Search.us.com

By JubileeX in Browser Hijackers

Threat Scorecard

Ranking: 2,080
Threat Level: 50 % (Medium)
Infected Computers: 18,656
First Seen: February 19, 2013
Last Seen: September 20, 2023
OS(es) Affected: Windows

Search.us.com Image

Search.us.com is a low-quality search engine that ESG security researchers have associated with browser hijacker malware. Browser hijackers take over the victim's web browser, modifying its settings without the computer user's authorization. Among these changes, the most important is replacing the web browser's homepage with the Search.us.com website as well as adding a toolbar which directs computer users to use Search.us.com for their online searches. There are several versions of the Search.us.com website, with various web pages hosted on this same domain. However, due to Search.us.com's connection with browser hijackers, ESG security researchers strongly advise computer users to avoid carrying out their searches on this low-quality, unsafe online search engine. In fact, contact with the Search.us.com website should be followed by a thorough scan of your computer and constant redirects to the Search.us.com web page should be treated as symptoms of a malware infection.

Criminals and unscrupulous online marketers will often sneak malware associated with Search.us.com onto the victim's computer without the computer user's knowledge. This is commonly done by bundling these kinds of malicious toolbars or web browser add-ons and extensions along with other, usually freeware applications. When computer users download a specific freeware program from a third party website, it will have been bundled with unsafe web browser add-ons that are also installed discreetly on the victim's computer. This is especially common when it comes to media players. When wanting to view a movie online, the victim will be greeted with an error message claiming that a specific media player or video codec is required to view that movie. This message will also 'helpfully' direct the computer users to a website where that media player or codec can be downloaded, or initiate the download directly. Unfortunately, installing a freeware program this way will often result in a malware infection.

Computer users will seldom notice that their computer has been compromised until their homepage is changed to Search.us.com. Unfortunately, removing the downloaded freeware program will do nothing to remove malware associated with Search.us.com. It will be necessary to take extra steps to isolate malicious browser add-ons associated with Search.us.com and delete them manually. ESG malware researchers advise using a reliable anti-spyware or anti-malware program to delete any malware or potentially unwanted programs that may be causing redirects to Search.us.com.

SpyHunter Detects & Remove Search.us.com

Registry Details

Search.us.com may create the following registry entry or registry entries:
Software\Microsoft\Internet Explorer\Approved Extensions\{BC8D11AC-7EBB-45EC-9965-A7ED9EE47FF3}
SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DF1B6E67-061C-412E-8C47-793A63B647C8}
Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{BC8D11AC-7EBB-45EC-9965-A7ED9EE47FF3}
SOFTWARE\Microsoft\Internet Explorer\Toolbar\{BC8D11AC-7EBB-45EC-9965-A7ED9EE47FF3}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{BC8D11AC-7EBB-45EC-9965-A7ED9EE47FF3}
SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchUS-TB10511_RASAPI32
SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchUS-TB10511_RASMANCS
SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchUS-TB10513_RASAPI32
SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchUS-TB10513_RASMANCS

Directories

Search.us.com may create the following directory or directories:

%LocalAppData%\Google\Chrome\User Data\Default\Extensions\acgihnoalpephlbnebgakkopakehchhc
%LocalAppData%\Google\Chrome\User Data\Default\Extensions\ajddgoknkimjjefmncbjbiaonllmimba
%LocalAppData%\Google\Chrome\User Data\Default\Extensions\bkpkdkcbjnmfpgcgnbcelkldnnkapgjl
%LocalAppData%\Google\Chrome\User Data\Default\Extensions\cbacbdanfecdkjdjfoojfgeefpnogdaa
%LocalAppData%\Google\Chrome\User Data\Default\Extensions\egopmgbefdlpfafcphiejkipladlaefn
%LocalAppData%\Google\Chrome\User Data\Default\Extensions\fonogdmokhdlkjgjngmleecneemikcgc
%LocalAppData%\Google\Chrome\User Data\Default\Extensions\kfjghcjfaannijmeanfcnehaijfjinlf
%LocalAppData%\Google\Chrome\User Data\Default\Extensions\kjloililbcdmgjodpcbbnafgedgnfkij
%LocalAppData%\Google\Chrome\User Data\Default\Extensions\kmpnlhommpchmgmfekncjpioldabfamj
%LocalAppData%\Google\Chrome\User Data\Default\Extensions\lbpginjpofaamceieccnpmjiiacigcmi
%LocalAppData%\Google\Chrome\User Data\Default\Extensions\oafgiofgeennpcokipjganbklfgajgfm
%LocalAppData%\Google\Chrome\User Data\Default\Extensions\oociobpdgomdlfhikobndjchicnfifih
%LocalAppData%\Google\Chrome\User Data\Default\Extensions\pakpomnopclhcehpalfkcngdalfbkhcl
%LocalAppData%\Google\Chrome\User Data\Default\Extensions\ppeofeodaljfbamplgpdfhgedbognmic

URLs

Search.us.com may call the following URLs:

http://search.us.com

Trending

Most Viewed

Loading...