By ESGI Advisor in Browser Hijackers Image is a fake search engine that belongs to the group of websites that are part of the notorious Click System scam. These are a network of malicious domains that all result in the Click System web page. This page has a characteristic blue layout with the legend 'we buy all kinds of traffic.' However, it is part of a well-known online scam that is designed to distribute malware and profit from displaying advertisements for unsafe websites. The Click System websites are associated with an affiliate marketing scheme that has generated a hefty profit for the criminals behind The website will usually be displayed after being redirected due to a malware infection. In fact, the website itself is mostly harmful. However, most visitors to this web page are not visiting voluntarily. They do so because a dangerous Trojan infection has taken their computer system. If your Internet browser is forcing you to visit repeatedly, this is a definite sign that something is severely wrong with your computer system. To stop any redirects and symptoms of the Click System scam, ESG security analysts strongly recommends the use of a legitimate anti-malware tool that is fully up to date. Failure to act can result in other, more dangerous, malware taking hold of your computer system, rendering it unusable and compromising your private information.

Understanding How the Scam Works

The Trojan behind the scam is known as the Google Redirect Virus. While the Click System scam itself dates to the final quarter of 2011, the Google Redirect Virus has become one of the principal wrongdoer in online security for a long time. This malware infection, better classified as a Trojan, will alter your search results on legitimate search engines (such as Google, Bing, or Yahoo) and change links so that they will direct to the website when they are clicked. Inexperienced computer users will usually try their search again on, since this malicious website pretends to be a legitimate search engine. In this way, the Google Redirect Virus is often more effective at generating advertising revenue than traditional browser hijackers (which simply take their victims to the intended website at random intervals). This malicious browser hijacker can also directly take you to the website as well as change your homepage and display in a pop-up window.

File System Details may create the following file(s):
# File Name Detections
1. %Windows%\system32\consrv.dll
2. %Windows%\system32\svchost.exe
3. %Windows%\system32\DRIVERS\mrxsmb.sys

Registry Details may create the following registry entry or registry entries:
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\System Index\Crawls\ll@IsCatalogLevel 0


Most Viewed