| OBJECT NAME | GUID | STATUS | FILENAME | DESCRIPTION |
|---|
| RadioToolbar | {F275EF20-1E52-47B8-98D3-0537A2EB8223} | O TB | radiotoolbar.dll, RADIOT~*.DLL | RadioToolbar - a Dutch Softomate variant, detected by ESET's Nod32 antivirus as Adware.EZTracks. Softomate customizes toolbars to customers needs. The dll files for their toolbars contain some spyware/adware functionality, although not all of the toolbars use this. |
| (no name) | {********-****-****-****-************} | X SH | RtlFindVal.dll | WareOut malware component |
| (no name) | {D3626E66-B13B-C628-ACDF-BDABCFA265E1} | X BHO | Relive.dll | Password stealer trojan, detected as Troj/OnLineG-F |
| (no name) | {1AD3A632-7E9D-4458-9995-566505CE3609} | X BHO | rebag.dll | Parasite of Korean origin detected as BonusPack adware |
| Het | {53D58A07-E5FE-4128-B5B3-4E4D7281034B} | X BHO | radiek1.dll | Keyword hijacker, a variant of Trojan.Win32.Small.of |
| BrowserConnector Object | {0D84AC30-5186-4CD9-8FD8-4A1382D5F0F3} | O BHO | rlep2p32.dll, drvel.dll, ctrat.dll, authzi.dll, instd3dx.dll, tuiole.dll, sqlcesem30.dll, ixssoy.dll, [random filename] | Sentry parental control software |
| rtsplgob | {598CA0F7-1954-49CF-8BC2-06F4123C6709} | X TB | rtsplgob.dll | Parasite causing false spyware warnings and connecting to fake "security sites" - member of the FakeAlert aka SmitFraud malware family
|
| RecomSite | {67665DD8-50E3-499E-86B8-0934E3E55598} | X EB | rcdssb.dll | Parasite of Korean origin detected as Adware.RecomSite |
| RNEvent | {D7B21266-AA85-44b8-B516-3B1A69827400} | X BHO | RNEvent.dll | Parasite of Chinese origin, file located in a "Program Files\CNRN" folder. Reportedly a new version of the CnsMin/3721_Internet_Assistant foistware - should you have a copy of the file, do email us attaching the file to your email for analysis. Thanks! |
| &Reverso PowerTools | {B3E81443-FFA2-4E79-99C1-037D765621AC} | L TB | REVERS~1.DLL | Reverso translation software |
| (no name) | {8072BD30-EBF6-43E8-8C21-663EE033C146} | L EB | rsstoolbar.dll | Built-in RSS Client |
| IE | {D7B21266-AA85-44b8-B516-3B1A6982747E} | X BHO | RNEvent.dll | Parasite of Chinese origin, file located in a "Program Files\CNRN" folder. Reportedly a new version of the CnsMin/3721_Internet_Assistant foistware - should you have a copy of the file, please attach it to your email for analysis. Thanks! |
| {79C9FDA0-0A67-4C56-BC89-6AB3FEC2752F} | L TB | racbar.dll | Rent a Coder Toolbar |
| RssBho Class | {9BC6ABD4-63C4-41E0-9C96-77D7F0AF78CE} | L BHO | rsstoolbar.dll | Built-in RSS Client |
| XBTB09612 | {654DCF3A-00ED-422e-BDA2-D7FA69261CE9} | X BHO | RR-TOO~1.DLL, EZT-TO~1.DLL | Recipe Rewards Toolbar - a Traffix_inc EZTracks/aavalue.com foistware variant |
| RCPRIVACY | {72EBDE8B-F1DC-4F6E-AA3F-13461861E239} | O BHO | RealConcept.dll, REALCO~1.DLL | RealConcept bar - a Softomate Toolbar variant - Softomate customizes toolbars to customers needs. The dll files for their toolbars contain some spyware/adware functionality, although not all of the toolbars use this. Some of the toolbars are fine to have, so every case is different. Your choice. |
| H | {875DFA42-0F20-449b-B8AE-4795E5A30B98} | X BHO | rtreywem.dll, rsewwssewe_.dll | Variant of the Infostealer.Banker.D trojan |
| Editor plugin | {72B2F3C0-E640-432b-AA0C-5796C6BED160} | X BHO | ramtask.dll | Variant of the Infostealer.Banker.D trojan |
