My browser was hijacked by Search.Whitesmoke.com and I really need to remove it. It also gave me white smoke toolbar. I have tried everything I can to get rid of it but it didn’t help at all. I uninstalled IE and firefox, then reinstalled, didn’t help. Scanned with malwarebytes, nothing showed, uninstalled, same thing, I installed google chrome, same thing. I searched on internet, found lots of others with same problem, so many suggestions and antivirus suggestions, many very complicated and involved with many warnings about messing with registry files etc. I need to know the name of the file to remove…and where/how!!! Any/ALL internet inquiries for assistance are….being redirected/hijacked. HELP.
Search.Whitesmoke.com is a browser hijacker that can be added to Firefox, Chrome and Internet Explorer browsers while users are downloading other programs such as PDF creators, video recording/streaming or download-managers from the Internet. This website presents itself as a phony search engine and it is designed to redirect web users and show them spam search results. Also it can add white smoke toolbar on your machine along with other similar useless toolbars without your permission. Once it is loaded, it performs tons of malicious activities on your machine especially for interrupting your browsing sessions. The homepage of your browser will be changed to Search.Whitesmoke.com without any permission. And the worse is you will not be able to reset it back. It displays crazy and annoying pop-up windows to take over your computer screen.
The purpose of Search.Whitesmoke.com virus is to advertise some websites and boost their page ranking. It is very annoying if you keep being redirected to Search.Whitesmoke.com whenever you go to Internet. Although it seems to be a reliable search results, if you have a closer look, you will notice that on top of its results it shows a list with sponsored links. This is due to the fact that WhiteSmoke works together with third-party web sites. And it also displays various advertisements below the bogus search box. Using WhiteSmoke search engine is not a wise choice, even if it can show you something useful but some of pages from the search results are with an unclear reputation because this search provider cannot check the reliability of all the sites to which it takes its users. This hijacker degrades overall web browser stability and performance so that it may take forever to load up a web page or your browser keeps freezing. Therefore, you should get Search.Whitesmoke.com popup removed once detected to make sure your PC is secure enough.
It belongs to browser hijacker virus which can totally mess up your browser setting.
It changes your default DNS configuration and blocks you accessing your favorite sites.
It may install some malware in your computer to make bad influence without your consent.
It degenerates your computer performance gradually.
Search.Whitesmoke.com hijacks your browser to redirect your web search results and changes the homepage and browser settings. To completely uninstall it from an infected system, manual removal is the first choice because sometimes antivirus software cannot pick up the exact computer threat timely or remove it permanently. Users can follow the manual guide here to have this virus removed instantly.
1. Clear all the cookies of your affected browsers.
Click on the “Tools” menu and select “Options”.
Click the “Under the Bonnet” tab, locate the “Privacy” section and click the “Clear browsing data” button.
Select “Delete cookies and other site data” to delete all cookies from the list.
Open Internet explorer window
Click the “Tools” button
Point to “safety” and then click “delete browsing history”
Tick the “cookies” box, then click “delete”
Click on Tools, then Options, select Privacy
Click “Remove individual cookies”
In the Cookies panel, click on “Show Cookies”
To remove a single cookie click on the entry in the list and click on the “Remove Cookie button”
To remove all cookies click on the “Remove All Cookies button”
2. End the malicious process from Task Manager.
Once Search.Whitesmoke.com redirect is installed, computer user may notice that CPU usage randomly jumps to 100 percent, slowing down the computer. If your system’s CPU spike is constant, users should check from Task Manager and see if there is a suspicious process occupying the system resources and then end it immediately.
(The name of the virus process can be random.)
Press Ctrl+Shift+Esc at the same time and it will open up task manager directly. Then change to “Processes” tab.
3. Show hidden files and folders.
Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
Click the View tab.
Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.
4. Remove all the malicious files related to Search.Whitesmoke.com hijacker manually.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\*.exe
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings “ProxyEnable” = “1″
Search.Whitesmoke.com is affiliated with browser hijacker which can replace your homepage and default search engine to its bogus search page and bring some more inconveniences to computer users. The hijacker takes control of the browser and forces users into visiting annoying webpages or bogus search pages when clicking on links in major search engine links. Users attacked by it start finding themselves redirected to malicious Search.Whitesmoke.com website which presents as a fake search engine. It will hijack web browsers such as Safari, IE, FireFox, Chrome, modify the DNS and redirect search results in Google, Yahoo and Bing to a multiple undesirable websites. In a word, this threat can prevent you from going to the website you really want and it harms your computer if you leave it inside the PC for a long time. You had better get rid of Search.Whitesmoke.com hijacker once it is detected.
Published by & last updated on November 14, 2013 2:01 am