Table of Contents
The spotlights made in this entry are about LuckySearches, a nasty adware infection that changes browser settings without permission, and the ways to get rid of it.
When installing certain samples of free software with poor reputation, the users who accept the Terms of Service that say: “Set Luckysearches as homepage, default search and new tab on Chrome, IE and Firefox browser” will get in trouble. This is an example of an old-school malware distribution technique, which is intended to deliver potentially unsafe code to the unsuspecting user’s computer. Note the name “LuckySearches”, the app being promoted in this case – it is an adware that wipes away the user’s browser preferences when doing its job, inserting its own settings instead. In order to sneak into computers, it teams with freeware such as YourFile Downloader, the Unlocker program which allows deleting locked objects, and rogue variants of critical Java and Adobe Reader updates, thus making the installation a matter of a procedure that’s hardly noticeable to the end user. As soon as this adware manages to silently drill its way inside, weird things begin to happen.
The actual problem is the browser extension called LuckySearches SearchProtect, which all of a sudden appears on the add-ons list in Internet Explorer, Firefox and Chrome. Its primary task is to delete custom settings (the ones defined by the user) and put in its own, namely luckysearches.com. In spite of the fact that you don’t notice this happening deep down in your preferences configuration, repeating hits to the above site will be occurring as long as the adware runs on your machine. The triggers for this automatic event are as follows: opening the browser, looking for random info on the web via a search engine, and bringing up a new tab. The infection also makes changes to the browser shortcuts so that luckysearches.com still pops up even in case you delete this value from the homepage configuration. So you eventually get your browsing habits revamped by the program that ended up on your PC without authorization.
Important to know, this bug does not yield to the standard alterations of settings the manual way. In particular, the affected user can try and replace luckysearches.com with a preferred URL for, say, the new tab page, but this action won’t take effect – at least, not until the browser is launched the next time. In order to undo this adverse influence, therefore, some more complex troubleshooting needs to be leveraged.
Automatic removal of the LuckySearches adware
When it comes to handling infections like this one, using a reputable cleaning tool is the place to start. Sticking to this workflow ensures that every component of the adware gets found and eradicated from the affected computer.
1. Download and install the cleaning tool and click the Start Computer Scan button Download Lucky Searches removal tool
2. The wait is worth it. Once the scan completes, you will see a report listing all malicious or potentially unwanted objects detected on your PC. Go ahead and click the Fix Threats option in order to get Lucky Searches adware automatically uninstalled from your machine along with all of its modules. This being done, you should be good to go.
Uninstall Lucky Searches through Control Panel
- From your Windows menu, go to Control Panel. Select Add or Remove Programs (for Windows XP / Windows 8) or Uninstall a program (Windows Vista / Windows 7)
- Find Lucky Searches on the list. If it’s nowhere to be found, look for multimedia related programs (e.g. Flash Enhancer) or other odd-looking apps you remember to have installed lately. Select the suspicious one and click Uninstall/Change
Remove luckysearches.com from web browsers manually
The workflow covered below is intended to undo all changes that the Lucky Searches virus made to Chrome, Firefox and Internet Explorer. Be advised there’s some collateral inconvenience you will encounter, namely the loss of all installed add-ons and personalized information (saved passwords, cached data, bookmarks and other content).
Remove Lucky Searches in Chrome1. Uninstall the Lucky Searches extension
- Click the Chrome menu icon and select More tools > Extensions
- Find the add-on associated with Lucky Searches and click the trash bin next to the bad entry
- Go back to Chrome menu and select Settings
- Go to On startup sub-section and activate the Open a specific page or set of pages option. Also, click Set pages
- Locate the Lucky Searches entry under Startup pages and hit X button next to it
Remove Lucky Searches in Firefox1. Eliminate the respective add-on
- In Firefox, go to Tools > Add-ons
- Hit the Extensions tab and locate Lucky Searches on the list. Click Remove to get rid of it
- Click the magnifying glass icon in Firefox search box and select Change Search Settings
- Select the search engine to use by default and hit OK to save the changes
removal from Internet Explorer
- Open IE. Go to Tools > Manage Add-ons
- Select Toolbars and Extensions in the navigation pane, locate the items related to Lucky Searches, including the Lucky Searches API, right-click each one select Remove in the context menu
- Restart IE and check for symptoms of the infection. If the Lucky Searches ads are not appearing anymore, then no further action is required. If the adware is still there, proceed to the steps below
- Go to Tools > Internet Options
- Hit the Advanced tab and click Reset
- Make sure the Delete personal settings option on the Reset Internet Explorer Settings dialog is ticked and click Reset
- Restart Internet Explorer for the changes to take effect
Did the problem go away? Check and see
Computer threats like the Lucky Searches virus can be stealthier than you can imagine, skillfully obfuscating their components inside a compromised computer to evade removal. Therefore, by running an additional security scan you will dot the i’s and cross the t’s in terms of the cleanup.