Eastness “Virus” Removal from Chrome/Firefox/IE/Edge

0
511

Adware programs all tend to reveal their presence in the exact same way: you open your Chrome, Firefox, Edge or other popular browser and start to notice and unusually high number of various popups, banners, box messages and other online ads.

What’s more, it appears that the many ads aren’t even tied to any of the webpages you visit, they just seem to come up on your screen indefinitely. Furthermore, users also tend to notice fairly quickly that they get randomly redirected to different sponsored websites they never actually intended to visit. This, too, is a direct result of the activity of adware on your machine. Today we’ll be looking at a specific adware representative called Eastness Chrome “Virus”. We’ve been receiving a number of complaints from users, asking us to help them out with the infection with this program. It is in response to those complaints that we have created the following article and the removal guide that you will find below it.

What adware does and why

The first reaction of most people, who encounter adware or other similar programs, is panic. They tend to not know what kind of program they have run into exactly and usually assume the worst, thinking they’ve been infected by a virus or some form of malware. While Eastness “Virus” is certainly not a virus and won’t try to harm your system, there are still certain aspects about this software category that we think our readers should be aware of. For one, you need to understand the principle of the way programs like Eastness “Virus” function. As the name of the software would suggest, these programs specialize in generating and distributing large quantities of online ads. The point of those ads is to gain more exposure for the advertised products and services on the one hand, and to earn revenue for the adware developers – on the other.

Revenue is made every time a user clicks on any of the said ads, which is made sure of by the popular remuneration system better known as the Pay Per Click or PPC scheme. This scheme, however, tends to breed some unsavory practices, such as the practice of looking into your browser history and extracting certain data from it. Eastness Chrome “Virus” and similar programs can be set to monitor your browsing activity and record it. For example, they can be interested in gathering information related to the websites you visit most frequently or the type of content you tend to gravitate towards on social media by means of liking and sharing. Another thing they often focus on are your online search requests. All of the above data will tell the adware where exactly your current interests lie and what kind of products and services you will be more likely to show interest in.

With this information in hand, the program in question can then adjust the stream of ads to match your preferences. That way it will increase the chances of you actually interacting with it ads and therefore increase the potential profit that the developers can make. However, as clever and well-thought out as it sounds, this is still more often than not seen as a privacy violation and most people wouldn’t agree to have their browsing activity monitored and recorded by some strange program. Furthermore, this is actually oftentimes also the reason why adware and similar programs are often classified as potentially unwanted. But there’s more to it than just the privacy factor…

Other risks to be aware of

We already pointed out that you are not currently dealing with a virus, and that’s a good thing. But it’s still not enough reason to completely relax and let your guard down. Unfortunately, programs like Eastness Chrome”Virus” can make your system vulnerable to actual malware like the notorious Trojan horses or even the fearsome ransomware. This can happen thanks to the changes that they may introduce to your Registry, which may weaken your system’s defense mechanisms. Alternatively, the many ads can also indirectly expose you to the risk of contracting some horrible virus, as well. Due to the popular distribution tactic used for spreading ransomware and other harmful pieces of software known as malvertising, any online ad can potentially prove to be dangerous to your system. For this reason we would strongly recommend that you avoid interacting with any online ads and simply remove the program responsible for generating them.

Eastness “Virus” Removal

Before you begin completing the steps from the following guide, we advise you to place a bookmark on this page or have it opened on a separate device since some of the following steps will require you to close your browser.

Enter Safe Mode. If you don’t know how to do it, use this guide.

II 

Open the Task Manger by pressing Ctrl+Shift+Esc. Go to the processes/details Tab and take a look at the resulting list. If you see a process with the name of the unwanted program or looks shady, right-click on it and select Open File Location. If you believe it is part of the infection, delete the files.

III 

Use the Winkey+R key combination to open the Run window and in the search field type appwiz.cpl. Hit Enter and in the resulting list, look for recently installed programs that look potentially unwanted. If you find anything – uninstall it.

IV 

Re-open Run and this tie type msconfig. Hit Enter again and in the resulting window, go to the Startup tab. See if there are any shady programs there and if anything looks suspicious uncheck it and then select OK.

In the Start Menu search field, copy-paste the following line: notepad %windir%/system32/Drivers/etc/hosts . Open the first result and look at the bottom of the file where it says “Localhost”. If there are any IP addresses below that, tell us what they are in the comments since they might be coming from the unwanted software.

VI 

Type Network Connections in the Windows search field and click on the first result. Right-click on the adapter that you are using at the moment and go to Properties > Internet Protocol Version 4 (TCP/IP) > Properties.

If the DNS line is not set to Obtain DNS server automatically, make sure to check that option.

Now go to Advanced > DNS tab and remove everything in DNS server addresses, in order of use.

VII 

Right-click on your browser’s icon and select Properties. Delete everything in Target that is after .exe”.

For Chrome users

Close Chrome and go to this folder: C:/Users/*Your username*/AppData/Local/Google/Chrome/User Data. Change the name of the Default folder to Backup Default. Re-open Chrome.

For Firefox users

Open Firefox and click on the Main Menu > Add-ons > Extensions. If you see anything suspicious there, remove it.

For IE users

When you open the browser, go to Tools > Manage Ad-ons and remove the unwanted software if you see it there. Next, go to Tools > Internet options and change the homepage URL to whatever you are normally using.

VIII 

Open Run (Winkey+R), type Regedit and click on OK. Next, press Ctrl+F and type the malware name. Hit Enter and delete everything that gets found.

If there are no results from the search, manually visit those folders in the Registry Editor.

  • HKEY_CURRENT_USER/Software
  • HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run
  • HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/Main

If you find there any suspicious keys that have names with a lot of random letters and numbers, delete them or if you are not sure, tell us in the comments what you saw.

LEAVE A REPLY

Please enter your comment!
Please enter your name here