Learn how to prevent web browsers on Mac from being redirected to search.anysearch.net or search.anysearchmac.com due to a persistent malware infection.
Update: December 2019
|Name||Any Search (search.anysearch.net) browser hijacker|
|Category||Mac browser hijacker, redirect virus, Mac adware|
|Related Domains||search.anysearchmac.com, anysearchmanager.com, search.anysearchmanager.com|
|Symptoms||Redirects web browser to search.anysearch.net, adds sponsored content to search results, causes system slowdown, resists regular removal|
|Distribution Techniques||Fake Adobe Flash Player update popups, freeware bundles, spam|
|Damage||Unwanted changes of custom browsing settings, privacy issues due to Internet activity tracking, search redirects, redundant ads|
|Removal||Scan your Mac with Combo Cleaner to detect all files related to the browser hijacker. Use the tool to remove the infection if found.|
The browser hijacking plague has been making itself felt in the Mac world lately like no other malware-backed campaigns. It makes users perplexed why they can no longer customize their Internet navigation and visit the pages they want instead of something imposed without even a hint of approval. Any Search, AnySearch 1.2.3 or Any Search Manager, is one of the most common junkware entities from this category wreaking havoc over the past few months. It causes Safari, Chrome and Firefox, if installed on a host computer, to resolve an unwanted web page. The landing page in this scenario can vary – some users report being rerouted to search.anysearch.net, while others keep seeing search.anysearchmac.com in their URL bar.
There are some noteworthy ties of this hijack malware with other notorious Mac threats. One of them is Safe Finder, a cradle of malicious objects that tweak people's web surfing parameters to play into its proprietors' hands. Another one is Advanced Mac Cleaner, an aggressive pseudo optimization tool for Mac that displays misleading issue detection reports in order to dupe users into purchasing its license. The connection of the latter with Any Search malware can be concluded from victims' feedback on security forums where they post logs indicating the presence of Advanced Mac Cleaner on infected systems. This isn't likely to be a coincidence – moreover, rogue optimizers and bogus antispyware programs are known to propagate alongside extra culprits like browser hijackers.
As is the case with most adware and other browser-borne baddies, the source of the AnySearch contagion mainly comes down to bundling. It designates a practice of cross-promoting opportunistic malicious code as part of an installation client for some regular benign software. The pest in question typically makes the rounds by dint of booby-trapped Flash Player installs hosted on uncertified websites. This fact additionally emphasizes the importance of using official application portals when downloading and installing programs.
When the Any Search virus infiltrates a Mac this way, it has sufficient privileges to make system-level changes on the machine. That’s because the tricky setup client includes a one-for-all agreement option, where the would-be victim opts into the terms of the good software while also unknowingly accepting those for the bad company. Consequently, Any Search uses its permissions to mutilate web browser settings. The affected values include the homepage, preferred search engine and new tab page. All of these start defaulting to search.anysearch.net or search.anysearchmac.com – obviously, without the victim’s consent. This perpetrating code is cross-browser, so it will hit all web browsers running on the host.
The Any Search adware attack is also a privacy issue, although this hallmark isn’t as conspicuous as the browser disruption impact. A bit of scrutiny unearths the following: every time a redirect occurs, the victim’s traffic arrives at Yahoo – which doesn’t seem to be the worst imaginable outcome, given the legit essence of the landing page. However, the search results aren’t returned in their pure form. Instead, there will be a number of ads above the fold, and this sponsored information appears to accurately reflect the victim’s interests based on their recent Internet activity. It means that the underlying Any Search Manager extension tracks the infected user’s browsing history and search terms in order to serve targeted advertisements. Obviously, this fingerprintable data is abused by the rogue operators of this campaign, and it can as well be sold to marketing entities that don’t mind playing dirty.
Ultimately, everyone who encounters the Any Search virus ends up looking for a way to get rid of it. This task isn’t as trivial as removal of the average Mac app. The entirety of information regarding Any Search uninstall techniques is provided in the following sections of this post. Be sure to use these steps for a thoroughgoing cleanup process.
Any Search virus manual removal for Mac
The steps listed below will walk you through the removal of this malicious application. Be sure to follow the instructions in the order specified.
• Open up the Utilities folder as shown below
• Locate the Activity Monitor icon on the screen and double-click on it
• Under Activity Monitor, the entry for Any Search/AnySearch 1.2.3, select it and click Quit Process
• A dialog should pop up, asking if you are sure you would like to quit the troublemaking process. Select the Force Quit option
• Click the Go button again, but this time select Applications on the list. Find the entry for Any Search or AnySearch 1.2.3 on the interface, right-click on it and select Move to Trash. If user password is required, go ahead and enter it
• Now go to Apple Menu and pick the System Preferences option
• Select Accounts and click the Login Items button. The system will come up with the list of the items that launch when the computer is started up. Locate Any Search there and click on the “-“ button
Get rid of search.anysearch.net redirects in web browser
To begin with, settings for the web browser that got hit by this virus should be restored to their default values. The overview of steps for this procedure is as follows:
How to get rid of Any Search virus in Safari
- Open the browser and go to Safari menu. Select Preferences in the drop-down list
- Once the Preferences screen appears, hit the Privacy tab at the top. Find the option that says Remove All Website Data and click on it
- The system will display a confirmation dialog that also includes a brief description of what the reset does. Specifically, you may be logged out of some services and encounter other changes of website behavior after the procedure. If you’re okay with that, go ahead and click the Remove Now button
- In order to selectively clear data generated by certain websites only, not all of them, hit the Details button under the Privacy section of Safari Preferences
- This feature will list all websites that have stored potentially sensitive data, including cache and cookies. Select the one, or ones, that might be causing trouble and click the appropriate button at the bottom (Remove or Remove All). Click the Done button to exit.
