Chromestera malware

Status
Not open for further replies.
K

KirillP

New Member
Thread author
Sep 26, 2023
5
0
2
Hello, I recently accidentally installed Chromestera on my laptop, which ended up making it so that anytime I search anything on google, it redirects me to "bangsearch pro". I was wondering if anyone knows how safe I am and if/how I can remove it?
 
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.
 

Attachments

  • Like
Reactions: KirillP
Here is the fixlog, sadly it seems like it still searches through bangsearch.pro though so I am not sure if the issue is resolved
 

Attachments

HI,


Delete both of theses files.


Restart the computer normally.


Then run this scan.

Sophos Virus Removal Tool

Please download Sophos Virus Removal Tool and save it to your computer's Desktop.
  • Right-click the icon and select Run as administrator.[/*]
  • Click Yes to accept any security warnings that may appear.[/*]
  • Click the Next button.[/*]
  • Select 'I accept the terms in the license agreement', then click Next twice.[/*]
  • Click the Install button and wait until the installation is complete.[/*]
  • Click the Finish button. The tool created a shortcut icon on the Desktop of your computer.[/*]
  • Now, double-click the Sophos Virus Removal Tool shortcut icon to run the tool.[/*]
  • Click Yes to accept any security warnings that may appear.[/*]
  • After it updates and a "Start Scanning" button appears in the lower right:
    • Disconnect from the Internet or physically unplug your Internet cable connection.[/*]
    • Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.[/*]
    • Temporarily disable your anti-virus and real-time anti-spyware protection.[/*]
    [/*]
  • Click the "Start Scanning" button in the lower right to start the scan.[/*]
  • After starting the scan, do not use the computer until the scan has completed.[/*]
  • When finished, if it detected anything there will be a "Start Clean-up" button, click it and allow it to finish.[/*]
  • When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.[/*]
  • If any threats are found click Details, then View Log file (bottom left-hand corner).[/*]
  • Copy and paste its contents in your next reply and note any errors encountered.[/*]
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup.[/*]
  • Click Exit to close the program.[/*]
  • If no threats were found, please confirm that result.[/*]
Note: Whenever necessary, the log will be in the following location:

Windows Vista and above:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log

Please post the contents of the log in your next reply and note any errors encountered.

Let me know if the problem persists.
 
  • Like
Reactions: KirillP
It seems to have done the trick after deleting and restarting - the scan came up with no threats. When I deleted the files yesterday the problem I had was that I didnt restart the pc, so it kept directing me to a different search - now it seems to be good. Thank you for your help!
 

Attachments

HI,

Good news. After deleting a program you should always reboot the system.
This will reset the Registry and remove any entries associated with it.
 
  • Like
Reactions: KirillP
Status
Not open for further replies.

You may also like...