Runclips.com
Runclips.com is a fake search engine site that's used to distribute malicious software and expose you to irrelevant links for the profit of Runclips.com's web masters. Because Runclips.com is confirmed as a clone of other types fraudulent search sites that have long histories of using browser-related attacks, SpywareRemove.com malware analysts strongly discourage contact with Runclips.com, sites that resemble Runclips.com or links that are promoted by Runclips.com in its ostensible search results. If your browser comes into contact with Runclips.com repeatedly through unwanted redirects, which browser hijackers often use to promote Runclips.com and related sites, you should scan your PC with any anti-malware program that's capable of deleting browser-related PC threats without any issues.
The Hidden Hazards of Runclips.com's Seemingly-Innocent Search Results
On the surface, Runclips.com has every appearance of being a search engine that's capable of displaying relevant results for your queries. However, scrapping beneath Runclips.com's wireframe globe appearance will show you a history that malware researchers have linked to browser attacks and blacklisted malware-hosting websites. Runclips.com is a clone of similar search sites that have no purpose except to display self-serving 'search results,' with links leading victims to drive-by-downloads for various PC threats and other online hazards.
Runclips.com and sites closely tied to Runclips.com can be identified by their common template: a gray background with a green framed world globe superimposed on top. Other than this image and its supposed search bar, Runclips.com doesn't have any significant interface options or aesthetic quirks, although SpywareRemove.com malware experts recommend that you treat any site with the slightest resemblance to Runclips.com as being as harmful as Runclips.com, itself.
Other members of Runclips.com's ring of fake search engines include, but aren't confined to:
- Crownhub.com
- Hitpush.com
- Papergap.com
- Placelow.com
- QueryExplorer.com
- QueryScan.com
- QuestDNS.com
- Resultoffer.com
- ScanBasic.com
- Yokeline.com
Bringing Runclips.com's Browser Antics to a Dead Halt
Ordinarily, you will never even experience contact with Runclips.com unless your browser is redirected to Runclips.com automatically by browser-hijacking PC threats. Such attacks can be linked to high-level PC threats like rootkits or backdoor Trojans, although, just as often, they may be side effects of infection by minor dangers like adware-based browser plugins. For safety's sake, SpywareRemove.com malware experts recommend scanning your PC after any contact with Runclips.com, particularly since sites affiliated with Runclips.com have been known to install malicious software through browser exploits (drive-by-download attacks).
Usual infection routes for PC threats aligned with Runclips.com and other members of its ring of fake search engines include:
- Fake media downloads hosted by malicious sites and advertisements (Flash updates, codec packages, movie player updates).
- Malicious browser add-ons that are often installed along with unrelated applications.
In both cases, avoiding sites that haven't been confirmed to have trustworthy reputations should be ample protection against initial Runclips.com-related infections.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%AppData%\runclips\toolbarcouponsmerchants2.xml
File name: %AppData%\runclips\toolbarcouponsmerchants2.xmlMime Type: unknown/xml
%AppData%\runclips\toolbarcouponscategories.xml
File name: %AppData%\runclips\toolbarcouponscategories.xmlMime Type: unknown/xml
%AppData%\runclips\toolbarcouponsmerchants.xml
File name: %AppData%\runclips\toolbarcouponsmerchants.xmlMime Type: unknown/xml
%AppData%\runclips\toolbardtx.ini
File name: %AppData%\runclips\toolbardtx.iniMime Type: unknown/ini
%AppData%\runclips\toolbarpreferences.dat
File name: %AppData%\runclips\toolbarpreferences.datFile type: Data file
Mime Type: unknown/dat
%AppData%\runclips\toolbarstat.log
File name: %AppData%\runclips\toolbarstat.logMime Type: unknown/log
%AppData%\runclips\toolbarguid.dat
File name: %AppData%\runclips\toolbarguid.datFile type: Data file
Mime Type: unknown/dat
%AppData%\runclips\toolbarlog.txt
File name: %AppData%\runclips\toolbarlog.txtMime Type: unknown/txt
%AppData%\runclips\toolbarstats.dat
File name: %AppData%\runclips\toolbarstats.datFile type: Data file
Mime Type: unknown/dat
%AppData%\runclips\toolbarversion.xml
File name: %AppData%\runclips\toolbarversion.xmlMime Type: unknown/xml
%Temp%\runclips\toolbar-manifest.xml
File name: %Temp%\runclips\toolbar-manifest.xmlMime Type: unknown/xml
%AppData%\runclips\toolbaruninstallIE.dat
File name: %AppData%\runclips\toolbaruninstallIE.datFile type: Data file
Mime Type: unknown/dat
%AppData%\runclips\toolbaruninstallStatIE.dat
File name: %AppData%\runclips\toolbaruninstallStatIE.datFile type: Data file
Mime Type: unknown/dat
Registry Modifications
HKEY..\..\{Value}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}ProgID "runclipsIEHelper.UrlHelper.1"HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{99079a25-328f-4bd4-be04-00955acaa0a7} "runclips runclips Toolbar"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}VersionIndependentProgID "runclipsIEHelper.UrlHelper"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{99079a25-328f-4bd4-be04-00955acaa0a7}InprocServer32 "C:PROGRA~1WINDOW~4ToolBarrunclipsdtx.dll"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{99079a25-328f-4bd4-be04-00955acaa0a7} "runclips Toolbar"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} "UrlHelper Class"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\runclipsIEHelper.DNSGuardCurVerHKEY_LOCAL_MACHINE\SOFTWARE\Classes\runclipsIEHelper.DNSGuard.1HKEY_LOCAL_MACHINE\SOFTWARE\Classes\runclipsIEHelper.DNSGuardCLSIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\runclipsIEHelper.DNSGuardHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar "runclips Toolbar"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.