| OBJECT NAME | GUID | STATUS | FILENAME | DESCRIPTION |
|---|
| netMonior Class, ViewSource Class | {85810C93-C14C-11D5-BC4B-0050BA28E4FE} | L BHO | Popkill.dll | Saga Super Pop Up Blocker |
| IE PopUp-Killer ; Neikeisoft | {49E0E0F0-5C30-11D4-945D-000000000003} | L BHO | PopUp-Killer.dll | Neikeisoft XP-Tuner PRO |
| Barefruit/SmartError | {BA12EFAD-9F3F-11DA-9387-00A0C9DA30E9} | X BHO | Plug.dll | Barefruit Error Page hijacker |
| PagesConso Toolbar | {34F459B8-1D37-4FF2-9EFA-192D8E3ABA6F} | O TB | pagesconso_toolbar.dll, PAGESC~1.DLL | PagesConso.com toolbar - a Softomate Toolbar variant - Softomate customizes toolbars to customers needs. The dll files for their toolbars contain some spyware/adware functionality, although not all of the toolbars use this. Your choice. |
| PNLoader.IEHelperClass | {748A5D0A-68D3-11D4-A67E-00E098823A80} | L BHO | pnloader.dll | PopNot |
| Classic Toolbar | {4E7BD74F-2B8D-469E-EEC9-DE50EBC2B831} | O BHO TB | prodegetoolbar***.dll, PRODEG~*.DLL | Classic Toolbar - a Prodege_Toolbar by Visicom Media |
| (no name) | {********-****-****-****-************} | X SH | Preliminary.dll | WareOut malware component, using a random Class ID |
| e404 helper | {F10587E9-0E47-4CBE-84AE-7DD20B8684BB} | X BHO | prolooker.dll, TURBOS~1.DLL, powerwebfind.dll, mastersearchsite.dll | Parasite, a member of the Trojan-Downloader.Zlob.Media-Codec aka NewMediaCodec malware family - detected as Trackware.ProSearch |
| Form PlugIn | {1FBB80A3-E9E9-456e-B4B0-31D05DB8771D} | L BHO | PMgrBHO.dll | Codemeter password manager |
| GizmoBar, twikibar | {7345F548-C9AC-46F7-A350-524964350D25} | O TB | popupgo.dll | GizmoBar or TwikiBar toolbar - also see here |
| Slightly Stoopid Toolbar | {4E7BD74F-2B8D-469E-BEDE-CC39F0D3F960} | O BHO TB | prodegetoolbar***.dll, PRODEG~*.DLL | Slightly_Stoopid Toolbar - a Prodege_Toolbar by Visicom Media |
| Jffdjljo Class | {A16AC1F4-BCA7-4401-B5F5-22240F78E776} | X BHO | p2jlseh8.dll | QuickLinks/LinkMaker adware variant - also detected as Adware.Suggestor |
| Msxml2.ServerXMLHTTP.5.0 | {EE95C1EF-38DC-499C-BB21-29387CBBD736} | X BHO | powrprof.ocx | Unidentified parasite - should you have any information about this application, such as for example the site where it was downloaded or installed, do email us - if you actually have a copy of the file, please attach it to your email for analysis. Thanks! |
| Browser Extension | {00000012-890e-4aac-afd9-eff6954a34dd} | X BHO | pbsysie.dll | Adware.AdBreak |
| XBTP00364 | {2F16DE49-9D33-4849-B812-2ED38C9BCE15} | X BHO | pics-factory.dll, PICS-F~1.DLL | PicsFactory adware |
| MXC Software ProBHO | {9E3FB5AA-F0A3-497A-8FFF-476A1A315A29} | L BHO | ProBHO.dll | iSafeguard |
| XBTP07646 | {9A5152BA-6D72-4293-BB53-CBE60BCD8593} | X BHO | pics-factory.dll, PICS-F~1.DLL | PicsFactory adware |
| Pantera Toolbar | {4E7BD74F-2B8D-469E-BCDE-CC39F0D3F960} | O BHO TB | prodegetoolbar***.dll, PRODEG~*.DLL | Pantera Toolbar - a Prodege_Toolbar by Visicom Media |
| pics-factory Toolbar | {661294F7-1833-46B3-99EA-7AF25A41FC33} | X TB | pics-factory.dll, PICS-F~1.DL | PicsFactory adware |
