Can't get rid of this garbage chrome redirect/adware virus!

Showiz

Honorable
Sep 18, 2013
4
0
10,510
0
I'm using Windows 7 ultimate 64bit

Basically i downloaded some stupid patch for a game but it turned out to be fake with malware/adware viruses, my eset noticed it and it deleted a few files but the problem is still here.

The problem is:

- Whenever i try to search something in chrome's "Search bar" it searches in Yahoo instead, it redirects me away from google, if i manage to reach google.com and search for something in google it searches in yahoo! and sometimes it opens stupid ads and spam.
It has nothing to do with chrome's settings.

So this link pops up for a second when i search for something:
go.redirectro.com/v1/hostedse...7&keyword=test

What solutions i've tried:

1) Reinstalling chrome and reseting the settings = failed
2) Downloaded 4 different malware programs, "Hitman pro"/"Super anti spyware"/"Spy hunter"/malwarebyes", they all found cookies and small viruses each time, deleted them all = failed
3) Running those programs in safe mode ^ and deleting malware again = failed


I think the virus installs itself each time to the PC and to chrome, and idk how to get rid of it! i don't want to format...

I think it's hiding in "regedit" registry keys too but i can't find it, is there a program that shows you which recent registrys have showed up??



Thank in advance!
 

J_E_D_70

Honorable
Mar 21, 2012
396
0
11,060
50
Look in your hosts and lmhosts files and see if there is anything in there that doesn't begin a line with a "#".

https://www.howtogeek.com/howto/27350/beginner-geek-how-to-edit-your-hosts-file/
 

Showiz

Honorable
Sep 18, 2013
4
0
10,510
0
I couldn't quote you idk why.
Everything starts with "#", it seems to be fine.
Suddenly my problem has been solved, but i will keep this thread opened for a few more hours to see if it's a perma fix or a temp one....


Thanks for reply!
 

somesh101

Estimable
Jul 16, 2015
3
0
4,510
0
uninstall adware programs. they quikly install without you knowing.
control panel-> unsinstall prgrams

basically uninstall anything you don't remember installing leaving
programs such as c++ redistributal
sql server.
 

JoshRoss

Commendable
Jul 11, 2017
228
0
1,260
60
I would recommend not posting any links, as people might click it. Or at least filter the link so it wouldn't be clickable :)

I see that you have tried everything basic. Let's try a more thorough solution to this questions.

1. Restart your PC in “Safe mode with networking.”
2. Install and run RKill to kill malicious processes and services
3. Check your Programs and features and see if there are any new recently installed programs that you don’t recognize. If there are, remove them.
4. Use browser specific cleanup tools and uninstall the browser completely.
5. Do a full scan with anti-virus software of your choice or use Windows Defender to clean up initial infections.
6. Scan your PC with Hitman Pro, Malwarebytes, and AdwCleaner. Multiple anti-malware solutions will confirm that the threat was removed. Additionally, I recommend JRT and Zemana. And maybe SpyHunter (Long shot)
7. Use Norton Power Eraser for the 3rd layer of removal.
8. Clean up your Registry and Cached files with CCleaner
9. Do a disk check. Win + R and type the following: chkdsk C: /f /r /x
10. Restart your PC in normal mode and do an additional scan to confirm that the malware is gone
.
These steps should clean up any malicious files from your PC. If this doesn't work, let me know, ill try to write down a more thorough manual solution.
 

Showiz

Honorable
Sep 18, 2013
4
0
10,510
0



Yeah i already fixed it, but thanks!
You put alot of effort in it so i'll just make your post the "solution"
Also i didn't install a program, it was a game patch it was more "sneaky" it didn't show up in the "uninstall program".
But it randomly got fixed, i would say that the solution is first download like 4-5 anti malware programs, then start the Windows in safe mode and run them all and delete every malware, also backup/cloud sync your browser if you're going to reinstall it and it should fix the problem :).
And i suggest also going to your main "windows disk" "C" and search for weird new programs/users and delete them.
 

Avast-Team

Respectable
Mar 3, 2017
223
0
2,160
52
Glad to see you fixed it OP -- you're correct that these types of adware/spyware can propagate themselves, either by re-downloading or re-enabling the malicious extension or through other means.

