Search SweetIM Removal

Can’t Remove Search SweetIM hijacker virus? This page includes detailed Search SweetIM Removal instructions!

Search SweetIM is a pesky browser hijacker that is beyond unreliable. This program promises to improve your online experience by providing accurate search results. However, Search SweetIM has zero intention to keep its promise. Immediately after it gets installed, the virus begins to harass you. For starters, Search SweetIM modifies your browser settings. Your search engine and favorite homepage both get replaced with the hijacker’s domain. Thanks to these changes, you are now stuck with its domain on a daily basis. Search SweetIM greets you every single time you attempt to surf the Internet. Instead of providing useful search results, though, this program generates sponsored links. In other words, you are bombarded with useless, potentially corrupted web links. Unless you restrain yourself from clicking them, you may compromise your safety further. Keep in mind that Search SweetIM was developed by cyber criminals. If the hijacker brings along a certain link, it is by no means trustworthy. Hackers use the pay-per-click mechanism to gain profit. In order to do so, they mess with your default browser settings. Search SweetIM generates sponsored links that help crooks make money. The search results may appear to be utterly safe but you should know better than to trust them. You might have also noticed a browser plugin or an add-on that was installed by the hijacker. Search SweetIM pretty much demolishes your everyday online activities and takes advantage of your entire PC. This pest may begin to generate some sponsored advertisements as well as other pop-ups. Remember those sponsored search results we mentioned earlier? The pop-up ads are equally unsafe. You will remain a single click away from more infections till the very moment you decide to delete the hijacker. Don’t waste time as procrastinating would only make matters worse. Search SweetIM causes your browsers to redirect you to some potentially malicious websites. To top it all, the virus spies on your personal data and may cause privacy issues.

remove Search SweetIM

How did I get infected with?

The parasite might have been hidden in a software bundle. In fact, such freeware/shareware bundles are the most popular virus distribution tactic right now. Hackers prefer this technique because it is the perfect combination of secretive and efficient. Therefore, you may infect your computer and remain absolutely clueless about it. Next time you download bundled software, take your time. Opting for the Custom or Advanced option in the Setup Wizard is a must. Many PC users tend to skip installation steps and rush the process. That is how they fall victims to various cyber intruders. The key to your security is your caution. We would recommend that you avoid installing unverified programs, especially when they are bundled. Do yourself a favor and watch out for infections. Check out the EULA (End User License Agreement) or Terms and Conditions too. In addition, stay away from spam emails and messages, questionable torrents and unreliable third-party ads. It is entirely up to you whether crooks will manage to infect you again or not.

Why is this dangerous?

You get redirected, your PC speed is slowed down and you come across random links all the time. The hijacker takes over all your favorite browsers. It is compatible with Google Chrome, Mozilla Firefox and Internet Explorer. The parasite effectively injects them with its pile of sponsored (and also unsafe) web links. Hackers attempt to trick you into clicking these search results/commercials open. Eventually, crooks gain revenue at your expense. Avoid clicking anything that is brought by a cyber virus. Search SweetIM is extremely dubious and problematic. Its trickery might get you involved in some financial scam as well. As mentioned, this nuisance collects some of your personal details. For example, browsing history, IP addresses, usernames and passwords. The infection could get access to your bank account information too. If you’re especially unlucky, this could even result in identity theft. You have no reason to put up with the hijacker’s trickery. To delete it for good, please follow our detailed manual removal guide. You will find it down below.

The Search SweetIM infection is specifically designed to make money to its creators one way or another. The specialists from various antivirus companies like Bitdefender, Kaspersky, Norton, Avast, ESET, etc. advise that there is no harmless virus.

If you perform exactly the steps below you should be able to remove the Search SweetIM infection. Please, follow the procedures in the exact order. Please, consider to print this guide or have another computer at your disposal. You will NOT need any USB sticks or CDs.

STEP 1: Track down Search SweetIM related processes in the computer memory

STEP 2: Locate Search SweetIM startup location

STEP 3: Delete Search SweetIM traces from Chrome, Firefox and Internet Explorer

STEP 4: Undo the damage done by the virus

  • Open your Task Manager by pressing CTRL+SHIFT+ESC keys simultaneously
  • Carefully review all processes and stop the suspicious ones.


  • Write down the file location for later reference.

Reveal Hidden Files

  • Open any folder
  • Click on “Organize” button
  • Choose “Folder and Search Options”
  • Select the “View” tab
  • Select “Show hidden files and folders” option
  • Uncheck “Hide protected operating system files”
  • Click “Apply” and “OK” button

Clean Search SweetIM virus from the windows registry

  • Once the operating system loads press simultaneously the Windows Logo Button and the R key.


  • A dialog box should open. Type “Regedit”


Depending on your OS (x86 or x64) navigate to:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] or
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] or

  • and delete the display Name: [RANDOM]

delete backgroundcontainer

  • Then open your explorer and navigate to: %appdata% folder and delete the malicious executable.

Clean your HOSTS file to avoid unwanted browser redirection

Navigate to %windir%/system32/Drivers/etc/host

If you are hacked, there will be foreign IPs addresses connected to you at the bottom. Take a look below:


  • Open Google Chrome

  • In the Main Menu, select Tools then Extensions
  • Remove the Search SweetIM by clicking on the little recycle bin
  • Reset Google Chrome by Deleting the current user to make sure nothing is left behind

disable Search SweetIM from chrome

  • Open Mozilla Firefox

  • Press simultaneously Ctrl+Shift+A
  • Disable the unwanted Extension
  • Go to Help
  • Then Troubleshoot information
  • Click on Reset Firefox

remove Search SweetIM from firefox

  • Open Internet Explorer

  • On the Upper Right Corner Click on the Gear Icon
  • Click on Internet options
  • go to Toolbars and Extensions and disable the unknown extensions
  • Select the Advanced tab and click on Reset

remove Search SweetIM from ie

  • Restart Internet Explorer

This particular Virus may alter your DNS settings.

Attention! this can break your internet connection. Before you change your DNS settings to use Google Public DNS for Search SweetIM, be sure to write down the current server addresses on a piece of paper.

To fix the damage done by the virus you need to do the following.

  • Click the Windows Start button to open the Start Menu, type control panel in the search box and select Control Panel in the results displayed above.
  • go to Network and Internet
  • then Network and Sharing Center
  • then Change Adapter Settings
  • Right-click on your active internet connection and click properties. Under the Networking tab, find Internet Protocol Version 4 (TCP/IPv4). Left click on it and then click on properties. Both options should be automatic! By default it should be set to “Obtain an IP address automatically” and the second one to “Obtain DNS server address automatically!” If they are not just change them, however if you are part of a domain network you should contact your Domain Administrator to set these settings, otherwise the internet connection will break!!!

You must clean all your browser shortcuts as well. To do that you need to

  • Right click on the shortcut of your favorite browser and then select properties.


  • in the target field remove Search SweetIM argument and then apply the changes.
  • Repeat that with the shortcuts of your other browsers.
  • Check your scheduled tasks to make sure the virus will not download itself again.

Please, have in mind that once you are infected with a single virus, it compromises your whole system or network and let all doors wide open for many other infections. To make sure manual removal is successful, we recommend to use a free scanner of any professional antimalware program to identify possible registry leftovers or temporary files.

Leave a Comment