WebSearcher
Posted: January 5, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 19,861 |
|---|---|
| Threat Level: | 1/10 |
| Infected PCs: | 115 |
| First Seen: | January 5, 2016 |
|---|---|
| Last Seen: | January 13, 2025 |
| OS(es) Affected: | Windows |
WebSearcher is an adware program that exploits proxy settings as a means of injecting content sponsored by its third-party affiliates into your browser. A combination of invasive advertisement delivery mechanisms and poor installation practices have caused malware experts to recommend avoiding any prolonged use of this add-on, which may try to block any standard uninstall procedure conducted by the user. Qualified security software capable of removing advanced adware or threatening software should be able to remove WebSearcher and restore all relevant settings.
The Web Search Being Conducted Automatically
Their well-earned reputation for poor security has yet to curtail the production of new adware, the development of which persists as a profitable but legally questionable venture. However, most adware programs restrict themselves to simple, straightforward modifications that confine themselves to particular brands of browsers. In other cases, like WebSearcher, the advertisement-serving changes are sufficiently invasive that they apply to any attempts to browse the Web regardless of your browser of choice.
Although WebSearcher's website (the WebSearcher.eu search engine) promotes the add-on only for Firefox, malware experts found WebSearcher affecting both Internet Explorer and Chrome, as well. Its advertisement-delivery function ay use content injected into your Web pages as your browser loads them, like most adware, but may change your local proxy server settings. Although PC users can view these non-standard settings from Windows via the Internet Options panel, WebSearcher's changes to the system Registry may prevent computer users from changing the settings back to their previous values.
The result is that your Web browsers may continue loading advertisements, without any discrimination between which websites you visit. Your browser's individual settings may be equally irrelevant for managing the advertising content, and standard advertisement-blocking add-ons are unable to counteract WebSearcher's invasive system modifications.
Extricating Your Browsing Habits from a WebSearcher Web
Along with its unnecessarily wide-sweeping settings changes, WebSearcher also may conduct a practice more often found in threat campaigns: concealing its identity with a virtual certificate. Its current root certificate derives itself from Fiddler Web, a debugging kit. WebSearcher also may use two other pieces of content from that normally-non-threatening package, the 'FiddlerCore' and 'FiddlerCoreWrapper' DLL files. Until further action is taken to prevent any future abuse of this certificate, PC users should take particular care on confirming the identity of the applications using it.
You could install WebSearcher from its search engine-based website, but, less honestly than that, WebSearcher also may circulate itself in installers for video codecs and media players. Obtaining file downloads only from a trustworthy resource is the easiest way to avoid adware like WebSearcher, but appropriate PC security tools also are capable of identifying many of the software bundlers that WebSearcher might use, such as SoftwareBundler:Win32/Tillail.
Inappropriate Registry changes for removing WebSearcher's advertisements also may cause unintended damage to other applications or services, including essential Windows files. Casual PC users should use anti-malware or anti-adware products with Registry-scanning features for removing WebSearcher, rather than enduring the risk of causing permanent damage for resolving a temporary advertisement problem.
Technical Details
Registry Modifications
HKEY..\..\..\..{RegistryKeys}SOFTWARE\Wow6432Node\WebSearcherUpdaterHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}WebSearcher Service
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.