Click on screenshot to zoom
Danger level 9
Type: Trojans
Common infection symptoms:
  • Connects to the internet without permission
  • Installs itself without permissions
  • Slow Computer
  • Slow internet connection
  • System crashes

Chrome redirect virus

Have you noticed that whenever you browse the web, your sessions are interrupted by annoying web page redirecting? Then maybe Chrome Redirect Virus has been infiltrated onto your operating Windows system. Needless to say, the infection is a threat to Google Chrome browser users; however, note that variations of this Internet redirect virus could be a threat even if you run Internet Explorer or Mozilla Firefox. Do you think that the malicious application simply causes irritating web page rerouting? Unfortunately, this is not the main threat, and you should be more cautious about which sites you end up in. As research shows, the malignant infection can force you to visit suspicious advertisement web pages and other precarious sources. Have you noticed that the speeds of your Internet connection have decreased or that your Google Chrome browser is running disorderly? Find out if you do not need to delete Chrome Redirect Virus in order to fix this.

Also known as Browser Redirect Virus, the malicious Google Chrome hijacker can block you from accessing any web sources, including Google.com or Yahoo.com. It has been discovered that the virus actually is a Trojan which may enter vulnerable Windows systems via spam email attachments, bundled downloads, freeware and even social engineering scams. Note that this infection goes by various names, including TDSS Rootkit or Alureon Trojan. The initial attack is performed surreptitiously and you may know nothing about the existing Chrome Redirect Virus, especially if no malware detection and removal tools have been implemented. Nevertheless, as soon as you notice redirecting to such suspicious sites as search.babylon.com and searchqu.com or other notable symptoms, you should remove Chrome Redirect Virus.

If you have already dealt with redirect infections, you may be able to delete Chrome Redirect Virus and fix reconfigured settings manually. Please follow the manual removal instructions presented below.

Remove Chrome Redirect Virus Manually

Change Google Chrome proxy settings:

  1. Launch the browser and simultaneously tap Alt+F.
  2. Select Settings, move down the page and click on Show advanced settings...
  3. Navigate to Network and click on Change proxy settings…
  4. Click on the Connections tab and then hit the LAN settings button.
  5. Move the cursor to Proxy server and un-check the first box. Click OK.

Change TCP/IP configurations

Windows XP:

  1. Navigate to the left of Task Bar and click on Start.
  2. Click on Control Panel and then select Network Connection.
  3. Double-click on Local Area Connection and select Properties.
  4. Double-click on Protocol (TCP/IP).
  5. Choose “Obtain an IP address automatically” and “Obtain DNS server address automatically”. Click OK.

Windows Vista:

  1. Click on Start, go to Control Panel and select Network and Internet.
  2. Now click on Manage network connections under Network and Sharing Center.
  3. Choose a connection and right-click. Click Properties.
  4. Click on the Networking tab and select Internet Protocol Version 4 (TCP/IPv4) or Internet Protocol Version 6 (TCP/IPv6). Click Properties.
  5. Choose “Obtain an IP address automatically” and “Obtain DNS server address automatically”. Click OK.

Windows 7:

  1. Open the Start menu, click on Control Panel and enter “adapter” into the search box.
  2. Click on View network connections.
  3. Right-click on the chosen connection. Click Properties.
  4. Select Internet Protocol Version 4 (TCP/IPv4) or Internet Protocol Version 6 (TCP/IPv6). Click Properties.
  5. Choose “Obtain an IP address automatically” and “Obtain DNS server address automatically”. Click OK.

Change Windows Host File

  1. Find the “hosts” file under C:\Windows\system32\drivers\etc.
  2. Right-click on the file and select to open it with Notepad.
  3. Navigate to the bottom of the Copyright text. Remove all the lines except “127.0.0.1 localhost” or “::1”.
  4. Click “X” to close the window and click Yes to save the changes.

Delete Chrome Redirect Virus from the browser:

  1. Launch the browser and simultaneously tap Alt+F.
  2. Click on Tools and go to Extensions.
  3. Find suspicious extensions and remove each of them by clicking on the trash icon.

