This is a comprehensive walk-through to aid users, who are infected with SafeSear.ch, in removing this persistent malware and preventing browser redirects.
The reign of adware in the global share of malicious programs is continuing to be observed by security labs and, of course, the users of desktop PCs and laptops. These infections are highly survivable because their effect upon compromised boxes is mild enough for the regular antivirus tools to let them enter machines without being detected. Most of the potentially unwanted applications out there, as adware bugs tend to also be referred to, masquerade themselves as toolbars and other sorts of extensions that cling to the popular web browsers on the compromised system and twist certain critical settings. The PUA called SafeSear.ch, which is the subject matter of this post, focuses on disrupting one’s Internet activities by changing such important defaults as the browser homepage, error page, new tab and preferred search engine in one hit.
SafeSear.ch virus is architected to perform inconspicuous computer infiltration and distortion of the above-mentioned settings without making the user aware. Lots of people download and install freeware or shareware online, which is understandable because these things do not ask for payment and deliver some degree of functionality. When going this route, however, it’s reasonable to keep in mind that there might be a catch regarding anything that doesn’t cost a penny. In the case of this particular threat, free movie downloaders, cracked video games, uncertified Flash Player and Java updates, as well as a variety of multimedia solutions are in the potential risk group, because their install wizards could be configured to drag pieces of third-party software like the SafeSear.ch toolbar. This isn’t an illegal scheme, but information about the bundle ought to be more clearly expressed in the course of the installation so that people are more likely to take note of this and deselect the undesired items.
Assuming an unimpeded trespass by SafeSear.ch on an arbitrary machine, things start getting messed up. The adware detects the browsers installed in the system and builds its add-on into them. As a result, the victim will no longer be able to define the essential custom settings, which determine what websites are resolved at specified events. Putting two and two together, SafeSear.ch page is going to be automatically opening when IE, Chrome or Firefox gets launched, also whenever the user triggers a new tab, and in case an error page like 404 should instead be displayed. Furthermore, if a search is being made by typing keywords directly in the address bar, the results will be returned by the malicious landing page in question rather than one’s favorite search provider. Since this whole loop of redirecting won’t break on its own, adware countermeasures should be adopted for the virus to be eradicated and the right defaults restored.
SafeSear.ch virus automatic removal
All the other adware uninstall methods being worth a try, the cleanup using automatic security software guarantees a proven fix involving little user effort and a trouble-free procedure.
- Download and install the featured security tool and launch an in-depth malware checkup by clicking Start Computer Scan buttonDownload SafeSear.ch remover
- When the software returns a list of malicious and potentially unsafe items found on the PC, select Fix Threats in order to have SafeSear.ch infection uninstalled from your machine. An additional virtue of this process is the elimination of other threats that may be active in the background.
Use Control Panel to uninstall SafeSear.ch adware
- Go to Control Panel from Windows Start menu. If you are using Windows XP or Windows 8, proceed to Add or Remove Programs. If it’s Windows Vista or Windows 7, Uninstall a program is the right option to click
- Sort the list by date and carefully examine it for SafeSearch and recently added programs that appear dubious. Once spotted, select the Uninstall/Change option for this item in order to complete the removal
Reset the compromised browser to its defaults
Despite the fact that this is a fairly radical fix, resetting the affected web browser is effective. However, be advised you will lose your personalized settings such as temporary Internet files, history, cookies, saved passwords, web form data, toolbars and add-ons. So proceed with caution, and if you’re not sure – perform the cleanup using methods highlighted in the previous sections.
Reset Firefox to its original defaults
- Open Firefox, expand the Help menu on the top of the window, and in the drop-down list pick Troubleshooting Information. Alternatively, simply type in ‘about:support‘ (without quotes) in the Firefox omnibox and hit Enter.
- Troubleshooting Information will open in a separate tab. Click the Refresh Firefox button as shown. Confirm, and you’re done.
Reset Internet Explorer to its original defaults
- Launch Internet Explorer and proceed to Tools/Gear icon – Internet Options.
- Select the Advanced tab at the top and click Reset.
- When IE comes up with the respective screen, read the warning carefully and, if sure, put a checkmark for Delete personal settings. Now click Reset.
Reset Google Chrome to its default values
- Open your Chrome browser, click the Chrome menu icon to the upper right and select Settings on the list. Alternatively, type in ‘chrome://settings‘ (without quotes) in the URL field.
- Find the Show advanced settings… link on the tab that opened up.
- Under Chrome’s advanced settings, click the button that says Reset browser settings.
- Be sure to read the information about the personal settings that will be lost if the transaction gets completed. Click Reset if it’s fine with you.
Complete SafeSear.ch removal process
Given the likely persistence of this adware sample, it’s recommended to repeatedly check the machine for its components after the cleanup procedure has been performed. Rescan your system with trusted security suite to make sure SafeSear.ch virus extermination has been successful.
Download SafeSear.ch free scanner and remover
