OnlineGames Search Redirect Removal — How To Restore Your Browser

OnlineGames Search Redirect Removal — How To Restore Your Browser

The article will help you to remove OnlineGames Search fully. Follow the browser hijacker removal instructions given at the end of the article.

The OnlineGames Search redirect is a recently discovered browser plugin that can be used for hijacker purposes. Interaction with it can hijack personal data belonging to the victims. Our in-depth article explores some of the dangers associated with its presence on infected hosts.

Threat Summary

NameOnlineGames Search
TypeBrowser Hijacker, PUP
Short DescriptionThe hijacker redirect can alter the homepage, search engine and new tab on every browser application you have installed.
SymptomsThe homepage, new tab and search engine of all your browsers will be switched to OnlineGames Search. You will be redirected and could see sponsored content.
Distribution MethodFreeware Installations, Bundled Packages
Detection Tool See If Your System Has Been Affected by OnlineGames Search


Malware Removal Tool

User ExperienceJoin Our Forum to Discuss OnlineGames Search.

OnlineGames Search – Distribution Methods

The OnlineGames Search is a redirect that is mainly being distributed via plugin repositories that are used by computer users to download and install extensions. Like other similar threats it is made compatible with all popular web browsers. The relevant entries are posted under various names and often make use of fake developer credentials and user reviews, along with an elaborate description that promises to add useful additions to the software.

The other main delivery method is the use of email messages that can either directly attach the virus strains or hyperlink them in the body contents.

Browser hijackers like the OnlineGames Search may also be spread via fake download sites that are modeled after legitimate Internet sites. The criminals can also employ similar sounding domain names that are an additional measure used to confuse the users. File sharing networks like BitTorrent can be used along with email messages to spread infected payloads. Two of the most popular cases are the following:

  • Application Installers — The hackers can integrate the virus code into software installers of popular applications such as system utilities, creativity suites and productivity programs.
  • Documents — Using a similar mechanism the criminals can embed the virus code into files of various types: spreadsheets, rich text documents, presentations and databases.

OnlineGames Search – Detailed Description

Upon installation of the browser hijacker it may ask for the following permissions:

  • Read and change all your data on the websites you visit.
  • Display notifications
  • Change your search settings to another site

As soon as the OnlineGames search redirect is installed on the target computer it starts to execute a built-in behavior pattern. The infections begin by changing the default settings of the affected browsers, usually the hackers program the hijacker to manipulate the default home page, new start page and search engine to point to the hacker-controlled page. This means that the next time the victims start their browser they will be shown a page that they didnd’t set up.

Further modifications to the computers can be caused by any components that are installed alongside the main plugin engine. An example is the use of an information gathering component that can harvest sensitive data about the users and their devices. This is useful to the criminals as it can be programmed to obtain strings that can reveal the users’s name, address, telephone number, location, interests and passwords. In addition a full hardware profile is generated which reveals useful information that is used to further optimize the attack campaigns.

In addition the OnlineGames Search redirect can serve as an intermediate step for activating a Trojan instance. The typical cases employ a small network component that establishes a secure connection with a hacker-controlled server. It is used to deploy additional threats, spy on the victims and take over control of the devices at any given time.

The security analysis reveals that the OnlineGames Search redirect can lead to several different links depending on several factors: the individual user characteristics, priority of the hacker-controlled sites and etc.

In a test evaluation upon installation of the redirect code it redirected our machine to a live sports information page. Upon closer inspection we discovered that the page installed intrusive scripts and tracking cookies that monitor all of the victim’s behavior on the site.

The site is designed using a common template and displays data about the world cup results. This is used as a decoy which aims to drive away the victim’s attention from the intrusive tracking it performs.

The fact that the redirect can be used to drive the victims to all kinds of sites means that they can include malicious sites as well. All of them can include some scripts such as the following: pop-ups, banners, redirects, in-line hyperlinks and etc. Furthermore websites such as these ones are among the primary mechanisms for spreading cryptocurrency miners.

OnlineGames Search – Privacy Policy

The OnlineGames Search redirect lists a privacy policy on the bottom menu bar that gives further information about the harvested data. According to the document the site starts to collect information about the victims and their devices as soon as the reelvant site is loaded into the browser. The following excerpts lists some of the example files:

  • Usage Information — Browser type, operating system, device type, location, IP address, pages served, time, referral URLs and other related data.
  • Statistics Data — All manners of metrics that are used to monitor the users activity.
  • Tracking Cookies — Individually for each linked service or site. They are also used to personalize the advertising and promotional content.
  • Log Files — All user interactions are logged to the servers.
  • Pixels — This is a transparent graphic image that indicates if a certain section has been visited. It can also be used as a command to retrieve another element from a preset address.

The privacy policy reads that the obtained personal information can be disclosed to current or future affiliates, parent companies or subsidiaries for processing, marketing and other services.

Remove OnlineGames Search Browser Hijacker

To remove OnlineGames Search manually from your computer, follow the step-by-step removal instructions given below. In case the manual removal does not get rid of the browser hijacker entirely, you should search for and remove any leftover items with an advanced anti-malware tool. Such software helps keep your computer secure in the future. We remind our readers that certain hijackers (most likely this one as well) are configured to harvest the information to a database shared with other similar threats.


Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts - Website

Follow Me:
TwitterGoogle Plus

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share