SweetPacks Malware Removal

Can’t Remove SweetPacks hijacker virus? This page includes detailed SweetPacks Removal instructions!

SweetPacks is a pesky hijacker that messes with your browser settings. If you’re unlucky enough to encounter its presence on board, know you’re in trouble. The parasite must be immediately uninstalled so don’t underestimate the threats you’re being exposed to. Instead, tackle this pest and regain control over your modified browsers. SweetPacks starts harassing you as soon as it gets installed. In other words, trouble starts immediately. Such cyber intruders are in no way harmless. The SweetPacks virus will quickly make it very clear to you just how problematic a hijacker could be. Unless you want to witness its full malicious potential unleashed, take action. Uninstall this program ASAP. SweetPacks makes modifications in your browser settings. It replaces both your search engine and default homepage with its own domain. To say the least, trusting its domain would be ill-advised. Furthermore, you should know hijackers generate sponsored web links. Some of those might be perfectly safe but others may turn out to be corrupted. Therefore, you can’t tell which is which until you click. In case you make the wrong call, though, you might automatically install more infections. The hijacker brings questionable links straight to your PC screen. It attempts to trick you into clicking these links open so crooks could gain profit. Yes, this whole thing revolves solely around the money hackers make. That’s why browser hijackers get developed in the first place. That’s why this program promised to provide accurate search results and enhance your online experience. The thing is,  SweetPacks was never actually supposed to help you out. Its one purpose is to generate web traffic to some specific websites. Hence, don’t be shocked when you get redirected to unknown pages. Thanks to the hijacker, your browsers are no longer trustworthy. And surfing the Internet is no longer safe. You might land on dangerous pages and your machine underperforms. In addition, you may stumble across sponsored commercials, irritating pop-ups, even bogus software updates. Needless to say, the hijacker must be uninstalled right away.

remove SweetPacks

How did I get infected with?

The hijacker was most likely bundled with other programs. That is one notoriously popular virus distribution method. It is super efficient because many PC users prefer skipping installation steps. If you download some freeware/shareware bundle off of the Internet, you risk getting infected. You have to pay some close attention to the programs you install. Opt for the Custom or Advanced option in the Setup Wizard. That will give you a chance to spot and deselect any “bonuses” hiding in the bundle. As you can see, rushing/skipping steps would be a mistake. Take your time because having to uninstall malware would be much more time-consuming than prevention. Read the Terms and Conditions too because you have to be aware what you end up accepting. The key to your safety is your caution. Don’t be negligent online as hackers would never miss such a golden opportunity to cause you damage. Avoid installing unverified programs or bundles. More often than not, spam emails/messages also turn out to be dangerous.

Why is this dangerous?

As long as your device is infected, you’re in danger. Surfing the Web is pretty much impossible as well because SweetPacks might generate a pile of pop-ups. In this scenario, you have to deal with sponsored discounts, coupons, price comparisons, “best deals” and other commercials on a daily basis. Clicking a sponsored pop-up open may significantly worsen your situation. Therefore, ignore the parasite’s numerous attempts to trick you into clicking. Hackers are trying to gain revenue at your expense which is why they modify your browsers. The hijacker stubbornly displays its sponsored, immensely unreliable web links and gets on your nerves. It even collects some of your browsing-related data such as IP addresses, usernames, passwords. Your browsing history is being monitored as well. Crooks are the last people who should be having access to such sensitive data. Now that their creation spies on your details, you could get involved in some financial scam. If you’re especially unfortunate, this may even result in identity theft. To delete the parasite manually, please follow our detailed removal guide down below.

How to Remove SweetPacks virus

The SweetPacks infection is specifically designed to make money to its creators one way or another. The specialists from various antivirus companies like Bitdefender, Kaspersky, Norton, Avast, ESET, etc. advise that there is no harmless virus.

If you perform exactly the steps below you should be able to remove the SweetPacks infection. Please, follow the procedures in the exact order. Please, consider to print this guide or have another computer at your disposal. You will NOT need any USB sticks or CDs.

