Home Malware Programs Potentially Unwanted Programs (PUPs) TotalRecipeSearch Toolbar

TotalRecipeSearch Toolbar

Posted: September 10, 2013

Threat Metric

Ranking: 2,275
Threat Level: 1/10
Infected PCs: 122,473
First Seen: May 31, 2011
Last Seen: October 16, 2023
OS(es) Affected: Windows

TotalRecipeSearch Toolbar is an add-on component for your web browser application designed to offer quick access to food sites and those that provide recipes for cooking. TotalRecipeSearch Toolbar was created and marketed by Mindspark Interactive Network, which is known for producing and offering various types of add-on toolbars for popular web browsers, such as Google Chrome, Firefox, and Internet Explorer. Use of the TotalRecipeSearch Toolbar is not harmful in any way. Though, using TotalRecipeSearch Toolbar quick access buttons may cause redirects where another site may load and offer additional recipes and links to recipe sites. There is also a search feature of TotalRecipeSearch Toolbar that may return multiple results sent through a generic search engine aggregator. Computer users seeking removal or disabling of TotalRecipeSearch Toolbar may be required to utilize the settings feature of their web browser in some form.

Aliases

Tool.InstallToolbar.5 [DrWeb]UnclassifiedMalware [Comodo]not-a-virus:WebToolbar.Win32.MyWebSearch.gen [Kaspersky]Win32:FunWeb-F [PUP] [Avast]not-a-virus:WebToolbar.Win32.MyWebSearch.gi [Kaspersky]AdInstaller.FunWeb [AVG]AdWare/Win32.FunWeb.gen [Antiy-AVL]not-a-virus:AdWare.Win32.FunWeb.heur [Kaspersky]

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%PROGRAMFILES%\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll File name: 14SrcAs.dll
Size: 53.24 KB (53248 bytes)
MD5: 7d5a189d78e4ed34ede29d9a68a642cf
Detection count: 7,139
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\TotalRecipeSearch_14\bar\1.bin
Group: Malware file
Last Updated: February 16, 2014
%PROGRAMFILES%\TotalRecipeSearch_14\bar\1.bin\14bar.dll File name: 14bar.dll
Size: 692.22 KB (692224 bytes)
MD5: 8131240b772a3773d289e5b9c44fccc2
Detection count: 525
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\TotalRecipeSearch_14\bar\1.bin
Group: Malware file
Last Updated: February 15, 2014
%PROGRAMFILES%\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe File name: 14barsvc.exe
Size: 28.76 KB (28766 bytes)
MD5: f08fe6dd1f50bf64e0d3ef8830fcb946
Detection count: 23
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\TotalRecipeSearch_14\bar\1.bin
Group: Malware file
Last Updated: June 18, 2014
%PROGRAMFILES%\TotalRecipeSearch_14\bar\1.bin\14brmon.exe File name: 14brmon.exe
Size: 20.48 KB (20480 bytes)
MD5: b47b65a6441d61806340106f71d5632f
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\TotalRecipeSearch_14\bar\1.bin
Group: Malware file
Last Updated: June 18, 2014
%PROGRAMFILES%\TotalRecipeSearch_14\bar\1.bin\14bar.dll File name: 14bar.dll
Size: 702.46 KB (702464 bytes)
MD5: 2602bff7c3eefe86fc50d39643626791
Detection count: 19
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\TotalRecipeSearch_14\bar\1.bin
Group: Malware file
Last Updated: June 18, 2014

Registry Modifications

The following newly produced Registry Values are:

