Toolbar.MyWebSearch
Posted: August 28, 2009
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 1,464 |
|---|---|
| Threat Level: | 5/10 |
| Infected PCs: | 346,474 |
| First Seen: | July 24, 2009 |
|---|---|
| Last Seen: | October 17, 2023 |
| OS(es) Affected: | Windows |
Toolbar.MyWebSearch, otherwise known as W32/Toolbar.MyWebSearch, is a misleading threat that appears in security alerts and desktop pop-up windows, generally initiated by fake spyware removers and rogue websites. Perhaps once, Toolbar.MyWebSearch may have been considered a threat, but now the biggest danger from Toolbar.MyWebSearch is to scare you into believing your PC is infected and purchasing Antivirus XP 2008 in order to combat the threat.
Aliases
not-a-virus:AdWare.Win32 [Ikarus]Win32/SillyBHO.GNX [eTrust-Vet]Adware.Siggen.9983 [DrWeb]not-a-virus:WebToolbar.Win32.MyWebSearch.mg [Kaspersky]a variant of Win32/Toolbar.MyWebSearch.Q [NOD32]Generic_r.CRO [AVG]Application.ExqPage [Ikarus]Generic PUA DD [Sophos]Trojan.Win32.Staser.fv [Kaspersky]Artemis!56C4466FC3B4 [McAfee]ADSPY/MyWebS.A.60.C [AntiVir]Toolbar:W32/MyWebSearch.B [F-Secure]Win32/Toolbar.MyWebSearch [NOD32]W32/AdInstaller [Fortinet]PUP/Win32.FunWeb [AhnLab-V3]
More aliases (1111)
More aliases (1111)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe
File name: mngr.exeSize: 2.4 MB (2403352 bytes)
MD5: ebba16a88f517bfb1b7681abf006c8b0
Detection count: 4,551
File type: Executable File
Mime Type: unknown/exe
Path: C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe
Group: Malware file
Last Updated: July 28, 2021
%PROGRAMFILES%\MyWebSearch\bar\1.bin\MWSOEMON.EXE
File name: MWSOEMON.EXESize: 38.4 KB (38408 bytes)
MD5: d16afe4928c5686ade1e3e8553f3633b
Detection count: 555
File type: Executable File
Mime Type: unknown/EXE
Path: %PROGRAMFILES%\MyWebSearch\bar\1.bin
Group: Malware file
Last Updated: December 16, 2014
%SystemDrive%\RECYCLER\S-1-5-21-57989841-861567501-1801674531-1004\$4a527002ff9c6a76ac4d52c5be780d5e\n.
File name: n.Size: 60.92 KB (60928 bytes)
MD5: 23e659658f22829a9f718e0e827a3ce0
Detection count: 73
Path: %SystemDrive%\RECYCLER\S-1-5-21-57989841-861567501-1801674531-1004\$4a527002ff9c6a76ac4d52c5be780d5e
Group: Malware file
Last Updated: January 16, 2013
%APPDATA%\KeywordTab\keywordtabhper.exe
File name: keywordtabhper.exeSize: 220.75 KB (220752 bytes)
MD5: 690a7e735a832fc3f20eff0f6a22433c
Detection count: 72
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\KeywordTab
Group: Malware file
Last Updated: January 14, 2013
%APPDATA%\hhFFWORCdGYZ.exe
File name: hhFFWORCdGYZ.exeSize: 4.09 KB (4096 bytes)
MD5: 0e95de79cab7c90f67eb1d7f3e063930
Detection count: 63
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: January 21, 2013
C:\vampiping\FireFoxWH.dll
File name: FireFoxWH.dllSize: 412.67 KB (412672 bytes)
MD5: 9179bef3040e1a98c93c90810df401ee
Detection count: 51
File type: Dynamic link library
Mime Type: unknown/dll
Path: C:\vampiping
Group: Malware file
Last Updated: January 14, 2013
C:\Program Files (x86)\ByteGems.com\Screen Resolution Manager\ScreenResolutionManager.exe
File name: ScreenResolutionManager.exeSize: 510.97 KB (510976 bytes)
MD5: 385fab9ea337a58c613eacc79383f3ae
Detection count: 40
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\ByteGems.com\Screen Resolution Manager\ScreenResolutionManager.exe
Group: Malware file
Last Updated: April 29, 2022
%APPDATA%\C600.exe
File name: C600.exeSize: 73.72 KB (73728 bytes)
MD5: 40e065a53f345c8fbe5c3da98c7bd9e6
Detection count: 35
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: January 14, 2013
%LOCALAPPDATA%\Microsoft\ID Vault\czxgdkrtg.dll
File name: czxgdkrtg.dllSize: 291.84 KB (291840 bytes)
MD5: af44fa29756cd3fc27d60f01ef960e7b
Detection count: 33
File type: Dynamic link library
Mime Type: unknown/dll
Path: %LOCALAPPDATA%\Microsoft\ID Vault
Group: Malware file
Last Updated: January 21, 2013
%USERPROFILE%\wgsdgsdgdsgsd.exe
File name: wgsdgsdgdsgsd.exeSize: 139.26 KB (139264 bytes)
MD5: 6bdb245eaf6b20c57fc012d7e0afbe1a
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: January 14, 2013
%SystemDrive%\RECYCLER\S-1-5-21-1644491937-706699826-1177238915-1003\$ebaea08b77c069fb2bf5b189c6cca728\n.
