71E3DA7C12}{3e1477a8-ba76-4e0e-bba4-18b54c85c6ad}{41F86786-9673-4333-B3FB-954D9DBC1FCA}{45637E31-132D-4606-931A-134CF1D3703F}{49EB78F3-2BD2-4F18-A977-7D9770176A04}{4CF63397-7F19-43E4-9F43-E87AECC81C57}{50252969-A150-4F00-B0C5-C88BFAF8692D}{5F394BB8-BB03-4EA9-AAAD-A87EE1DE28F3}{5FBC993E-073E-41E7-989F-4308ABD833E5}{6358DBE8-F61A-4877-BF92-207601F745A1}{6472b33d-a97e-48e3-bf3d-eb27fe1b578e}{65c48302-5517-4c45-b35c-b39ad2fd210c}{6DE04D66-44EC-4F39-9903-335D8E37B7C5}{72d09e2f-f6ac-4769-bb95-eb088b3704c3}{7C26B58F-3EA5-43C9-B20D-A9F6036CD08F}{848D1A36-57EA-40DB-A5A8-3A62F81E69A5}{84b89eed-5acd-4515-8df4-1219c37fba70}{8AB1D315-D577-45F5-A927-A5BAD72E6AF0}{9CAE310D-8009-4852-902C-1A6491B6ECE6}{9EB414FD-FDC1-40EB-8E45-E3767902CBD6}{A6113E4E-FE07-4846-986D-50E95609E6F3}{AFF433B3-A500-4A65-9D66-51D8AD73EBD7}{c0f59e75-beac-43ff-80f1-e2824a26d1dc}{C4478C4F-0A0B-4A95-AF8F-8ECCC2BD4DAE}{cabad08f-e12e-45c6-9ada-401ac4c810ca}{CB992309-4709-4D4F-BDC3-A27748178EBE}{d01c6cde-b7aa-490b-bc49-0ed699a37cb3}{D21D6085-A6E5-4414-8CE0-73A8DCF934DE}{D275863D-FD2B-4FC8-B820-FDE8369E70D7}{D4ACD242-E503-4092-8AEE-60638CCB2E5D}{DA24691C-FBE0-414E-B5F6-6277F61B6C82}{DAFC2113-75B1-4548-9F8B-83C63AE07BEC}{E3130360-81D2-4CD6-902F-4058487931A4}{E55D2A0B-4E5D-4621-B145-45065DB030D8}{e7d1e3fe-9578-4b25-a53c-cb114f36e63c}{EA3FC42D-3837-4274-87B5-C3398CD98368}{EC7F0A2B-80AD-4A77-A544-A4A84DC13B32}{EF29C9A2-57F5-47D4-9445-EF31CB2489C7}{FC333DFA-1BCC-4861-A83D-DD67204A75E3}{fd2df0bd-3cdb-4cab-903f-94737cd66d9a}File name without pathhttp_gostudyhq.dl.myway.com_0.localstoragehttp_gostudyhq.dl.myway.com_0.localstorage-journalhttp_gostudyhq.dl.tb.ask.com_0.localstoragehttp_gostudyhq.dl.tb.ask.com_0.localstorage-journalHKEY..\..\..\..{RegistryKeys}Software\AppDataLow\Software\StudyHQ_d0Software\Microsoft\Internet Explorer\Approved Extensions\{72857CF6-12B9-43F7-8BCE-4385DC65A9E4}Software\Microsoft\Internet Explorer\Approved Extensions\{BE9EC627-EC66-41CA-BEDB-BE06573CA920}Software\Microsoft\Internet Explorer\Approved Extensions\{D01C6CDE-B7AA-490B-BC49-0ED699A37CB3}Software\Microsoft\Internet Explorer\DOMStorage\gostudyhq.dl.tb.ask.comSoftware\Microsoft\Internet Explorer\SearchScopes\{b7f4511b-6fad-4627-af1c-02d05f9376b0}SOFTWARE\Microsoft\Internet Explorer\Toolbar\{72857cf6-12b9-43f7-8bce-4385dc65a9e4}SOFTWARE\Microsoft\Windows\CurrentVersion\Run\StudyHQ EPM SupportSOFTWARE\StudyHQ_d0SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{72857cf6-12b9-43f7-8bce-4385dc65a9e4}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\StudyHQ EPM SupportSOFTWARE\Wow6432Node\StudyHQ_d0SYSTEM\ControlSet001\services\StudyHQ_d0ServiceSYSTEM\ControlSet002\services\StudyHQ_d0ServiceSYSTEM\CurrentControlSet\services\StudyHQ_d0ServiceHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}StudyHQ_d0bar Uninstall Internet Explorer

Additional Information

The following directories were created:
%LOCALAPPDATA%\StudyHQ_d0%PROGRAMFILES%\StudyHQ_d0%PROGRAMFILES(x86)%\StudyHQ_d0%USERPROFILE%\AppData\LocalLow\StudyHQ_d0
Loading...