Pc affected by malware

vikrant2407

Commendable
Jul 19, 2016
3
0
1,510
0
Hello,
I own a Compaq presario CQ42 INTEL 2.00GHZ pentium 6 with 4 gigs of ram and 64 but windows 7 professional.
I am a gta sa lover. I always install new modes from the website Gtaall.com. In automatic mode installation wizard, there is an option for making gtavucecity.ru as favourite, desktop icon. I always uncheck that option but two days back I accidently forgot unchecking. After that all bad things are happening.
Day 1: go.mail.ru automatically became the default search engine and homepage in chrome only not in IE. I changed the homepage and search engine to google and then chrome worked fine throughout. But after shutdown and rebooting , the problem reoccured. Once again I have to change the settings and it worked fine until I shut down.
Day 2: restore my laptop through recovery to a restore point of 11 June 2016. After that the problem even worsened. Although the google remained default search engine and homepage but whenever I enter a search term, it redirects to go.mail.ru.
Tried all settings, blocking pop ups,java scripts and denying all permission. The go.mail.ru still reflected but didn't show search result, I suppose, can't read as webpage is in Russian.
Tried reinstall ing chrome, but the problem remained still in tact.

After searching few posts on google, tried to figure out the malicious files in C drove, register, task manager, installed programs. It is not in chrome extension either.
I can't do anything as I am more familiar with chrome rather than IE.
It's my humble request please try to provide a solution, as I can't open internet.
P. S. The malware search result comes after google search results appear for some seconds.
 

Ralston18

Dignified
Moderator
Make a copy of the existing hosts file as a backup. Give it a slightly different name and be sure you know where the file saves.

Edit the existing file per the link above.

Try using (as in Step 4)

127.0.0.1 go.mail.ru

As for the the ipv4 address change "comment" I would not expect that to be of concern. When your Compaq is authorized to join a network a DHCP IP address will be issued and that IP address can change. That is a normal part of networking protocols.
 

vikrant2407

Commendable
Jul 19, 2016
3
0
1,510
0
Should I block the go.mail.ru.
What should I enter as ip address.
The thing is that i use tata photon max wifi, and the ipv4 address change every time with reconnection
 

Ralston18

Dignified
Moderator
Make a copy of the existing hosts file as a backup. Give it a slightly different name and be sure you know where the file saves.

Edit the existing file per the link above.

Try using (as in Step 4)

127.0.0.1 go.mail.ru

As for the the ipv4 address change "comment" I would not expect that to be of concern. When your Compaq is authorized to join a network a DHCP IP address will be issued and that IP address can change. That is a normal part of networking protocols.
 

vikrant2407

Commendable
Jul 19, 2016
3
0
1,510
0
After blocking website from host file and blocking all popup and permission like java, microphone, location etc in chrome.
The google search result is no more redirecting to go.mail.ru.
Till now no problem faced.
But I doubt if that website secretly steal my data from chrome
 
Thread starter Similar threads Forum Replies Date
frostin71 Antivirus / Security / Privacy 4
Me. Opanak Antivirus / Security / Privacy 1
S Antivirus / Security / Privacy 1
DCB007 Antivirus / Security / Privacy 4
N Antivirus / Security / Privacy 5
Nighty_z Antivirus / Security / Privacy 5
P Antivirus / Security / Privacy 2
H Antivirus / Security / Privacy 7
P Antivirus / Security / Privacy 1
T Antivirus / Security / Privacy 1
A Antivirus / Security / Privacy 7
F Antivirus / Security / Privacy 2
R Antivirus / Security / Privacy 7
A Antivirus / Security / Privacy 1
O Antivirus / Security / Privacy 1
S Antivirus / Security / Privacy 1
Z Antivirus / Security / Privacy 1
K Antivirus / Security / Privacy 3
K Antivirus / Security / Privacy 1
Marshall Honorof Antivirus / Security / Privacy 1

ASK THE COMMUNITY