By ZulaZuza in Browser Hijackers Image

Although the web page sports a good-looking design and, at first glance, resembles a legitimate search engine, this malicious website is actually designed to display nothing but advertisements. That is, whenever a computer user attempts to carry out a search on's search feature, the results will usually be irrelevant at best, nothing but a string of advertisements for seedy websites promoting scams or attempting to attack your computer system with malware. The main problem with is that its deception does not stop with pretending to be a search engine. According to ESG security researchers, will almost always be linked to a dangerous browser hijacker on the computer user's system, often caused by a malicious browser toolbar. This toolbar will often be linked to a Trojan infection which takes over the victim's computer system and forces the infected computer's web browser to visit repeatedly. If you find that your computer system is forcing you to visit repeatedly, this is a definitive sign of a malware infection on your system. ESG malware analysts recommend using a reliable anti-malware application to remove any problems associated with from your computer system.

Symptoms of a Malware Infection

Criminals use websites like to generate an illegal profit from advertising revenue. Each time a computer user is redirected to the web page, it translates into advertisement impressions and potential clicks, which in turn can generate a substantial amount for the criminals responsible for this malware attack. Most computer users that are redirected to the website will have installed a search toolbar or the web browser that may have been required when installing some kind of Freeware application (media players and media converters are often responsible for these kinds of attacks). The Seekeen.exe file process may also be present on the victim's computer, although this may be difficult to check since malware associated with will often disable the task manager as well as attempting to disable any security software found on the victim's computer. Common symptoms of a malware infection include constant redirects to the web page and severe problems when attempting to connect to the Internet (such as frequent crashes, error messages and severely decreased connection speed). Computer users may also find that their web browser's default search engine and homepage have been changed into

File System Details may create the following file(s):
# File Name Detections
1. %AppData%[trojan name]toolbarcouponsmerchants2.xml
2. %AppData%[trojan name]toolbarcouponsmerchants.xml
3. %AppData%[trojan name]toolbarpreferences.dat
4. %AppData%[trojan name]toolbarstat.log
5. %Temp%[trojan name]toolbar-manifest.xml
6. %AppData%[trojan name]toolbarcouponscategories.xml
7. %AppData%[trojan name]toolbarlog.txt
8. %AppData%[trojan name]toolbaruninstallStatIE.dat
9. %AppData%[trojan name]toolbarversion.xml
10. %AppData%[trojan name]toolbardtx.ini
11. %AppData%[trojan name]toolbarguid.dat
12. %AppData%[trojan name]toolbaruninstallIE.dat
13. %AppData%[trojan name]toolbarstats.dat

Registry Details may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7}InprocServer32 "C:PROGRA~1WINDOW~4ToolBar[trojan name]dtx.dll"
HKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuardCurVer
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{99079a25-328f-4bd4-be04-00955acaa0a7} "[trojan name] Toolbar"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}VersionIndependentProgID "[trojan name]IEHelper.UrlHelper"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}ProgID "[trojan name]IEHelper.UrlHelper.1"
HKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuard.1
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7} "[trojan name] Toolbar"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} "UrlHelper Class"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar "[trojan name] Toolbar"


Most Viewed