How to Uninstall “Play Search Now” (What is Play Search Now?)

This page aims to help you remove “Play Search Now” for free. These “Play Search Now” removal instructions work for Chrome, Firefox, Safari and Internet Explorer, as well as every version of Windows and Macintosh

In the article below we will explain what is typical of “Play Search Now”. You may have already suffered from its effects on your PC. Briefly, we can tell you that it is a browser hijacker program that could be able to change the settings of all your browsers, no matter whether you prefer Chrome, Firefox, Safari or Explorer, and cause the appearance of many advertisements (banners, new browser tabs, pop-ups), a completely different new homepage and search engine, as well as some quite unpleasant redirects to various online locations every time you try to use your browser.

"Play Search Now" Browser Redirect

“Play Search Now” Browser Redirect

Why does “Play Search Now” behave in this particular, rather annoying way?

You should remember that it has more harmless effects on your computer than it might have negative ones. The production of pop-ups, boxes, tabs and banners that might seem particularly disturbing to you actually does no real harm to your machine. It is true that depending on the resources your computer has, it might slow down its performance. However, this is only likely to happen to systems with less RAM and CPU. Another one of its normal activities that you could find alarming is the research it performs. Typically, such research represents a study of your personal tastes based on your recent search requests. In this way, as you might have already noticed, “Play Search Now” may only generate advertisements that fit what the research has concluded your preferences to be. The sudden change of your usual homepage and search engine may also be quite irritating. The most annoying part, though, might be the redirects to unfamiliar web pages that your browser may be suffering from. On certain rare occasions there is the danger of being led to places that contain dangerous software and viruses (even Ransomware). However, this does not mean that you are currently dealing with a virus.

After we have discussed all the potential negative consequences that may result from an infection with “Play Search Now”, we are going to explain the reasons for them. The generation of lots of pop-ups and banners, the possible redirects and the potential homepage changes are all related to the way browser hijackers could be programmed to act. Their typical behavior depends on what their developers want them to perform. At the same developers are being generously paid by various vendors and goods producers to advertise what they distribute in the most efficient way. That’s why these programmers set such big numbers of ads to be shown by their hijackers. Mostly because they believe the more ads a user is exposed to, the more goods they will be willing to spend their money on. Also, the new homepage and the places you might be redirected to are also subjects of advertising, as the programmers are also paid to show exactly these websites and to popularize them. It is all about the potential profit.

What is “Play Search Now” ?

The reasons for “Play Search Now”‘s typical activities are also connected to the way it is spread. Developers usually find a way to distribute these money-earning, ad-generating programs by mixing them with some other software. The aforementioned software mixtures are called program bundles and they are the typical means of transport for all types of ad-producing software, such as Adware and browser hijackers. However, we must mention here that you DON’T catch such an annoying infection simply by downloading bundles that contain “Play Search Now”. It is necessary that you knowingly or unknowingly install all the content of such a bundle in order to allow “Play Search Now” to start functioning. That is how most affected users get infected with this hijacker. The desire to use a program from a given bundle makes many people select the default or the quickest way of installing it. However, this means installing everything that might be hiding inside this software combo. The clever way of completing any installation process is by choosing the feature that will take longer, but in this way your system will be safer. Usually this is the advanced installation method and it will allow you to choose what exactly you want from a particular bundle to install on your PC and what you would prefer to leave behind.

Is the uninstallation of “Play Search Now” an easy task?

Whether you will manage to remove this hijacker fast and easily depends on your particular case. However, we have prepared an uninstallation set of instructions below (See “Removal Guide”) that is designed to help you no matter what your case is. You just need to follow all the given instructions with caution and that should be enough to delete “Play Search Now” from your machine.


Name “Play Search Now”
Type  Browser Hijacker
Danger Level Medium (nowhere near threats like Ransomware, but still a security risk)
Symptoms  Annoying redirects, browser setting alterations (many ads and even a new home page).
Distribution Method Just like any other ad-producing program – in bundles, torrents, infected websites.
Detection Tool We generally recommend SpyHunter or a similar anti-malware program that is updated daily.

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you’ll need to purchase the full version.
More information about SpyHunter and steps to uninstall.


How to Uninstall “Play Search Now”

If you are a Mac OS user, please follow this guide.


Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).


Reveal All Hidden Files and Folders.

  • Do not skip this  – “Play Search Now” may have hidden some of its files.

Hold together the Start Key and R. Type appwiz.cpl –> OK.


You are now in the Control Panel. Look for suspicious entries. Uninstall it/them.

Type msconfig in the search field and hit enter. A window will pop-up:


Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.


Hold the Start Key and R –  copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

hosts_opt (1)

If there are suspicious IPs below “Localhost” – write to us in the comments.

Open the start menu and search for Network Connections (On Windows 10 you just write it after clicking the Windows button), press enter.

  1. Right-click on the Network Adapter you are using —> Properties —> Internet Protocol Version 4 (ICP/IP), click  Properties.
  2. The DNS line should be set to Obtain DNS server automatically. If it is not, set it yourself.
  3. Click on Advanced —> the DNS tab. Remove everything here (if there is something) —> OK.



Right click on the browser’s shortcut —> Properties.

NOTE: We are showing Google Chrome, but you can do this for Firefox and IE (or Edge).


Properties —–> Shortcut. In Target, remove everything after .exe.

ie9-10_512x512  Remove “Play Search Now” from Internet Explorer:

Open IE, click  IE GEAR —–> Manage Add-ons.

pic 3

Find the threat —> Disable. Go to IE GEAR —–> Internet Options —> change the URL to whatever you use (if hijacked) —> Apply.

firefox-512 Remove “Play Search Now” from Firefox:

Open Firefoxclick  mozilla menu  ——-> Add-ons —-> Extensions.

pic 6

Find the adware/malware —> Remove.
chrome-logo-transparent-backgroundRemove “Play Search Now” from Chrome:

Close Chrome. Navigate to:

 C:/Users/!!!!USER NAME!!!!/AppData/Local/Google/Chrome/User Data. There is a Folder called “Default” inside:

Rename the Folder to Backup Default

Rename it to Backup Default. Restart Chrome.

  • At this point the threat is gone from Chrome, but complete the entire guide or it may reappear on a system reboot.


Press CTRL + SHIFT + ESC simultaneously. Go to the Processes Tab. Try to determine which ones are dangerous. Google them or ask us in the comments.


Right click on each of the problematic processes separately and select Open File LocationEnd the process after you open the folder, then delete the directories you were sent to.



Type Regedit in the windows search field and press Enter.

Inside, press CTRL and F together and type the threat’s Name. Right click and delete any entries you find with a similar name. If they don’t show this way, go manually to these directories and delete/uninstall them:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

Remember to leave us a comment if you run into any trouble!

Leave a Comment