Any Search malware is a browser hijacker that, once your Mac is infected, displays the Any Search homepage whenever you open Safari, Chrome, or Firefox. It looks like an innocuous search page and, in fact, forwards all searches to Yahoo, but it also intercepts traffic and uses that to display adverts. It manages to bypass Apple’s built-in security measures by being bundled with what look like legitimate downloads, such as Adobe Flash Player.


What is Any Search Manager virus?

Any Search Manager is a browser extension that appears after updating Flash Player and changes your default start page in the browser. It behaves like a browser hijacker, which means it takes control of your browser and prevents you from visiting the pages you want. 

The first warning sign that you may have caught Any Search virus is when you’re being redirected to search.anysearch.net or other pages containing “search.anysearch” in their URLs.

Why does the browser redirect you to Any Search Manager?

If you have downloaded some free apps lately, Any Search may have been distributed with any of them. Any Search malware spreads along with the Safe Finder extension. The latter is also malicious.

When you give permission to the seemingly legitimate download to be installed, the bundled hijacker gets permission, too. That’s why you should always be certain of what you’re downloading and double-check the website you’ve downloaded it from before you give permission for anything to be installed. Fortunately, it’s not too difficult to remove.

Protect your Mac

Before we proceed with the removal of Any Search Manager, it’s a good idea to check your Mac for more malware. CleanMyMac’s Protection feature scans your Mac for adware, viruses, spyware, and cryptocurrency miners and lists anything it finds in its main window. It then offers you the opportunity to remove them with one click or review its findings and choose what to remove. It’s a good idea to run the scan regularly to keep your Mac protected.

Download the app for free here and follow these steps:

  1. Open CleanMyMac.
  2. Click Protection > Scan.
  3. Click Remove.

How to remove Any Search from your Mac

Check your Mac for unauthorized profiles

  1. Go to the Apple menu and click System Settings.
  2. Go to Privacy & Security > Profiles. 
  3. If it’s there, click it and look to see if there is a profile called AdminPrefs.
  4. Click the AdminPrefs profile and click the ‘-’ button at the bottom left of the window.

Check your Startup items

Malware like the Any Search Manager virus sometimes inserts itself in your startup items, so it launches every time you boot your Mac.

  1. Go to System Settings again and navigate to General > Login Items.
  2. Look for anything that seems suspicious.
  3. If you find anything, click it and then click the ‘-’ button at the bottom of the window to remove it.
  4. System Preferences - Login Items

Remove Launch Agents and Daemons

  1. In the Finder, click the Go menu and choose Go to Folder.
  2. Type /Library/LaunchDaemons
  3. Scan the list of .plist files and look for anything with a name you don’t recognize.
  4. If you find one, click it and preview the file, looking for the name of a vendor you recognize.
  5. If you don’t find one, drag the file to Trash.
  6. Repeat steps 1-5 for /Library/LaunchAgents and
    ~/Library/LaunchAgents
  7. Once you’ve dragged all the files you want to remove to Trash, empty it and restart your Mac.

How to remove Any Search from browsers

How to remove Any Search from Safari

Reset the default page in a browser

  1. Once your Mac has restarted, open Safari.
  2. Click the Safari menu and then choose Settings.
  3. Click the Search tab and choose the search engine you want to use.
  4. Select the General tab and set the Homepage to your preferred home page and the options above it to your preference from the menu options.

How to remove Any Search from Chrome

  1. Open Chrome.
  2. Click the Settings menu icon (three dots) on the right of the window or type chrome://settings/ into the address bar.
  3. Click On startup and check the button next to “Open a specific page or set of pages.”
  4. Click “Add a new page” and type or paste the URL you want as your startup page into the text box.
  5. Click Save.
  6. Click the Settings icon again.
  7. Choose Search Engine.
  8. Click Manage search engines and click the More button next to the Any Search engine, then select Delete.

