allentech.net

Home > Browser Parasites > Parasite Database > 404Search

About Us

Online Stores

TQ Support

Web Services

Database Help

Tech Links

Projects

Online Manual

Browser Parasites

Privacy Policy

Contact us

Send Page

Limited Time!
Totally FREE Web Design!
Click here!

Blue Host

Parasite: 404Search

This record last updated Tue Sep 20 2005 00:34:14

PLEASE NOTE: Due to the overwhelming extent of this problem and the unbelievable volume of email we have received, we regret that we cannot respond to questions about browser parasites at this time. If you have attempted to contact us about this parasite please accept our apology for not responding. "Thank you's" are always appreciated ;-)

Description

404Search is pop-up-opening adware targeted at 404search.com/browservillage.com, (sites controlled by the Kanoodle search engine), implemented by an Internet Explorer Browser Helper Object named 404search.dll.

Distribution

Installed by the WildMedia and FavoriteMan parasites.

Also known as

Search404 (internal BHO name), Sneaky Listener (project name).

What it does

Advertising

Yes. When pre-defined targeted sites are browsed in IE, a pop-up is opened, containing an advert or sponsored “search results”.

Privacy violation

The 404Search privacy policy states that the software may track web usage using cookies as a unique ID. However this has currently not been seen to happen in practice. When tested, the software sent only a target ID when an advert was opened, not the complete URL that triggered it, and didn’t use cookies to track usage.

Security issues

Yes. Has an update feature that can be used to download and execute arbitrary unsigned code from its controlling servers. The licence agreement listed on the 404Search site threatens to install other third-party software and reserves the right to uninstall or disable other software running on the victim’s machine.

Stability problems

No, but seems to make new IE windows open significantly more slowly than normal.

Removal

From the Control Panel (Start->Settings->Control Panel), open the ‘Add/Remove Programs’ feature and remove the ‘404Search’ entry.

Manual removal

Open the registry (Start->Run->regedit) and delete the keys:

HKEY_CLASSES_ROOT\Search.Search404
HKEY_CLASSES_ROOT\Search.Search404.1
HKEY_CLASSES_ROOT\CLSID\{53C330D6-A4AB-419B-B45D-FD4411C1FEF4}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53C330D6-A4AB-419B-B45D-FD4411C1FEF4}

Reboot the machine and you should be able to delete the ‘404Search’ folder inside ‘Program Files’.

* Parasite information and detection script by Andrew Clover - www.doxdesk.com, used with permission.

For more information about Scumware, Spyware and Parasites, their sources and their cure, visit our About Parasites page and related Tech Links.

Visit our new services portal at Allen One for a completely new parasite database format, comming November 2005!

webmaster@allentech.net
Tech Bench
Web Analytics by My-OLAP!

Top