Yessearches.com
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 1,499 |
Threat Level: | 50 % (Medium) |
Infected Computers: | 98,619 |
First Seen: | September 25, 2015 |
Last Seen: | January 4, 2024 |
OS(es) Affected: | Windows |
The Yessearches.com domain is associated with a browser hijacker that may be offered to users in freeware installers as a search enhancer named YesSearch by Hongkong zoekyu Technology Limited. The YesSearch browser hijacker linked to www.yessearches.com may use the Shortcutboost.exe file and be detected under the names of PUP.Optional.YesSearch, Win32/Injector.CMNX, HEUR/QVM03.0.Malware.Gen and HW32.Packed.385E. Also, the YesSearch browser hijacker may create a folder named yesseachesbnd in your ProgramFiles directory to store its components. The YesSearch browser hijacker may make an entry in your 'Programs and Features' panel that is named yessearches Uninstall and attach a browser extension and add-on to your installed Web browsers. The YesSearches.com website may resemble the design of Google closely, and redirect users to search results on Google. However, the Yessearches.com domain is a redirect-gateway and can not provide search results on its own.
The YesSearch browser hijacker may redirect users to harmful domains and invite them to install riskware such as Mp3Fabulous and Oxy Torrent that may crash your Internet browser and slow down your computer. The YesSearch browser hijacker may use JavaScript to show pop-up and pop-under windows that may bypass ad blockers. Security analysts warn users that the YesSearch browser hijacker may display unsafe advertisements and sell information about you like IP address, browser type, MAC address, bookmarks collection and software configuration to advertisers. Computer users can resolve the problems caused by the Yessearches.com domain by installing a credible anti-malware suite on their computers.
Table of Contents
SpyHunter Detects & Remove Yessearches.com
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | awpNdftes.exe | b499e0483fd9bc5f36e4676a5bbd74f1 | 699 |
2. | trzD6FE.tmp | b8c052284a44628f82352b225d3b1fa5 | 647 |
3. | awpndfs.xhtm5 | 52d702a08821924ca364199cdfc7b0ad | 634 |
4. | CepetyDebugerPlotutbnotain.exe | 8a0bbfbfa377e516dee885baf8720106 | 622 |
5. | ArhCnttask.exe | 2f40045b1d8ef55d74c3f19de276357c | 535 |
6. | AtibuckManagers.xhtm5 | 55e99451f30d89a05d30d664544398dd | 468 |
7. | DrfghphcogeMdltes.exe | 177cff992977befd34a69c9dd24c19be | 439 |
8. | ddophprokalymdls.xhtm5 | b5ac8c504948578804db470c630789d4 | 408 |
