Threat Database Browser Hijackers

By Domesticus in Browser Hijackers

The domain belongs to a website containing a fake search engine. These kinds of fake search engines are designed to direct their victims to malicious websites in order to increase the incidence of malware infections and to aid various online scams. Fake search engines like are usually associated with browser hijackers; that is, malware infections that are designed to take over an Internet browser and force it to visit specific websites repeatedly., particularly, is connected to Google Redirect Virus, a Trojan that is closely linked to the ZeroAccess rootkit.

How Does Use the Google Redirect Virus?

The Google Redirect Virus is a Trojan that is designed, as its name implies, to change the results of online searches on the Google search engine (although this Trojan in particular can also affect searches on other search engines such as Bing, MSN Search, or Yahoo. While the results that are displayed appear normal, according to ESG security researchers, the links will have been changed so that they will direct the victim to a malicious website such as By forcing their victims to visit repeatedly, criminals can profit from advertisement links, pay-per-click schemes and advertisement impressions.

How Does Differ from Other Fake Search Engines?

Most websites that are part of fake search engine scams such as, are practically identical. One of the characteristics of that is unique is the way generates its domain names in order to create an extremely large amount of clones. The more versions and copies of this fake website that exist, the harder it is for PC security experts to track down each of these, as well as protecting computer users from their contents. Malware analysts believe that the domain names of clones of are generated randomly, by adding a random adjective to the words 'davinci server'. This has resulted in a very large number of clones of flooding the Internet, including websites such as and

Protecting Your Computer System from’s Malware

Any visit to the website practically puts your computer at risk of becoming infected with malware. Malware analysts recommend using a fully-updated, reliable anti-malware program to remove any malware associated with this fake search engine. If the ZeroAccess rootkit has invaded your computer, legitimate security programs may not work in removing malware. In these cases, a specialized rootkit-removal tool may be necessary.


Most Viewed