GloboSearch is a spyware program, but only in the sense that it has Trojan Downloader capabilities.  It downloads updates for itself, and potentially the AntiSPY rogue security tool infection, if you click any button on the false alarm window.

GloboSearch comes in a bundle of programs, typically with the HotOffers Browser Hijacker.  GloboSearch itself has some Browser Hijacking capabilities; specifically, it resets your home page.  It may also be installed from certain HotOffers affiliate pages.

GloboSearch is an aggressive pop-up generator.  It downloads ads from several servers, such as xxx.toolbar.com, www.hardclito.com, www.pornnimbus.com and possibly others.  It has been known to attempt to download the ISTBar and QLowZones-2.gen adware programs.  It delivers multiple pop-ups, much to the expense of your computer’s resources.

This program is highly dangerous.  If you catch it, you should remove it immediately.  Don’t rely on manual removal instructions.  They are incredibly risky, complicated, and possibly inaccurate.  Instead, use a trusted antispyware program such as SpyZooka.

Also Known As:
ADW_GLOBO.A, ADW_GLOBSEARCH.B, Adware-Globosearch (McAfee),  CWS.Conyc

Associated Files:
sys3834.dll
systr.dll
systemroot+system32popup_bl.dll
systemroot+system32systr.dll
cmdropper.exe
dropper.exe
popup_bl.dll
HKEY_CLASSES_ROOTclsid {28f65fcb-d130-11d8-ba48-8be0c49af370}
HKEY_CLASSES_ROOTclsid {28f65fcb-d130-11d8-ba48-8be0c49af370} inprocserver32
HKEY_CLASSES_ROOTclsid {28f65fcb-d130-11d8-ba48-8be0c49af370} inprocserver32 threadingmodel
HKEY_CLASSES_ROOTclsid {28f65fcb-d130-11d8-ba48-8be0c49af370} progid
HKEY_CLASSES_ROOTclsid {28f65fcb-d130-11d8-ba48-8be0c49af370} typelib
HKEY_CLASSES_ROOTclsid {28f65fcb-d130-11d8-ba48-8be0c49af370} versionindependentprogid
HKEY_CLASSES_ROOTclsid {cf70455e-edc1-4067-b824-cd0314bc3b2e}
HKEY_CLASSES_ROOTclsid {cf70455e-edc1-4067-b824-cd0314bc3b2e} inprocserver32
HKEY_CLASSES_ROOTclsid {cf70455e-edc1-4067-b824-cd0314bc3b2e} inprocserver32 threadingmodel
HKEY_CLASSES_ROOTclsid {cf70455e-edc1-4067-b824-cd0314bc3b2e} progid
HKEY_CLASSES_ROOTclsid {cf70455e-edc1-4067-b824-cd0314bc3b2e} typelib
HKEY_CLASSES_ROOTclsid {cf70455e-edc1-4067-b824-cd0314bc3b2e} versionindependentprogid
HKEY_CLASSES_ROOTinterface {05aae5e5-47a1-4f65-8c32-8913ead54dbf}
HKEY_CLASSES_ROOTinterface {05aae5e5-47a1-4f65-8c32-8913ead54dbf} proxystubclsid
HKEY_CLASSES_ROOTinterface {05aae5e5-47a1-4f65-8c32-8913ead54dbf} proxystubclsid32
HKEY_CLASSES_ROOTinterface {05aae5e5-47a1-4f65-8c32-8913ead54dbf} typelib
HKEY_CLASSES_ROOTinterface {05aae5e5-47a1-4f65-8c32-8913ead54dbf} typelib version
HKEY_CLASSES_ROOTinterface {28f65fca-d130-11d8-ba48-8be0c49af370}
HKEY_CLASSES_ROOTinterface {28f65fca-d130-11d8-ba48-8be0c49af370} proxystubclsid
HKEY_CLASSES_ROOTinterface {28f65fca-d130-11d8-ba48-8be0c49af370} proxystubclsid32
HKEY_CLASSES_ROOTinterface {28f65fca-d130-11d8-ba48-8be0c49af370} typelib
HKEY_CLASSES_ROOTinterface {28f65fca-d130-11d8-ba48-8be0c49af370} typelib version
HKEY_CLASSES_ROOTinterface {a77bd0a1-a8fa-48c0-8fff-5a4ddcad4581}
HKEY_CLASSES_ROOTinterface {a77bd0a1-a8fa-48c0-8fff-5a4ddcad4581} proxystubclsid
HKEY_CLASSES_ROOTinterface {a77bd0a1-a8fa-48c0-8fff-5a4ddcad4581} proxystubclsid32
HKEY_CLASSES_ROOTinterface {a77bd0a1-a8fa-48c0-8fff-5a4ddcad4581} typelib
HKEY_CLASSES_ROOTinterface {a77bd0a1-a8fa-48c0-8fff-5a4ddcad4581} typelib version
HKEY_CLASSES_ROOTpopup_bl.bl
HKEY_CLASSES_ROOTpopup_bl.bl.1
HKEY_CLASSES_ROOTpopup_bl.bl.1clsid
HKEY_CLASSES_ROOTpopup_bl.blclsid
HKEY_CLASSES_ROOTpopup_bl.blcurver
HKEY_CLASSES_ROOTpopup_bl.onclick
HKEY_CLASSES_ROOTpopup_bl.onclick.1
HKEY_CLASSES_ROOTpopup_bl.onclick.1clsid
HKEY_CLASSES_ROOTpopup_bl.onclickclsid
HKEY_CLASSES_ROOTpopup_bl.onclickcurver
HKEY_CLASSES_ROOTtypelib {28f65fbe-d130-11d8-ba48-8be0c49af370} 1.0
HKEY_CLASSES_ROOTtypelib {28f65fbe-d130-11d8-ba48-8be0c49af370} 1.0win32
HKEY_CLASSES_ROOTtypelib {28f65fbe-d130-11d8-ba48-8be0c49af370} 1.0flags
HKEY_CLASSES_ROOTtypelib {28f65fbe-d130-11d8-ba48-8be0c49af370} 1.0helpdir
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorerbrowser helper objects {28f65fcb-d130-11d8-ba48-8be0c49af370}