|Type||Browser Redirect, Browser Hijacker|
|Short Description||The suspicious page causes a series of redirects.|
|Symptoms||New tabs are open in the browser.|
|Distribution Method||Via freeware packages (bundling), unsafe browsing, etc.|
|Detection tool||Download SpyHunter, to See If Your System Has Been Affected By red.installer.xyz|
Several user complaints have been registered about a browser redirect and possibly browser hijacker. The issue appears on widely used browsers (Firefox, Chrome, Explorer) and is persistent. What it does is display pop-ups with advertisements (how to make easy money online, GIF ads, videos, online casino ads, etc.). Also, the ‘virus’ is capable of opening new tabs in the browser. The issue most likely originates from a suspicious page – red.installer.xyz.
The page acts as a browser redirect – first it counts down from 5 to 1, stating that “you will be redirected to your wanted site soon”. What it does next is link the user to onclickads.net or statsmobi.com, and finally landing him on either a shopping site (AliExpress) or www.bet365.com. However, keep in mind that the series of redirects may vary from user to user.
red.installer.xyz Distribution Method
According to a user who has posted about the issue on Bleeping Computer, red.installer.xyz wasn’t generated by an add-on or a program he had installed. Thus, if users have uTorrent or other p2p programs installed, the browser redirect may have been downloaded together with a torrent. Controversy with torrent clients is not new. We have already written about the silent installation of Epic Scale.
Earlier this year, users reported that installing the last version (version 3.4.2) of the program silently planted Epic Scale, a Litecoin mining code, into their systems. Moreover, peer-to-peer (p2p) file sharing is often a reason for malware-related problems.
Of course, the browser redirect may have been triggered by something else. The application behind red.installer.xyz may have been downloaded with a PUP (potentially unwanted program) or may have been initiated by a fake software update. To stay protected against such browser intrusions, never click on random pop-ups prompting you to download a Java/ Adobe update or a supposedly missing codec. Such pop-ups are created by cyber crooks and have nothing to do with your system’s condition. Their only purpose is to make you download suspicious software or even malware.
red.installer.xyz Removal Options
Since the browser redirect is quite intrusive in character, professional assistance may be needed. In case red.installer.xyz is related to a browser hijacker, you will need to start your PC in SafeMode. If you don’t know how to do that, please follow the steps provided below.
1. Remove/Uninstall red.installer.xyz in Windows
Here is a method in few easy steps to remove that program. No matter if you are using Windows 8, 7, Vista or XP, those steps will get the job done. Dragging the program or its folder to the recycle bin can be a very bad decision. If you do that, bits and pieces of the program get left behind, and that can lead to unstable work of your PC, mistakes with the file type associations and other unpleasant activities. The proper way to get a program off your computer is to Uninstall it.
Select the program that you want to remove, and press “Uninstall” (fig.3).
Follow the instructions above and you will successfully uninstall red.installer.xyz.
2. Remove red.installer.xyz from your browser
Select the “Add-ons” icon from the menu
Select red.installer.xyz and click “Remove”
After red.installer.xyz is removed, restart Mozilla Firefox by closing it from the red “X” in the top right corner and start it again.
Select red.installer.xyz to remove, and then click ‘Disable’. A pop-up window will appear to inform you that you are about to disable the selected toolbar, and some additional toolbars might be disabled as well. Leave all the boxes checked, and click ‘Disable’.
After red.installer.xyz has been removed, restart Internet Explorer by closing it from the red ‘X’ in the top right corner and start it again.
From the drop menu select ‘Preferences’
In the new window select ‘Extensions’
Click once on red.installer.xyz
A pop-up window will appear asking for confirmation to uninstall red.installer.xyz. Select ‘Uninstall’ again, and the red.installer.xyz will be removed.
In order to remove any associated objects that are left after uninstall and detect any other threats, you should:
3. Start Your PC in Safe Mode to Remove red.installer.xyz.
For Windows XP, Vista, 7 systems:
1. Remove all CDs and DVDs, and then Restart your PC from the “Start” menu.
– For PCs with a single operating system: Press “F8” repeatedly after the first boot screen shows up during the restart of your computer. In case the Windows logo appears on the screen, you have to repeat the same task again.
– For PCs with multiple operating systems: Тhe arrow keys will help you select the operating system you prefer to start in Safe Mode. Press “F8” just as described for a single operating system.
3. As the “Advanced Boot Options” screen appears, select the Safe Mode option you want using the arrow keys. As you make your selection, press “Enter“.
4. Log on to your computer using your administrator account
While your computer is in Safe Mode, the words “Safe Mode” will appear in all four corners of your screen.
For Windows 8, 8.1 and 10 systems:
Step 1: Open the Start Menu
Step 2: Whilst holding down Shift button, click on Power and then click on Restart.
Step 3: After reboot, the aftermentioned menu will appear. From there you should choose Troubleshoot.
Step 4: You will see the Troubleshoot menu. From this menu you can choose Advanced Options.
Step 5: After the Advanced Options menu appears, click on Startup Settings.
Step 6: Click on Restart.
Step 7: A menu will appear upon reboot. You should choose Safe Mode by pressing its corresponding number and the machine will restart.
4. Remove red.installer.xyz automatically by downloading an advanced anti-malware program.
To clean your computer you must download an updated anti-malware program on a safe PC and then install it on the affected computer in offline mode. After that you should boot into safe mode and scan your computer to remove all red.installer.xyz associated objects.