Remove Chrome Redirect Virus Automatically

Even though manual removal may bring success, it is more likely that you will have to install automatic removal tools to find and delete Chrome Redirect Virus. Do not forget that the application is a clandestine Trojan which could hide with the assistance of rootkit components. To check if manual removal brought success – install a reliable spyware scanner to inspect your PC. If it detects malignant files or programs – rush to remove them.

Download Spyware Removal Tool to Remove* Chrome redirect virus
  • Quick & tested solution for Chrome redirect virus removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Chrome redirect virus

Files associated with Chrome redirect virus infection:

%LOCALAPPDATA%\Apple Computer\Adobe
%LOCALAPPDATA%\Snapfish
%LOCALAPPDATA%\Sonic
%LOCALAPPDATA%\LeaderTech
%LOCALAPPDATA%\MainConcept
%LOCALAPPDATA%\ProtectStar
%LOCALAPPDATA%\AIM Toolbar
%LOCALAPPDATA%\PTP
%LOCALAPPDATA%\DeviceVM
%LOCALAPPDATA%\Red Storm Entertainment
%AppData%\??????
%LOCALAPPDATA%\Conduit\Babylon
%LOCALAPPDATA%\ClassesB
%LOCALAPPDATA%\Google
%LOCALAPPDATA%\Bitberry
%LOCALAPPDATA%\Macrovision
%LOCALAPPDATA%\bProtector
kbd101V.dll
%LOCALAPPDATA%\Apple\AOL
%LOCALAPPDATA%\IADirectShow
%LOCALAPPDATA%\AVS4YOU
%LOCALAPPDATA%\Adobe\ActiveState
%LOCALAPPDATA%\Blizzard Entertainment
%LOCALAPPDATA%\JavaSoft
%LOCALAPPDATA%\Google\Apps
%LOCALAPPDATA%\ATI\Adobe
%LOCALAPPDATA%\Adobe\Acer
%LOCALAPPDATA%\LogMeIn
%UserProfile%\Local Settings\Application Data\Netscape
%LOCALAPPDATA%\CamfrogWEB
%LOCALAPPDATA%\RuneScape
%LOCALAPPDATA%\Comical
%LOCALAPPDATA%\Apple
%LOCALAPPDATA%\Vodafone
%UserProfile%\Local Settings\Application Data\Microsoft
%LOCALAPPDATA%\Move Media Player
%AppData%\?????
%UserProfile%\Local Settings\Application Data\Apple Computer\Apple
%LOCALAPPDATA%\Diagnostics\Dell
%LOCALAPPDATA%\VirtualDJ
%LOCALAPPDATA%\Logitech
%LOCALAPPDATA%\Unity
%LOCALAPPDATA%\DT Soft
%LOCALAPPDATA%\Full Tilt Poker
%LOCALAPPDATA%\SupportSoft
%LOCALAPPDATA%\MainBoss
%LOCALAPPDATA%\Enterbrain
%LOCALAPPDATA%\GNU
%LOCALAPPDATA%\LDM
%LOCALAPPDATA%\CyberLink\CutePDF Writer
xriotabb.dll
%LOCALAPPDATA%\Askcom
%LOCALAPPDATA%\Microsoft Games\Google
%LOCALAPPDATA%\Sony Corporation
%LOCALAPPDATA%\Tibo Software
%LOCALAPPDATA%\Logos4\Google
%LOCALAPPDATA%\Valve
%LOCALAPPDATA%\Intel
%LOCALAPPDATA%\Diagnostics\Apple Computer
%LOCALAPPDATA%\BitTorrent
%LOCALAPPDATA%\Synaptics
%LOCALAPPDATA%\Conduit\Adobe
%LOCALAPPDATA%\CrashDumps\Apps
%LOCALAPPDATA%\AhnLab
