ProSearch
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 2,418 |
Threat Level: | 50 % (Medium) |
Infected Computers: | 127 |
First Seen: | September 24, 2024 |
Last Seen: | October 6, 2024 |
OS(es) Affected: | Windows |
ProSearch is a deceptive browser hijacker designed to take control of users' browser settings without their consent, posing significant privacy and security risks. It operates by redirecting web traffic to unreliable search engines like boyu.com.tr, compromising user experience and exposing individuals to potentially harmful content.
Table of Contents
How ProSearch Hijacks Browsers
Once installed, ProSearch alters critical browser settings, such as the default search engine, homepage, and new tab page, directing all searches through boyu.com.tr. This search engine, while functional, is a far cry from legitimate ones like Google or Bing. Instead of delivering accurate and trustworthy results, boyu.com.tr generates search results that may be riddled with sponsored content, deceptive advertisements and links to potentially fraudulent websites.
What makes ProSearch particularly troublesome is its ability to deliver different results based on factors like user geolocation. This means a search query from one region may produce entirely different—and possibly more harmful—results compared to the same query in another part of the world. By manipulating these search outcomes, ProSearch exposes users to significant risks, including phishing scams, malware and unreliable information.
Persistence and Removal Challenges
ProSearch doesn't just stop at hijacking browser settings. It employs persistence mechanisms to ensure its presence is hard to remove. One of the methods used is the "Managed by your organization" feature in Google Chrome. This feature typically intended for enterprise environments, grants ProSearch administrative privileges over the browser, making it difficult for users to modify settings or uninstall the extension.
By embedding itself so deeply into the browser, ProSearch can repeatedly reset user preferences even after they attempt to restore their original configurations. This persistence makes manual removal a challenging task for those unfamiliar with advanced troubleshooting techniques.
Questionable Distribution Tactics: How PUPs Slip Through
ProSearch often finds its way onto devices through dubious distribution methods commonly associated with PUPs (Potentially Unwanted Programs). These tactics are designed to exploit user trust and slip under the radar, making users unwitting participants in their own compromise.
One prevalent method is software bundling. Fraudulent installers and downloaders are often promoted on shady websites disguised as legitimate software or free tools. When users download a seemingly harmless application, it may come bundled with additional unwanted programs like ProSearch. These extra pieces of software are usually hidden behind misleading installation prompts or are set to install by default unless manually unchecked—a step many users overlook.
Invasive Data Collection and User Tracking
Beyond redirecting search queries, ProSearch is also known for its data-collection practices. Browser hijackers like ProSearch often track users' browsing activity, monitoring their search history, visited websites, and even potentially sensitive data such as login credentials or personal details. This information is then used for targeted advertising, sold to third-party marketers, or exploited for more unsafe purposes, such as identity theft or fraud.
By spying on users' online habits, ProSearch not only invades privacy but also exposes victims to broader security risks. Compromised browsing data can lead to phishing attempts, social engineering attacks, or worse—full-blown breaches of sensitive personal or financial information.
Conclusion: Stay Vigilant and Protect Your Devices
ProSearch serves as a reminder of the ongoing threats posed by browser hijackers and PUPs. The deceptive nature of its distribution methods and its ability to manipulate browser settings, combined with invasive tracking practices, makes it a serious concern for users wanting to protect their privacy and security online.
To safeguard against such threats, users should always be extra careful when downloading software from unfamiliar sources, thoroughly read installation prompts and consider using reputable security tools to detect and remove PUPs before they wreak havoc on their systems.