S
Samuel
How do you get to spynet and i keep getting these three
spywares at these locations
Detected Threats
SearchExe Hijacker Adware more information...
Details: SearchExe Hijacker changes the Internet Explorer
SearchUrl to search-exe.com and displays advertisements
on your computer using pop-ups.
Status: Removed
Severe threat - Severe threats typically are remotely
exploitable vulnerabilities, which can lead to system
compromise. Successful exploitation does not normally
require any interaction and exploits are in the wild.
There exists a high possibility of potential system
damage or security flaw. Attacker has complete control
over your computer or install new software on your
machine.
Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\SearchHelp.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\SearchHelp.DLL
AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchHelp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchHelp\CLSID
{E8EAEB34-F7B5-4C55-87FF-720FAF53D841}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchHelp\CurVer
SearchHelp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchHelp
CSearchHelpIEExtension Object
MidAddle Adware more information...
Details: MidAddle is a Trojan that installs and runs
adware.
Status: Removed
High threat - High risk threats typically are remotely
exploitable vulnerabilities, which can lead to system
compromise. Successful exploitation does not normally
require any interaction. May open up communication ports,
use polymorphic tactics, stealth installations, and/or
anti-spy counter measures. May us a security flaw in the
operating system to gain access to your computer.
Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersi
on\Explorer\Browser Helper Objects\{E8EAEB34-F7B5-4C55-
87FF-720FAF53D841} Search Help
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841}\InprocServer32 C:\Documents and
Settings\HOME.OSHIN\Local Settings\Temp\wPDP.dll
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841}\InprocServer32 ThreadingModel apartment
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841}\ProgID SearchHelp
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841}\TypeLib {ECB25A48-E6E0-49AF-99AF-
07C763E31389}
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841}\VersionIndependentProgID SearchHelp
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841} CSearchHelpIEExtension Object
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841} AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersi
on\Explorer\Browser Helper Objects\{E8EAEB34-F7B5-4C55-
87FF-720FAF53D841}
IEPlugin Spyware more information...
Details: IEPlugin is an Internet Explorer browser helper
object that monitors URLs, content entered into forms,
and local filenames and displays pops-up advertisements.
Status: Removed
High threat - High risk threats typically are remotely
exploitable vulnerabilities, which can lead to system
compromise. Successful exploitation does not normally
require any interaction. May open up communication ports,
use polymorphic tactics, stealth installations, and/or
anti-spy counter measures. May us a security flaw in the
operating system to gain access to your computer.
Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841}\InprocServer32 C:\Documents and
Settings\HOME.OSHIN\Local Settings\Temp\wPDP.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841}\InprocServer32 ThreadingModel
apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841}\ProgID SearchHelp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841}\TypeLib {ECB25A48-E6E0-49AF-99AF-
07C763E31389}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841}\VersionIndependentProgID
SearchHelp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841} CSearchHelpIEExtension Object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841} AppID
spywares at these locations
Detected Threats
SearchExe Hijacker Adware more information...
Details: SearchExe Hijacker changes the Internet Explorer
SearchUrl to search-exe.com and displays advertisements
on your computer using pop-ups.
Status: Removed
Severe threat - Severe threats typically are remotely
exploitable vulnerabilities, which can lead to system
compromise. Successful exploitation does not normally
require any interaction and exploits are in the wild.
There exists a high possibility of potential system
damage or security flaw. Attacker has complete control
over your computer or install new software on your
machine.
Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\SearchHelp.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\SearchHelp.DLL
AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchHelp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchHelp\CLSID
{E8EAEB34-F7B5-4C55-87FF-720FAF53D841}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchHelp\CurVer
SearchHelp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchHelp
CSearchHelpIEExtension Object
MidAddle Adware more information...
Details: MidAddle is a Trojan that installs and runs
adware.
Status: Removed
High threat - High risk threats typically are remotely
exploitable vulnerabilities, which can lead to system
compromise. Successful exploitation does not normally
require any interaction. May open up communication ports,
use polymorphic tactics, stealth installations, and/or
anti-spy counter measures. May us a security flaw in the
operating system to gain access to your computer.
Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersi
on\Explorer\Browser Helper Objects\{E8EAEB34-F7B5-4C55-
87FF-720FAF53D841} Search Help
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841}\InprocServer32 C:\Documents and
Settings\HOME.OSHIN\Local Settings\Temp\wPDP.dll
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841}\InprocServer32 ThreadingModel apartment
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841}\ProgID SearchHelp
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841}\TypeLib {ECB25A48-E6E0-49AF-99AF-
07C763E31389}
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841}\VersionIndependentProgID SearchHelp
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841} CSearchHelpIEExtension Object
HKEY_CLASSES_ROOT\clsid\{E8EAEB34-F7B5-4C55-87FF-
720FAF53D841} AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersi
on\Explorer\Browser Helper Objects\{E8EAEB34-F7B5-4C55-
87FF-720FAF53D841}
IEPlugin Spyware more information...
Details: IEPlugin is an Internet Explorer browser helper
object that monitors URLs, content entered into forms,
and local filenames and displays pops-up advertisements.
Status: Removed
High threat - High risk threats typically are remotely
exploitable vulnerabilities, which can lead to system
compromise. Successful exploitation does not normally
require any interaction. May open up communication ports,
use polymorphic tactics, stealth installations, and/or
anti-spy counter measures. May us a security flaw in the
operating system to gain access to your computer.
Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841}\InprocServer32 C:\Documents and
Settings\HOME.OSHIN\Local Settings\Temp\wPDP.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841}\InprocServer32 ThreadingModel
apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841}\ProgID SearchHelp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841}\TypeLib {ECB25A48-E6E0-49AF-99AF-
07C763E31389}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841}\VersionIndependentProgID
SearchHelp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841} CSearchHelpIEExtension Object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8EAEB34-F7B5-
4C55-87FF-720FAF53D841} AppID