ScreenshotWith an unattractive muddy brown design with green lettering, it is clear that the criminals behind were not particularly interested in making their website. This is probably because is a mass-produced part of a huge network of fake search engines designed to profit from advertisement revenue generated through the use of browser hijackers and dangerous Trojans. According to ESG security researchers, is not a real search engine, despite its claims to the contrary. Any search that is entered into the interface will result in 'search results' that are nothing more than spam – advertisements for various malicious websites and known online scams. Malicious websites that figure in's fake search results include illegal online pharmacies, fraudulent online casinos, adult websites and websites promoting fake security software or pyramid schemes. Because of's malicious content, any search that is entered into is useless and usually will result on an attack on your computer system. Even worse, ESG security researchers consider as an extremely dangerous threat to your computer system. While the website in itself is not particularly dangerous, is closely linked to various browser hijackers that tend to be bundled with rootkits that are considered among the most difficult to remove malware threats in existence. Because of this, redirections to the website or to other fake search engines should be treated as a very serious problem.

How Preys on Inexperienced Computer Users

While in theory, browser hijackers can be designed to direct their victims to any website, computer criminals typically use them to direct their victims to fake search engines like This is part of a scam that takes advantage of many users' inexperience with computers. The main browser hijacker associated with is a variant of the Google Redirect Virus, a browser hijacker that messes with your Google search results, along with other dangerous functions. Consider this from the viewpoint of an inexperienced computer user: after entering a search into Google, Yahoo or Bing, clicking on the search result takes the victim to another website that seems also to be a fake search engine. The victim, reading the message 'enter search here' will usually not think twice about trying their search again, resulting in's typical fake results and stream of advertisements.

Technical Information

Registry Details creates the following registry entry or registry entries:
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}VersionIndependentProgID "Get-informationIEHelper.UrlHelper"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} "UrlHelper Class"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7} "Get-information Toolbar"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}ProgID "Get-informationIEHelper.UrlHelper.1"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar "Get-information Toolbar"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{99079a25-328f-4bd4-be04-00955acaa0a7} "Get-information Get-information Toolbar"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7}InprocServer32 "C:PROGRA~1WINDOW~4ToolBarGet-informationdtx.dll"

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.