Home Malware Programs Browser Hijackers Crehtynet.com

Crehtynet.com

Posted: December 22, 2011

Crehtynet.com Screenshot 1Crehtynet.com is a malicious website that's strongly associated with fake search engines like Click System as well as with browser hijackers that redirect web browsers towards such sites. Although Crehtynet.com may pose as a search engine, its actual functions are to inflate traffic with the propagation of browser hijackers, and Crehtynet.com has no ability to provide relevant search results or even safe website links. If your browser starts to launch Crehtynet.com, Click System or an affiliated site, or if your web browser begins to show symptoms of being attacked by Crehtynet.com-affiliated browser hijackers, SpywareRemove.com malware research team recommends prompt removal of all types of potential PC threats with competent anti-malware software.

How You Can Keep Crehtynet.com from Telling Your Browser What to Do

Even simple contact with Crehtynet.com or affiliated sites can be a source of attack by PC threats that are installed through your web browser. Because Crehtynet.com is especially closely associated with Trojans that contain browser-hijacking functions, you should be wary of any of the standard symptoms of a browser hijack or redirect. The primary symptoms are redirects to Crehtynet.com and other Click System sites when you try to use another search engine (such as Google or Yahoo Search). However, you may also experience problems with your browser's settings, links that are added to online content that shouldn't have links, pop-ups and poor browser performance.

Since browser redirects to Crehtynet.com and other Click System sites (such as mediashifting.com, wtfwtfwtfred.com and clicksystemsion.com) can expose you to other PC threats and additional risks like phishing attempts or fake system scanners, SpywareRemove.com malware researchers strongly encourage you to remove any browser hijacker as soon as you notice its attacks. Efficient removal can be accomplished with little trouble if you have access to anti-malware applications that are working with their most recent threat definition databases.

A Series of Reasons to Ward Off Crehtynet.com That's as Long as Its List of Search Results

Time spent with Crehtynet.com or its partner websites can be time spent with other forms of browser-based attacks. Common threats that are found to be associated with fraudulent search engines include, but aren't limited to:

  • Scamware websites that promote rogue anti-malware applications. These sites may use fake alerts and infection warnings that prompt you to install their fraudulent products.
  • Phishing sites that gather personal information via fake polls, contests and other forms of prize-winning offers.
  • Sites that install PC threats with drive-by-download scripts. Strong browser security settings, especially disabling scripts like Flash or Java, can help to reduce the prominence of these attacks. However, these safety measures shouldn't be used as a complete alternative to having anti-malware software installed to detect Crehtynet.com-related attacks as they strike.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%WINDOWS%\System32\consrv.dll File name: %WINDOWS%\System32\consrv.dll
File type: Dynamic link library
Mime Type: unknown/dll
%WINDOWS%\System32\Drivers\mrxsmb.sys File name: %WINDOWS%\System32\Drivers\mrxsmb.sys
File type: System file
Mime Type: unknown/sys

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
Loading...