9. | DrfghphcogeMdls.xhtm5 | 0f65c7ce27bf9568962b2cd6da0878fa | 406 |
10. | ukerydrpasControlss.xhtm5 | 76ac438d932e6f591ae8ddd1de955ddf | 403 |
11. | Phifutainmoduleraqegh.exe | cc0d1a8be0cbddd0c52f251825ac9e9e | 362 |
12. | ptwdebugertask.exe | 8c81c4de47d8b247af795e928aaa2fba | 340 |
13. | LkncchJrh.exe | 7623065ddadbf704895c136aa199fb57 | 321 |
14. | LkncchMlt.exe | 683c2f3f9d816ab96cfe9432d681cb27 | 279 |
15. | ArkconfigurationTsk.exe | 6572368270cf1c7f9a299286d4fc4606 | 275 |
16. | plohisAdapterGrq.exe | 5544fb9b0a83c51dd2d61ec85c683ff9 | 272 |
17. | quztionnodifierrrs.exe | 09c66bc226b68d6ee350b1c3761b5e75 | 224 |
18. | SmgBldts.exe | 2e26b8c09f4d7189233c5f52a04ce0f1 | 216 |
19. | odtclienttsk.exe | 1425952fb3cee5185e308e1f72a39437 | 94 |
20. | GawosnuwoseReportsTask.exe | eca362ecf62db570952f95cde7b32e9d | 89 |
21. | ArhCnttask.exe | cfc99ce7eb3a82f2e4b30a347a0c7fa4 | 71 |
22. | PlzcmmTask.exe | de30544bc25adc457598aeaa5840743f | 33 |
23. | NwtcntTsk.exe | ae4f027e083489ad69a6ef00a754886a | 16 |
24. | NwtcntTsk.exe | 13c911d3bf89615c816206061721b9e8 | 10 |
25. | awpNdfs.xhtm5 | b1e99b994fffb18803973a1e110cb127 | 3 |
26. | plmDbgtask.exe | 25bd0397e2a3802d6d276a3625db11a2 | 1 |
27. | ddophprokalymdls.xhtm5 | 8e1ccdf75bf359e82a988a1d5034cd1b | 1 |
28. | CepetyDebugerPlotutbnotain.exe | e7eb23491228559c71f10afaadc843d3 | 1 |
Registry Details
Directories
Yessearches.com may create the following directory or directories:
%APPDATA%\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F |
%PROGRAMFILES%\ACGPro |
%PROGRAMFILES%\Anaqatoch |
%PROGRAMFILES%\Anidentjeniy |
%PROGRAMFILES%\Arahick |
%PROGRAMFILES%\Arerack |
%PROGRAMFILES%\Ateredomkefisp |
%PROGRAMFILES%\Atibuck |
%PROGRAMFILES%\Atuqoiedtharech |
%PROGRAMFILES%\Atusogh |
%PROGRAMFILES%\Atuzackplfuly |
%PROGRAMFILES%\Awaphhogecult |
%PROGRAMFILES%\Begoch |
%PROGRAMFILES%\Cahodom |
%PROGRAMFILES%\Cegitdzege |
%PROGRAMFILES%\Celywosh |
%PROGRAMFILES%\Chekuph |
%PROGRAMFILES%\Chulot |
%PROGRAMFILES%\Cideyguvay |
%PROGRAMFILES%\Ckigtsakile |
%PROGRAMFILES%\Claqogeheqther |
%PROGRAMFILES%\Clcegh |
%PROGRAMFILES%\Cneleprupoch |
%PROGRAMFILES%\Coewother |
%PROGRAMFILES%\Coollevalaly |
%PROGRAMFILES%\Difeward |
%PROGRAMFILES%\Doroghtshejas |
%PROGRAMFILES%\Drfghphcoge |
%PROGRAMFILES%\Duvoshlecition |
%PROGRAMFILES%\Ghaneckugick |
%PROGRAMFILES%\Ghmese |
%PROGRAMFILES%\Ghulotion |
%PROGRAMFILES%\Gnirygnuied |
%PROGRAMFILES%\Gredisfopudom |
%PROGRAMFILES%\GtkFree |
%PROGRAMFILES%\Jatosydinodom |
%PROGRAMFILES%\Jejochclipasp |