STEP 1: Track down SweetPacks related processes in the computer memory

STEP 2: Locate SweetPacks startup location

STEP 3: Delete SweetPacks traces from Chrome, Firefox and Internet Explorer

STEP 4: Undo the damage done by the virus

STEP 1: Track down SweetPacks related processes in the computer memory

  • Open your Task Manager by pressing CTRL+SHIFT+ESC keys simultaneously
  • Carefully review all processes and stop the suspicious ones.


  • Write down the file location for later reference.

Step 2: Locate SweetPacks startup location

Reveal Hidden Files

  • Open any folder
  • Click on “Organize” button
  • Choose “Folder and Search Options”
  • Select the “View” tab
  • Select “Show hidden files and folders” option
  • Uncheck “Hide protected operating system files”
  • Click “Apply” and “OK” button

Clean SweetPacks virus from the windows registry

  • Once the operating system loads press simultaneously the Windows Logo Button and the R key.


  • A dialog box should open. Type “Regedit”


Depending on your OS (x86 or x64) navigate to:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] or
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] or

  • and delete the display Name: [RANDOM]

delete backgroundcontainer

  • Then open your explorer and navigate to: %appdata% folder and delete the malicious executable.

Clean your HOSTS file to avoid unwanted browser redirection

Navigate to %windir%/system32/Drivers/etc/host

If you are hacked, there will be foreign IPs addresses connected to you at the bottom. Take a look below:


STEP 3 : Clean SweetPacks traces from Chrome, Firefox and Internet Explorer

  • Open Google Chrome

  • In the Main Menu, select Tools then Extensions
  • Remove the SweetPacks by clicking on the little recycle bin
  • Reset Google Chrome by Deleting the current user to make sure nothing is left behind

disable SweetPacks from chrome

  • Open Mozilla Firefox

  • Press simultaneously Ctrl+Shift+A
  • Disable the unwanted Extension
  • Go to Help
  • Then Troubleshoot information
  • Click on Reset Firefox

remove SweetPacks from firefox

  • Open Internet Explorer

  • On the Upper Right Corner Click on the Gear Icon
  • Click on Internet options
  • go to Toolbars and Extensions and disable the unknown extensions
  • Select the Advanced tab and click on Reset

remove SweetPacks from ie

  • Restart Internet Explorer

Step 4: Undo the damage done by SweetPacks

This particular Virus may alter your DNS settings.

Attention! this can break your internet connection. Before you change your DNS settings to use Google Public DNS for SweetPacks, be sure to write down the current server addresses on a piece of paper.

To fix the damage done by the virus you need to do the following.

  • Click the Windows Start button to open the Start Menu, type control panel in the search box and select Control Panel in the results displayed above.
  • go to Network and Internet
  • then Network and Sharing Center
  • then Change Adapter Settings
  • Right-click on your active internet connection and click properties. Under the Networking tab, find Internet Protocol Version 4 (TCP/IPv4). Left click on it and then click on properties. Both options should be automatic! By default it should be set to “Obtain an IP address automatically” and the second one to “Obtain DNS server address automatically!” If they are not just change them, however if you are part of a domain network you should contact your Domain Administrator to set these settings, otherwise the internet connection will break!!!

You must clean all your browser shortcuts as well. To do that you need to

  • Right click on the shortcut of your favorite browser and then select properties.


  • in the target field remove SweetPacks argument and then apply the changes.
  • Repeat that with the shortcuts of your other browsers.
  • Check your scheduled tasks to make sure the virus will not download itself again.

How to Permanently Remove SweetPacks Virus (automatic) Removal Guide

Please, have in mind that once you are infected with a single virus, it compromises your whole system or network and let all doors wide open for many other infections. To make sure manual removal is successful, we recommend to use a free scanner of any professional antimalware program to identify possible registry leftovers or temporary files.

Leave a Comment