BasicScan.com

By LoneStar in Browser Hijackers

BasicScan.com Image

BasicScan.com belongs to a batch of fake search engines that were released in November and December of 2011. BasicScan.com and its clones can be easily identified because they all share identical interfaces and website layouts. Their design is fairly minimalist, allowing criminals to produce large numbers of clones easily. When you arrive at a website that belongs to BasicScan.com's family of fake search engines, you will be greeted with a white page. In the center of this white background, you will find a search box, a randomly-chosen logo and the website's name in a green-tinted font. Despite this tasteful design, there is nothing tasteful about the way BasicScan.com tries to scam you and steal your money. Fake search engines like BasicScan.com are designed to spam users with advertisements and direct them to malicious websites containing unsafe content, various advertisements and malware infections. More importantly, websites like BasicScan.com use browser hijackers such as the Google Redirect Virus in order to force their victims to return to the BasicScan.com website repeatedly. Because of this, ESG security researchers recommend treating any contact with the BasicScan.com website as a potential malware infection.

BasicScan.com’s Nasty Friends

The real problem with fake search engines such as BasicScan.com is their association with other malware infections. If you are not careful, malware associated with BasicScan.com can quickly make its home in your hard drive, eventually inviting other, more dangerous infections to the party! The main malware infection associated with BasicScan.com is a kind of Trojan known as a browser hijacker. Usually, this browser hijacker is either a browser toolbar or a version of the Google Redirect Virus. Regardless of the kind of browser hijacker installed on your computer system, most browser hijackers have the same symptoms, resulting in repeated forced visits to the BasicScan.com and its many friends. Some symptoms of a BasicScan.com-related browser hijacker infection include the following:

  • Browser hijackers associated with BasicScan.com will often change the results on legitimate search engines so that they will link to BasicScan.com instead of to their real destination. This tactic is quite effective against inexperienced computer users since they may simply try their search again on the BasicScan.com fake search engine.
  • BasicScan.com-related malware may cause your computer to run slowly and crash frequently, as well as affect the quality and performance of your Internet connection.

If your Internet browser is infected, you may find that your homepage and general settings have been altered without your authorization

File System Details

BasicScan.com may create the following file(s):
# File Name Detections
1. %Temp%BasicScantoolbar-manifest.xml
2. %AppData%BasicScantoolbarcouponsmerchants.xml
3. %AppData%BasicScantoolbardtx.ini
4. %AppData%BasicScantoolbarstats.dat
5. %AppData%BasicScantoolbarversion.xml
6. %AppData%BasicScantoolbarcouponscategories.xml
7. %AppData%BasicScantoolbarpreferences.dat
8. %AppData%BasicScantoolbarstat.log
9. %AppData%BasicScantoolbaruninstallStatIE.dat
10. %AppData%BasicScantoolbarcouponsmerchants2.xml
11. %AppData%BasicScantoolbarlog.txt
12. %AppData%BasicScantoolbarguid.dat
13. %AppData%BasicScantoolbaruninstallIE.dat

Registry Details

BasicScan.com may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINESOFTWAREClassesBasicScanIEHelper.DNSGuard
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7}InprocServer32 "C:PROGRA~1WINDOW~4ToolBarBasicScandtx.dll"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{99079a25-328f-4bd4-be04-00955acaa0a7} "BasicScan BasicScan Toolbar"
HKEY_LOCAL_MACHINESOFTWAREClassesBasicScanIEHelper.DNSGuardCLSID
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar “BasicScan Toolbar”
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}VersionIndependentProgID "BasicScanIEHelper.UrlHelper"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} "UrlHelper Class"
HKEY_LOCAL_MACHINESOFTWAREClassesBasicScanIEHelper.DNSGuardCurVer
HKEY_LOCAL_MACHINESOFTWAREClassesBasicScanIEHelper.DNSGuard.1
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7} "BasicScan Toolbar"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}ProgID "BasicScanIEHelper.UrlHelper.1?

Trending

Most Viewed

Loading...