Remove go.mail.ru search engine virus from Chrome, Firefox and IE

by

It’s hugely annoying to be faced with a computer infection like the go.mail.ru virus, which reroutes the browser to the unwanted site without permission.

What is the go.mail.ru virus?

Many web services bump into an ethical dilemma at some point of their evolution. It comes down to choosing which promotion mechanism to favor: aggressive or entirely unobtrusive one. Some providers manage to strike a balance, but quite a few end up literally forcing people to use whatever they have to offer. The go.mail.ru virus is a prime example of the overly straightforward marketing that’s gaining momentum these days. This malicious application is pushing the Internet search feature affiliated with mail.ru, one of the most popular webmail services Russia. The problem is, many users from outside that country have been reporting instances of browser hijacking, with go.mail.ru being the landing page. Even in the case of Russian-speaking audience, numerous victims’ online surfing is forwarded to said site without any sort of obvious authorization.

The victims keep visiting go.mail.ru as a result of browser redirect activity
The victims keep visiting go.mail.ru as a result of browser redirect activity

Here’s the deal: the search engine in question is legitimate and probably shouldn’t be blamed for defiantly taking over web browsers. However, there are individuals driving traffic to it in a shady way. What for? Most likely to get paid by interested parties, perhaps including go.mail.ru itself. When a ‘classic’ browser hijack like this occurs, the infected user’s web navigation is first routed through a number of interstitial domains and only then arrives at the ostensibly safe and reputable spot. Every such imperceptible hit is recorded within a dodgy monetization framework, and the virus authors rake in the profits while diminishing the victims’ browsing experience.

Although the go.mail.ru virus gets around users’ consent in terms of changing certain system settings, its infiltration into a PC is always a matter of the would-be victim opting for something. The decision tends to be an uninformed one, though. The typical contamination scenario is about a bundling maneuver, where a piece of safe software is installed in conjunction with the culprit. No details regarding the combo are mentioned in the default setup screens, which explains why lots of people are unaware of the drive-by malware. When inside and running, the unwelcome code goes stubborn on the host by adding a scheduled task that re-executes the bad binary if terminated by the user. The active phase of the attack involves a replacement of browser preferences with go.mail.ru. The settings that are subject to this tweaking include the preferred search engine and default homepage.

Therefore, the victim will visit the Russian site whenever they enter keywords in the omnibox or simply launch Chrome, Firefox, or Internet Explorer. This, clearly, isn’t the way web surfing should work, therefore removing the malware is on the agenda of anyone infected. Luckily, the cleanup process isn’t too complicated – see below for details.

Automatic removal of go.mail.ru search engine virus

When it comes to handling infections like this one, using a reputable cleaning tool is the place to start. Sticking to this workflow ensures that every component of the adware gets found and eradicated from the affected computer.

1. Download and install the cleaning tool and click the Start Computer Scan button Download Go.mail.ru removal tool

2. The wait is worth it. Once the scan completes, you will see a report listing all malicious or potentially unwanted objects detected on your PC. Go ahead and click the Fix Threats option in order to get Go.mail.ru redirect automatically uninstalled from your machine along with all of its modules. This being done, you should be good to go.


Uninstall Go.mail.ru through Control Panel

  • From your Windows menu, go to Control Panel. Select Add or Remove Programs (for Windows XP / Windows 8) or Uninstall a program (Windows Vista / Windows 7) Uninstall a program
  • Find Go.mail.ru on the list. If it’s nowhere to be found, look for multimedia related programs (e.g. Flash Enhancer) or other odd-looking apps you remember to have installed lately. Select the suspicious one and click Uninstall/Change Uninstall Go.mail.ru related software

Remove go.mail.ru redirect virus from web browsers manually

The workflow covered below is intended to undo all changes that the Go.mail.ru virus made to Chrome, Firefox and Internet Explorer. The fix includes several steps: removing the malicious extension; and (if the previous action turned out inefficient) resetting the browser. Be advised there’s some collateral inconvenience you will encounter in the latter case, namely the loss of all installed add-ons and personalized information (saved passwords, cached data, bookmarks and other content).


Remove Go.mail.ru in Chrome

1. Uninstall the Go.mail.ru extension
  • Click the Chrome menu icon and select More tools > Extensions Access Chrome Extensions interface
  • Find the add-on associated with Go.mail.ru and click the trash bin next to the bad entry Trash the Go.mail.ru add-on
2. Restore homepage defaults
  • Go back to Chrome menu and select Settings Go to Settings screen
  • Go to On startup sub-section and activate the Open a specific page or set of pages option. Also, click Set pages Set pages button
  • Locate the Go.mail.ru entry under Startup pages and hit X button next to it Remove Go.mail.ru from Startup pages
3. Restore correct search preferences
  • Proceed to Manage search engines and select the service you prefer to use Eliminate malicious search provider and select preferred one in Chrome
4. Restart Google Chrome

Remove Go.mail.ru in Firefox

1. Eliminate the respective add-on
  • In Firefox, go to Tools > Add-ons Go to Firefox Add-ons screen
  • Hit the Extensions tab and locate Go.mail.ru on the list. Click Remove to get rid of it
2. Fix the homepage settings
  • Go to Tools > Options Open up Firefox Options
  • Hit the General tab and click Restore to Default (see image below) Restore home page in Firefox
3. Set the preferred search provider
  • Click the magnifying glass icon in Firefox search box and select Change Search Settings Select the Change Search Settings option
  • Select the search engine to use by default and hit OK to save the changes Select default search engine in Firefox
4. Restart Mozilla Firefox

removal from Internet Explorer

  • Open IE. Go to Tools > Manage Add-ons Manage Add-ons entry in IE
  • Select Toolbars and Extensions in the navigation pane, locate the items related to Go.mail.ru, including the Go.mail.ru API, right-click each one select Remove in the context menu Remove from IE Toolbars and Extensions list
  • Restart IE and check for symptoms of the infection. If the Go.mail.ru ads are not appearing anymore, then no further action is required. If the adware is still there, proceed to the steps below
  • Go to Tools > Internet Options Reset Internet Explorer 1
  • Hit the Advanced tab and click Reset Reset Internet Explorer 2
  • Make sure the Delete personal settings option on the Reset Internet Explorer Settings dialog is ticked and click Reset Reset Internet Explorer 3
  • Restart Internet Explorer for the changes to take effect

Did the problem go away? Check and see

Computer threats like the Go.mail.ru virus can be stealthier than you can imagine, skillfully obfuscating their components inside a compromised computer to evade removal. Therefore, by running an additional security scan you will dot the i’s and cross the t’s in terms of the cleanup.

Download Go.mail.ru virus scanner and remover

Related posts

  1. Remove Piesearch virus from Chrome, Firefox and IE
  2. Cerber3 ransomware removal: how to decrypt .cerber3 virus files
  3. Fantom ransomware removal: how to decrypt .fantom files virus
  4. Remove ODIN virus ransomware – decrypt .odin files

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.