RealSearch
RealSearch is a 'real pain' because it has been found to be a malicious application designed to use aggressive scam techniques to scam computer users out of money. RealSearch may appear to look like any trusted security program for PCs. RealSearch will even go as far as to render convincing alert messages and return scan results populated with bogus parasite results. Each of these instances are all part of a ploy in attempting to gain a computer users trust and ultimately get them to purchase the RealSearch program. Purchasing RealSearch will not eliminate the threat supposedly found by RealSearch. Removal of RealSearch is the only way to eliminate the annoying alert messages rendered by RealSearch.
File System Details
RealSearch may create the following file(s):
# | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|
1. | %AllUsersProfile%\Application Data\.exe | |
2. | %AllUsersProfile%\.exe | |
3. | %AllUsersProfile%\Application Data\.dll | |
4. | %AllUsersProfile%\.dll | |
5. | %UserProfile%\Desktop\RealSearch.lnk | |
6. | %UserProfile%\Start Menu\Programs\RealSearch\RealSearch.lnk | |
7. | %AllUsersProfile%\~r | |
8. | %AllUsersProfile%\Application Data\ | |
9. | %UserProfile%\Start Menu\Programs\RealSearch\Uninstall RealSearch.lnk | |
10. | %AllUsersProfile%\~ | |
11. | %AllUsersProfile%\Application Data\~r | |
12. | %UserProfile%\Start Menu\Programs\RealSearch\ | |
13. | Windows Vista & 7: | |
14. | %AllUsersProfile%\ |
Registry Details
RealSearch may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '/{hq:/s`s:/ogn:/uyu:/dyd:/c`u:/bnl:/ble:/sdf:/lrh:/iul:/iulm:/fhg:/clq:/kqf:/`wh:/lqf:/lqdf:/lnw:/lq2:/l2t:/v`w:/rbs:'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ""
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'yes'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ".exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = 0'
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.