How do I remove Any Search malware in Chrome
- Open Chrome, click the More (⁝) icon in the top right-hand part of the window, and select Settings in the drop-down
- When on the Settings pane, select Advanced
- Scroll down to the Reset settings section. Under the Restore settings to their original defaults option, click the Reset settings button
- Confirm the Chrome reset on a dialog that will pop up. When the procedure is completed, relaunch the browser and check it for malware activity.
How do I remove AnySearch adware from Mozilla Firefox
- Open Firefox and select Help – Troubleshooting Information
- On the page that opened, click the Reset Firefox button
Get rid of Any Search virus using Combo Cleaner automatic removal tool
The Mac maintenance and security app called Combo Cleaner is a one-stop tool to detect and remove Any Search virus virus. This technique has substantial benefits over manual cleanup, because the utility gets hourly virus definition updates and can accurately spot even the newest Mac infections.
Furthermore, the automatic solution will find the core files of the malware deep down the system structure, which might otherwise be a challenge to locate. Here’s a walkthrough to sort out the Any Search virus issue using Combo Cleaner:
- Download Combo Cleaner installer . When done, double-click the combocleaner.dmg file and follow the prompts to install the tool onto your Mac.
- Open the app from your Launchpad and let it run the update of malware signature database to make sure it can identify the latest threats.
- Click the Start Combo Scan button to check your Mac for malicious activity as well as performance issues.
- Examine the scan results. If the report says “No Threats”, then you are on the right track with the manual cleaning and can safely proceed to tidy up the web browser that may continue to act up due to the after-effects of the malware attack (see instructions above).
- In case Combo Cleaner has detected malicious code, click the Remove Selected Items button and have the utility remove Any Search virus threat along with any other viruses, PUPs (potentially unwanted programs), or junk files that don’t belong on your Mac.
- Once you have made doubly sure that the malicious app is uninstalled, the browser-level troubleshooting might still be on your to-do list. If your preferred browser is affected, resort to the previous section of this tutorial to revert to hassle-free web surfing.
How do I remove browser hijacker Mac? Despite the fact that the impact of such an infection seems to be isolated to a web browser on Mac, the removal procedure spans more than browser troubleshooting alone. This is because a hijacker is, essentially, an app and therefore it leaves an additional footprint in a host system. Its components can be typically found in the Login Items, Applications, LaunchAgents, LaunchDaemons, and Application Support directories. Consequently, a cleanup done right is a matter of deleting the browser hijacker’s files from all of these paths prior to tidying up Safari or other affected web surfing software on your Mac. Given the extraordinary obstinacy of many present-day threats from this category, an effective manual fix may involve resetting the malware-riddled browser rather than simply disabling and trashing the misbehaving extension. The apparent flip side of this repair vector is that all personalized settings will be lost, so you will need to re-enter passwords for your online accounts and go through other types of customization from scratch. Under the circumstances, it may be a good idea to use an automatic utility that can detect every fragment of the malicious code and wipe it so that you don’t have to do all the tedious reconfiguration work yourself.
Any Search is a controversial service that purports to enhance a Mac user’s web surfing experience but operates in an extremely intrusive way, replacing the online preferences with a rogue site without proper authorization. Its unethical marketing revolves around a feature that allegedly enables you to run Internet searches right from your desktop while easily choosing the desired provider from a list built into its widget. However, this perk turns out to be a red herring that veils a number of malicious characteristics.
The infection propagates as an application called Any Search Manager. It usually comes as part of freeware bundles that hide their full composition under the hood of the express, or recommended, installation option. The most frequently reported vector involves fake Adobe Flash Player updates promoted by means of popup alerts on malicious websites. The booby-trapped update pushes the threat surreptitiously.
When inside a Mac, the app installs an extension on your default browser. Since it supports Safari, Chrome, and Firefox to the same extent, the potential audience of victims is cranked up to the maximum. The extension alters the main custom browsing settings without the admin’s consent. The most evident symptom of this attack is the redirect activity making the victim visit search.anysearch.net or search.anysearchmac.com recurrently. The traffic is then forwarded to search.yahoo.com, passing through advertising networks on its way.
In summary, Any Search is a browser hijacker targeting Macs. It mutilates the victims’ web navigation by forcing hits to a worthless imitation of a search engine. To top it off, this pest is difficult to remove due to its in-depth system footprint.
Unlike a regular Mac application, Any Search gains a foothold in the host by leveraging a peculiar persistence technique that the average user won’t notice unless they delve into system settings. Originally employed by an adware family dubbed Crossrider, this mechanism relies on a malicious configuration profile. This is an entity allowing a user to define certain managed preferences that influence the system’s behavior in many different ways. The feature is a popular instrument in the toolkit of enterprise network admins who utilize it to restrict or supervise specific facets of Mac usage.
The operators of Any Search virus mishandle this functionality in their very own way. Once the perpetrating application is in, it creates a new profile named AdminPrefs or similar without the user’s knowledge and approval. Not only does this tactic prevent the victim from setting the correct browser settings, but it also causes a comeback of the threat in case it’s uninstalled.
Therefore, to eradicate the malicious program for good you need to open System Preferences from the Finder menu, click the Profiles icon, and spot the harmful configuration profile there. Then, select the baddie and click the “minus” button at the bottom of the window. Once you do it, you can get down to removing the other components of Any Search Manager app and the unwanted browser extension.