Adware.WinFetch

Adware.WinFetch is a Browser Helper Object. Its name and registry path vary.

When Adware.WinFetch is executed, it performs the following actions:

1. Adds the value:
   
   "[ORIGINAL FILE NAME]" = "[PATH TO FILE NAME]"
   
   to the registry subkey:
   
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   
   so that the adware starts with Windows.
   
   
2. Creates the following registry subkeys and adds a number of values under these subkeys:
   
   HKEY_CLASSES_ROOT\CLSID\{E8EAEB34-F7B5-4C55-87FF-720FAF53D841}
   HKEY_CLASSES_ROOT\Interface\{E318D698-27B3-44D5-8998-C35EAFB9C034}
   HKEY_CLASSES_ROOT\TypeLib\{ECB25A48-E6E0-49AF-99AF-07C763E31389}
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8EAEB34-F7B5-4C55-87FF-720FAF53D841}
   HKEY_CLASSES_ROOT\SearchHelp
   HKEY_CLASSES_ROOT\AppID\SearchHelp.Dll
   
   
3. Adds files to the directories:
   
   %ProgramFiles%\midaddle\
   %UserProfile%\Local Settings\Temp\
   
   Notes:
   • %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.
   • %UserProfile% is a variable that refers to the current user's profile folder. By default, this is C:\Documents and Settings\[Current User] (Windows NT/2000/XP).
     
     
4. May change the Windows Explorer Home Page and Search Page, based on which adware is downloaded.

Summary