Home Malware Programs Rogue Anti-Spyware Programs IP Clear

IP Clear

Posted: May 31, 2010

IP Clear (IPClear) is a rogue anti-spyware program which uses false positives to convince users that their system is infected with malware. IP Clear will claim it has the ability to remove the alleged threats once the user has purchased a full version of the application. Do not spend money on this useless fake. Use an updated anti-spyware program to remove IP Clear immediately.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 C:\Documents and Settings\{username}\Desktop\IpClear.lnk
    2 C:\Documents and Settings\{username}\Start Menu\Programs\IpClear\IPClear.lnk
    3 C:\Documents and Settings\{username}\Start Menu\Programs\IpClear\IPClear.url
    4 C:\Program Files\IpClear\data\Enc_ICCode.ss
    5 C:\Program Files\IpClear\IpClear.exe
    6 C:\Program Files\IpClear\IpClearBlk.dll
    7 C:\Program Files\IpClear\IpClearFunc.dll
    8 C:\Program Files\IpClear\IpClearRes.dll
    9 C:\Program Files\IpClear\IpClearUp.exe
    10 C:\Program Files\IpClear\launcher.exe
    11 C:\Program Files\IpClear\searced.log
    12 C:\Program Files\IpClear\uninstall.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\IpClearHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28061c93-feb1-4f98-af09-8fa604c6af1c}HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{28061c93-feb1-4f98-af09-8fa604c6af1c}HKEY_CLASSES_ROOT\Interface\{fdf5be9d-cc91-4b10-a228-99be40e8c7e1}HKEY_CLASSES_ROOT\TypeLib\{a2cece03-4af3-4965-8c7c-99b3e13a5f65}HKEY_CLASSES_ROOT\ipclearblk.ipclearbhoHKEY_CLASSES_ROOT\ipclearblk.ipclearbho.1HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}IpClear
Loading...