| (no name) | {********-****-****-****-************} | X SH | PasswdMon.dll | WareOut malware component, using a random Class ID |
| TBSB08970 | {10ABDD5A-E10E-4AF2-95BA-FCB47C7C90A7} | O BHO | PowerSearchTool4.dll, POWERS~1.DLL | Power_Search_Tool - a Softomate Toolbar variant - Softomate customizes toolbars to customers needs. The dll files for their toolbars contain some spyware/adware functionality, although not all of the toolbars use this. Some of the toolbars are fine to have, so every case is different. Your choice. |
| Cox Popup Blocker | {2C0A5F28-48D8-408B-9172-9C6121025BCE} | L TB | PopupBHO01.dll | Authentium_ESP security software toolbar, used by a number of ISPs, such as Comcast, Cox, TBayTel and so on |
| {00010A21-B924-4CD6-893C-EEA1071AE8B3} | X BHO TB | PCDBS.DLL | AdsStore adware |
| PicLens plug-in for Internet Explorer | {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} | L BHO | PicLens.dll | CoolIris PicLens |
| CIEIntegrator Object | {2178F3FB-2560-458F-BDEE-631E2FE0DFE4} | X BHO | pbd.dll | PCVirusless - rogue "security software" using false positives as goad to purchase. |
| TKTS System | {A717DBE3-D78D-4aa7-BDCF-2CC06B36371B} | X BHO | Policies.dll | MyGeek/Cpvfeed.com adware variant, detected by AntiVir antivirus as ADSPY/BHOApp - logs search engine queries to a %Windir%\search_res.txt file. Also see here |
| ptjhchlp.dll | {328DF602-9541-A985-210A-984A698C6F23} | X BHO | ptjhchlp.dll | Password stealer of Chinese origin detected by Trend Micro as TSPY_ONLINEG.FOK |
| Popup Blocker | {E606052C-E26E-EA9D-835B-BABA8BA9F1F9} | X TB | popupblocker.dll, popup_blocker.dll, popup_blockerWO.dll | BrowserAid adware variant |
| Karushka PopStopper | {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} | ? BHO | popstopper.dll | Unidentified browser plugin - should you have any information about this application, such as its exact purpose and whether you did or did not install it wittingly, do email us - if you actually have a copy of the file, please attach it to your email for analysis. Thanks! |
| &POP | {8023A3E7-AB95-4C23-8313-0BE9842CC70E} | X EB | pop***.dll (* = digit) | AproposMedia PeopleOnPage adware |
| Privilege Manager Browser Helper | {0A9CDB52-EBDF-4210-9C6A-B90C2FD410AB} | L BHO | pmbho.dll | PolicyMaker Application Security 2.0 by BeyondTrust_Privilege_Manager
|
| {C8847EEA-72D6-11D4-AB4F-00B0D02332EE} | O BHO | Phook.dll | InstallShield DigitalWizard |
| Hilary Duff Toolbar | {4E7BD74F-2B8D-469E-BBDC-CC39F0D3F960} | O BHO TB | prodegetoolbar***.dll, PRODEG~*.DLL | Hilary_Duff Toolbar - a Prodege_Toolbar by Visicom Media |
| PrivateIEBHO.CPrivateIEBHO | {BD0D4420-5E4C-4FCC-AFC0-EEA69B608E75} | L BHO | Privateiebho.dll | Secure IE |
| popguideBHO Class | {889CD18C-FFE8-4199-ACB6-48E83A114A54} | X BHO | popguide.dll, e1popguide.dll | Parasite of Korean origin detected as Win32.Spyware.popguide |
| Poker Toolbar | {C49DD894-C6DE-4910-8C41-BA20F852D8BC} | O TB | PokerTB.dll | "Poker Toolbar" - a Softomate Toolbar variant - Softomate customizes toolbars to customers needs. The dll files for their toolbars contain some spyware/adware functionality, although not all of the toolbars use this. Your choice. |
