Duba.com “Virus” Removal

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.

This page aims to help you remove the Duba.com “virus”. These Duba.com “virus” removal instructions work for Chrome, Firefox and Internet Explorer, as well as every version of Windows. The Duma.com redirect is not in fact a virus, but many people insist on searching for it as Duba.com “virus.” Actually, this threat is a legitimate promotional tool that is not legally a crime. It is improper to call it a “Duma.com virus.”

How do you react when you hear the word “computer virus”? If you are like most people — not too much tech-savvy and simply using computers and other digital devices for daily life needs, such as emailing, social media, watching videos, etc. — then it probably doesn’t really mean to you. In fact, you probably ignore it and keep using your PC without performing safety scans or any type of verification to check and see if a computer malware has been installed on your device. But how do you react when you hear the statement, or see it pop-up on your desktop: “your computer has been infected with Duba.com!” You probably panic then, right? Well, it’s a normal reaction and because we know how stressful it might be when you discover a virus that’s actually causing damage to your device and files, we have gathered up the most useful information for you and have put it in the form of a removal guide that we have attached to this article.

Let’s give you few words about Duba.com…

Duba.com is a computer virus of the Adware type. It mostly spreads via advertisements, software bundles, free download platforms, other Adware programs, hidden extras in installers, promo software offers, required program updates, fake video player or codec messages, torrents, online hosting and storage sites. Of course, this is not a 100% all inclusive list, so it is safe to say that there are additional methods of distribution, but these are the most famous one.

Let’s talk a bit about some of them…

Duba.com likes hiding in e-mail attachments. In the computerized world we live in today almost everything is done online. There are rarely any paper versions of applications for employment, photograph prints, or any mailing out of documents between parties using regular postal mail. Everything is scanned and sent out in the most efficient way possible. Usually, this is done via e-mail. However, you should remember that everything that goes through your inbox or social media channel stays in the cloud space. Thus, it is easily accessible to hackers and anyone else who wants to do you harm or simply find information about you from 20 years ago, for instance. So, what you could do is: 1) always scan e-mail attachments, regardless of their sender, and verify their security; 2) be very careful what you post or send out in the cyber space. There are some professional Duba.com scanners that you could use, but a regular computer scan would also do as well.

Duba.com also likes to spread via phishing e-mails. These are fake e-mails that seem to be sent by someone you already know and have in your address book, but they end up being a total spam and a major virus spreader. Usually a phishing e-mail won’t have any content, or will have a flashing content, or a self-deleting one. It may be in your inbox at a given moment, but absolutely gone in the next one — untraceable!  Be aware of such e-mails and consult with the removal guide on how to uninstall Duba.com if it has come through a phishing e-mail.

Software bundling is another popular way for Duba.com spreading. If you have the habit to use the default saving and downloading settings when you download a file just STOP! Try getting used to the advanced settings where you have a richer selection of what to allow and what to prevent of coming to your device. This will put you in control of the programs loading up on your computer and you will be able to better recognize the files that you’ve downloaded. However, Duba.com is sneaky and likes to stick to the files you WANT to download. All of a sudden though, you will discover totally random and unwanted files and will wander where they came from — this is software bundling.  If this happens, follow the step-by-step guidance in the removal guide and remove Duba.com ASAP!


Name Duba.com
Type Browser Hijacker
Danger Level Medium
Symptoms One major symptom is that your ad-creating software cannot be found or disabled.
Distribution Method Torrents and required program updates are a frequent way of distribution.
Detection Tool Adware are notoriously difficult to track down. Use SpyHunter – a professional parasite scanner – to make sure you find all files related to the infection.

Keep in mind, SpyHunter is a malware detection tool. To remove the infection, you need to purchase the full version.
More information about SpyHunter and steps to uninstall.

Duba.com Removal

Readers are interested in:


Reboot in Safe Mode (use this guide if you don’t know how to do it).

This was the first preparation.


To remove parasite, you may have to meddle with system files and registries. Making a mistake and deleting the wrong thing may damage your system.
Avoid this by using SpyHunter - a professional Parasite removal tool.

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.

Reveal All Hidden Files and Folders.

  • Do not skip this  – Duba.com may have hidden some of its files.

Hold together the Start Key and R. Type appwiz.cpl –> OK.


You are now in the Control Panel. Look for suspicious entries. Uninstall it/them.

Type msconfig in the search field and hit enter. A window will pop-up:


Startup —> Uncheck entries that have “Unknown” as Manufacturer.


Hold the Start Key and R –  copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

hosts_opt (1)

If there are suspicious IPs below “Localhost” – write to us in the comments.


Right click on the browser’s shortcut —> Properties.

NOTE: We are showing Google Chrome, but you can do this for Firefox and IE (or Edge).


Properties —–> Shortcut. In Target, remove everything after .exe.

ie9-10_512x512  Remove Duba.com from Internet Explorer:

Open IE, click  IE GEAR —–> Manage Add-ons.

pic 3

Find the malware —> Disable. Go to IE GEAR —–> Internet Options —> change the URL to whatever you use (if hijacked) —> Apply.

firefox-512 Remove Duba.com from Firefox:

Open Firefoxclick  mozilla menu  ——-> Add-ons —-> Extensions.

pic 6

Find the adware/malware —> Remove.
chrome-logo-transparent-backgroundRemove Duba.com from Chrome:

Close Chrome. Navigate to:

 C:/Users/!!!!USER NAME!!!!/AppData/Local/Google/Chrome/User Data. There is a Folder called “Default” inside:

Rename the Folder to Backup Default

Rename it to Backup Default. Restart Chrome.

  • At this point the malware is gone from Chrome, but complete the entire guide or it may reappear on a system reboot.


Press CTRL + SHIFT + ESC simultaneously. Go to the Processes Tab. Try to determine which ones are a virus. Google them or ask us in the comments.


This is the most important and difficult part. If you delete the wrong file, it may damage your system irreversibly. If you can not do this,
>> Download SpyHunter - a professional parasite scanner and remover.

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.

Right click on each of the virus processes separately and select Open File LocationEnd the process after you open the folder, then delete the directories you were sent to.



Type Regedit in the windows search field and press Enter.

Inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show this way, go manually to these directories and delete/uninstall them:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

Remember to leave us a comment if you run into any trouble!