Maxwebsearch is a bogus search engine which hijacks Firefox, Chrome and
Internet Explorer and drives users to http://www.Maxwebsearch.com. This
webpage pretends to be a better system which provides you most relevant
information on the Internet but in fact it delivers Spam content. The
malware will change default browser settings. It takes place of Google
in DNS, so when ever you search using Google, you will be redirected to
Maxwebsearch engine which shows advertisements to the users as you can
see in the snapshot below. These are third-party paid ads that will earn
cash for the person behind this virus if a user clicks them. And this
is why Maxwebsearch redirect virus hijacks your browser, so it could
attarct more people and increase its earnings through advertisements.
But thats not all, this application also collects your personal
information for hackers, therefor it should be removed immediately.
Please note: Manual removal may cause damages to your system if you do any mistake. Use this method only if you understand what you are about to do.
First of all, Uninstall the program. (Skip to the next step if the application is not listed in Control Panel).
“Start > Settings > Control Panel. Now Locate and open “Add or Remove Programs” or “PROGRAMS AND FEATURES”. Find “MaxWebSearch”. Now click Uninstall/Remove.
Now remove the program from Browser.
Internet Explorer users:
Click “Tools” (if on Internet Explorer 9, click gear icon), Then “Manage Add-ons”. Look for MaxWebSearch. Disable if found any.
Block pop-ups
To stop pop-ups from malware,
Click on TOOLS > POP-UP BLOCKER, then click TURN ON POP-UP BLOCKER. and then go to POP-UP BLOCKER SETTINGS. (Type any website you wish to block popups from)
Firefox users:
Go to “Tools” (at the top), > “Add-ons” > “Extensions” and disable “MaxWebSearch”
Chrome Users:
Click “Tools/Settings” (Wrench incon), > “Add-ons” > “Extensions” and disable any file associate with malware.
Open Task Manager to stop processes.
Remove associated registry settings:
HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook
HKEY_LOCAL_MACHINE\software\classes\urlsearchhook.toolbarurlsearchhook
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions,
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “.exe”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnonBadCertRecving” = ’0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop “NoChangingWallPaper” = ’1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments “SaveZoneInformation” = ’1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = ’1
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = ‘no’
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main “Use FormSuggest” = ‘yes’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced “ShowSuperHidden” = 0
Delete MaxWebSearch infected files:
%Profile%\Local Settings\Temp\
%ProgramFiles%\
%UserProfile%\
Disadvantages and risks of having MaxWebSearch:
- It may change & corrupt default settings of browsers like Firefox, Chrome or Internet explorer
- Changes home page and displays unwanted pop-ups advertisements
- Causes frequent web redirects to wrong websites, hijacks search engine settings and leads to unexpected webpages
- Keeps record of browsing activities and interests
- Collects Personal user information which may include sensitive financial data such as logins, usernames, accounts
- It may bring further infections are direct the user to infectious sites
- Makes the browser run slow, uses a big part of system resources
Please note: Manual removal may cause damages to your system if you do any mistake. Use this method only if you understand what you are about to do.
First of all, Uninstall the program. (Skip to the next step if the application is not listed in Control Panel).
“Start > Settings > Control Panel. Now Locate and open “Add or Remove Programs” or “PROGRAMS AND FEATURES”. Find “MaxWebSearch”. Now click Uninstall/Remove.
Now remove the program from Browser.
Internet Explorer users:
Click “Tools” (if on Internet Explorer 9, click gear icon), Then “Manage Add-ons”. Look for MaxWebSearch. Disable if found any.
Block pop-ups
To stop pop-ups from malware,
Click on TOOLS > POP-UP BLOCKER, then click TURN ON POP-UP BLOCKER. and then go to POP-UP BLOCKER SETTINGS. (Type any website you wish to block popups from)
Firefox users:
Go to “Tools” (at the top), > “Add-ons” > “Extensions” and disable “MaxWebSearch”
Chrome Users:
Click “Tools/Settings” (Wrench incon), > “Add-ons” > “Extensions” and disable any file associate with malware.
Still Spyware MaxWebSearch lurking in the system? Remove manually
Stop processes of this malware:Open Task Manager to stop processes.
Remove associated registry settings:
HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook
HKEY_LOCAL_MACHINE\software\classes\urlsearchhook.toolbarurlsearchhook
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions,
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “.exe”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnonBadCertRecving” = ’0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop “NoChangingWallPaper” = ’1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments “SaveZoneInformation” = ’1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = ’1
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = ‘no’
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main “Use FormSuggest” = ‘yes’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced “ShowSuperHidden” = 0
Delete MaxWebSearch infected files:
%Profile%\Local Settings\Temp\
%ProgramFiles%\
%UserProfile%\
No comments:
Post a Comment