ClearSearch
Clearsearch is a keyword-search service implemented as an IE Browser Helper Object and a process run at Windows start-up. When user enters something into the address bar, Clearsearch checks to see whether it includes keyword they have sold to one
of their advertisers. If so, it redirects user to that site; if not it forwards user to a search engine using an Clearsearch affiliate code. It can also siliently download other executables.0
General information:
| Malware Name: |
ClearSearch |
| Malware Type: |
Browser Helper Object |
| Company Name: |
Clear Search |
| Company URL: |
|
| Threat Level: |
High |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE (It is installed as the EXE is Executed, i.e. it doesnât show any sign of installation) |
| Operation: |
Time of After Browser Restart. |
Company Description:
Clearsearch is a keyword-search service implemented as an IE Browser Helper Object and a process run at Windows start-up. When user enters something into the address bar, Clearsearch checks to see whether it includes keyword they have sold to one
of their advertisers. If so, it redirects user to that site; if not it forwards user to a search engine using an Clearsearch affiliate code. It can also siliently download other executables.
Spyware Description:
Clearsearch is a keyword-search service implemented as an IE Browser Helper Object and a process run at Windows start-up. When user enters something into the address bar, Clearsearch checks to see whether it includes keyword they have sold to one
of their advertisers. If so, it redirects user to that site; if not it forwards user to a search engine using an Clearsearch affiliate code. It can also siliently download other executables.0
Characteristics/Symptoms:
-> Collects browsing information -> Slows the System -> Communicates with the host server -> Shows popup advertisements -> Changes browser settings -> Redirects searches to other sites -> Tracks Userâs browsing
activity -> Can silently download other executables -> Works in Background0
Additional information might be found here:
Processes Running:
08dzu17j.exe, 68728676.exe, 08dzu17j1.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\08dzu17j\08dzu17j.dll |
331776 |
Application Extension |
| C:\Program Files\08dzu17j\08dzu17j1\08dzu17j1.exe |
37888 |
Application |
| C:\Program Files\08dzu17j\u8g6m44q.DLL |
86016 |
Application Extension |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\08dzu17j |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
08dzu17j |
