When I first encountered DSR Search, I thought it’s just a one-off hijacker site that will go away in a couple of days, but it turns out there’s more to it than I originally believed.
The site itself has the search-redir.com URL and it’s similar to boyu.com.tr, Maxask, or any other rogue search engine that enforces itself within the user’s browser and changes its settings. If your browser was hijacked by this, then expect your searches to be redirected through DSR Search and sent to a Yahoo page. Same deal with the browser’s new tabs – changed either to this rogue site or to some other sketchy page.
But the interesting thing is that this browser hijacker doesn’t come alone. It’s linked to a bunch of rogue or unwanted apps and you’ll often need to deal with them too, if you want to be rid of DSR Search. The most common of those apps are a fake optimization software called “Fast!” or “Get Fast!”, and a well-known PUP called PC App Store.
But I’ve got some good news for you. At HowToRemove.guide, we’ve dealt with all sorts of unwanted and malicious software, so we’ve got a pretty good idea of how to deal with this hijacker and any rogue apps that might have come alongside it.
DSR Search Removal Guide
There are all kinds of distribution vectors for hijackers like DSR Search and not all of them involve the added installation of rogue software. Sometimes, the answer to getting rid of this app is simpler than you think, so I recommend going for the simpler steps first:
- Go to the Extensions Manager in your browser and look for DSR Search or anything linked to it.
- If you find the culprit, see if there’s an active Remove button beneath it and click that.
- Go to Privacy and Security in the browser’s settings and examine the Site Settings section. Look specifically at Notifications and Pop-ups and Redirects.
- See “Search-redir.com” or any other unfamiliar URLs there? Delete them and then restart your browser.
- Now go to the Search Engine section in the browser’s settings and make sure you are using Google or another reputable search provider as the browser’s default one.
Now reboot the PC and reopen the browser. If there are no remaining traces of DSR Search, you’re probably good to go.
I won’t lie to you, most of the time the hijacker won’t be gone. It’s even possible that you weren’t able to perform one or more of these quick steps. Doesn’t matter – the actual removal guide below will let you solve all of that, so go ahead and complete its steps if DSR Search is still being a nuisance.
SUMMARY:
OFFERCompleting this guide gives you a very high chance of removing DSR Search and fully deleting any rogue apps and extensions linked to it. However, know that the next steps can take up to an hour or more to complete. Also, whoever performs them should have at least some base level of troubleshooting experience.
For those of you who don’t think they can accurately perform all the steps or don’t have the time to do so, I recommend removing DSR Search with the powerful anti-malware tool SpyHunter 5. You’ll find it linked on this page and it will take care of this hijacker and any malware on your PC in just a couple of clicks.
How to Get Rid of DSR Search
First, we’ll focus down the actual hijacker search engine. The main obstacle that prevents users from deleting DSR Search is the rogue policy the hijacker has likely introduced to the browser.
A key warning sign is the message “Managed by your organization” in the browser settings page and its menu. This shows that DSR Search has established control and won’t let you make changes to the browser for as long as the policy remains active so this is the first issue that you need to address:
First, visit the browser’s policy page. Type the respective URL in the address bar and hit enter:
- Chrome browsers – chrome://policy
- MS Edge browsers – edge://policy
- Brave browsers – brave://policy
The addresses for other Chromium browsers are similar – you just need to change the browser name in the URL.
The hijacker policy should be visible on the page that opens. Look at the Value column and see if you spot any randomly-arranged characters. That is the value of the rogue policy and you must copy it and save it in a text file for later use.
Next, open the Extensions page of the browser, because you’ll need to gather the ID of the hijacker extension.
However, the Extensions page could be blocked by DSR Search -the hijacker might redirect you when you try to visit it.
Solve this by deleting extension folders directly from your computer’s file system. This corrupts the respective extension and makes it inactive.
The extensions directory for the Google Chrome browser is at C:\Users\[Your Username]\AppData\Local\Google\Chrome\User Data\Default\Extensions
If you are using a different browser, here are the paths for several other popular Chromium-based ones:
This directory contains the data for all extensions in the browser, but since you have no way of knowing which of the extension folders belongs to the hijacker, you must delete all of them.
So press Ctrl + A and then press Delete to send all those folders to the Bin.
This will “break” all extensions in the browser – both good and bad ones, but the extensions you do want to keep are really easy to repair, so no harm done.
After the browser’s extensions folder is cleared, try again to go to the Extensions Manager. It will work this time.
Next, enable Developer Mode on the Extensions page and look for the ID of the hijacker.
If you don’t see the ID, click the rogue extension. The ID should be visible on the next page. Copy it and add it to your text file with rogue policy values.
Make sure to collect the IDs of all extensions that you think could be linked to DSR Search.
Video walkthrough for this step:
How to Delete DSR Search Virus Policies
DSR Search’s rogue policies are what’s keeping you from removing the hijacker, but now you’ve got the means to hunt them down.
First, go to the Registry Editor. You’ll find it in the Start Menu, but make sure to open it with Admin privileges.
