My Google account is possibly infected with a Malware

M

Mike Messiah

Disciple
I have reinstalled my windows, installed chrome from scratch, yet this problem occurs. In settings>search engine> Search engine used in the address bar .. i have search options to choose:
  • google
  • bing
  • duckduckgo
  • yahoo
When i use 'bing' , i get results from bing. All is fine. Same with 'duckduckgo' and 'Yahoo'. No problem. However when i pick the option of ' google' , my address bar search leads me to https://ursearch.net/?s=
On the same computer when i switch to my alternate Google account on Chrome, setting search option as ' google' gives me google search results, rightly so.
I don't use any extension, i always delete browser history, cookies, cache, disabled any possible trackers, even removed 'personalized Ads' option from my google account.

Here is the crazy part. I shared this problem with my friend who right away said its a virus issue. So i took his laptop, logged him out of chrome, logged in to chrome with my account, and did a search and BAM, i am lead to the same old site: https://ursearch.net/?s= . My friend was panicking, saying i "infected" his laptop. He logged into his google account and the problem isn't there, its normal like how it is with my alternate google account.

I tried every "solution" on various websites, even those that sneakily push us to download their software. AdwCLeaner, Malwarebytes, name every malware killing software and i have tried it all.
The most common advice i got is to abandon my main google account. Its not so easy as every part of my financial and academic life is linked to this account.
 
It seems to be the malware is messing with chrome's DNS settings. I haven't seen this type of issue but you won't have to abandon your account, just look for something related to DNS in chrome's advanced settings
 
My guess would be some malicious chrome extension. Extensions get synced and installed with the associated Google account.

Try removing all extensions from chrome extension settings, let it sync and then reset chrome/do a fresh chrome install. Hopefully that fixes it.
 
Rajs64 said:
Can u try this using cmd prompt( run as administrator)

rd /S /Q "%WinDir%\System32\GroupPolicyUsers"
rd /S /Q "%WinDir%\System32\GroupPolicy"
gpupdate /force
Click to expand...
No point of this, it's used to update group policies applied by your domain controller. If the system isn't domain joined and is using a local account then this does nothing.
Also this won't fix the issue.
 
Have you tried using this google account in some other browser like Firefox or Safari? If it doesn't resort to the same issue in Firefox, you can be sure that it is some extension associated with your account in the Chrome store and like others have mentioned above, it downloads in the background and giving you the impression that your chrome is extension-free but it really isn't.

If the issue persists in Firefox too, then you have a problem with your account itself and might need deeper investigation. But I am almost sure it won't.
 
Check if your phone is infected by some malware as it might happen that its triggering something.

Also, check in Task scheduler if some fishy task is running triggering the issue. Delete any unknown tasks.
www.hellotech.com

Ways to Tell if Your Google Account Has Hacked by Gooligan - The Plug - HelloTech

Your Google account could be among the million compromised by the latest malware campaign, Gooligan. And it’s one mean cyber threat. Even as we
www.hellotech.com www.hellotech.com
 
Guys problem solved. Someone on Digit forum helped me.
The solution: I simply had to edit the search url
In the SETTING> SEARCH ENGINE> SITE SEARCH section i clicked Edit on the SITE OR PAGE for Google. And lo and behold, in the area where we enter URL with %s in place of query , that sneaky usearch.net link was there.
So apparently my diagnosis is that my Google Account had saved my chrome settings, and in my chrome setting, the url for Google search was set to usearch.net. So no matter which computer i log in to, the moment Google Chrome Syncs, all my personalized settings are applied, including the url for google which is set to usearch.net
So yes, there is no "malware in my account" per se... just that some malware had changed the url in my chrome setting, which synced with my google account.
Just putting this out here, incase someone on the internet face the same problem, because apparently hours of google search didn't give me ANY solution, and instead it was some random dude on Digit forum.

Anyways thanks for all the help. Apparently TechEnclave is much livelier than Digit . So many responses here.
 
Back
Top