CLSID{0384459A-9D5E-4AE1-B154-8EAC39721C97}{03f3147c-cea6-4aae-b0ae-8d8abe7a8080}{06A16622-19D9-47E8-9FEC-6CA8CF275BD7}{0B41B972-09C0-4406-B15C-0310E138F2F1}{0CE10DC6-DB5B-4255-BB4C-420C9B8D4F60}{20F60738-FCC6-4CF0-9526-A61F321BBF38}{23A73CDC-711C-4D7E-AECC-D9AECFA152AA}{2502086b-5a46-4d05-8d5b-a1e77ab8bb32}{2D465563-7CA8-45EC-83F2-6F5C293762F3}{377DB814-EBF3-464B-8688-AAE2798E1999}{396a4e14-83e7-4941-b0d9-b598e1b97197}{398035F8-0621-4534-AEF6-B5592A68F6D8}{3B0C32DB-699F-4B5E-BE81-1E78693D50D9}{3B181CF2-878B-4758-8FBD-59D8AC5AB12D}{40FE5A09-64EC-411D-B743-7EA5EC3CBD60}{41CA38C7-E4D6-4DE4-A667-0AB3D17E2312}{4874BC7B-0681-49E4-A9B8-631B218F90D2}{490A5A0F-1471-47FF-8BB5-719F1F5238AD}{4A80A60D-BDEF-4D70-BCCC-D0DAD25FF951}{4FFED4E7-CF5A-467C-965C-0E425314E0CF}{50DDA533-7F95-4141-98A4-5EC64E966126}{529B4045-715C-46E7-BC81-81E3AAEC9060}{6A01347F-FD7B-4EDF-871D-5143F104BFE6}{6A6B3763-2264-4710-B165-26DB0B35920C}{6D2D2DDF-CFF7-47A0-B4E9-F9043DF6C2C4}{76f3207c-3a0a-461b-b958-5653c5718243}{81C8B625-F505-4E26-84F9-207AF4240B00}{827F725B-5665-4A4B-807C-A60460066CED}{829E44ED-CB4F-4CCC-990F-428FBD0B128A}{831C6B3A-02D4-4639-90E4-3D381CD5480C}{895f3dbd-2484-4a14-a0ea-c3252ebb0ff7}{8a7d2060-824d-4b17-b00a-759b1b5f30d9}{8c4b563e-52a1-4a10-b700-f8bf1cd7b726}{91E80D07-BDCE-41FD-994E-CDDEB329A0D7}{9359921F-1C6F-4E7F-8234-CD64087640BB}{96b8a0ef-0d9d-4a92-b548-376db4bbb58b}{9A74121D-E910-4C66-8CBC-2A342BD03EB5}{9e5c950c-93f2-46b4-a47e-8450fff4d841}{a0154e07-2b48-475c-a82a-80efd84ea33e}{A0676B02-1367-4651-88C0-28DCC456365F}{A4503EC3-1111-4B62-8F46-0D88508F8A7B}{A828B2D7-0718-404B-AC94-A4EF0A3C9B88}{a9c524bf-4044-402a-aa00-8c3b3da86125}{ab56dfde-0c14-45b3-9df6-7b0eba617870}{AE648A4E-AC70-47EF-9F19-E0030732B36D}{B0839327-0156-4D83-96C8-26255C502568}{b38fbaed-ded1-4ba6-ba2e-f2515fd49442}{B3952944-3DB1-4605-B9D0-4D84AB9B10A7}{B4EF7D02-FD90-4B58-AC4A-0CD7847799D2}{b5ede79d-b004-47dd-93f9-152b0d145914}{B723E5AA-0F63-47DF-971C-AE8EA0F8393A}{B7B60F9D-F1E4-4694-9A40-1538EA07A795}{BCF02409-9333-44E7-96E8-01890EA9D58E}{C76ED8C1-24E5-43A8-807F-448264610140}{CC748B11-E10D-4C87-9A24-93E429FDD1FD}{d0690e53-168c-4632-99b2-5700228f760f}{d0dabaca-3c45-4ee9-b0da-533cad1985b0}{D70D51A6-C90C-4BF4-9C91-DC0B943754DE}{df22384f-cf68-4d19-969f-10423715528b}{E1C9AF72-FEDF-44E3-8BC1-B11AEF0433F9}{e1f82c34-7195-49a8-9c9b-47c064c22132}{E6BD8161-FE58-4BBA-BA73-09BB6E2E0168}{e8106344-16d4-41d1-9a2a-0521a59199ea}{EE201AE6-533C-4947-97EA-12627D4854A0}{f62d46cc-3eb0-4b4f-a11a-663f834e78b3}{f7921d9c-168a-40ee-a4a9-42dd202b0bb4}{fc1025d1-c5d8-4a1b-bb68-6b79c51c54e4}{FFED91AD-6369-48F5-B351-2A42D09CB27C}File name without pathhttp_download.totalrecipesearch.com_0.localstoragehttp_download.totalrecipesearch.com_0.localstorage-journalhttp_totalrecipesearch.dl.myway.com_0.localstoragehttp_totalrecipesearch.dl.myway.com_0.localstorage-journalhttp_totalrecipesearch.dl.tb.ask.com_0.localstoragehttp_totalrecipesearch.dl.tb.ask.com_0.localstorage-journaltotalrecipesearch.dl.myway[1].xmlHKEY..\..\..\..