SearchSettings.exe
Widgi Toolbar by Spigot (Signed)
Warning 21 antivirus scanners has detected malware in various versions of SearchSettings.exe.
Overview
searchsettings.exe has 18 known versions, the most recent one is 9, 4, 0, 2. searchsettings.exe is run as a standard windows process with the logged in user's account privileges. During installation, a run registry key for all users is added that will cause the program to run each time any user logs on to Windows. The average file size is about 1.21 MB. It is an authenticode code-signed executable issued to Spigot by the certification authority VeriSign. The programs YouTube Downloader Toolbar v4.9, IObit Apps Toolbar v7.2 and IObit Apps Toolbar v7.6 have been observed as installing specific variations of searchsettings.exe. During the process's lifecycle, the typical CPU resource utilization is less than 0.01%, the average private memory consumption is about 3.75 MB with the maximum memory reaching around 3.9 MB. Addionally, typically read and write I/O disk operations is about 41.49 KB per minute for reads and 1.6 KB per minute for writes.
What is searchsettings.exe?
The Widgi Search Settings Toolbar is a toolbar built on the spigot platform. The toolbar is usually installed together with other software. Typically, PC owner is not careful enough and leave some checkboxes unchecked. That is how one of such Widgi toolbars land on their browser. The Widgi Toolbar displays advertisements, or change your browsers default search provider.
About searchsettings.exe (from Spigot)
“The Spigot Search Settings is an application which is part of the Spigot Toolbar. Spigot searchsettings.exe's purpose is to check periodically your default search engine and restore it to Yahoo in cas”
 Details
|
| File name: | searchsettings.exe |
| Publisher: | Spigot, Inc. |
| Product name: | Widgi Toolbar |
| Description: | Search Settings |
| Typical file path: | C:\Program Files\common files\spigot\search settings\searchsettings.exe |
| Certificate |
| Issued to: | Spigot |
| Authority (CA): | VeriSign |
| Expiration date: | Saturday, March 28, 2015 |
Programs installed in
(Note, the programs listed below are for all versions of Widgi Toolbar.)
Installs a Spigot toolbar (YouTube Downloader Toolbar) in your Web browser that collects and stores information about your web browsing habits and sends this information to Spigot so they can suggest ...
Installs a Spigot toolbar in your Web browser that collects and stores information about your web browsing habits and sends this information to Spigot so they can suggest services or provide ads via t...
This toolbar is typiclaly bundled with the installation of the free YouTubeDownloader and installs a Spigot toolbar (YTD Toolbar) in your Web browser that collects and stores information about your w...
This toolbar is typiclaly bundled with the installation of the free version of Advanced System Care. IObit Toolbar installs a Spigot toolbar in your Web browser that collects and stores information ab...
Behaviors
(Note, the behaviors below are for all versions of searchsettings.exe, select a unique version for details.)
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'SearchSettings' → "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
Malware detections
Based on 40+ industry antivirus scanners, 21 of them detected the following malware.
| Antivirus engine | Engine version | Detection | File version |
| Comodo Internet Security |
14045 |
UnclassifiedMalware |
4, 9, 0, 5 |
| Emsisoft Anti-Malware |
3.0.0.575 |
Riskware.Win32.Toolbar.Widgi.AMN (A) |
6, 3, 0, 3 |
| Emsisoft Anti-Malware |
3.0.0.567 |
Adware.Win32.Toolbar.Dealio.AMN (A) |
4, 9, 0, 5 |
| Emsisoft Anti-Malware |
3.0.0.569 |
Riskware.Win32.Toolbar.Widgi.AMN (A) |
6, 6, 0, 4 |
| Emsisoft Anti-Malware |
None |
Riskware.Win32.Toolbar.Widgi.AMN (A) |
6, 7, 0, 4 |
| eSafe |
7.0.17.0 |
Win32.Trojan |
4, 9, 0, 5 |
| ESET NOD32 |
7.7905 |
a variant of Win32/Toolbar.Widgi |
6, 2, 0, 2 |
| ESET NOD32 |
7.8200 |
a variant of Win32/Toolbar.Widgi |
6, 3, 0, 3 |
| ESET NOD32 |
7.7855 |
a variant of Win32/Toolbar.Widgi |
6, 5, 0, 3 |
| ESET NOD32 |
7.7647 |
a variant of Win32/Toolbar.Widgi |
4, 9, 0, 5 |
| ESET NOD32 |
7.8086 |
a variant of Win32/Toolbar.Widgi |
6, 6, 0, 4 |
| ESET NOD32 |
7.8272 |
a variant of Win32/Toolbar.Widgi |
6, 9, 0, 1 |
| ESET NOD32 |
7.8004 |
a variant of Win32/Toolbar.Widgi |
6, 7, 0, 4 |
| ESET NOD32 |
7.9090 |
a variant of Win32/Toolbar.Widgi |
7, 0, 0, 1 |
| ESET NOD32 |
7.8843 |
a variant of Win32/Toolbar.Widgi |
7, 1, 0, 3 |
| ESET NOD32 |
7.8693 |
a variant of Win32/Toolbar.Widgi |
7, 2, 0, 1 |
| ESET NOD32 |
7.8545 |
a variant of Win32/Toolbar.Widgi |
7, 2, 0, 1 |
| ESET NOD32 |
7.8861 |
a variant of Win32/Toolbar.Widgi |
7, 6, 0, 2 |
| Kingsoft |
2013.4.9.267 |
Win32.Troj.Generic.a.(kcloud) |
7, 6, 0, 2 |
| Norman |
6.08.06 |
W32/Toolbar.A |
4, 9, 0, 5 |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.RCEH1GH |
4, 9, 0, 5 |
All file variations of searchsettings.exe
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
22.03% |
|
| Windows 7 Ultimate N |
22.03% |
|
| Windows 7 Ultimate |
18.64% |
|
| Microsoft Windows XP |
15.25% |
|
| Windows 8 Pro |
5.08% |
|
| Windows 7 Professional |
5.08% |
|
| Windows 8 |
3.39% |
|
| Windows Vista Ultimate |
3.39% |
|
| Windows Vista Home Premium |
1.69% |
|
| Windows 8 Pro with Media Center |
1.69% |
|
| Windows 8 Single Language |
1.69% |
|
Distribution by country
United States installs about 30.00% of Widgi Toolbar.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Acer |
25.00% |
|
| Toshiba |
22.22% |
|
| Hewlett-Packard |
19.44% |
|
| Dell |
11.11% |
|
| GIGABYTE |
8.33% |
|
| Compaq |
5.56% |
|
| ASUS |
5.56% |
|
| American Megatrends |
2.78% |
|