Press Ctrl + F, then search for the first of the collected policy values.
Delete the key (folder in the left panel) that gets found and search again.
You must make sure there are no more results for that search query and then proceed to the next policy value or rogue extension ID.
The hijacker could be blocking your access to some of its keys, but there’s an easy solution:
Start by right-clicking the parent key. You must go to Permissions > Advanced > Change, and type “everyone” in the text field.
Then you must click the Check Names button and Apply the changes. Next, click OK, enable the two newly-appeared “Replace…” options, and click Apply and OK again.
This should make the hijacker key deletable, so go ahead and remove it.
Video walkthrough for this step:
Get Rid of DSR Search Malware Policies: Alternative Methods
The Registry Cleanup should be enough to rid of any DSR Search policies locking the browser, but in case you are still seeing the “Managed bo your organization” message, there are two alternatives you can try:
Open the Start Menu. and search for “Edit Group Policy“. Click the first thing that shows up.
In the Group Policy Editor, find and right-click Administrative Templates on the left, and click on Add/Remove Templates.
Remove any unrecognized templates. We doubt you’ve willingly added any yourself, so it’s generally best to delete everything you see in that list.
The next thing you can do is to use the free Chrome Policy Remover tool, but only if you are a Google Chrome user.
This automates the removal of rogue policies and is super easy to use – you just need to run it and will take care of the rest.
Download and run it with administrator privileges. Your system might warn you about the program, since it’s not from an official developer, but don’t worry, it’s perfectly safe so ignore the warning: Click “More Info” and “Run Anyway” and the tool will open and automatically eliminate policies applied by the hijacker.
Video walkthrough for this step:
Manual Group Policy Removal
Automatic Group Policy Removal
How to Remove DSR Search From Chrome and Edge
We are at the final step of the removal guide. You need to once more go to your browser’s settings and this time successfully reverse the changes made to them by DSR Search:
Start with the Extensions page. Delete any suspicious extensions linked to DSR Search.
Next, visit the Privacy and Security settings to delete the browser cache, cookies, and other temporary data which may hold records linked to the hijacker.
Click the Delete browsing data button, go to the Advanced tab, and put ticks on everything. Leave only Passwords unchecked. Then choose a time frame long enough to include the entire period DSR Search was in the browser, and then delete the data.
Once again, review the Site Settings, but this time check every single permission type to remove unfamiliar URLs like “Search-redir.com” listed in the “Allow” section.
Also, don’t forget to reset your search engine to a trusted provider and to delete any rogue addresses shown in the Manage Search Engines section.
Lastly, ensure there aren’t any suspicious URLs in the “On Startup” and “Appearance” tabs. If there are, delete them.
Video walkthrough for this step:
Chrome
Microsoft Edge
Mozilla Firefox
How to Remove the “Fast!” Virus
The DSR Search hijacker might be gone from your browser, but you’ve still got things to do before you can call your system clean.
If you also got a rogue app called Fast!/Get Fast! when the hijacker first appeared, you must delete it too or DSR Search might get re-added to the browser. Here’s how to get rid of this PUP/malware:
Step 1: Uninstalling the App
First, open the Fast! app itself, go into its settings, and disable the setting that lets allows it to keep running even when its window is closed, and then close its window.
Next, type “Startup” in the Start Menu, look for the rogue app in the list that opens, and make sure it’s disabled, so it doesn’t automatically start when you turn on your PC.
Now type Apps & Features in the Start Menu, open it, find the Fast! app, and Uninstall it.
Also, look for the PC App Store program and if you see it there, uninstall it too.
Step 2: Cleaning the Task Manager
After that, press Ctrl + Shift + Esc to launch the Task Manager, expand the list of processes if it’s not already expanded, and look for any processes related to the Fast! app.
According to my research, there will still likely be a rogue process called FastSRV that’s still running in the Task Manager. Right-click it, and click Open File Location.
You must delete the entire folder you get sent to with everything that’s inside it.
It’s possible that you are prevented from deleting the rogue folder.
If you get an error that something can’t be deleted because it’s still in use, download and install the free LockHunter app. Then right-click the folder again, select the “What’s locking this folder?” option, and then click the “Delete it!” button in the window that opens.
Next, go back to the Task Manager, select the rogue process, and click End Task.
Step 3: Check for Scheduled Tasks
Type Task Scheduler in the Start Menu and open it.
Click on Task Scheduler Library in the top right.
One by one, double-click each task, go to the Actions tab and see what action is performed by this task.
If you see a given task is set to execute a strange .EXE file, open a suspicious address, or run a questionable script, delete that task.
Make sure to check all tasks shown in the Task Scheduler or else you could miss something and the rogue app could get reinstalled without your permission.
Step 4: Verify the Rogue App is Gone
Finally, restart your PC and see if the Fast! app is gone.
If it no longer appears in the Apps & Features list, the system tray, or in the Task Manager, you can be pretty certain that the rogue app is gone and it won’t try to reintroduce DSR Search into your browser.
Leave a Comment