{RegistryKeys}Software\AppDataLow\Software\TotalRecipeSearch_14SOFTWARE\Classes\TotalRecipeSearch_14.DynamicBarButtonSOFTWARE\Classes\TotalRecipeSearch_14.DynamicBarButton.1SOFTWARE\Classes\TotalRecipeSearch_14.FeedManagerSOFTWARE\Classes\TotalRecipeSearch_14.FeedManager.1SOFTWARE\Classes\TotalRecipeSearch_14.HTMLMenuSOFTWARE\Classes\TotalRecipeSearch_14.HTMLMenu.1SOFTWARE\Classes\TotalRecipeSearch_14.HTMLPanelSOFTWARE\Classes\TotalRecipeSearch_14.HTMLPanel.1SOFTWARE\Classes\TotalRecipeSearch_14.MultipleButtonSOFTWARE\Classes\TotalRecipeSearch_14.MultipleButton.1SOFTWARE\Classes\TotalRecipeSearch_14.PseudoTransparentPluginSOFTWARE\Classes\TotalRecipeSearch_14.PseudoTransparentPlugin.1SOFTWARE\Classes\TotalRecipeSearch_14.RadioSOFTWARE\Classes\TotalRecipeSearch_14.Radio.1SOFTWARE\Classes\TotalRecipeSearch_14.RadioSettingsSOFTWARE\Classes\TotalRecipeSearch_14.RadioSettings.1SOFTWARE\Classes\TotalRecipeSearch_14.ScriptButtonSOFTWARE\Classes\TotalRecipeSearch_14.ScriptButton.1SOFTWARE\Classes\TotalRecipeSearch_14.SettingsPluginSOFTWARE\Classes\TotalRecipeSearch_14.SettingsPlugin.1SOFTWARE\Classes\TotalRecipeSearch_14.SkinLauncherSOFTWARE\Classes\TotalRecipeSearch_14.SkinLauncher.1SOFTWARE\Classes\TotalRecipeSearch_14.SkinLauncherSettingsSOFTWARE\Classes\TotalRecipeSearch_14.SkinLauncherSettings.1SOFTWARE\Classes\TotalRecipeSearch_14.ThirdPartyInstallerSOFTWARE\Classes\TotalRecipeSearch_14.ThirdPartyInstaller.1SOFTWARE\Classes\TotalRecipeSearch_14.ToolbarProtectorSOFTWARE\Classes\TotalRecipeSearch_14.ToolbarProtector.1SOFTWARE\Classes\TotalRecipeSearch_14.UrlAlertButtonSOFTWARE\Classes\TotalRecipeSearch_14.UrlAlertButton.1SOFTWARE\Classes\TotalRecipeSearch_14.XMLSessionPluginSOFTWARE\Classes\TotalRecipeSearch_14.XMLSessionPlugin.1Software\Microsoft\Internet Explorer\DOMStorage\totalrecipesearch.comSoftware\Microsoft\Internet Explorer\DOMStorage\totalrecipesearch.dl.myway.comSOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0384459a-9d5e-4ae1-b154-8eac39721c97}SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03f3147c-cea6-4aae-b0ae-8d8abe7a8080}SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{435e56d9-92df-4d38-bdff-fe316064953c}SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4a80a60d-bdef-4d70-bccc-d0dad25ff951}SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cab2773-5453-4778-90d9-6672805b41ca}SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b723e5aa-0f63-47df-971c-ae8ea0f8393a}SOFTWARE\Microsoft\Internet Explorer\Toolbar\{a0154e07-2b48-475c-a82a-80efd84ea33e}Software\Microsoft\Internet Explorer\URLSearchHooks\{8a7d2060-824d-4b17-b00a-759b1b5f30d9}SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{ab56dfde-0c14-45b3-9df6-7b0eba617870}SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{df22384f-cf68-4d19-969f-10423715528b}SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2502086b-5a46-4d05-8d5b-a1e77ab8bb32}SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{76f3207c-3a0a-461b-b958-5653c5718243}SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{96b8a0ef-0d9d-4a92-b548-376db4bbb58b}SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A4503EC3-1111-4B62-8F46-0D88508F8A7B}SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b38fbaed-ded1-4ba6-ba2e-f2515fd49442}SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e8106344-16d4-41d1-9a2a-0521a59199ea}SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{fd79f359-e577-46db-aa74-d6e6b8b45ba8}SOFTWARE\Microsoft\Windows\CurrentVersion\Run\TotalRecipeSearch