Search-alpha.com redirects are caused by a browser hijacker
Contents
Search-alpha.com is a fake search engine that causes redirects to search results provided by other engines. Search Alpha is a variant of Search Marquis, a highly widespread browser hijacker. This search engine might start causing redirects in your browser after installation of a potentially unwanted program (PUP) that changes browser’s settings. Such apps might alter your browser’s homepage, new tab page, and default search engine to search-alpha.com.
This rogue website appears as a simple search engine. However, once user enters a search query and hits Search, the website triggers several unwanted redirects before landing the user on bing.com, ask.com, nearbyme.io or other search engine results. The list of websites that this browser hijacker redirected us to before showing search results is shown below.
- search-location.com;
- api.lisumanagerine.club;
- greatsearch.xyz;
- m.nearbyme.io.
How this suspicious search engine operates
Search-alpha.com redirects user to a number of websites prior to showing search results in order to increase visitor rate to suspicious websites and also collect users’ search queries. Such unwanted browser hijackers can also use these hard-to-notice redirects in order to hit ad networks and generate revenue.
Another issue with browser hijackers that promote rogue search engines is that they usually cause risk for user’s privacy as they tend to collect IP address, browsing history, search queries, and other information.
Sometimes, untrustworthy PUPs can also display ads that may redirect user to suspicious websites once clicked. If you ever encounter pop-ups suggesting you to install some applications or browser add-ons while using this fake search engine, refuse to do so. Otherwise, you may end up installing some suspicious programs such as adware or more browser hijackers.
In general, cybersecurity experts advise staying away from fake search engines that trigger numerous redirects. It is advisable to trust legitimate and trustworthy search engines such as Google, Yahoo, Bing, or DuckDuckGo.
If you want to remove search-alpha.com from your browser, we have provided a free guide below this article. You can either try to remove it manually or automatically – the latter is quicker and more recommended option. For Mac users, we recommend using INTEGO for removing Mac threats.
Threat Summary
| Name | Search-alpha.com redirect |
| Type | Mac browser hijacker, potentially unwanted program (PUP) |
| Related PUPs | Searchmarquis.com redirect |
| Related domains | api.lisumanagerine.club; nearbyme.io; searchmarquis.com; greatsearch.xyz |
| Symptoms | The hijacker takes over the most used browser on the computer and alters its settings; The affected parameters are new tab URL, homepage, and the primary search engine |
| Distribution | Users usually install it via fake Adobe Flash update pop-ups, or rogue freeware bundles promoted online |
| Damage | It can significantly affect browser performance, cause privacy issues, annoying redirects, prevent user from changing browser’s homepage, new tab page or default search settings |
| Removal | The most convenient way to get rid of Search Marquis is running a scan with INTEGO. |
Intego Mac Premium Bundle X9
Robust Mac-Oriented Protection and Security.
Protect your Mac with a complete suite that includes powerful antivirus, network protection, cleaner, parental control and backup software.
What is the purpose of browser hijackers?
Browser hijackers are generally considered potentially unwanted programs and are often installed without user’s knowledge. Often times, they are included in various freeware installers. The aim of most browser hijackers is to modify browser’s settings to set a specific search engine or a website as a default homepage, new tab page, or assigned default search engine.
In addition, depending on the browser hijacker, it can also modify web browser shortcut settings to launch a specific website or even add rogue profiles in system settings. In most cases, browser hijackers make it hard for a computer user to remove it.
The reason why browser hijackers promote specific search engines is that they seek to increase visitor amount to them and cause intermediate redirects that may be configured to hit ad networks, third-party websites and other rogue search engines. These redirects are usually used to collect search queries and also generate revenue.
How to avoid installation of browser hijackers and other PUPs?
In order to avoid installing persistent Mac threats like Search-Alpha.com redirect virus, computer users should get to know main tricks used by potentially unwanted software distributors. Here is a list of methods used by them to spread this annoyance. We have also added tips on how to avoid getting your Mac infected.
