Detected by UnHackMe:

BSEARCHSVC.EXE
Default location: %Program Files%\barosearch\bsearchsvc.exe

Removal Results: Success
Number of reboot: 1

BSEARCHSVC.EXE is known as:

Adware.Kraddare

BSEARCHSVC.EXE hash:

• MD5: b10eae0f1196bbaa49cd01040ac077e8

Registry:

• HKLM\System\CurrentControlSet\Services\BCSvc\ImagePath: “%Program Files%\barosearch\bsearchsvc.exe”
• HKLM\System\CurrentControlSet\Services\BCSvc\DisplayName: “BSearch Service”
• HKLM\System\CurrentControlSet\Services\BCSvc\Description: “The Service in Windows.”
• HKCU\Software\Microsoft\Windows\CurrentVersion\Run\BSearch: “%Program Files%\barosearch\bsearch.exe”

Folders:

• %Program Files%\barosearch

Files:

• %Favorites%\CJmall.url
• %Favorites%\GS SHOP.url
• %Favorites%\Hmall.url
• %Local Appdata%\barosearchinstall.exe
• %Program Files%\barosearch\11st.ico
• %Program Files%\barosearch\auction.ico
• %Program Files%\barosearch\bsearch.exe
• %Program Files%\barosearch\bsearchsvc.exe
• %Program Files%\barosearch\cjmall.ico
• %Program Files%\barosearch\cybermall.ico
• %Program Files%\barosearch\dnshop.ico
• %Program Files%\barosearch\emart.ico
• %Program Files%\barosearch\faple.ico
• %Program Files%\barosearch\gmarket.ico
• %Program Files%\barosearch\gseshop.ico
• %Program Files%\barosearch\halfclub.ico
• %Program Files%\barosearch\hmall.ico
• %Program Files%\barosearch\istore1.ico
• %Program Files%\barosearch\lotteimall.ico
• %Program Files%\barosearch\mutnam01.ico
• %Program Files%\barosearch\nseshop.ico
• %Program Files%\barosearch\player.ico
• %Program Files%\barosearch\samsungmall.ico