Searchgo

The Searchgo program is categorized as adware, and it is advised to remove it from computers. The Searchgo program is known to arrive on computers via freeware bundles and fake updates to Adobe Flash and Java. Researchers have seen the Searchgo adware load from
C:\Users\username\AppData\Local\SearchGo\searchgo.exe and C:\Users\username\AppData\Local\DuckGo\DuckGo.exe. PC users affected by the Searchgo (a.k.a. DuckkGo) adware may notice new tasks being registered in the Windows Task Scheduler from C:\Windows\System32\Tasks\SearchGo Task and C:\Windows\System32\Tasks\DuckGo Task.

The Searchgo adware is known to connect to the h[tt]p://robyego[.]ru/searchgo.json URL and the 178.132.6.45 IP address. It is believed that third parties are using Searchgo (DuckGo) to collect non-personally identifiable data, show targeted advertisements, drop persistent tracking cookies to infected computers, and sell identification numbers for the cookies to ad publishers. The Searchgo adware is recorded to inject code into Internet Explorer and change the way the pages are loaded on the screen for the users. The Searchgo adware may show hyperlinked words, video advertisements in floating windows, generate pop-up windows and alter the header of Web pages. The Searchgo adware may load insecure resources on supposedly safe pages, as well as track the user across SSL-encrypted pages. Ad publishers who are working with the Searchgo developers may show targeted promotional materials based on the infected user's recent activity on the Internet. Searchgo may record the user's browsing history, recent downloads, IP address, system type, browser version, software configuration and approximate geographical location. It is recommended to remove the Searchgo (DuckGo) adware using help from a reliable anti-spyware instrument. Av engines may flag files created by the Searchgo adware as:

• ADWARE/Agent.415233
• ADW_SEARCHGO
• AdWare.Searchgo.a
• Adware ( 004e25111 )
• Adware.SearchGo.Win32.1
• Adware.Searcher.2781
• HEUR/QVM10.1.Malware.Gen
• Malware.Generic!PojyymQ5vsM@5 (Thunder)
• Montiera
• PUP/Win32.Searchgo.R195203
• Trojan.LoadMoney.1441
• W32/S-1b731156!Eldorado
• Win32.Adware.Searchgo.Wozw
• not-a-virus:AdWare.Win32.Searchgo.a

Table of Contents

Toggle

SpyHunter Detects & Remove Searchgo



File System Details

Searchgo may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections i Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	searchgo.dll	0f21077acd26b74e219aaa824e7581c4	1,507 +
Name: searchgo.dll MD5: 0f21077acd26b74e219aaa824e7581c4 Size: 288.76 KB (288768 bytes) Detections: 1,507 Type: Dynamic link library Path: C:\Documents and Settings\<username>\Local Settings\Application Data\SearchGo\searchgo.dll Group: Malware file Last Updated: October 24, 2025
2.	searchgo.exe	64a8157837d5df49827f232f1295dec2	1,414 +
Name: searchgo.exe MD5: 64a8157837d5df49827f232f1295dec2 Size: 415.23 KB (415232 bytes) Detections: 1,414 Type: Executable File Path: C:\Users\<username>\AppData\Local\SearchGo\searchgo.exe Group: Malware file Last Updated: October 24, 2025
3.	searchgo0.dll.old	41aa9ba47db027de7f6d68e0b027fc48	947 +
Name: searchgo0.dll.old MD5: 41aa9ba47db027de7f6d68e0b027fc48 Size: 291.32 KB (291328 bytes) Detections: 947 Path: C:\Users\<username>\AppData\Local\Temp\searchgo0.dll.old Group: Malware file Last Updated: May 20, 2023
4.	adv_93.exe	87e1844260a46d37f2a3d09a8c108314	1 +
Name: adv_93.exe MD5: 87e1844260a46d37f2a3d09a8c108314 Size: 1.54 MB (1544545 bytes) Detections: 1 Type: Executable File Path: %TEMP%\f9626892-7a78-3199-abd2-97bbce96297b Group: Malware file Last Updated: June 1, 2016

More files

Registry Details

Searchgo may create the following registry entry or registry entries:

CLSID

{2BC46CFA-4B00-4193-A7BD-6AD1D0BCB5BC}

{598AEFC6-DD3C-4A63-9AC3-53FCF6155931}

{AF5EE270-A22B-4E9A-B253-A91E8882BEC5}

Regexp file mask

%TEMP%\duckgo0.dll.old

%WINDIR%\System32\Tasks\DuckGo Task

%WINDIR%\System32\Tasks\SearchGo Task

HKEY..\..\..\..{RegistryKeys}

SOFTWARE\Classes\Interface\{37C81B92-FBD1-4D51-892F-AC1343578928}

SOFTWARE\Classes\Interface\{EA1996FB-3431-4103-A88B-F1ADE1EBD415}

SOFTWARE\Classes\SearchBar.SearchBarMain

SOFTWARE\Classes\SearchBar.SearchBarMain.1

SOFTWARE\Classes\TypeLib\{AB775775-BE4A-4CD9-B5F4-5C63DA27DEAF}

SOFTWARE\Classes\Wow6432Node\TypeLib\{AB775775-BE4A-4CD9-B5F4-5C63DA27DEAF}

Software\Microsoft\Go\nb_lifetime

Software\Microsoft\Gosearch

Software\Microsoft\Gosearchq

Software\Microsoft\guardPlagin

Software\Microsoft\Internet Explorer\Approved Extensions\{2BC46CFA-4B00-4193-A7BD-6AD1D0BCB5BC}

Software\Microsoft\Internet Explorer\Approved Extensions\{598AEFC6-DD3C-4A63-9AC3-53FCF6155931}

Software\Microsoft\Internet Explorer\LowRegistry\searchgo

Software\Microsoft\Internet Explorer\SearchScopes\{A06ED961-D98F-4CF9-A89B-80AB11DB149C}

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SearchGo Task

SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{598AEFC6-DD3C-4A63-9AC3-53FCF6155931}

SOFTWARE\Wow6432Node\Classes\Interface\{37C81B92-FBD1-4D51-892F-AC1343578928}

SOFTWARE\Wow6432Node\Classes\Interface\{EA1996FB-3431-4103-A88B-F1ADE1EBD415}

SOFTWARE\Wow6432Node\Classes\TypeLib\{AB775775-BE4A-4CD9-B5F4-5C63DA27DEAF}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{2BC46CFA-4B00-4193-A7BD-6AD1D0BCB5BC}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{598AEFC6-DD3C-4A63-9AC3-53FCF6155931}

Directories

Searchgo may create the following directory or directories:

%LOCALAPPDATA%\DuckGo

%LOCALAPPDATA%\SearchGo

%USERPROFILE%\AppData\LocalLow\DuckGo

%USERPROFILE%\AppData\LocalLow\SearchGo

%UserProfile%\Local Settings\Application Data\DuckGo

%UserProfile%\Local Settings\Application Data\SearchGo