Description Image 1When PC security researchers hear the word 'toolbar', red flags immediately pop-up. This is because many malware infections – especially browser hijackers – will prompt their victims to install a malicious toolbar for their web browser. is a fake search engine which plagiarizes various elements of the Google website. This dangerous website will also be associated with a dangerous toolbar that is actually part of the attack pattern of malware associated with ESG security researchers strongly advise that computer users stay away from the web page and avoid its associated toolbar. Contact with these two will almost certainly indicate a severe malware infection on your computer system. Any contact with should be followed with a full, thorough scan of your hard drives. is Part of a Well-Known Online Scam

One of the most common online scams consists of setting up fake search engines that are designed to display nothing but advertisements. Computer users carrying out searches on these malicious websites will find that results are irrelevant to their search, composed of little more than advertisements for dodgy online websites and companies promoting known online scams (such as rogue anti-virus applications or pharmaceuticals of doubtful origin). If the scam stopped there, would be a relatively benign website. However, criminals use a browser hijacker to take over the victim's computer system, forcing it to visit repeatedly. This translates into more page hits for their fake search engine, which in turn means that their advertising profit is artificially boosted.

Malware Related to Takes over Your Computer

Browser hijackers associated with are not limited to a single web browser. Rather, they fundamentally affect how your computer system connects to the Internet. This means that reinstalling your web browser will do nothing to fix the problem. Computers affected with malware will also find that the toolbar shows up on web browsers and critical settings (such as the browser's homepage and security preferences) have been changed. Because of this, ESG security researchers advise using a legitimate anti-virus program to hunt down the source of redirects to the website. Starting up in Safe Mode or from an external drive is recommended.

Infected with Scan Your PC for Free

Download SpyHunter's Spyware Scanner
to Detect
* SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

File System Details creates the following file(s):
# File Name
1 %Windows%\system32\DRIVERS\[RANDOM CHARACTERS].sys
3 %Windows%\system32\svchost.exe (counterfeit file)
4 %Windows%\system32\consrv.dll (counterfeit file)
5 %Temp%\[RANDOM CHARACTERS].class

Registry Details creates the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\[RANDOM CHARACTERS]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\CustomizeSearch=[site_address]

Site Disclaimer


  • Kathy Dykes:

    I can not get google to show up above address bar when i clic on googlr

  • chris:

    I want to uninstall the bing toolbar

  • marlon:

    Normally I do not learn article on blogs, however I would like to say that this write-up very forced me to check out
    and do it! Your writing style has been surprised me. Thank you, quite great post.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 13 + 3 ?