SearchEnhancer Description

[+] Click Image to Enlarge

• 

Search Enhancer is one of the many adware infections that take the form of a web browser add-on or extension. Search Enhancer is marketed as a browser toolbar that allows computer users to carry out better online searches by aggregating various results from different search engines and generally displaying better search results. However, Search Enhancer is actually designed to spam you with irritating advertisements in the form of banner advertisements and pop-up windows and track your online activity. If your web browser is displaying pop-up windows containing advertisements while visiting normally trustworthy or reliable web pages, this is an indication that your computer has been infected with Search Enhancer or a similar malicious web browser plug-in.

The Relationship Between Search Enhancer and Other Web Browser Hijackers

Browser hijackers, in the form of web browser toolbars promising to enhance online searches, are among the most common forms of malware. These are often also linked to fake search engine websites that display advertisements instead of legitimate search results. Browser hijackers receive their name because the main element of these kinds of infections involves taking over the victim’s web browser and forcing it to visit certain websites without the computer user’s authorization. These websites will often be fake search engines and the redirect will occur when the victim visits a legitimate search engine website. Inexperienced computer users may be ambushed into having no doubt that this is actually normal and are more probable to fall prey to this scam.

Protecting Your Computer from Search Enhancer

ESG malware analysts strongly advise avoiding the installation of toolbars on your web browser. While there are, undoubtedly, legitimate toolbars out there, these are so commonly associated with online scams, adware and other forms of malware, that PC security researchers will almost always associate toolbars with malicious online content. To prevent infections similar to Search Enhancer, ESG malware analysts advise using reliable security software and keeping it always updated. It is also important to practice safe online browsing, such as avoiding unsafe websites and never downloading unknown files or clicking on links leading to unknown web pages.

Type: Browser Helper Object

How Can You Detect SearchEnhancer?

SearchEnhancer Technical Report

As new SearchEnhancer details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following SearchEnhancer files with its MD5s were created in the system:

SearchEnhancer Removal Details

SearchEnhancer has typically the following processes in memory:

• uninstallSE.exe
• [%WINDOWS%]\saiemod.dll
• [%WINDOWS%]\fov.exe
• [%WINDOWS%]\ihglcl.exe
• [%WINDOWS%]\nknqzkt.exe
• [%WINDOWS%]\jon.exe
• SearchTool.dll
• [%SYSTEM%]\saiemod.dll
• [%WINDOWS%]\evgnin.exe
• [%WINDOWS%]\etyxkr.exe
• [%WINDOWS%]\xgf.exe
• [%WINDOWS%]\mrqt.exe
• nsg3D.dll
• nsz25.dll
• [%WINDOWS%]\atct.exe
• [%WINDOWS%]\elahwrcf.exe
• [%WINDOWS%]\tsr.exe
• [%WINDOWS%]\pixut.exe
• [%WINDOWS%]\system\saiemod.dll

SearchEnhancer creates the following registry entries:

• 5015BF9D-173C-474B-9AF3-77D4D23A4135
• Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchEnhancer
• SearchEnhancer
• 92C3F342-45DA-4511-853A-B3836AAFF5F5
• 5ED7D3DE-6DBE-4516-8712-01B1B64B7057
• 85E0B171-04FA-11D1-B7DA-00A0C90348D7

Important Article Disclaimer