Content

Adware-QwertSearch

Type
Program
SubType
Adware
Discovery Date
05/25/2005
Minimum DAT
4499 (05/25/2005)
Updated DAT
4606 (10/17/2005)
Minimum Engine
5.1.00
Description Added
05/25/2005
Description Modified
10/17/2005 5:27 AM (PT)

Tab Navigation

Characteristics

McAfee(R) AVERT recognizes that this program may have legitimate uses in contexts where an authorized administrator has knowingly installed this application. If you agreed to a license agreement for this, or another bundled application, you may have legal obligations with regard to removing this software, or using the host application without this software. Please contact the software vendor for further information.

See http://vil.nai.com/vil/DATReadme.asp for a list of Program detections added to the DATs.

See http://vil.nai.com/vil/pups/configuration.htm for information about how to enable, disable, and exclude detection of legitimately installed programs.

Summary

This is not a virus or a Trojan.
It is an adware application and generates extra pop-up ads while using Internet Explorer. This kind of application generally comes bundled with another program, which usually discloses the fact that it is ad-supported

Privacy

No license agreement is displayed during installation, although one could be displayed by another installer if bundled with another application. No EULA or privacy policy related to the software could be found.

System Changes

File Name : Avpcc.dll
MD5Hash : f7322ced5b22d5b2715e6de397abbcca

On executing this adware application, settings of the Internet Explorer change. Search Bar, Search page and Home page of the Internet Explorer have been changed to "qwertysearch123.biz/?id=1006".

It adds an URL in favorites folder which will redirect to "qwertysearch123.biz/?id=1006".

While browsing the internet popup is shown as below:

Aliases

Aliases

  • Adware/Startpage.CEF : Panda Antivirus
  • Startpage.3.AV : GRISoft
  • Trojan.Win32.StartPage.au : Kaspersky