JoshRoss gives some awesome advice. :) CCleaner could help you clean up your registry and uninstall or knock out the offending program, too.

Finally, something to put in your toolbox for future use - a boot time scan! This can often help to eliminate these types of self-restoring threats. (Many tools offer this including Avast Free: https://www.avast.com/en-us/faq.php?article=AVKB132) We have a Browser Cleanup tool as well that can help scan for potentially unwanted extensions, if you wanted to check that out, Josh also mentioned this: https://www.avast.com/browser-cleanup
 

mdd1963

Distinguished
free-game 'patch'----? Are these user-made 'cheats'?

Most come with malware, bitcoin miners, password capture programs, key loggers, and just adware if you are lucky

Folks deserve whatever they get, IMO..... :)
 

JoshRoss

Commendable
Jul 11, 2017
228
0
1,260
60
Not every game patch has to be pirated. Indie games, custom modification patches, beta or other forms of game stages can require you to download manual patches.

And yeah, often in %appdata%, C:\, or similar places you can find various custom folders and malicious files.

Also it is a shame I couldn't help you fast enough!
 

rgd1101

Polypheme
Moderator


True, but game patch contain malware?
 

Showiz

Honorable
Sep 18, 2013
4
0
10,510
0


Relax, it's was just a fake borderlands 2 patch.
It was just hard to find but it was my mistake, i just rushed it.
 

rgd1101

Polypheme
Moderator


Much like anything else. only download from official site.
 

JoshRoss

Commendable
Jul 11, 2017
228
0
1,260
60
We all know sometimes developers are not the most secure people, but as a fact, illegitimate software carries its own responsibilities. Rushed or not, there is always a chance you will be compromised.
 

jessejamez

Estimable
Apr 23, 2014
1
0
4,510
0


hi JoshRoss. I just want to ask you... well, I'm not ... okay, so I used to know a lot about computers. I mean, back in the middle ages I was a programmer! I knew Basic, Cobol, Fortran, and a language called APL which i'm pretty sure stood for A Programming Language! In fact, the first computers I worked on were with punch cards and teletype machines! When PC's came out I built them for AST and became pretty fluent with DOS. I held out on going to Windows for the longest time because it was the first time there weren't obvious commands to make what I wanted to happen work! Clearly, I had to conform eventually and then I found IRC or MIRC and that was something I could get back into! There I was able to learn the things that were important like which software to have that would allow me to fix things, see things that were happening in the background, how the files were organized, that sort of thing. And I was confident that I knew what files did what.
This i getting too long and I'm sorry about that. What it comes down to is that I want to know what my computer is doing and what the files in it are. I have no idea when I look at my file list, whether they are supposed to be there or not! I also don't have the arsenal of fix-it programs anymore like I used to. You seem to know what I really want to know again. What I'm trying to say is, would you be interested in helping me out with that? A little or a lot... I would be so happy if you would. Perhaps there are some things I could share with you from the old days that you'ld like to know?
I know there's always Youtube... but ya can't trust everything you see on the internet, ya know? Anyway, I'd be much obliged! Let me know if you want and I'll send you my email address. Thanks!
 
Thread starter Similar threads Forum Replies Date
MagnaGuard Antivirus / Security / Privacy 2
Paul Wagenseil Antivirus / Security / Privacy 0
Paul Wagenseil Antivirus / Security / Privacy 6
Marshall Honorof Antivirus / Security / Privacy 0
H Antivirus / Security / Privacy 2
P Antivirus / Security / Privacy 2
D Antivirus / Security / Privacy 4
Marshall Honorof Antivirus / Security / Privacy 1
S Antivirus / Security / Privacy 1
M Antivirus / Security / Privacy 1
L Antivirus / Security / Privacy 3
B Antivirus / Security / Privacy 1
C Antivirus / Security / Privacy 7
A Antivirus / Security / Privacy 7
C Antivirus / Security / Privacy 8
G Antivirus / Security / Privacy 0
R Antivirus / Security / Privacy 0
R Antivirus / Security / Privacy 0
henrytcasey Antivirus / Security / Privacy 0
V Antivirus / Security / Privacy 4

Similar threads


ASK THE COMMUNITY

TRENDING THREADS