File name: n.Size: 59.9 KB (59904 bytes)
MD5: 328051ee44773630e58f4fb3fc6ae81f
Detection count: 26
Path: %SystemDrive%\RECYCLER\S-1-5-21-1644491937-706699826-1177238915-1003\$ebaea08b77c069fb2bf5b189c6cca728
Group: Malware file
Last Updated: January 14, 2013
C:\Program Files (x86)\GridinSoft Trojan Killer\trojankiller.exe
File name: trojankiller.exeSize: 6.73 MB (6738872 bytes)
MD5: 5110b527283b5b3549b5dc65942f253c
Detection count: 26
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\GridinSoft Trojan Killer\trojankiller.exe
Group: Malware file
Last Updated: March 7, 2022
C:\Program Files (x86)\Pointdev\IDEAL Administration\VNC\VNC_Server\WinVNC.exe
File name: WinVNC.exeSize: 667.64 KB (667648 bytes)
MD5: ce13b222c925a6dc75be4b578fbd4d58
Detection count: 23
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\Pointdev\IDEAL Administration\VNC\VNC_Server\WinVNC.exe
Group: Malware file
Last Updated: October 22, 2021
%USERPROFILE%\Desktop\RF Engine 2.0.0\kiki.sys
File name: kiki.sysSize: 35.84 KB (35840 bytes)
MD5: fd592502d8871bad9eb2ef1d8135b386
Detection count: 21
File type: System file
Mime Type: unknown/sys
Path: %USERPROFILE%\Desktop\RF Engine 2.0.0
Group: Malware file
Last Updated: September 30, 2022
%APPDATA%\Nbt\Nbt.exe
File name: Nbt.exeSize: 779.77 KB (779776 bytes)
MD5: 0e22d1901e7461e876f5e77508a4d0c3
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Nbt
Group: Malware file
Last Updated: January 14, 2013
%SystemDrive%\RECYCLER\S-1-5-21-3804951979-3920169382-3999220830-1115\$a3958e7fb8ba043668033d8c95ee3ff4\n.
File name: n.Size: 59.9 KB (59904 bytes)
MD5: 22e727421ec6250f8529a989839c5ba4
Detection count: 19
Path: %SystemDrive%\RECYCLER\S-1-5-21-3804951979-3920169382-3999220830-1115\$a3958e7fb8ba043668033d8c95ee3ff4
Group: Malware file
Last Updated: January 14, 2013
%USERPROFILE%\AppData\winini.exe
File name: winini.exeSize: 105.98 KB (105984 bytes)
MD5: 0615ccf5949d05b2dae2c6c87dc0acbc
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\AppData
Group: Malware file
Last Updated: January 14, 2013
%USERPROFILE%\c_2C_2.exe
File name: c_2C_2.exeSize: 469.5 KB (469504 bytes)
MD5: 1faaa43f4ea20c9a256d21ca7bc489c7
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: January 14, 2013
%TEMP%\panmap.exe
File name: panmap.exeSize: 1.54 MB (1542656 bytes)
MD5: 38faf4975964aa84d098634e042c93bc
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: January 14, 2013
%APPDATA%\6BED.exe
File name: 6BED.exeSize: 77.82 KB (77824 bytes)
MD5: 7fea8194a339d027cfe255d1ecfad08e
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: January 14, 2013
%SystemDrive%\winlogon.exe
File name: winlogon.exeSize: 92.16 KB (92160 bytes)
MD5: f0f8665930c451a7fea811a1fe9e2caa
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%
Group: Malware file
Last Updated: January 14, 2013
%PROGRAMFILES%\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
File name: M3PLUGIN.DLLSize: 53.36 KB (53366 bytes)
MD5: 7075cb51f200cfb073efe82e12c2f9d1
Detection count: 5
File type: Dynamic link library
Mime Type: unknown/DLL
Path: %PROGRAMFILES%\MyWebSearch\bar\1.bin
Group: Malware file
Last Updated: May 13, 2013
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\8gquqFX0a.exe
File name: 8gquqFX0a.exeSize: 172.28 KB (172284 bytes)
MD5: 47469a8a7ff8a67320c5d2a39d9870a3
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: January 14, 2013
%WINDIR%\system32\bgamrgbw.exe
File name: bgamrgbw.exeSize: 108.54 KB (108544 bytes)
MD5: 815c909a0a7061b2ac1ddb3cccc91203
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32
Group: Malware file
Last Updated: January 16, 2013
