Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Remove Search.So-V(dot)com Browser Hijacker

Yet another browser hijacker based on Google Custom Search results has been spotted on the cyber-security radar by researchers. It sets the host Search.So-V(dot)com as a home page of your Google Chrome, Mozilla Firefox, Internet Explorer and other web browsers. It may look like a useful browser extension and may also be software installed directly onto your Programs and Features in Windows. Since it is capable of displaying different ads, leading to third-party websites, the hijacker is considered riskware. Users are advised towards its swift removal.

NameSearch.So-V(dot)com
TypeBrowser Hijacker
Short DescriptionThe software may do various dangerous or unhealthy to the PC activities.
SymptomsThe user may witness fake Update downloads as well as redirects and advertisements leading to other potentially harmful domains.
Distribution MethodBundling
Detection ToolDownload Malware Removal Tool, to See If Your System Has Been Affected by Search.So-V(dot)com
User Experience Join our forum to discuss Search.So-V(dot)com.

search.so-v-com-sensorstechoforum-main-page

Search.So-V(dot)com Browser Hijacker – How Did I Get It

There are several methods, used to distribute such software out in the open. The primary ones include bundling which is the most often used tactic to slither such programs into a PC. It is essentially the including of such suspicious ad-supported program in a setup of a free software that is often sought after and downloaded via the web. There are many websites offering to bundle any app for profit and they are the ones users should stay away from. It is strongly advisable to look for the official site of the software and always check for “free extras” in the “Advanced” and “Custom” options of your installer.

Search.So-V(dot)com – How Does It Work

After it has been situated onto your PC, the So-V browser hijacker may create different files in several locations of your Windows device:

  • %Program Files%
  • %SystemDrive%
  • %UserProfile%
  • %AppData%
  • %AllUsersProfile%
  • %System%
  • %Windir%
  • %Roaming%

This hijacker also makes several registry values and keys with custom data in them to support it’s activity and assure it goes uninterrupted. Examples of keys are the following:

“HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\Status\GPExtensions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Microsoft\Internet Explorer\Control Panel
HKEY_LOCAL_MACHINE\SYSTEM\”

Values created in those keys may exist with different purposes – to conceal the application’s processes, to make it harder to uninstall, etc. They may not be malicious but they are risky since this application may use tracking technologies to obtain user information such as:

  • IP address.
  • Location.
  • Language.
  • Browsing History.
  • Online searches.
  • Online clicks.

All of this information may be collected to display different types of advertisements to the user. Ads may include pop-ups, banners, highlighted text and ad-supported search results. When we searched for “smartphones” this browser hijacker displayed the same advertisements as another one, called Searchinworld(.)com.

Alexa has classified the world ranking of this website at pretty decent at the moment of writing this – 600,232 with most users visiting it from Brasil.

Furthermore, we have established that this site uses different types of tracking tools such as cookies, pixels, LSOs and others:

search-v-sensorstechforum-cookies

The primary reason this suspicious search engine is considered indirectly dangerous is the third-party websites it may advertise to the user. It may redirect the user or advertise websites of malicious content. There are two main types of such sites that exist at the moment:

  • Scamming sites that may extract different information from the user (ex. Tech Support scams, Phishing, etc.)
  • Malicious websites that may directly infect the user’s computer with malware.

Remove Search.So-V(dot)com Completely

In order to fully get rid of this software residing on your PC, you should focus in taking methodological steps towards swiftly erasing its files. Since it may modify the registry entries and gain permissions we recommend following the step-by-step instructions below.

Delete Search.So-V(dot)com from Windows and Your Browser

1.Remove or Uninstall Search.So-V(dot)com in Windows
2.Remove Search.So-V(dot)com from Your Browser

Remove Search.So-V(dot)com automatically by downloading an advanced anti-malware program.

1. Remove Search.So-V(dot)com with SpyHunter Anti-Malware Tool
2. Back up your data to secure it against attacks related to Search.So-V(dot)com in the future
Optional: Using Alternative Anti-Malware Tools

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.