Description is a malicious website that uses browser hijackers to force you to prior to sending you to unrelated sites to inflate traffic and drive revenue towards's web masters. Even though malware researchers have found that browser hijackers prefer to attack Firefox, other browsers may also be vulnerable to redirects, and you should consider your PC infected if you've had any contact with or a site. Although's redirects may trigger more frequently and less predictably than those of other browser hijackers (such as,, or, any infection can be deleted by standard anti-malware procedures and software. A Club That You Don't Want Your PC to Join is typical of other websites that peddle fake search result links in that uses browser hijackers to bully traffic towards itself. You may acquire a browser hijacker by visiting a malicious site that attacks your PC with drive-by-download scripts, although it's also possible to be infected by software that contains a browser hijacker as part of a bundled installation package. You can protect your browser from drive-by-download attacks by keeping it up-to-date and using stringent script-related security settings, and simply avoiding malicious sites and software will protect you from both means of infection. browser hijackers prefer to infect Firefox in the form of a malicious browser add-on, but you should avoid deleting this add-on in the same way that you'd remove a normal Firefox add-on. Improper deletion of infections can harm Firefox or your OS, and the preferable method for removing software is to use an anti-malware scanner.

Unlike legitimate sites, doesn't have your best interests at heart – any links that displays will contain advertisements, phishing forms, fake alerts or other forms of misleading and useless data that aren't related to what you're trying to find on the Internet. If you want to avoid additional infection possibilities, malware researchers caution that you should prevent any contact with's linked sites.

The Browser Hijacker – The Latest Member of's use of browser hijackers is both limited in some ways and exceptionally broad in others – you'll find that redirects tend to occur in Firefox, but also that they can strike every two or three minutes, regardless of what you're trying to do. This behavior sets infections apart from standard browser hijackers that tend to trigger only when you try to use a search engine-related site.

Other issues can include:

  • Being unable to change certain browser settings.
  • Browser settings that are changed to undesirable values.
  • Having your homepage locked to
  • Being exposed to advertisements and other forms of pop-ups.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%AppData%\Local\[RANDOM CHARACTERS].exe" -a "%Program Files%\Mozilla Firefox\firefox.exe" -safe-mode'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%AppData%\Local\[RANDOM CHARACTERS].exe" -a "%Program Files%\Internet Explorer\iexplore.exe"'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = '1'HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\BrowserEmulation "TLDUpdates" = '1'HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = '"%AppData%\Local\[RANDOM CHARACTERS].exe" -a "%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%AppData%\Local\[RANDOM CHARACTERS].exe" -a "%1" %*'HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%AppData%\Local\[RANDOM CHARACTERS].exe" -a "%1" %*'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%%AppData%\Local\[RANDOM CHARACTERS].exe" -a "%Program Files%\Mozilla Firefox\firefox.exe"'
Posted: October 4, 2011

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.