FREE SCAN Click Here to scan your PC for FWN Toolbar free of charge

Hijacker . FWN Toolbar (Summary)

Software Name: FWN Toolbar
Company Name: E-Ventures N.V.
Product Name: FWN Toolbar
Classification: Hijacker
Website: http://www.findwhatevernow.com

Brief:
Toolbar that collects personally identifiable information and re-directs any google.com searches to its controlling servers. Hijacks browser home-page settings.

IMPORTANT!
Some of the Hijacker.FWN Toolbar components are listed below. The list is compiled as a reference. The list might not be complete and it doesn't represent instructions for manual removal. We DO NOT recommend manual removal. Incorrect removal of certain software might make your computer unstable or even unusable.
Removal of adware component might affect the related ad-supported software.

If you suspect that you have an unwanted instance of FWN Toolbar installed on your computer we recommend a free audit of your system with INAC Anti Spyware.

FWN Toolbar might create following folders (and inject its files inside the folders):

• %PROGRAMS%\FWN Toolbar


• %PROGRAM_FILES%\FWN Toolbar


• %PROGRAM_FILES%\Search Bar

FWN Toolbar might create following files (some of the files might be loaded in memory while the software is running):

• %WINDOWS%\Downloaded Program Files\installer.dll


• %WINDOWS%\Downloaded Program Files\update.exe


• %SYSTEM%\FWNToolbar.dll


• %SYSTEM%\FWNToolbar.dll.manifest


• %SYSTEM%\chat.dat


• %SYSTEM%\ezines.dat


• %SYSTEM%\home.dat


• %SYSTEM%\IdentLibDll.dll


• %SYSTEM%\paysites.dat


• %SYSTEM%\pics.dat


• %SYSTEM%\srchbar.dll


• %SYSTEM%\srchbar.dll.manifest


• %SYSTEM%\unregister.exe


• %SYSTEM%\videos.dat

FWN Toolbar is often accompanied by the following tracking cookies:

n/a

FWN Toolbar might create following registry keys (and inject subkeys and values):

• HKEY_CLASSES_ROOT\AppID\QD2.DLL


• HKEY_CLASSES_ROOT\AppID\{F72CBC6D-6CBE-4570-AD54-4A51BFF58036}


• HKEY_CLASSES_ROOT\CLSID\{01FC5803-8644-45D7-877B-5A3924D8ECC4}


• HKEY_CLASSES_ROOT\CLSID\{3D0BDAB3-12F4-471C-8966-E35A2C6C7DE7}


• HKEY_CLASSES_ROOT\CLSID\{3D156636-3F7E-46C9-9AC1-5E4D8202AA23}


• HKEY_CLASSES_ROOT\CLSID\{7EB15626-CB8E-4174-8A72-C055B12B4310}


• HKEY_CLASSES_ROOT\FWN.FWNToolbar


• HKEY_CLASSES_ROOT\FWN.ISubclass


• HKEY_CLASSES_ROOT\ImgConv.clsImgConv


• HKEY_CLASSES_ROOT\Interface\{10D4ADB7-0842-42EB-8C97-D94233D2DD5A}


• HKEY_CLASSES_ROOT\Interface\{3B879007-84A4-476A-82B0-819B3F1F9A6E}


• HKEY_CLASSES_ROOT\Interface\{3DBBF8B7-A97C-4A92-8D27-D29222E6B60F}


• HKEY_CLASSES_ROOT\Interface\{68831D00-169E-4FEB-89B9-E099DF439321}


• HKEY_CLASSES_ROOT\Interface\{EA9D65A3-8FA2-433E-9CAF-68C6E43555AF}


• HKEY_CLASSES_ROOT\QD2.QD2Loader


• HKEY_CLASSES_ROOT\QD2.QD2Loader.1


• HKEY_CLASSES_ROOT\TypeLib\{0E9DB3AB-D16A-47CF-B59A-F74D649BEA5B}


• HKEY_CLASSES_ROOT\TypeLib\{15E7D23B-736E-46FA-BFFD-CBEC4126BEFD}


• HKEY_CLASSES_ROOT\TypeLib\{F72CBC6D-6CBE-4570-AD54-4A51BFF58036}


• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{11010101-1001-1111-1000-110263637096}


• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7EB15626-CB8E-4174-8A72-C055B12B4310}


• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\*/installer.dll*


• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FWN Toolbar


• HKEY_USERS\*\Software\E-Ventures N.V.


• HKEY_CLASSES_ROOT\CLSID\{BCAA3A19-1051-4C2F-88B9-4D05985AA2C6}

FWN Toolbar might create following registry values:

• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{3D0BDAB3-12F4-471C-8966-E35A2C6C7DE7}


• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|*\installer.dll


• HKEY_USERS\*\Software\Microsoft\Internet Explorer\Main|*|http://www.findwhatevernow*


• HKEY_USERS\*\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3D0BDAB3-12F4-471C-8966-E35A2C6C7DE7}


• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{26398112-F068-4273-964B-A1D8BCF3E576}


• HKEY_USERS\*\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{26398112-F068-4273-964B-A1D8BCF3E576}

FWN Toolbar might create registry values with following data:

• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant|http://www.findwhatevernow*


• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|(Default)|FWN*

FWN Toolbar might insert following entries in the HOSTS file:

n/a

Click here to scan your computer for FWN Toolbar free of charge