There is a new malicious application making the rounds that hijacks victims’ browser preferences and reroutes to privatesearches.org persistently.
- What is privatesearches.org?
- Automated removal of privatesearches.org virus
- Privatesearches.org redirect removal for Android
- Restore web browser settings to their original defaults
What is privatesearches.org?
Sticking to a well-trodden scheme, threat actors continue to create shady programs that gain control of web browsers and reconfigure them to resolve unwanted sites without asking for consent. The motivation at the heart of this takeover is to serve up ads and leverage the captured Internet traffic to propel black hat SEO stratagems. This is exactly what the privatesearches.org browser hijacker is about. It replaces a victim’s customizations in Google Chrome, Mozilla Firefox, Edge, or Safari (depending on which one is used by default) with a different URL. This tweak usually applies to the homepage, new tab page, and preferred search engine settings. As a result, the user is stuck with privatesearches.org that looks much like Google, except that it’s fraudulent to the bone. The results it returns for an arbitrary query are chock-full of sponsored entries that eclipse the useful stuff, if any.
This page is recognizable by a cartoonish logo depicting an oak tree with several funny colorful acorns on it, whatever that should mean. Anyway, this is probably the only benign-looking thing in the whole plot. While mimicking a commonplace web search service, the site’s trickery goes beyond redundant advertisements. Its makers could also be in cahoots with ad delivery platforms that ignore the origin of the web traffic they receive. Such collaboration forms an extra layer of monetization for the crooks. This component of the scheme is hard to notice with the naked eye, because the in-between domains are only shown for a split second in the browser’s status bar. But, it’s a common denominator in most browser hijack schemes out there. Pair all that with a great deal of frustration on the user’s part due to annoying redirects that occur nonstop – and the attack in question appears to be a toxic mix that makes a mess of one’s web surfing and needs to be stopped without delay.
|Threat Category||Browser hijacker, redirect virus|
|Symptoms||Browser redirects, unwanted pop-up ads, fraudulent permission requests, browser slowdown|
|Distribution techniques||Malicious software bundles, ads on social networks, search engine poisoning, hacked websites|
|Damage||Intrusive ads, unauthorized changes of browsing preferences, Internet activity tracking|
|Removal||Scan your PC with Combo Cleaner for Windows to detect all files related to privatesearches.org virus. Free scan determines if your system is infected. To get rid of the threat, you need to purchase the full version of the anti-malware tool.
The privatesearches.org redirect virus is spreading through a fairly vanilla ambush where the hijacker pretends to be a harmless and useful browser add-on. At the time of writing, the main contagion is a fake Google Docs extension. The felons in charge of this scam piggyback the immense popularity of this online word processor to embrace large victim audiences. And unfortunately, their efforts have been lucrative since they managed to somehow bypass the verification barriers of official browser marketplaces and upload the bogus program there. Here is how the trickery works: an unsuspecting user finds the copycat application while believing it’s the original one, adds it to their preferred web browser, and clicks through all the permission requests without a second thought. The next thing they know, the wrong page takes over their custom settings without providing an easy way to undo things. In Chrome, this action is laced with a “Managed by your organization” notification appearing at the bottom of the settings drop-down menu.
The peculiarity of this infection vector determines the repair method. To get rid of privatesearches.org redirects, the victim has to disable and remove the rogue extension – whether it’s bogus Google Docs or whatever new booby-trapped app the crooks may tailor and promote going forward. Since the malware tends to extend its grip with additional processes and files across the plagued PC, a full-fledged system remediation requires some extra cleaning. The following steps will help you defeat the redirect baddie and revert to your normal browser customizations.
Use Combo Cleaner for Windows to remove Privatesearches.org
When faced with malware like Privatesearches.org, one of the best shortcuts in terms of removal is to use Combo Cleaner, a lightweight and incredibly effective application with PC security and optimization features under the hood. It detects and thoroughly deletes threats while giving you insights into the overall health of your computer.
This program’s protection power spans modules that forestall all known types of malware, including ransomware and browser hijackers, and take your online security to the next level by blocking phishing sites and other suspicious web pages. Follow these simple steps to eliminate the infection for good:
1. Download Combo Cleaner installer.
Combo Cleaner scans your PC with no strings attached, but you’ll have to buy its fully functional version to remove the threats it detects. The disk optimization tools that find large files and duplicates are free to use.