%PROGRAMFILES%\Nekatynufoch |
%PROGRAMFILES%\Norseanuhition |
%PROGRAMFILES%\Odtheratezotain |
%PROGRAMFILES%\Pacicult |
%PROGRAMFILES%\Phakichreenash |
%PROGRAMFILES%\Phifackdujk |
%PROGRAMFILES%\Plewught |
%PROGRAMFILES%\Polether |
%PROGRAMFILES%\Prakph |
%PROGRAMFILES%\Praosh |
%PROGRAMFILES%\Prooch |
%PROGRAMFILES%\Pwaied |
%PROGRAMFILES%\Qifiryplohele |
%PROGRAMFILES%\Qiqerylugase |
%PROGRAMFILES%\Reermadom |
%PROGRAMFILES%\Reofesy |
%PROGRAMFILES%\Reujosestogle |
%PROGRAMFILES%\Rozenaock |
%PROGRAMFILES%\Ruotygutght |
%PROGRAMFILES%\SearchesToYesbnd |
%PROGRAMFILES%\SearchesToYesbnd_ |
%PROGRAMFILES%\Semughdabuck |
%PROGRAMFILES%\Shakoph |
%PROGRAMFILES%\Shamotawoph |
%PROGRAMFILES%\Shefale |
%PROGRAMFILES%\Skusenzecult |
%PROGRAMFILES%\Sosition |
%PROGRAMFILES%\SpeedSearchesbnd |
%PROGRAMFILES%\SpeedSearchesbnd_ |
%PROGRAMFILES%\Stbied |
%PROGRAMFILES%\Stuheybunaward |
%PROGRAMFILES%\Sudient |
%PROGRAMFILES%\Tamisthivicult |
%PROGRAMFILES%\Thacationqkk |
%PROGRAMFILES%\Thicasrifty |
%PROGRAMFILES%\Thofuckcukaent |
%PROGRAMFILES%\Thquse |
%PROGRAMFILES%\Ukerydrpas |
%PROGRAMFILES%\Vimotyanisose |
%PROGRAMFILES%\Vorayvkapy |
%PROGRAMFILES%\WinSvces |
%PROGRAMFILES%\WinTsks |
%PROGRAMFILES%\Zepashchcacult |
%PROGRAMFILES%\Ziwecultkorus |
%PROGRAMFILES%\bevconesy |
%PROGRAMFILES%\yesbnd |
%PROGRAMFILES%\yesforsearchesbnd |
%PROGRAMFILES%\yessearches-bnd |
%PROGRAMFILES%\yessearches_bnd |
%PROGRAMFILES%\yessearches_bnd_ |
%PROGRAMFILES%\yessearchesbnd |
%PROGRAMFILES(x86)%\ACGPro |
%PROGRAMFILES(x86)%\Anaqatoch |
%PROGRAMFILES(x86)%\Anidentjeniy |
%PROGRAMFILES(x86)%\Arahick |
%PROGRAMFILES(x86)%\Arerack |
%PROGRAMFILES(x86)%\Ateredomkefisp |
%PROGRAMFILES(x86)%\Atibuck |
%PROGRAMFILES(x86)%\Atuqoiedtharech |
%PROGRAMFILES(x86)%\Atusogh |
%PROGRAMFILES(x86)%\Atuzackplfuly |
%PROGRAMFILES(x86)%\Awaphhogecult |
%PROGRAMFILES(x86)%\Begoch |
%PROGRAMFILES(x86)%\Bgdomckededom |
%PROGRAMFILES(x86)%\Cahodom |
%PROGRAMFILES(x86)%\Cegitdzege |
%PROGRAMFILES(x86)%\Celywosh |
%PROGRAMFILES(x86)%\Chekuph |
%PROGRAMFILES(x86)%\Chewashqigusp |
%PROGRAMFILES(x86)%\Chulot |
%PROGRAMFILES(x86)%\Cideyguvay |
%PROGRAMFILES(x86)%\Ckigtsakile |
%PROGRAMFILES(x86)%\Ckiusydrovetion |
%PROGRAMFILES(x86)%\Claqogeheqther |
%PROGRAMFILES(x86)%\Clcegh |
%PROGRAMFILES(x86)%\Clocksnutain |
%PROGRAMFILES(x86)%\Cneleprupoch |
%PROGRAMFILES(x86)%\Coewother |
%PROGRAMFILES(x86)%\Coollevalaly |
%PROGRAMFILES(x86)%\Ddophprokaly |
%PROGRAMFILES(x86)%\Difeward |
%PROGRAMFILES(x86)%\Doroghtshejas |
%PROGRAMFILES(x86)%\Drfghphcoge |