| (no name) | {AEC4B333-7A09-4CB7-9171-3C3E1CA51C8A} | X BHO | reginix86f.dll | Downloader, a variant of the Win32.Kolweb aka Durvil trojan |
| RSAToolbar, Go ID Toolbar | {749F8452-7D28-4658-A903-9B047E5A2CE8} | L TB | RSAToolbar.dll, RSATOO~1.DLL | RSA SecurID Toolbar |
| Hook Class | {DBA0F35F-BCD6-4602-863A-96893E4DE018} | X BHO | repl.dll, repl1.dll | Downloader, detected by Kaspersky antivirus as Trojan.Win32.Agent.agx |
| Digimarc ImageBridge reader BHO for IE | {6D6F1AF0-DDCB-477F-A896-5D75E53B80A3} | L BHO | RM4IE.dll | DigiMarc ImageBridge |
| Rediff Toolbar | {12F02779-6D88-4958-8AD3-83C12D86ADC7} | O TB SH | redifftoolbar.dll, REDIFF~1.DLL | Rediff.com Toolbar - see here - a Softomate Toolbar variant - Softomate customizes toolbars to customers needs. The dll files for their toolbars contain some spyware/adware functionality, although not all of the toolbars use this. Some of the toolbars are fine to have, so every case is different. Your choice. |
| H | {63170A8C-B4A4-4242-810A-1F3ABE7797DA} | X BHO | ra1.dll | Variant of the Infostealer.Banker.D trojan |
| MICROQIL2 | {832C0563-0820-4fef-83D8-418261DBC233} | X BHO | RAdminl.dll | AdMedia adware variant |
| ReeplayBHO Class | {A5695484-A78A-42C0-B773-438B235F5246} | L BHO | Reeplay.dll | Reeplay.it Toolbar - collect, save and organize videos from the web |
| rxh | {19AD8203-1538-43a0-848B-D136782E09DE} | X BHO | rxh.dll, rxh2.dll | RaxSearch adware |
| XBTB01688 | {2A481757-739A-4FDA-A6EF-8AAF3128EEA1} | X BHO | rsstbsetup.dll, RSSTBS~1.DLL | RSS_Headline_Toolbar - a Softomate Toolbar variant. Installer detected by Kaspersky antivirus as AdWare.Win32.Mostofate.ab and by Bitdefender as Adware.Softomate.DG |
| IEHlprObj Class | {FD8953C6-823F-46AB-8669-3B2BBF3A1111} | X BHO | resource.dll | Unidentified parasite - should you have any information about this application, do email us - if you actually have a copy of the file, please attach it to your email for analysis. Thanks!
|
| {4E7BD74F-2B8D-469E-D3FC-F363BB81A82F} | L TB | rrtoolba.dll | ResellerRatings toolbar |
| {80672997-D58C-4190-9843-C6C61AF8FE97} | X BHO | rundll16.dll | BrowserAid adware variant |
| CRnPluginSite Object | {0050A87F-CF26-41AE-9C0A-C32307C941CB} | L BHO | rnieplug.dll | ReturnReceipt ActiveTracker plugin |
| (no name) | {6477E005-5456-1621-8899-ca3230262a11} | X BHO | ras_z.rc1 | Trojan Dropper, detected as TrojanDropper:Win32/Jevafus.A |
| rtsplgob | {573E5206-B092-4111-B5E0-A8580F026F03} | X TB | rtsplgob.dll | Parasite causing false spyware warnings and connecting to fake "security sites" - member of the FakeAlert aka SmitFraud malware family
|
| (no name) | {1A455575-0303-5FB1-8C9D-063B72D1B2B2} | X BHO | rklcvvh.dll | Variant of the DisableKey.A aka Busky downloader trojan |
| [full path to file] | {B5AC49A2-94F2-42BD-F434-2604812C897D} | X BHO | random filenames (example: Lfj95jg.dll) | Parasite, detected by Kaspersky antivirus as Trojan-Downloader.Win32.Small.ddx |
| The retnsrp | {573E45AC-F20E-4DAF-AF6C-0775714BA0C1} | X TB | retnsrp.dll | Parasite connecting to rogue "security sites", member of the FakeAlert aka SmitFraud malware family |
| XBTBPos00 Class | {BBBE1C1A-89F7-4AF6-ABD1-F8FBCFA47408} | O BHO | redifftoolbar.dll, REDIFF~1.DLL | Rediff.com Toolbar - see here - a Softomate Toolbar variant - Softomate customizes toolbars to customers needs. The dll files for their toolbars contain some spyware/adware functionality, although not all of the toolbars use this. Remove unless you both trust it and expressly meant to install it. |
