iSearch.DesktopSearch
iSearch.DesktopSearch is a browser plug-in that adds a pop-out search box to the Windows system tray and spawns "in-page" browser pop-ups when the user visits search sites. iSearch.DesktopSearch also may be bundled with "freeware" such as wallpapers and through force installs, without the user's consent, in security exploits from CoolWebSearch related sites.
File System Modifications
- The following files were created in the system:
# File Name 1 analexploits.url 2 bigdickschoolfor2.95.url 3 delprot.ini 4 delprot.log 5 delprot.sys 6 desktop.exe 7 edmond.exe 8 evidenceeraser.lnk 9 ffisearch.exe 10 idinst.exe 11 isearch.xpi 12 mfiltis.dll 13 msdbhk.dll 14 popupblockerstopspopups.lnk 15 spywareavenger.lnk 16 sysupd.dll 17 virushunter.url 18 virushuntersecurity.lnk 19 yourplatinumvisa.lnk
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browserhelperHKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\mfiltisHKEY_LOCAL_MACHINE\system\currentcontrolset\services\delprotHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\desktopsearchHKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\ffis - The following CLSID's were detected:
HKEY..\..\{CLSID Path}950238fb-c706-4791-8674-4d429f85897e5b4ab8e2-6dc5-477a-b637-bf3c1a2e5993
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.