Photo: Inside Creative House (Shutterstock)
One day, you boot up your computer to find things are not how you left them. Your search results don’t go to Google, and your homepage is a site you’ve never heard of. Perhaps it’s Privatesearches.org, or a myriad of other scam search websites trying to get you to click on ad links (or much worse). If this is happening to you, don’t worry: You’re not alone. They’re browser hijackers, a form of malware that should be taken seriously.
Browser hijackers usually find their way to your computer from a malicious app or a fake browser extension. The Privatesearches.org hijacker, for example, finds its way to a PC in the form of a fake Google Docs Chrome extension. Once you install them on your computer, and you give the extension the permission it needs, the malware goes ahead and changes the search engine, home page, start page, and more.
Here’s the good news: You can get rid of them completely, and restore your browser to how it should be.
Use Malwarebytes to scan and remove the hijacking tool
Our first job is to find where exactly the malware lives and remove it. The easiest way to do that is by using a free trial of Malwarebytes anti-malware software, which can search for and destroy browser hijackers. Install the free app, scan your computer, and follow the instructions to remove the culprit from your device.
G/O Media may get a commission
How to manually uninstall a browser-hijacking app
Sometimes, Malwarebytes might be unable to identify the malware; if that happens, you might have to do some good old-fashioned digging. To start, take a look at the page the browser re-directs you to, open Google in a new tab, and search for the page and add “malware” to the end of the search.
You are bound to find Reddit posts about the hijacker, and guides dedicated to explaining what the hijacking tool is, and how to get rid of it. Continuing with our example of Privatesearches.org, we came across this guide by PCRisk that explains what it is, and gives detailed instructions on how to get rid of the app.
Once you know the name of the app, and you know where it came from (the name of the app it was installed using is probably going to be different), you’re ready to go. Now, follow the steps below to get rid of the malware app.
On Windows, right-click the Start button, select Apps and Features. In the Settings window, search for the application you want to uninstall. Once you find it, click on the three vertical dots and select Uninstall.
On the Mac, open the Finder app, go to the Applications folder, find the app, and drag it to the Trash icon. Then, right-click the Trash icon and choose the Empty Trash option to get rid of the app completely. Alternatively, we suggest you use an app like AppCleaner to uninstall the hijacker app and all its related files (even if they are hidden in the Library folder).
Lastly, don’t forget to reset your browser to default
Now, let’s take care of things on the browser side. You can start by first removing the extension from the browser. For Chrome, click the Menu button, and go to More Tools > Extensions. Here, find the offender, and click Remove. The steps will be the same for Chromium-based browsers like Microsoft Edge and Brave.
For Firefox, go to Menu > Add-ons and themes > Extensions. Find the extension, click the three-dots, and choose Remove.
If you’re using Safari, go to Settings > Extensions, choose the extension, then click Uninstall.
Once the extension is gone, we need to take care of the default search engine, home page, and default page that opens when you first launch the browser. Again, given that you dealt with malware here, our suggestion is that you reset the browser back to its defaults, which will also reset the above settings.
In Chrome, go to Menu > Settings > Reset and confirm with Reset.
On Microsoft Edge, going to Menu > Settings > Reset Settings > Restore settings to their default values > Reset will do the trick.
Firefox users can go to Menu > Help > Troubleshooting Information > Refresh Firefox > Refresh Firefox to reset the browser.
In Safari, you only need to clear the History and related data. Go to Safari > Clear History, choose All History from the drop-down, then select Clear History.
Now that your browser is reset, we suggest you only download extensions after verifying they are from the right source (for example, that the Google Docs extension actually comes from Google, and that it’s verified).