| RX Toolbar | {25D8BACF-3DE2-4B48-AE22-D659B8D835B0} | X TB | RXToolBar.dll | RXToolbar adware
|
| TBSB03262 | {06B3672D-1FD0-4BAE-89D0-E8D5A476AA87} | O BHO | rednano_ie.dll | Rednano_Toolbar - a Softomate Toolbar variant - Softomate customizes toolbars to customers needs. The dll files for their toolbars contain some spyware/adware functionality, although not all of the toolbars use this. Your choice. |
| [full path to file] | {147254B5-96F3-4A9D-FF34-8476477D897C} | X BHO | random filenames (example 2137C8.dll) | Trojan, detected by Bitdefender antivirus as "Generic.PWStealer.5091AE0C" |
| {C338BA09-B77C-11D5-9214-00104B3195F0} | L TB | RecordOCX.ocx | DejaSurf |
| (no name) | {E37D4210-1D22-437A-96B6-977EC202869E} | X BHO | redir.dll | SpyGuarder - rogue "security software" using false positives as goad to purchase. |
| The retnsrp | {D528386A-A286-4697-9C9C-47856CCD7F67} | X TB | retnsrp.dll | Parasite connecting to rogue "security sites", member of the FakeAlert aka SmitFraud malware family |
| (no name) | {C71039EB-68AB-431A-9438-34B4C6FF86B5} | X BHO | redir.dll | Win-X-Defender or WinXProtector related - rogue "security software" using false positives as goad to purchase. A member of the SmitFraud malware family
|
| RxPop.com Toolbar | {B95615BC-7CA4-4E0C-9357-E9750D836704} | O TB | rxpop.dll | RxPop.com_Toolbar - a Softomate Toolbar variant - Softomate customizes toolbars to customers needs. The dll files for their toolbars contain some spyware/adware functionality, although not all of the toolbars use this. Installer detected by Kaspersky antivirus as AdWare.Win32.Mostofate.dj |
| Std plugin, Rmn plugin | {096059FD-99AB-41eb-9E55-59AEB0A3B444} | X BHO | roadmap16.dll, haskel32.dll | Password stealer, a variant of Trojan.Nethell
|
| solution Class | {99C6D1BB-7555-474C-91DA-D8FB62A9CC75} | X BHO | random filename ( examples:Tt2t2oSV.dll, Sf2C3E2X.dll ) | Password stealer, detected by Trend Micro as TSPY_ONLINEG.FXG |
| ü°Ã·µ¸©Åéµ(&R) | {548E3580-6FED-43EC-A918-82D580817BCF} | ? BHO | RELATE~1.DLL | Unidentified browser plugin - should you have any information about this application, such as its exact purpose and whether you did or did not install it wittingly, do email us - if you actually have a copy of the file, please attach it to your email for analysis. Thanks! |
| (no name) | {********-****-****-****-************} | X BHO | rpcrt432.dll | Unidentified downloader trojan - should you have any information about this application, such as for example the site where it was downloaded or installed, do email us - if you actually have a copy of the file, please attach it to your email for analysis. Thanks! |
| MS Explorer | {705E9481-27B1-7C41-28BD-8E93811F4081} | X BHO | rswctl32.dll | Variant of the Trojan-Spy.Win32.Agent.ir trojan |
| NetscapeTuneUpHelper | {D5572540-47AD-11D2-A534-00805F8A7AC4} | L BHO | rltdbnd.dll | Netscape TuneUp for IE |
| (no name) | {724D43A9-0D85-11D4-9908-00400523E39A} | L BHO | RoboForm.dll | RoboForm |
| The retnsrp | {941FB260-9D22-480E-84D6-10DB7849180E} | X TB | retnsrp.dll | Parasite connecting to rogue "security sites", member of the FakeAlert aka SmitFraud malware family |
| N2fpanel Class | {01889C00-0D27-4B82-9B61-DF894457DD6A} | X BHO | refsmgr.dll | FianSearch, a parasite of Korean origin hailing from fian.co.kr |