- Software bundling. Operators of such untrustworthy freeware tend to promote their software via third-party installers. Sadly, the statements informing the user about the added extras aren’t noticeable enough, as they’re often hidden behind Custom or Advanced installation modes. In addition, most users tend to just agree with everything and click Next in order to complete the installation process. Therefore, even if there are evident suggestions to install additional software/tools, the user might overlook them.
- Rogue websites. Computer users should be very careful while browsing the Internet, and avoid websites that offer premium content for free. This includes copyrighted material such as movies, games, mods/skins or software. Such untrustworthy websites can push unwanted software using a variety of methods, including software bundling, aggressive pop-up ads, offers to install software updates, etc. Sometimes, such websites even ask to install “recommended” software before the user can access the requested file.
- Fake Flash Player or Java installers. Be careful not to click on fake Flash Player or Java ads online that can provide you with unwanted additions such as browser extensions or even spyware/malware. Instead, you can update these apps from Control Panel directly. To install them, you may want to visit the official websites of these tools.
- Phishing emails. Often times, unwanted software is distributed via phishing emails. Such emails usually attempt to trick the user into clicking on a provided URL or a attached file. Doing so can lead to an installation of an unwanted tool/extension/software.
In addition to recommendations provided earlier, we also recommend protecting your Mac with an up-to-date antivirus solution. Our top pick at the moment is INTEGO.
Remove Search-Alpha.com redirect for good
If you’ve decided to remove search-alpha.com redirect virus for good, use the instructions provided below. Make sure to follow the steps attentively and eliminate all traces of this unwanted browser hijacker.
However, if you want to initiate an automatic Search Alpha hijacker removal, consider using an antivirus for Mac like INTEGO.
OUR GEEKS RECOMMEND
Keep your Mac virus-free with INTEGO, an exceptional antivirus with an option to scan other iOS devices. The VirusBarrier X9 offers 24/7 real-time protection against Mac and Windows malware, includes intelligent firewall (NetBarrier X9) for protecting your incoming/outgoing connections at home, work or public hotspots and more.
INTEGO antivirus is one of the leading security products for Mac that includes VirusBarrier X9 and NetBarrier X9 features allowing detection of viruses, ransomware, adware, browser hijackers, Trojans, backdoors and other threats and blocks suspicious network connections. If any detections are found, the software will eliminate them. Learn more about the software's features in its full review.
GeeksAdvice.com editors select recommended products based on their effectiveness. We may earn a commission from affiliate links, at no additional cost to you. Learn more.
Search-alpha.com redirect Removal Tutorial
Use the following guidelines to get rid of Search-alpha.com redirect on Mac. You will need to eliminate suspicious components from several system folders, move unwanted applications to Trash, delete shady profiles and login items created by the potentially unwanted program. Once you complete these steps, follow the instructions how to clean each affected web browser individually.
Eliminate components of unwanted program from Mac system folders
- Click Go in the Mac's Finder toolbar and select Utilities.
- Here, double-click Activity Monitor app.
- In Activity Monitor, you will need to identify suspicious and resource-consuming apps, select them and click the X (Stop) button in the upper left corner of the window. Our suggestion is to search for Mac Security Plus, Spaces, BeAware, ScreenCapture or ScreenSaver apps and similar ones.
- After clicking the Stop button for an app, you will see a prompt asking do you really want to quit this process. Click Force Quit to continue.
- Now, click the Go button in Mac's Finder toolbar and select Go to Folder...
- Here, enter /Library/LaunchAgents and click Go.
- Look through the opened folder for suspicious components that possibly belong to the Search-alpha.com redirect. Our recommendation is to look for unrecognized and recently added files. Then, move them to Trash/Bin.However, malware names hardly ever signal that they are somehow malicious, so you might want to check some questionable names online. For instance, examples of Mac malware related files include com.DataSearch.plist, com.ExpertModuleSearchP.plist, com.pcv.hlpramc.plist, com.updater.mcy.plist, com.avickUpd.plist, com.msp.agent.plist and similar.