%PROGRAMFILES(x86)%\Duvoshlecition |
%PROGRAMFILES(x86)%\Ghaneckugick |
%PROGRAMFILES(x86)%\Ghmese |
%PROGRAMFILES(x86)%\Ghulotion |
%PROGRAMFILES(x86)%\Gnirygnuied |
%PROGRAMFILES(x86)%\GtkFree |
%PROGRAMFILES(x86)%\Jatosydinodom |
%PROGRAMFILES(x86)%\Jejochclipasp |
%PROGRAMFILES(x86)%\Kijogh |
%PROGRAMFILES(x86)%\Nekatynufoch |
%PROGRAMFILES(x86)%\Norseanuhition |
%PROGRAMFILES(x86)%\Odtheratezotain |
%PROGRAMFILES(x86)%\Pacicult |
%PROGRAMFILES(x86)%\Phakichreenash |
%PROGRAMFILES(x86)%\Phifackdujk |
%PROGRAMFILES(x86)%\Plewught |
%PROGRAMFILES(x86)%\Plimik |
%PROGRAMFILES(x86)%\Polether |
%PROGRAMFILES(x86)%\Prakph |
%PROGRAMFILES(x86)%\Praosh |
%PROGRAMFILES(x86)%\Prooch |
%PROGRAMFILES(x86)%\Pwaied |
%PROGRAMFILES(x86)%\Qaheck |
%PROGRAMFILES(x86)%\Qifiryplohele |
%PROGRAMFILES(x86)%\Qiqerylugase |
%PROGRAMFILES(x86)%\Reermadom |
%PROGRAMFILES(x86)%\Reofesy |
%PROGRAMFILES(x86)%\Reujosestogle |
%PROGRAMFILES(x86)%\Rozenaock |
%PROGRAMFILES(x86)%\Ruotygutght |
%PROGRAMFILES(x86)%\SearchesToYesbnd |
%PROGRAMFILES(x86)%\SearchesToYesbnd_ |
%PROGRAMFILES(x86)%\Semughdabuck |
%PROGRAMFILES(x86)%\Shakoph |
%PROGRAMFILES(x86)%\Shamotawoph |
%PROGRAMFILES(x86)%\Shefale |
%PROGRAMFILES(x86)%\Skusenzecult |
%PROGRAMFILES(x86)%\Sosition |
%PROGRAMFILES(x86)%\SpeedSearchesbnd |
%PROGRAMFILES(x86)%\SpeedSearchesbnd_ |
%PROGRAMFILES(x86)%\Stbied |
%PROGRAMFILES(x86)%\Stuheybunaward |
%PROGRAMFILES(x86)%\Sudient |
%PROGRAMFILES(x86)%\Tamisthivicult |
%PROGRAMFILES(x86)%\Thacationqkk |
%PROGRAMFILES(x86)%\Thicasrifty |
%PROGRAMFILES(x86)%\Thofuckcukaent |
%PROGRAMFILES(x86)%\Thowekmigush |
%PROGRAMFILES(x86)%\Thquse |
%PROGRAMFILES(x86)%\Ukerydrpas |
%PROGRAMFILES(x86)%\Vimotyanisose |
%PROGRAMFILES(x86)%\Vorayvkapy |
%PROGRAMFILES(x86)%\WinSvces |
%PROGRAMFILES(x86)%\WinTsks |
%PROGRAMFILES(x86)%\Zepashchcacult |
%PROGRAMFILES(x86)%\Zihirycoupaing |
%PROGRAMFILES(x86)%\Zivuleclahtain |
%PROGRAMFILES(x86)%\Ziwecultkorus |
%PROGRAMFILES(x86)%\bevconesy |
%PROGRAMFILES(x86)%\yesbnd |
%PROGRAMFILES(x86)%\yesforsearchesbnd |
%PROGRAMFILES(x86)%\yessearches-bnd |
%PROGRAMFILES(x86)%\yessearches_bnd |
%PROGRAMFILES(x86)%\yessearchesbnd |
%ProgramFiles%\Rritckesock |
%ProgramFiles%\Sorawardanagck |
%ProgramFiles(x86)%\Bvaing |
%ProgramFiles(x86)%\Reogich |
%ProgramFiles(x86)%\Rritckesock |
%ProgramFiles(x86)%\Sorawardanagck |
%TEMP%\1D906534-09DB-4839-812B-4B417EBBB3FC |
URLs
Yessearches.com may call the following URLs:
", "yessearches"); |
yessearches.com |
yessearches.com/ |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.