PigSearch
|
Description:
|
Adware
|
|
Risk Level:
|
High
|
|
Date of First Occurence:
|
Thursday, May 22, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Pigsearch displays search links related to highlighted text in Internet Explorer Web pages and also displays pop-up advertisements.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SCAN & REMOVE NOW »
Geographical Distribution of Threat "PigSearch"
Threat Info
View All
Detected Items
- Detected Files:
%PROGRAMFILES%\wsearch\mupdate.exe
MD5: 3BF4C8E1850075D16FBE7AAEA2B7714A Size:40960
%PROGRAMFILES%\wsearch\mUninstall.exe
MD5: 843EEC8D22A0A15646C359CE62291C86 Size:20480
%SYSDIR%\DRIVERS\hcalway.sys
MD5: FC6E467B257CEFEA62BEBC32F4BF245A Size:38784
%SYSDIR%\drivers\abhcop.sys
MD5: BFD763D508297B62C3B522E836A8C318 Size:11264
%PROGRAMFILES%\HuaCi\huaci\zsearch.exe
MD5: DBFD5DDA88DA50491BA6EC513471B81B Size:143360
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%ProgramFiles%\wsearch\mouse.dll
%ProgramFiles%\wsearch\search.exe
%ProgramFiles%\wsearch\zsearch.exe
%ProgramFiles%\wsearch\hcalway.sys
%ProgramFiles%\wsearch\abhcop.sys
%ProgramFiles%\HuaCi\mouse.dll
%ProgramFiles%\HuaCi\search.exe
%ProgramFiles%\HuaCi\zsearch.exe
%ProgramFiles%\HuaCi\hcalway.sys
%ProgramFiles%\HuaCi\abhcop.sys
%ProgramFiles%\HuaCi\mupdate.exe
%ProgramFiles%\HuaCi\SearchM.dll
%ProgramFiles%\HuaCi\mUninstal.exel
%ProgramFiles%\wsearch\mUninstall.exe
%ProgramFiles%\wsearch\mupdate.exe
%ProgramFiles%\wsearch\SearchM.dll
%Sysdir%\drivers\abhcop.sys
%Sysdir%\drivers\hcalway.sys
%STARTUP%\ÊÑ.lnk
- Files by Directories
%ProgramFiles%\wsearch
%programfiles%\HuaCi
- Files by CLSID or Name
CLSID=594BE7B2-23B0-4FAE-A2B9-0C21CC1417CE
CLSID=4E1ACE40-F681-4CC4-A7C0-AD1E6C9AD86F
CLSID=A07E6B9B-BB30-4381-A9D8-FABB0648BCEF
CLSID=FD536575-73F7-42A3-9E9F-11688F1A006A
CLSID=C5CE084B-31E0-4B34-A33A-82B4EA913CF8
- Registry Keys
HKCU\Software\Pig Move Search
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CDSearch
HKLM\SOFTWARE\Classes\SearchM.Search
HKLM\SOFTWARE\Classes\SearchM.Search.1
HKCR\SOFTWARE\Classes\SearchM.Search
HKCR\SOFTWARE\Classes\SearchM.Search.1
- Registry Values
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=MoveSearch Value=%PROGRAMFILES%\HuaCi\huaci\zsearch.exe
«
Go to Software Database