I have a virus that starts Google Chrome (even when it's disabled from startup) and has now copied my bank info and charged me

[kaio37k]

A few months ago, I got a virus (don't know how, I'm usually pretty careful) and it starts Google Chrome even though I disabled Google Chrome from starting when I boot. the website id zebragamer.net

I haven't been able to find any help online and haven't found a solution myself.

Just today, I got a bank charge for $50 after entering my info on the Google Playstore (dev fee).
The charge was from Megaflix.n

Do I have a keylogger installed?

What do I do? Any help would be greatly appreciated!

 

[ss202sl]

Why would you enter your banking info on a computer that you know has a virus on? Call the bank and dispute the charge. Also if you can't clean the virus, I'd be wiping the system and re-installing the OS.

 

[iLiftFood]

Agreed with ss202, wipe the harddrive completely.

 

[Ck1_13]

Virii are sometimes rather difficult to get rid of. In the 'strictest sense', once infected you should format/reinstall as we really don't know 'what it did', and removing them does not fix/put back what they have done. HOWEVER, try this:

Start your computer in safe mode with networking.

Log in as administrator

Download/install Malwarebytes , and run a full scan.

Once completed, restart again to safe mode, and search google for 'free online virus scan'. Try housecall, or anyone you like. You need to do an 'online' scan, because your current scanner has been compromised.

Hopefully this rids your machine of it. If this fails, then you need a 'specific' fix, for the 'specific' virii you have, which means some google searching on the sites it takes you to, or the popups you get.

If regular scans do not aliviate the problem, and a specific fix cannot be found, you may need to backup data and clean install.

P.S. Change all of your online passwords from an uncompromised PC, and call your bank and the authorities.

 

[kaio37k]

Have you run the normal anti-virus and malware scans?

I have run multiple anti-virus scanners but none of them have detected anything.

 

[kaio37k]

Why would you enter your banking info on a computer that you know has a virus on? Call the bank and dispute the charge. Also if you can't clean the virus, I'd be wiping the system and re-installing the OS.

I didn't think that it was virus, I thought it was just malware (still stupid I guess). I disputed the charges fine, but how would I go about 'finding' this virus myself? I know that it is beyond Chrome because I disabled Chrome from startup but it still starts JUST this site. It has gone undetected in all the virus scanners I tried. Where would I start? Wiping my OS would be my last option.

 

[The Original Ralph]

after spending about 8 hours one day, running all the scans the folks on majorgeeks.com recommended for the malware/virus/trojan/spybot that had infected my computer, a light in my brain switched on

i use EaseUS ToDo Backup (free version at their web) to do backups as it's the fastest - i just cloned the whole backup disk back onto the boot disk and everything's gone - no need to worry about the bug that's hiding in the registry, waiting to re-install itself on the next boot

btw, now a complete sector x sector backup takes me 28 minutes (188 GB) but that's also a factor of SSD to SSD via Sata 6 connections. Before the new computer with multiple sata ports, it took just over an hour via USB 3.0 connection - that beats hours of virus scanning, chasing, rescanning, posting logs on majorgeeks.com etc

EaseUS ToDo is the fastest backup utility out there

if you don't have a backup copy of your hard drive, what others said about complete re-install of everything, or you could go to majorgeeks.com, go to their virus forum, find the post with your symptoms (won't be hard) and then follow the steps they outline to that poster. Don't try to post in someone's thread - it's not allowed, except for the mods replying to the OP

fwiw

 

[Hysterics]

I'm having the same issue, and have had it for a few weeks now. I wasn't aware it was malicious, figured it was just some light malware trying to get people to view their ads... In fact up until a week ago it wasn't actually labled "zebragamer.net" it was something like ooov.net but changed recently, it was the exact same site though, just a different web address.

I'm also usually pretty careful with this shit. I've been online daily for over a decade. I generally feel like I have a pretty good bullshit filter and I don't download sketchy shit, I'm really confused where this thing came from, and it's kind of unsettling that even though I'm pretty damned careful and more knowledgeable than the average joe I still managed to get infected with something of this magnitude.

I'm thinking of just doing a HD wipe and fresh install but, ugh...

 

[The Original Ralph]

i've gotten a couple downloading "free" software from Cnet and one other site i used to trust. Now i look for the software's site - and even on those, you have to be frigging careful as they'll have links to download at softronic, cnet etc

 

[iLiftFood]

If I ever get a virus I wipe the hard-drive completely and re-install Windows. It's not worth the risk. The virus can log bank details, account passwords and pretty much everything you type.

 

[AsaD_teD]

Pretty late, but I hope it will be helpful. Had same thing, these is how I fixed it
Just follow these simple steps:
-Press START KEY(Windows key)+R, OR go to Run and type regedit and press ENTER
-Simply PRESS Ctrl+F, and then type oov.net or zebragamer.net or any spam website
-Just right click on it, and delete it.
IF HELPED PLEASE DO SELECT AS "Best Solution" so it could help others.

 

[Skuz]

Pretty late, but I hope it will be helpful. Had same thing, these is how I fixed it
Just follow these simple steps:
-Press START KEY(Windows key)+R, OR go to Run and type regedit and press ENTER
-Simply PRESS Ctrl+F, and then type oov.net or zebragamer.net or any spam website
-Just right click on it, and delete it.
IF HELPED PLEASE DO SELECT AS "Best Solution" so it could help others.

Did what you said and found a registry entry that just opened the website. It seems to have solved the problem so thanks for that.

 

[AsaD_teD]

Pretty late, but I hope it will be helpful. Had same thing, these is how I fixed it
Just follow these simple steps:
-Press START KEY(Windows key)+R, OR go to Run and type regedit and press ENTER
-Simply PRESS Ctrl+F, and then type oov.net or zebragamer.net or any spam website
-Just right click on it, and delete it.
IF HELPED PLEASE DO SELECT AS "Best Solution" so it could help others.

Did what you said and found a registry entry that just opened the website. It seems to have solved the problem so thanks for that.

No problem mate. Select it as 'best answer' so it can easily help others facing similar issue.