2. Open the CCSetup.exe file to get started. Several subsequent screens will allow you to make initial customizations so that the program works exactly as you need from the get-go.
3. The installation will be followed by an update of malware signatures. Once this process is through, click the Start Scan button in the left-hand sidebar.
4. Combo Cleaner will then check system locations that are most often polluted by Windows malware. The first scan can take a while to finish.
5. Combo Cleaner will display a system tray notification as soon as the scan is over. Click the Resolve found threats button to view the results.
6. The scan summary shows the names and types of the detected threats as well as their statuses and locations. Click the Remove all threats button and follow further on-screen prompts to get rid of these items.
Use Control Panel to get rid of privatesearches.org virus
• Open up the Control Panel from your Start menu in Windows. Depending on the OS build, select Uninstall a program (Windows 10, 7 and Vista) or Add or Remove Programs (Windows 8).
• To facilitate the process of locating the threat, sort the programs list by date to get the latest ones displayed at the very top. Find an unfamiliar, suspicious entry under the Name column, click Uninstall and follow further directions to get the removal done.
Privatesearches.org redirect removal for Android
Here’s a walkthrough to sort out the Privatesearches.org issue on an Android device, which might also be a target in this malvertising campaign. Keep in mind, though, that uninstall attempts in regular mode may be futile due to the mechanics of this persistent infection. Therefore, you need to perform the procedure in safe mode. Go ahead and do the following:
• Press and hold the Power button. Then, tap and hold the Power off option on the screen. Doing so will boot your device into safe mode.
• Android will ask you to confirm that you’d like to enter safe mode. Tap OK on the dialog.
• You will now see the Safe mode inscription at the bottom left of your screen. Go to Settings and choose Apps.
• Scroll down the list of applications, focusing on the ones that were installed recently. Find Privatesearches.org or another sketchy entry with a different name that could as well be the culprit.
• Select the misbehaving app and tap Uninstall.
• Confirm removal on the relevant dialog box and reboot your device. By default, Android will get you back into regular mode. You should now be good to go – the Privatesearches.org won’t be triggering any redirects or irritating popups anymore.
Restore web browser settings to their original defaults
In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by the Privatesearches.org .
Reset Google Chrome
• Open Chrome, expand the Customize and control Google Chrome menu and choose Settings.
• Click Advanced in the sidebar, scroll down to Reset and clean up, and select this option.
• Click Restore settings to their original defaults.
• Finally, confirm the restoration by clicking Reset settings on the warning message.
• Restart Chrome.
Reset Mozilla Firefox
• Open Firefox, type about:support in the URL area and press Enter. Alternatively, you can click on the Open menu icon in the top right-hand part of the browser window, then select the Help option and proceed to Troubleshooting Information.
• On the Troubleshooting Information screen, spot the Refresh Firefox button and click on it.
• Follow subsequent directions to reset Firefox to its original settings.
• Restart the browser.
Reset Internet Explorer
• Select Internet options under IE’s Tools (Alt+X).
• Proceed by clicking on Advanced tab, then select Reset.
• To confirm the intended changes, click Reset on the Reset Internet Explorer Settings screen after ascertaining that the Delete personal settings checkbox is enabled.
• Reboot the machine to fully implement the fix.
• Go to the Safari menu and select Preferences.
• When on the Preferences screen, select the Privacy tab and hit the Manage Website Data button.
• Click the Remove All button to purge all website data. Be advised this will log you out of online services and undo personalized web browser settings such as saved passwords, etc. If you aren’t okay with this, proceed to the next step.
• Safari also allows deleting data for specific sites rather than all sites in general. To use this option, select the unwanted site in the ‘Manage Website Data’ list and click Remove. Then, click Done.
• Click the Develop menu in the Finder bar and select Empty Caches.
• Finally, expand the History menu from the Finder bar and click Clear History.
• Make sure all history is selected on the dialog that will appear and click Clear History to get rid of cookies and other potentially unwanted data.
• Restart Safari.
Revise your security status
Post-factum assessment of the accuracy component in malware removal scenarios is a great habit that prevents the comeback of harmful code or replication of its unattended fractions. Make sure you are good to go by running an additional safety checkup.