Home Malware Programs Adware TOPicks

TOPicks

Posted: March 28, 2006

TOPicks is a harmless, but difficult to remove adware application that shows links to sponsored web resources while you browse the Internet. It doesn't have additional functionality. TOPicks doesn't distribute itself and must be manually installed.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 adm.exe
    2 altnetuninstall.exe
    3 asm.exe
    4 asmend.exe
    5 cpbar.dll
    6 cpicoa.bmp
    7 cpns.dat
    8 ctgind.dat
    9 datamgr.dll
    10 fileversions.ini
    11 htcheck2.dll
    12 htchecksvr2.exe
    13 hthost.exe
    14 htps.dll
    15 icons.exe
    16 idhost.exe
    17 idmcom.dll
    18 idmun.exe
    19 idmup.dll
    20 paramset.ini
    21 paramvl.ini
    22 points manager.exe
    23 test.ini
    24 topicks.reg
    25 tpbar.dll
    26 tpreg.dll
    27 unwise.ini

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOTAppIDhtchecksvr2.exeHKEY_CLASSES_ROOTDataMgr32.ActionMgrHKEY_CLASSES_ROOTDataMgr32.ActionMgr.1HKEY_CLASSES_ROOTDataMgr32.DataMgr1HKEY_CLASSES_ROOTDataMgr32.DataMgr1.1HKEY_CLASSES_ROOTFetchComm.CommFetchHKEY_CLASSES_ROOTFetchComm.CommFetch.1HKEY_CLASSES_ROOTHtCheck2.CHelpObjHKEY_CLASSES_ROOTHtCheck2.CHelpObj.1HKEY_CLASSES_ROOTHtCheck2.CheckPageHKEY_CLASSES_ROOTHtCheck2.CheckPage.1HKEY_CLASSES_ROOTHtCheckSvr.ScanPageHKEY_CLASSES_ROOTHtCheckSvr.ScanPage.1HKEY_CLASSES_ROOTIdiumUpdater.IdiumSysUpdaterHKEY_CLASSES_ROOTIdiumUpdater.IdiumSysUpdater.1HKEY_CLASSES_ROOTToPicksReg.ToPickReg1HKEY_CLASSES_ROOTToPicksReg.ToPickReg1.1HKEY_CLASSES_ROOTTopicks.TopicksBarHKEY_CLASSES_ROOTTopicks.TopicksBar.1HKEY_CURRENT_USERSoftwareToPicksHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunTOPicksStarter=C:ProgramFilesTOPicksinidhost.exeHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallTOPicks
  • The following CLSID's were detected:
    HKEY..\..\{CLSID Path}F533946A-DB32-4426-A104-BC22F543DA6ADAE64161-491D-11D5-AB93-00D0B760B4EBBE7613D4-7D09-4CF8-B747-6DFF0564891E9A7CFEDA-5911-4EF1-B49A-35C34230FFC15C400120-44CA-11D7-8411-0002A5F9D08E49D25A3F-28EF-4F38-BF7F-BC5FE6D39FA71EA4DBF0-3C3B-11CF-810C-00AA00389B71EB29CD69-7020-4D1D-A0BE-72130DFBA9F7E964B4A5-351B-40A6-8B8D-D856AAC538DCDAE6416E-491D-11D5-AB93-00D0B760B4EBC809EE32-C648-459B-9A99-5CB20F61DCFCB8492793-8827-4172-A83F-E4A6DE6E707FB2FFA779-8DC5-4774-837F-7323B32E293EA02235E1-68BA-11D5-AB93-00D0B760B4EB68CCC4DA-B487-4791-AD94-E72FD4D1074C5C40012D-44CA-11D7-8411-0002A5F9D08E262C80B1-9F63-45EA-ACF7-539BDACD0E12D7CB5BAF-18D9-46D4-8F72-909D409506FACBDB0279-9D76-48AC-ABD3-8CB9A4D73D4AC6958ACD-D866-4349-9F7B-FDB73384F6979F8AC164-6826-4B52-8F65-9C31305E81CC80E81A0E-9741-4FBC-8EE3-3B78C04ADA1D5C40012E-44CA-11D7-8411-0002A5F9D08E1717A4A5-D63A-4F70-B373-AE4AA46D12360352960F-47BE-11D5-AB93-00D0B760B4EB02CDB0ED-874A-4DCB-8D9F-C2E3B169F265D6BE4255-97C9-4D5C-9801-91DADDA92D81
Loading...