| pics-factory Toolbar | {81CFC095-AC7A-4B6C-9EBF-9B353A7A7EE2} | X TB | pics-factory.dll, PICS-F~1.DLL | PicsFactory adware |
| MSVPS System | {D3A3BB03-15BF-4C5B-A01A-4F376C62CBF3} | X BHO | popnetxog.dll | Zlob downloader variant, a member of the SmitFraud malware family |
| Peer2Mail Toolbar Helper | {4E20C7AE-980F-4c7b-870D-3EFF8C206217} | O TB | Peer2Mail_Toolbar.dll | Peer2Mail toolbar |
| IEListener Class | {911A1534-8E65-448E-92AE-E22D49F870C4} | O BHO | PAE_BHO.dll | eLottoAlert - see here |
| (no name) | {60261C06-81B0-4DE0-9313-E5BA203A64E9} | X BHO | pdfmgr.dll | NaupointToolbar adware variant |
| PointUrlX Class | {E05EEB29-DEE4-4AFC-AAE8-1D60423F6BA6} | X BHO | pointurl.dll | Parasite of Korean origin identified as Win-Adware/BHO.PointUrl |
| PCLaw Web Timer | {0E1230F8-EA50-42A9-983C-D22ABC2EED4B} | L TB | PLIETool.dll | PCLaw Web Timer |
| ptjhdhlp.dll | {428DF602-9541-A985-210A-984A698C6F24} | X BHO | ptjhdhlp.dll | Password stealer of Chinese origin detected by Trend Micro as TSPY_ONLINEG.FOK
|
| CGIEUploader Object, PChome Context Menu | {CCAC9B65-EE47-4164-8EB6-E35C51735831} | ? BHO | PChomeCustMenu.dll | Unidentified browser plugin of Chinese origin, file located in a "Program Files\PChome\Uploader\dll" folder - should you have any information about this application, such as its homepage, its exact purpose and whether you did or did not install it wittingly, do email us - if you actually have a copy of the file, please attach it to your email for analysis. Thanks! |
| {8D4CAD95-7199-4771-8D6B-E2657903576F} | L TB | psctb.dll | Whois Toolbar |
| RECORDING.RecordingCtrl.1 | {D196B547-4A1F-4734-A3F5-500B331D99CD} | X BHO | ping.dll | Unidentified parasite - should you have any information about this application, such as for example the site where it was downloaded or installed, do email us - if you actually have a copy of the file, please attach it to your email for analysis. Thanks!
|
| eGrabber | {9E7E32DD-9584-4265-B223-43AA0D6E4E8C} | L TB | PxInternetExplorer.dll | ResumeGrabber Pro |
| {4E7BD74F-2B8D-469E-C6ED-ED6AA787AD2D} | X TB | pwrsfrst.dll | KeenValue PowerSearch adware variant, also see here |
| PointUrlX Class | {8E488DDC-C9AE-4FBD-AF98-1AFD874B0D71} | X BHO | pointurl.dll | Parasite of Korean origin identified as W-32/Adware.BHO.PointUrl.B |
| PolliPMain Class, PolliP hook | {4A9965E0-1211-41D8-BDA0-4F2D60F4BCEF} | X BHO | PolliP.dll | Parasite, allegedly LOP.com adware related |
| {A84859C9-EEE9-4686-9059-A89242BB4BEF} | L BHO | PopLock.dll | PopLock |
| PLAsim plugin | {F60777DA-D6A6-40F6-B665-6F361C1017B6} | X BHO | poswin.dll | Downloader trojan, member of the FakeAlert aka SmitFraud malware family - produces IEDefender popups - also see here |
| pvnsmfor | {59EC7E90-81DE-40EC-B1EB-93E3CA3AD395} | X TB | pvnsmfor.dll | Parasite causing false spyware warnings and connecting to fake "security sites" - member of the FakeAlert aka SmitFraud malware family |
| PriceBud | {4E7BD74F-2B8D-469E-D6EB-FD69B79CA82D} | X BHO TB | pricebud.dll | PriceBud Toolbar, hailing from donotchangeit.com |