%LOCALAPPDATA%\Downloaded Installations\Apple Computer
%LOCALAPPDATA%\GSpot Appliance Corp
%LOCALAPPDATA%\Apple Computer\Ahead
%LOCALAPPDATA%\Mozilla
%LOCALAPPDATA%\SpeedyPC Software
%LOCALAPPDATA%\Downloaded Installations\Dell Edoc Viewer
%LOCALAPPDATA%\MainConcept (Adobe2)
%LOCALAPPDATA%\7-Zip
%LOCALAPPDATA%\VidSoft
%LOCALAPPDATA%\DataMngr
%LOCALAPPDATA%\Hewlett-Packard
%LOCALAPPDATA%\HP
%LOCALAPPDATA%\SSPrint
%LOCALAPPDATA%\APN\Adobe
%LOCALAPPDATA%\VB and VBA Program Settings
%LOCALAPPDATA%\Gabest
%LOCALAPPDATA%\Babylon\ATI
NOTEPAD.EXE
%LOCALAPPDATA%\RealNetworks
%LOCALAPPDATA%\ScanSoft
%LOCALAPPDATA%\Ask.com
%LOCALAPPDATA%\Dell\Adobe
%LOCALAPPDATA%\SkypeRS
%LOCALAPPDATA%\Netscape
%LOCALAPPDATA%\AIM\Adobe
%LOCALAPPDATA%\NDS
%LOCALAPPDATA%\Motive
%AppData%\???
%AppData%\????
%LOCALAPPDATA%\MainConcept (Muvee)
%LOCALAPPDATA%\Adobe
%LOCALAPPDATA%\Apple Computer
%LOCALAPPDATA%\Winferno
%UserProfile%\Local Settings\Application Data\RealNetworks
%LOCALAPPDATA%\assembly\Adobe
%LOCALAPPDATA%\Avg2013\AVG Secure Search
%LOCALAPPDATA%\CyberLink
msdeltam.dll
%LOCALAPPDATA%\Zugo
%LOCALAPPDATA%\Savings Bond Wizard
%LOCALAPPDATA%\Tific
%LOCALAPPDATA%\Realtek
%LOCALAPPDATA%\Bodog Poker
%LOCALAPPDATA%\Spotify
%LOCALAPPDATA%\Apple Computer\Apple
%LOCALAPPDATA%\Inbox Toolbar
%LOCALAPPDATA%\NVIDIA Corporation
%LOCALAPPDATA%\Akamai
%LOCALAPPDATA%\Foxit Software
%LOCALAPPDATA%\Apple\Ancestry.com
%LOCALAPPDATA%\IM
%LOCALAPPDATA%\Macromedia
%LOCALAPPDATA%\Dell
KBDSL1B.dll
%LOCALAPPDATA%\Lenovo
%LOCALAPPDATA%\FreeCDRIP
%LOCALAPPDATA%\Widcomm
%LOCALAPPDATA%\Apple\Adobe
%LOCALAPPDATA%\Nico Mak Computing
%LOCALAPPDATA%\Softonic
%LOCALAPPDATA%\Amazon
%LOCALAPPDATA%\Apps\Adobe
%LOCALAPPDATA%\Intuit
%LOCALAPPDATA%\Microsoft
%LOCALAPPDATA%\Ahead
%LOCALAPPDATA%\Highway
%LOCALAPPDATA%\AlwaysNeat\Adobe
%LOCALAPPDATA%\McAfee Personal Vault
%LOCALAPPDATA%\Roxio
%LOCALAPPDATA%\Simutronics
%LOCALAPPDATA%\WinRAR SFX
%LOCALAPPDATA%\MFAData\Deployment
%LOCALAPPDATA%\Apps\APN
%LOCALAPPDATA%\Chromium\Apple Computer
%LOCALAPPDATA%\Corel
%LOCALAPPDATA%\Conduit\Avg2013
%LOCALAPPDATA%\Paint.NET
%LOCALAPPDATA%\EasyBits
%LOCALAPPDATA%\Affinix
%LOCALAPPDATA%\Flux
%LOCALAPPDATA%\NPE\Microsoft Help
%LOCALAPPDATA%\ArcSoft\Apple
%LOCALAPPDATA%\Aimersoft\Adobe
%LOCALAPPDATA%\Search Settings
%APPDATA%\Bitrix Security

Chrome redirect virus DLL's to remove:

msdeltam.dll
xriotabb.dll
kbd101V.dll
KBDSL1B.dll
Disclaimer

Comments

  1. ahmed Apr 6, 2015

    thnx

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.