Scangoogle.ru
Scangoogle.ru is a site that was registered shortly after we have reported problems related to Googlescan.ru. Evidently, both sitеs feature the same design and operate the same way. It is very likely they are operated by the same company. Scangoogle.ru is associated with cases of browser hijacking and redirects to advertising platforms. Moreover, the Scangoogle.ru site appears to have more than a few clones that include:
- installday.ru
- googlescan.ru
- installgoogle.ru
These portals correspond to various IP addresses that include 37.140.192.213 and 37.140.192.178. The Scangoogle.ru browser hijacker is identical in behavior to those involved with Searchbuw.ru, Searchis-cng.ru and Clickforms.ru. These parasites share the same file structure and may use batch files to alter the behavior of browsers like Google Chrome, Mozilla Firefox, Internet Explorer and Opera. An investigation showed that the Scangoogle.ru browser hijacker creates а folder with a random name under the AppData directory and places the following files inside:
- chrome.bat.exe
- firefox.bat.exe
- iexplore.bat.exe
- opera.bat.exe
The files listed above are batch scripts, which are hooked to your browser via Registry keys. That allows the Scangoogle.ru browser hijacker to track your activity online and redirect you to marketing materials whenever you enter a particular keyword, open a new tab, or click on a hyperlinked text. Affected users reported that their Internet client loads Scangoogle.ru as the homepage and new tab by default. Network analysis revealed of the Scangoogle.ru network generates from 260 to 700 unique visits from Indonesia, Italy, Singapore, United Kingdom, Germany and India. The numbers might be small, but the team behind Scangoogle.ru claims a steady revenue of 2 to 5 USD per day from infected users.
Moreover, the IP addresses linked to Scangoogle.ru suggest relations to well-documented cyber parasites such as TrojanSpy:MSIL/Neos.A, TrojanDownloader:JS/Nemucod.H and Trojan.Muldrop. We do not recommend users clicking on content provided via Scangoogle.ru and its clones because there is a chance they might be suggested to download and run a harmful program. the Scangoogle.ru browser hijacker is not deemed as a severe threat but it can expose users to advanced cyber attacks and phishing pages. You may want to use a reputable anti-malware utility to clean systems affected by the Scangoogle.ru browser hijacker.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.