- Using the Go to Folder feature, navigate to a location called ~/Library/Application Support. You can simply copy and paste this path to the go to Folder window and click Go.
- Here, identify suspicious folders and move them to Trash. Again, you need to use your common sense and look for recently added programs that aren't related to Mac OS or apps you installed willingly. Examples of unwanted folders include SystemSpecial, IdeaShared, ProgressMatch and DataSearch.
- Use Go to Folder feature once more to navigate to ~/Library/LaunchAgents.
- Here, identify suspicious components and move them to Trash.
- Now, navigate to /Library/LaunchDaemons and eliminate strange or suspicious-looking components possibly related to Search-alpha.com redirect. Known examples of Mac-related malware store com.pplauncher.plist, com.ExpertModuleSearchDaemon.plist, com.DataSearchP.plist, com.startup.plist and similarly named files here.
However, malware names hardly ever signal that they are somehow malicious, so you might want to check some questionable names online. For instance, examples of Mac malware related files include com.DataSearch.plist, com.ExpertModuleSearchP.plist, com.pcv.hlpramc.plist, com.updater.mcy.plist, com.avickUpd.plist, com.msp.agent.plist and similar.
Move unwanted applications to Trash
- Click on Finder.
- Go to Applications folder.
- Look for suspicious applications you can't remember installing. Right-click them and select Move to Trash.
- After moving all suspicious apps to Trash, right-click the Trash bin in Mac's Dock and select Empty Trash.
Remove unwanted startup applications on Mac
- Click on the Apple logo in the upper left corner and open System Preferences.
- In System Preferences, go to Users & Groups.
- Open Login items tab and look for suspicious applications that start during the Mac startup. Select unwanted app and click on minus (-) button to remove it from the list.
Delete malicious configuration profiles
- Go back by clicking < or close the window and reopen System Preferences via Mac toolbar. Go to Profiles.
- In Profiles, inspect entries on the left pane. Look for suspicious configuration profiles hijacking your browsers' settings and click the minus (-) button to remove them. Examples of known malicious profiles include Chrome Settings, AdminPrefs, Safari Settings, MainSearchPlatform, TechSignalSearch, TechLetterSearch and similar. In example below, the profile includes a suspicious link, although it can contain a function to force browser changes when user tries to revert them.
Remove Search-alpha.com redirect from Safari
Uninstall suspicious Safari extensions
- Open Safari and click on Safari button in the top left corner. Select Preferences in the menu that appears on the screen.
- Now, go to Extensions tab. Look at the left to see all installed extensions, click on suspicious ones and hit that Uninstall button as shown in the picture. Confirm your choice by clicking Uninstall again. Repeat until you get rid of all unwanted extensions.
Change Safari Homepage and default search engine
- In Preferences, open the General tab. Here, check what URL is set as your homepage. Delete it and type in whatever URL you want to set as your Safari Start Page.
- Next, go to the Search tab. Here, choose what Search engine you want to set as default.
- Next, click on Manage websites... then Remove all... and then Done.
Remove push notifications on Safari
Some suspicious websites can try to corrupt your Safari by asking to enable push notifications. If you have accidentally agreed, your browser will be flooded with various intrusive advertisements and pop-ups. You can get rid of them by following this quick guide:
- Open Safari and click on Safari button in the top-left corner of the screen to select Preferences;
- Go to Websites tab and navigate to Notifications on the left side toolbar.
Reset Safari
- Click on Safari > Clear History...
- Then choose to clear All history and hit Clear History button to confirm.
- Go to Safari > Preferences and then open Privacy tab.
- Click Manage Website Data... then Remove All. To finish, click Done.
- Finally, clear Safari cache. In Safari Menu, click Develop > Clear Cache.