  9. Go back and click the dropdown menu next to the “Search engine used in the address bar” and choose the search engine you want to use. Alternatively, click Manage search engines and either add one from the bigger list (by clicking on the More icon and choosing Make Default) or click Add and type in the URL of another search engine.

How to remove Any Search from Firefox

  1. Open Firefox.
  2. Click the settings button (three horizontal lines) on the right side of the toolbar or type about:preferences into the address bar.
  3. Click the Home category and next to “Homepage and new windows,” click the dropdown menu and choose either Firefox Home or Custom URL. If you choose the Custom URL, type the URL you want to open into the text box.
  4. Click the Search category and in the main window, scroll down to “Search Shortcuts.” Click Any Search and choose Remove.
  5. Scroll back up and click the menu under the Default Search engine and choose the one you want.

Remove suspicious browser extensions

To remove malicious extensions in Safari:

  1. Go to Safari menu > Settings.
  2. Select Extensions.
  3. Select the extension you want to remove and click Uninstall.

Chrome:

  1. Type chrome://extensions in the search bar and press Return.
  2. Click Remove to delete an extension.

Firefox:

  1. Type about:addons in the search bar and press Return.
  2. Click the three-dot icon on an extension you want to remove.
  3. Select Remove.

The final steps for removal [Important]

So far, we’ve cleaned the browser part — what’s left is to root out Any Search from your system parts associated with Chrome and other browsers. First, we will need to check if Any Search has seized your Chrome settings. 

STEP 1

Please open Chrome, paste this string into the URL field, and press Return: chrome://policy/

You will see something like this:

open Chrome and press Return


See the Level and Policy value columns. What’s written there?

“Recommended” means Any Search has gained control over your Chrome settings — you need to uninstall Chrome.

“Mandatory” means the malware is sitting deeper and is tied to your user account — go to step 2 below.

For additional check:

Go to Applications/Terminal

Open Terminal, paste the following command, and press Return: defaults read com.google.Chrome

Now, look through the results. If you see anything related to Any Search there, you can simply uninstall Chrome and reinstall it anew. The best way to uninstall Chrome along with all leftovers is CleanMyMac’s Uninstaller tool.


STEP 2

If that is not the case, open the Finder, go up to the Go menu in the menubar > Go to Folder, and paste this directory:
/Library/Managed Preferences/[your username]

You should enter [your username] as shown in System Settings/Users & Groups

Open the folder. Now look for a “com.google.Chrome” file there. 

If you have found it in any of these locations, open the file in any editor and check if you can find any Any Search-related information there. Then, manually remove the info from the file and restart your computer.

The same logic applies to Firefox and Safari browsers. 

If your browser is still redirecting you, you should try fully resetting it. CleanMyMac’s Uninstaller tool lets you reset any browser and restore its default settings. To reset Safari, you need to go to CleanMyMac Settings (press Command-Comma) and select the Ignore List tab. Here, choose Uninstaller from the left-side menu and deselect the “Ignore system applications” box.

Now, let’s do the reset:

  1. Open CleanMyMac and choose Applications in the sidebar.
  2. Click Scan > Manage My Applications > Uninstaller.
  3. Find the Safari browser in the list of apps.
  4. Click the side arrow and select everything except binaries.
  5. Click Remove.

Similarly, you can reset Chrome, Firefox, or any other browser you’re using — just follow the steps above. 

Safari reset selected in the Uninstaller module in CMM

To avoid getting malware like Any Search, be vigilant when installing apps on your Mac. Don’t skip installation options and choose custom installation to deselect optional software download if you aren’t sure the software that comes bundled is safe.

Any Search Manager is a nasty piece of malware that can be quite alarming when you first encounter it. However, it’s not too difficult to remove, so long as you’re diligent and follow the steps above. If you couldn’t delete it and the virus shows up again, please contact us at [email protected] for further instructions.

Hope this article was useful. Stay tuned for more.