Search Scope MonitorSOFTWARE\Mozilla\Firefox\Extensions\14ffxtbr@TotalRecipeSearch_14.comSOFTWARE\MozillaPlugins\@TotalRecipeSearch_14.com/PluginSoftware\TotalRecipeSearchSoftware\TotalRecipeSearch_14SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0384459a-9d5e-4ae1-b154-8eac39721c97}SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03f3147c-cea6-4aae-b0ae-8d8abe7a8080}SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{435e56d9-92df-4d38-bdff-fe316064953c}SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4a80a60d-bdef-4d70-bccc-d0dad25ff951}SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cab2773-5453-4778-90d9-6672805b41ca}SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b723e5aa-0f63-47df-971c-ae8ea0f8393a}SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{a0154e07-2b48-475c-a82a-80efd84ea33e}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{ab56dfde-0c14-45b3-9df6-7b0eba617870}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{df22384f-cf68-4d19-969f-10423715528b}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2502086b-5a46-4d05-8d5b-a1e77ab8bb32}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{76f3207c-3a0a-461b-b958-5653c5718243}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{96b8a0ef-0d9d-4a92-b548-376db4bbb58b}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A4503EC3-1111-4B62-8F46-0D88508F8A7B}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b38fbaed-ded1-4ba6-ba2e-f2515fd49442}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e8106344-16d4-41d1-9a2a-0521a59199ea}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{fd79f359-e577-46db-aa74-d6e6b8b45ba8}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\TotalRecipeSearch Search Scope MonitorSOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\14ffxtbr@TotalRecipeSearch_14.comSOFTWARE\Wow6432Node\MozillaPlugins\@TotalRecipeSearch_14.com/PluginSOFTWARE\Wow6432Node\TotalRecipeSearch_14SYSTEM\CurrentControlSet\Services\TotalRecipeSearch_14ServiceHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}TotalRecipeSearch_14bar Uninstall FirefoxTotalRecipeSearch_14bar Uninstall Internet ExplorerTotalRecipeSearchTooltab Uninstall Internet Explorer

Additional Information

The following directories were created:
%LOCALAPPDATA%\Google\Chrome\User Data\Default\cnbegpgknjllkedcnkfailmjbiahbfba%LOCALAPPDATA%\TotalRecipeSearchTooltab%LOCALAPPDATA%\TotalRecipeSearch_14%PROGRAMFILES%\TotalRecipeSearch_14%PROGRAMFILES(x86)%\TotalRecipeSearch_14%USERPROFILE%\AppData\LocalLow\TotalRecipeSearch_14%USERPROFILE%\Application Data\TotalRecipeSearch_14%USERPROFILE%\Local Settings\Application Data\TotalRecipeSearchTooltab
The following URL's were detected:
http://www.totalrecipesearch.com
Loading...