Our in-depth removal guide shows victims how to remove the easy television access now browser hijacker fom your computer and restore the affected browsers.
Easy Television Access Now Browser Hijacker Description
Security researchers identified a new malware threat known as the Easy Television Access Now browser hijacker. It is currently made for the Google Chrome web browser however we assume that the criminals behind it are going to release versions for other browsers as well – Mozilla Firefox, Safari, Internet Explorer and Microsoft Edge.
Upon infection with it the hijacker changes the default new tabs page, home page and search engine. Other dangerous modifications are also done which can endanger the security and privacy of the victims.
The Easy Television Access Now browser hijacker redirects all user queries to a hacker-controlled site (search.searchetan.com) which is operated by a company based in Cyprus called “Polarity Technologies Ltd.”.
- The service collects personally-identifiable information via any site interaction. This includes data such as the name of the victims, their email or mailing address and any other transmitted data.
- The service may collect, use and store information about search activity done by the users.
- The service collects data about the users systems: their browser, operating system, operating system version, IP address and etc.
- The service collects the user geographical location and domain name of their Internet service provider (ISP).
The operators of the Easy Television Access Now browser hijacker use various cookies and beacons to “personalize” the experience of the victims. This means that all harvested information is processed in real-time to deliver content and search result queries which contain sponsored messages. On the home page of the hacker-controlled site there is a “Restore Chrome Tab Page” which actually does not work. It is made with the sole intent of tricking the victims into thinking that the malicious hijacker can be easily removed. Removal is only possible using a qualiy anti-spyware solution.
Such malware can easily be acquired by one of the following ways:
- Email Spam – Hackers can distribute links to the malware via spam email messages distributed from hacked or hacker-controlled mail servers. In the majority of cases they use templates that employ social engineering tricks to make the targets infect themselves with Easy Television Access Now browser hijacker.
- The Google Chrome Web Store – The easiest to acquire the browser hijacker is by downloading it from the Google Chrome web store.
- Bundled Installers – Hackers can distribute the hijacker installer by bundling it with application installers of popular software, games, patches, updates and etc.
Once the hijacker is installed on the system its description reads:
Easy Television Access Now V2.2
Search your favourite TV sites instantly from your home and new tab page!
A search on the “Affplus” ad network shows that the hijacker is part of an affiliate scheme. Various online site owners can use it to spread ads and generate income based on the number and activity of the gained victims. The preview page shows the following text:
Full Episodes, Live Shows, News & More
Watch your favorite shows and episodes, live sports, movies, and more.
One-click access to your favorite TV streaming sites, directly from your browser.
Easy Television Access Now is FREE. Click the button to get started!
The victims need to click on the flashing green button containing the text “Get Started Now. Click to Install”.
The hackers also provide instructions on removing the browser extension from the following browsers: Chrome, Firefox, Mozilla Firefox (Reset Firefox New Tab) and Internet Explorer. However this may not remove all of the virus components. This is we recommend that all victims use a quality anti-spyware solution. Looking at the instructions we discovered that the developers offer two possibilities for the Mozilla Firefox extension – Disable or Remove. The differences between the two options are outlined clearly as Remove permanently removes the extension from the Firefox. Disable merely disables it temporarily until it is reactivated again. Its important to note that removing or disabling the extension itself does not remedy the changes made by the virus engine.
The Frequency Asked Questions Shows only two entries:
- How do I change my home page? – Instructions are provided for Google Chrome, Mozilla Firefox and Internet Explorer.
- How do I change my default search – Instructions are provided for Google Chrome, Mozilla Firefox and Internet Explorer.
The primary domain associated with the hijacker is http://easytelevisionaccessnow.com . As it appears it is only to deliver the extension. The hacker operators behind the relevant strain can modify it to lead the victims to various hacker-controlled sites. They can include any of the following:
- Counterfeit Traffic Boost – The victims can be redirected to various paying customers that buy traffic in order to boost their search ranking.
- Malicious Redirects – Various customers can pay the operators of the Easy Television Access Now browser hijacker to redirect the victims to their hacker-controlled site. An example of this is the current primary domain (search.searchetan.com).
- Information Harvesting – As the browser hijacker is capable of extracting data from the installed web browsers this may lead stealing account credentials and other user data. This includes web history data, saved form data, preferences, cookies and etc.
- Additional Payload Delivery – The Easy Television Access Now browser hijacker can be used to deliver additional malware to the infected computers.
Possible Updates To The Easy Television Access Now Browser Hijacker
There are various types of browser hijackers. Depending on the type of malware a future update can include any of the following features:
- Rogue Application Presentation – Some types of browser hijackers create counterfeit notification prompts which aim to scare the victims into thinking that their computer has been infected by viruses. The hijackers redirect them to a product page or download portal where they are offered a solution.
- Endless Redirection – Browser hijacker typically redirect the users to hacker-controlled sites for various reasons. However some of them do this in a way which makes browsing practically impossible. Examples of such strains process all user queries through non-existent sites. As a result it is impossible to browser any site.
- Stealth Installation Hijackers – These hijackers attempt to show no sign of infection and attempt to hide themselves from the users as much as possible. They change the application settings to pass traffic through hacker-controlled sites however no obvious preferences are modified.
- Information Stealing Trojan Browser Hijackers – Advanced forms of browser hijacker can include code that is able to harvest sensitive information from the victims. This includes not only their stored account credentials, browsing history, cookies, preferences, saved form data and etc., but also files from their computers.
- Additional Payload Delivery – The malicious extension can be used to deliver viruses to the infected computer.
