Threat Database Browser Hijackers Get-Information.com

Get-Information.com

By SpideyMan in Browser Hijackers

Get-Information.com Image

With an unattractive muddy brown design with green lettering, it is clear that the criminals behind Get-Information.com were not particularly interested in making their website. This is probably because Get-Information.com is a mass-produced part of a huge network of fake search engines designed to profit from advertisement revenue generated through the use of browser hijackers and dangerous Trojans. According to ESG security researchers, Get-Information.com is not a real search engine, despite its claims to the contrary. Any search that is entered into the Get-Information.com interface will result in 'search results' that are nothing more than spam – advertisements for various malicious websites and known online scams. Malicious websites that figure in Get-Information.com's fake search results include illegal online pharmacies, fraudulent online casinos, adult websites and websites promoting fake security software or pyramid schemes. Because of Get-Information.com's malicious content, any search that is entered into Get-Information.com is useless and usually will result on an attack on your computer system. Even worse, ESG security researchers consider Get-Information.com as an extremely dangerous threat to your computer system. While the Get-Information.com website in itself is not particularly dangerous, Get-Information.com is closely linked to various browser hijackers that tend to be bundled with rootkits that are considered among the most difficult to remove malware threats in existence. Because of this, redirections to the Get-Information.com website or to other fake search engines should be treated as a very serious problem.

How Get-Information.com Preys on Inexperienced Computer Users

While in theory, browser hijackers can be designed to direct their victims to any website, computer criminals typically use them to direct their victims to fake search engines like Get-Information.com. This is part of a scam that takes advantage of many users' inexperience with computers. The main browser hijacker associated with Get-Information.com is a variant of the Google Redirect Virus, a browser hijacker that messes with your Google search results, along with other dangerous functions. Consider this from the viewpoint of an inexperienced computer user: after entering a search into Google, Yahoo or Bing, clicking on the search result takes the victim to another website that seems also to be a fake search engine. The victim, reading the message 'enter search here' will usually not think twice about trying their search again, resulting in Get-Information.com's typical fake results and stream of advertisements.

File System Details

Get-Information.com may create the following file(s):
# File Name Detections
1. %AppData%Get-informationtoolbardtx.ini
2. %AppData%Get-informationtoolbarguid.dat
3. %AppData%Get-informationtoolbarpreferences.dat
4. %AppData%Get-informationtoolbaruninstallIE.dat
5. %AppData%Get-informationtoolbarcouponsmerchants2.xml
6. %AppData%Get-informationtoolbarcouponsmerchants.xml
7. %AppData%Get-informationtoolbarversion.xml
8. %AppData%Get-informationtoolbarstats.dat
9. %Temp%Get-informationtoolbar-manifest.xml
10. %AppData%Get-informationtoolbarcouponscategories.xml
11. %AppData%Get-informationtoolbarlog.txt
12. %AppData%Get-informationtoolbarstat.log
13. %AppData%Get-informationtoolbaruninstallStatIE.dat

Registry Details

Get-Information.com may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}VersionIndependentProgID "Get-informationIEHelper.UrlHelper"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} "UrlHelper Class"
HKEY_LOCAL_MACHINESOFTWAREClassesGet-informationIEHelper.DNSGuardCurVer
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7} "Get-information Toolbar"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}ProgID "Get-informationIEHelper.UrlHelper.1"
HKEY_LOCAL_MACHINESOFTWAREClassesGet-informationIEHelper.DNSGuard.1
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar "Get-information Toolbar"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{99079a25-328f-4bd4-be04-00955acaa0a7} "Get-information Get-information Toolbar"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7}InprocServer32 "C:PROGRA~1WINDOW~4ToolBarGet-informationdtx.dll"
HKEY_LOCAL_MACHINESOFTWAREClassesGet-informationIEHelper.DNSGuard
HKEY_LOCAL_MACHINESOFTWAREClassesGet-informationIEHelper.DNSGuardCLSID

Trending

Most Viewed

Loading...