Home Malware Programs Spyware SearchTerms


Posted: March 15, 2012

Threat Metric

Threat Level: 2/10
Infected PCs: 6
First Seen: March 15, 2012
OS(es) Affected: Windows

SearchTerms is a spyware application that may be used to monitor internet activity and search terms. Usually SearchTerms may record information sent through popular search engines over the internet. This data may be gathered by a remote attacker. SearchTerms is loaded at startup of Windows where it may run when a certain web browser is executed. It is important to perform a thorough malware scan with a trusted antimalware application to remove SearchTerms and any related files.

Technical Details

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HTMLEdit.BhoHKEY_LOCAL_MACHINE\SOFTWARE\Classes\HTMLEdit.Bho.1HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFDAC3FE-F44A-4030-8589-1E23BC6573D5}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFDAC3FE-F44A-4030-8589-1E23BC6573D5}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EFDAC3FE-F44A-4030-8589-1E23BC6573D5}