Remove Search-alpha.com redirect from Google Chrome
Remove suspicious Chrome extensions
- Open Chrome and type chrome://extensions into address bar and press Enter.
- Here, look for suspicious extensions, and Remove them.
- Don't forget to confirm by pressing Remove in the confirmation pop-up.
Change Start Page settings
- In Chrome address bar, type chrome://settings and press Enter.
- Scroll down to the On startup section. Check for suspicious extensions controlling these settings, and Disable them.
- Additionally, you can set browser to Open a specific page or set of pages via these settings. Simply choose this option, click Add a new page, enter your preferred URL (f.e. www.google.com) and press Add.
Change default search settings
- In Chrome URL bar, type chrome://settings/searchEngines and press Enter. Make sure you type searchEngines, not searchengines. Additionally, you can go to chrome://settings and find Manage search engines option.
- First, look at the list of search engines and find the one you want to set as default. Click the three dots next to it and select Make Default.
- Finally, look through the list and eliminate suspicious entries. Right-click the three dots and select Remove from the list.
Remove push notifications from Chrome
If you want to get rid of the annoying ads and so-called push-notifications viruses, you must identify their components and clean your browser. You can easily remove ads from Chrome by following these steps:
- In Google Chrome, press on Menu (upward arrow) in the top-right corner of the window.
- Select Settings.
- Go to Privacy and Security > Site Settings.
- Open Notifications.
- Here, go to the Allow list and identify suspicious URLs. You can either Block or Remove by pressing on the three vertical dots on the right side of the URL. However, we suggest the Block option, so the site won't ask you to enable the notifications if you ever visit it again.
Reset Google Chrome browser
- The final option is to reset Google Chrome. Type chrome://settings in the URL bar, press Enter and then scroll down until you see Advanced option. Click it and scroll to the bottom of the settings.
- Click Restore settings to their original defaults.
- Click Restore settings to confirm.
Remove Search-alpha.com redirect from Mozilla Firefox
Remove unwanted add-ons from Firefox
- Open Firefox and type about:addons in the URL bar. Press Enter.
- Now, click on Extensions (in the left section).
- Click Remove next to every suspicious browser add-on that you can't remember installing.
Change Firefox Homepage
- In Firefox address bar, type about:preferences and hit Enter.
- Look at the left and click the Home tab.
- Here, delete the suspicious URL and type or paste in the URL of a website you'd like to set as your homepage.
Alter preferences in Firefox
- Type about:config in Firefox address bar and hit Enter.
- Click I accept the risk! to continue.
- Here, type in the URL which has taken over your browser without your knowledge. Right-click each value that includes it and choose Reset.
Remove annoying push notifications from Firefox
Suspicious sites that ask to enable push notifications gain access to Mozilla's settings and can deliver intrusive advertisements when browsing the Internet. Therefore, you should remove access to your browser by following these simple steps:
- In Mozilla Firefox, click on Menu (the three horizontal bars) on the top-right corner of the window, then choose Options.
- Click on Privacy and Security, then scroll down to Permissions section.
- Here, find Notifications and click Settings button next to it.
- Identify all unknown URLs and choose to Block them. Click Save Changes afterward.
Reset Mozilla Firefox
- In Firefox, type about:support in the address bar and press Enter.
- Click on Refresh Firefox...
- Click Refresh Firefox again to confirm.
Disclaimer. This site includes affiliate links. We may earn a small commission by recommending certain products, at no additional cost for you. We only choose quality software and services to recommend.
Norbert Webb is the head of Geek’s Advice team. He is the chief editor of the website who controls the quality of content published. The man also loves reading cybersecurity news, testing new software and sharing his insights on them. Norbert says that following his passion for information technology was one of the best decisions he has ever made. “I don’t feel like working while I’m doing something I love.” However, the geek has other interests, such as snowboarding and traveling.
Leave a Reply