More files
Registry Modifications
The following newly produced Registry Values are:
CLSID{01947140-417F-46B6-8751-A3A2B8345E1A}{07B18EA9-A523-4961-B6BB-170DE4475CCA}{07B18EAA-A523-4961-B6BB-170DE4475CCA}{1093995A-BA37-41D2-836E-091067C4AD17}{120927BF-1700-43BC-810F-FAB92549B390}{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}{1F52A5FA-A705-4415-B975-88503B291728}{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}{3E1656ED-F60E-4597-B6AA-B6A58E171495}{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}{3E720451-B472-4954-B7AA-33069EB53906}{3E720453-B472-4954-B7AA-33069EB53906}{48586425-6bb7-4f51-8dc6-38c88e3ebb58}{72EE7F04-15BD-4845-A005-D6711144D86A}{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}{7473D298-B7BB-4F24-AE82-7E2CE94BB6A9}{819FFE21-35C7-4925-8CDA-4E0E2DB94302}{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}{90449521-D834-4703-BB4E-D3AA44042FF8}HKEY..\..\..\..{RegistryKeys}Software\AppDataLow\Software\mywebsearchSoftware\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}SOFTWARE\mywebsearchSoftware\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}SOFTWARE\Wow6432Node\MyWebSearchSYSTEM\ControlSet001\services\eventlog\Application\WsysSvcSYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{F921DE4A-6917-4EB4-8A1B-764259B8DB5E}SYSTEM\ControlSet002\services\eventlog\Application\WsysSvcSYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{F921DE4A-6917-4EB4-8A1B-764259B8DB5E}SYSTEM\CurrentControlSet\services\eventlog\Application\WsysSvcSYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{F921DE4A-6917-4EB4-8A1B-764259B8DB5E}HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}MyWebSearch bar UninstallWsysControl
CLSID{01947140-417F-46B6-8751-A3A2B8345E1A}{07B18EA9-A523-4961-B6BB-170DE4475CCA}{07B18EAA-A523-4961-B6BB-170DE4475CCA}{1093995A-BA37-41D2-836E-091067C4AD17}{120927BF-1700-43BC-810F-FAB92549B390}{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}{1F52A5FA-A705-4415-B975-88503B291728}{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}{3E1656ED-F60E-4597-B6AA-B6A58E171495}{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}{3E720451-B472-4954-B7AA-33069EB53906}{3E720453-B472-4954-B7AA-33069EB53906}{48586425-6bb7-4f51-8dc6-38c88e3ebb58}{72EE7F04-15BD-4845-A005-D6711144D86A}{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}{7473D298-B7BB-4F24-AE82-7E2CE94BB6A9}{819FFE21-35C7-4925-8CDA-4E0E2DB94302}{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}{90449521-D834-4703-BB4E-D3AA44042FF8}HKEY..\..\..\..{RegistryKeys}Software\AppDataLow\Software\mywebsearchSoftware\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}SOFTWARE\mywebsearchSoftware\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}SOFTWARE\Wow6432Node\MyWebSearchSYSTEM\ControlSet001\services\eventlog\Application\WsysSvcSYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{F921DE4A-6917-4EB4-8A1B-764259B8DB5E}SYSTEM\ControlSet002\services\eventlog\Application\WsysSvcSYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{F921DE4A-6917-4EB4-8A1B-764259B8DB5E}SYSTEM\CurrentControlSet\services\eventlog\Application\WsysSvcSYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{F921DE4A-6917-4EB4-8A1B-764259B8DB5E}HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}MyWebSearch bar UninstallWsysControl
Additional Information
The following directories were created:
%PROGRAMFILES%\mywebsearch%PROGRAMFILES(x86)%\mywebsearch%UserProfile%\AppData\LocalLow\mywebsearch
The following URL's were detected:
https://hp.mywebsearch.com/
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.