Search This Blog

Monday, March 18, 2013

How to remove searcheh.com redirect (browser hijacker)

Searcheh.com is a form of a browser-hijacking application that can easily penetrate into your system. Yet, there are cases when this malware may come into computer with user’s participation. This often occurs when you download and install some freeware. The installer of this free program may be bundled with the installer of searcheh.com, and your failure to untick the box during the installation procedure results in integration of this redirecting app into your browser. It is surely worth mentioning that the majority of today’s browsers may become hijacked by this PUP (potentially unwanted program), including Opera, Google Chrome, Mozilla Firefox and Internet Explorer, of course. Finding the answer on how to uninstall searcheh.com redirecting malware from your computer is the subject of our today’s discussion.

There are many negative side effects associated with the presence of searcheh.com in your browser. First, this is the issue of user being permanently annoyed whilst the search is redirected through searcheh.com. This site becomes the start page of your browser (whatever one you use), and so this means that whatever you search for over the Internet will be redirected via this page. Yet, the very redirecting site promises to substantially enhance your browsing and search experience. According to our analysis, things turn out to be quite opposite. Instead of improving the search expectations and the results, this search bar simply does the role of some advertising platform. Various goods and services are promoted via it on the paid basis in the window that comes up together with the search results, which often don’t even match the initial search queries. Plus, searcheh.com may redirect your browser to other malicious sites that may bring serious malware into your system.

To sum up the above-mentioned information, we don’t think that searcheh.com is a good platform to search through. We believe it should be immediately deleted (uninstalled) from your system. However, uninstall isn’t probably a good word in this case, because in many cases this hijacker doesn’t have uninstaller and you cannot get rid of it through the Control Panel in the section where you generally uninstall applications you no longer want to use. Plus, in the majority of the cases searcheh.com is installed onto computer illegally, without even your consent or permission. Hence, if you’re being permanently annoyed by this tool that attacked your browser, please follow the removal guidelines below that will help you get rid of it effectively.

Browser redirection removal milestones:

  • Check the Local Area Network (LAN) settings of your system
  • Check whether DNS settings have been changed by Redirect Virus
  • Check your Windows HOSTS file contents
  • Check Internet Explorer add-ons. Get rid of unknown or suspicious add-ons contained there
  • Use Kaspersky TDSSKiller (TDSS Killer) application to get rid of malware belonging to the clan of Rootkit.Win32.TDSS
  • Scan your system with decent anti-virus program and malware killer
  • Consider using CCleaner to delete unwanted system/temp files and browser cache
  • The last but not the least, reset your Router back to the factory default settings
  1. Check the Local Area Network (LAN) settings of your system
    2. a) Open Internet Explorer. In Internet Explorer go to: Tools->Internet Options.

    Windows XP Example:

    Windows Vista / Windows 7 Example:

    b) Click on “Connections” tab, then click “LAN settings” button.
    c) Uncheck (untick) the checkbox under “Proxy server” option and hit OK.
  2. Check whether DNS settings have been changed by Redirect Virus:
    3. a) Open Control Panel (Start->Control Panel).
    b) Double-click “Network Connections” icon to open it.
    c) Right-click on “Local Area Connection” icon and select “Properties”.

    d) Select “Internet Protocol (TCP/IP)” and click “Properties” button.
    e) Choose “Obtain DNS server address automatically” and click OK.
  3. Check your Windows HOSTS file contents
    4. a) Go to: C:\WINDOWS\system32\drivers\etc.
    b) Double-click “hosts” file to open it. Choose to open with Notepad.

    c) The “hosts” file should look the same as in the image below. There should be only one line: 127.0.0.1 localhost in Windows XP and 127.0.0.1 localhost ::1 in Windows Vista. If there are more, then remove them and save changes. Read more about Windows Hosts file here: http://support.microsoft.com/kb/972034
  4. Check Internet Explorer add-ons. Get rid of unknown or suspicious add-ons contained there

    5. a) Open Internet Explorer. In Internet Explorer go to: Tools->Manage Add-ons.

    b) Uninstall unknown or suspicious Toolbars or Search Providers.
  5. Use Kaspersky TDSSKiller (TDSS Killer) application to get rid of malware belonging to the clan of Rootkit.Win32.TDSS
    6. a) Download the file TDSSKiller.zip and extract it into a folder
    b) Execute the file TDSSKiller.exe.
    c) Wait for the scan and disinfection process to be over. Close all programs and press “Y” key to restart your computer.

    More detailed TDSSKiller tutorial: http://support.kaspersky.com/viruses/solutions?qid=208280684

  6. Scan your system with decent anti-virus program and malware killer
  7. Consider using CCleaner to delete unwanted system/temp files and browser cache
    8. CCleaner is a freeware system optimization. It’s not a malware removal tool. However, it’s always a good idea to get rid of unnecessary internet/system files or corrupter Windows registry values that may cause various problems to your computer. Download CCleaner free application.
  8. The last but not the least, reset your Router back to the factory default settings

    9. Keep in mind that this step is optional and should be completed only if you have followed all the above recommendations and you still have the redirect virus on your computer. First of all, please follow this guide: How to Reset a Router Back to the Factory Default Settings. Then you should flush DNS cache: a)Go to Start->Run (or WinKey+R) and type in "cmd" without quotation marks.


    b) In a new window please type "ipconfig /flushdns" without quotation marks and press Enter.

Please do not hesitate to contact us at any time if you require any help on our part of if you experience any difficulties. We hope that this information has been helpful to you and remain

Yours faithfully,
Virus Removal Videos Blog

Posted by Andrew McPherson at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)