- Obtrusive Ads – The browser hijacker can directly display ads in various forms (text, graphics, in-page, hybrid and etc.) of paying customers. This tactic generates revenue for the hijacker operators based on the amount of infected victims and frequency of interaction with the advertised service.
- Performance Impact – Other types of malware can cause delibrate performance issues. This can include anything from slow-downs to application crashes and even operating system boot up problems.
- Security Software Bypass – Advanced hijackers are found to disable the installed security solutions. This means that the hijackers can be used as a first-stage infection in a complex malware installation attempt. This is particularly useful for ransomware.
- Persistent Installation – The virus can achieve a persistent state of execution which makes removal possible with the use of a quality anti-spyware solution.
- Identity Spoofing – A notable example of such behavior was a particular strain of browser hijackers which stole cookies that were used to conduct malicious activities. The hijacker used the cookie to install malicious Android app onto the user’s phone without their consent.
Using a quality anti-spyware solution Internet users can defend themselves against possible virus installations. All active threats can be removed using only a few mouse clicks.
Protect Yourself From Hijackers like Easy Television Access Now
To completely eliminate the threat we suggest that all infected users use a quality anti-spyware tool as it can both delete active infections with only a few mouse clicks and provide strong protection against all kinds of threats.
SpyHunter anti-malware tool will diagnose all current threats on the computer. By purchasing the full version, you will be able to remove all malware threats instantly. Additional information about SpyHunter / Help to uninstall SpyHunter
Easy Television Access Now Browser Hijacker Removal Guide
STEP I: Start the PC in Safe Mode with Network
This will isolate all files and objects created by the browser hijacker so they will be removed efficiently.
- 1) Hit WIN Key + R
- 2) A Run window will appear. In it, write “msconfig” and then press Enter
3) A Configuration box shall appear. In it Choose the tab named “Boot”
4) Mark “Safe Boot” option and then go to “Network” under it to tick it too
5) Apply -> OK
Or check our video guide – “How to start PC in Safe Mode with Networking”
STEP II: Remove Easy Television Access Now Browser Hijacker from Windows
Here’s a way to remove the program. This method will work regardless if you’re on Windows 10, 8, 7, Vista or XP. Simply selecting the program and pressing delete won’t work, as it’ll leave a lot of small files. That’s bad because these leftovers can linger on and cause all sorts of problems. The best way to delete a program is to uninstall it. Here’s how you can do that:
- 1) Hold the “Windows” button (It’s between CTRL and Alt on most keyboards) and press “R”. You’ll see a pop-up window.
- 2) In the textbox, type “appwiz.cpl”, then press“ Enter ”.
- 3) The “Programs and features” menu should now appear. It’s a list of all the programs installed on the PC. Here you can find the program, select it, and press “Uninstall“.
STEP III: Remove Easy Television Access Now Browser Hijacker From Your Browser
Before resetting your browser’s settings, you should know that this action will wipe out all your recorded usernames, passwords, and other types of data. Make sure to save them in some way.
- 1) Start Mozilla Firefox. In the upper right corner, click on the Open menu icon and select “Add-ons“.
- 2) Inside the Add-ons Manager select “Extensions“. Search the list of extensions for suspicious entries. If you find any, select them and click “Remove“.
- 3) Click again on the Open menu icon, then click “Options“.
- 4) In the Options window, under “General” tab, click “Restore to Default“.
- 5) Select “Search” in the left menu, mark the unknown search engine and press “Remove”.
- 1) Start Google Chrome. On the upper-right corner, there a “Customize and Control” menu icon. Click on it, then click on “Settings“.
- 2) Click “Extensions” in the left menu. Then click on the trash bin icon to remove the suspicious extension.
- 3) Again in the left menu, under Chrome, Click on “Settings“. Go under “On Startup” and set a new page.
- 4) Afterward, scroll down to “Search“, click on “Manage search engines“.
- 5) In the default search settings list, find the unknown search engine and click on “X“. Then select your search engine of choice and click “Make default“. When you are ready click “Done” button in the right bottom corner.
- 1) Start Internet Explorer. Go to the “Tools” menu and click on “Manage add-ons“.
- 2) In the “Manage add-ons” window, bellow “Add-on Types“, select “Toolbars and Extensions“. If you see a suspicious toolbar, select it and click “Remove“.
- 3) Then again in the “Manage Add-ons” window, in “Add-on Types“, Select “Search Providers“. Chose a search engine and click “Set as default“. Select the unknown search engine and click “Remove and Close”.
- 4) Open the Tools menu, select “Internet Options”.
- 5) In the “General” tab, in “Home page”, enter your preferred page. Click “Apply” and “OK”.
STEP IV: Remove Completely Easy Television Access Now Browser Hijacker Browser Hijacker Using SpyHunter Anti-Malware Tool
STEP V: Repair Windows Registry
- 1) Again type simultaneously the Windows Button + R key combination
2) In the box, write “regedit”(without the inverted commas) and hit Enter
3) Type the CTRL+F and then write the malicious name in the search type field to locate the malicious executable
4) In case you have discovered registry keys and values related to the name, you should delete them, but be careful not to delete legitimate keys
STEP VI: Preventive Security Measures
- 1) Enable and properly configure your Firewall.
2) Install and maintain reliable anti-malware software.
3) Secure your web browser.
4) Check regularly for available software updates and apply them.
5) Disable macros in Office documents.
6) Use strong passwords.
7) Don’t open attachments or click on links unless you’re certain they’re safe.
8) Backup regularly your data.