We want to inform you about a browser hijacker known as Search.klivs.com. It is a rather old hijacker that was created in 2014. However, it has slipped under the radar for nearly three years due to how ineffective its distribution method is. Nevertheless, it is as dangerous as any other browser hijacker, and we recommend that you remove it before it jeopardizes your computer’s security. Old or not, this hijacker deserves a full and proper analysis. Therefore, in this article, we will discuss how it is distributed, how it works, what the risks of having it are, and how you can get rid of it.
Our research has revealed that this particular browser hijacker was and still is distributed in bundled software installers. Software bundles are often used to trick users into installing otherwise undesirable software and browser hijackers, in particular, are known to be distributed in this manner. We have concluded that Search.klivs.com is distributed as a standalone hijacker which means that it does not have a dedicated browser extension or any other application to hijack the homepage. Hence, the malicious installer is the one that does all the hijacking as it interacts with the web browser and injects it by stealth. The difference between a browser hijacker and a regular search engine is that you cannot deselect its installation which is the case with Search.klivs.com.
Our additional research has revealed that the installers tasked with distributing this hijacker inject it into the three most popular web browsers that include Microsoft Internet Explorer, Google Chrome, and Mozilla Firefox. The installer is configured to replace the homepage of the said web browsers in an effort to force you to use Search.klivs.com as your primary search engine. Like all browser hijackers, this one is also all about money. It uses Google Custom search to present you with search results, which is fine, but the problem lies in the fact that the search results can be customized to promote rather questionable content. The promoted links can appear as legitimate search results which is highly dishonest. The owners of this hijacker are set to make money when you click the promoted links, and they have a vested interest that you click them as often as possible. For this reason, Search.klivs.com has been configured to collect information about you.
In conclusion, while Search.klivs.com is getting even less popular, it is still active and can infect your computer under the wrong circumstances. We argue that it is a potential security threat because of the content it may be used to promote. The fact that it can collect information about you to customize the potentially malicious ads is also worrying. Therefore, we recommend that you remove it using the guide presented below.
Microsoft Internet Explorer