We created this page to help the victims of FindClix and the larger Boyu.com.tr infection it ultimately leads to. We recommend you read the entirety of the information we present here; we researched it thoroughly.
What is FindClix ?
FindClix is a malicious browser extension that specifically targets Google Chrome users (more on that later down). It redirects all user searches to Findflarex.com, which is currently not flagged on Total Virus – a scanner using 70 AVs for malware code – as a malicious search engine, but should be noticed soon. FindClix appeared quite recently and is a simple rebranding of the ONFIND extension since everyone noticed what that one does.
To reiterate: they are the same thing. The malware creators simply want to game Google to confuse people longer by using a different name for their creation. If you are someone who just recently encountered these issues, such a tactic can help prolong the scam.
FindClix is a component of a larger type called browser hijacker, a malicious software designed to alter your browser’s settings without your consent. The extension itself changes the default search engine and homepage with no warning. This unwanted redirection not only disrupts the browsing experience, but can get worse over time if left on the device.
FindClix only targets Chrome users, so we advise you to use a different browser while researching what to do. The hijacker may attempt to thwart you by banning some websites or cancelling the downloads of reputable AV programs that can remove it.
Malicious Browser Extensions
Malicious browser extensions like FindClix are simply the infected component that serves as a door for the larger hijacker. If this is confusing: we are making an article about FindClix, which in of itself is just an extension, but we need to inform you about all the other hijacker components and what they can do to you.
Malicious extensions may gain unauthorized access to a user’s microphone and camera, compromising your privacy in a very nasty way. We’ve had personal reports by real users (not for FindClix, don’t worry) of such security breaches leading to sextortion, relying on the shame a user will experience when being threatened their contacts will receive a video of them watching porn.
Most normally, though, such extensions just track browsing habits, redirect searches, and thus can generate revenue through ads and site visits. Most malware extensions get to become ones in two ways:
- A useful free extension that’s been out there for years is sold to whoever created the malware. At this point it becomes a race against time for the extension to infect as many devices as it can before it is removed from the Google store. This is the more dangerous example, since the hijacker creators need to use this as aggressively as possible.
- A vulnerability is found, and the creators of the malware use it to quietly breach extensions. Once they get a big enough user base, they then proceed to inject browsers through the extensions. Since the extension creators become victims as well, they don’t have control either way.
We can go much more in-depth but it would serve very little purpose. You should remove FindClix in any case before too long.
Is FindClix Harmful?
While FindClix is not classified as a virus, it poses significant risks to users due to stripping away your ability to remove it easily. The primary threat comes once it alters the browser settings and redirects the searches. At this point many hijackers stop, but reports suggest FindClix enforces a “managed by an organization” state, which basically enforces rules by a higher admin authority. This is a clear violation of user privacy and trust. Such states are trickier to remove and will require a bit of tech-savviness to perform.
The redirects also swap the search engines between Boyu.com.tr and Findflarex.com constantly. Boyu.com.tr is already designated as a fraud by security specialists. Both can expose you to unsafe content, phishing schemes, and further malware infections through unregulated advertising.
They also often possess characteristics that allow them to monitor a user’s browsing activity, acting as a form of spyware. Some can even record keystrokes, and these types are incredibly dangerous in particular. If you find yourself logged out of your accounts, and have to suddenly type everything from scratch, don’t do it. A keylogger may record everything you are inputting.
What is the Goal of FindClix?
Hijackers like FindClix can go on the edge of fraud and often, over it. They enforce redirects to unsafe content to the shadiest websites, and all of it is because the hijacker creators serve as middle men who drive traffic to whoever pays. That, exactly is the conflict of interest. Because someone unscrupulous took money from someone else unscrupulous and the second party has to then ensure it takes back its investment. Hence a spiral of increasingly more intrusive advertising, outright scamming, and a bunch of misleading tactics which aim to leave you no choice.
At worst, malware creators turn to other such creators who are not afraid to use even worse tactics like Ransomware or Scareware which could spiral out of control into increasingly more severe security issues.
SUMMARY:
Name | FindClix |
Type | Browser Hijacker |
Detection Tool |
Remove FindClix Virus
To try and remove FindClix quickly you can try this:
- Go to your browser’s settings and select More Tools (or Add-ons, depending on your browser).
- Then click on the Extensions tab.
- Look for the FindClix extension (as well as any other unfamiliar ones).
- Remove FindClix by clicking on the Trash Bin icon next to its name.
- Confirm and get rid of FindClix and any other suspicious items.
If this does not work as described please follow our more detailed FindClix removal guide below.
If you have a Windows virus, continue with the guide below.
If you have a Mac virus, please use our How to remove Ads on Mac guide.
If you have an Android virus, please use our Android Malware Removal guide.
If you have an iPhone virus, please use our iPhone Virus Removal guide.
Some of the steps may require you to exit the page. Bookmark it for later reference.
Next, Reboot in Safe Mode (use this guide if you don’t know how to do it).
Uninstall the FindClix app and kill its processes
The first thing you must try to do is look for any sketchy installs on your computer and uninstall anything you think may come from FindClix. After that, you’ll also need to get rid of any processes that may be related to the unwanted app by searching for them in the Task Manager.
Note that sometimes an app, especially a rogue one, may ask you to install something else or keep some of its data (such as settings files) on your PC – never agree to that when trying to delete a potentially rogue software. You need to make sure that everything is removed from your PC to get rid of the malware. Also, if you aren’t allowed to go through with the uninstallation, proceed with the guide, and try again after you’ve completed everything else.
- Uninstalling the rogue app
- Killing any rogue processes
Type Apps & Features in the Start Menu, open the first result, sort the list of apps by date, and look for suspicious recently installed entries.
Click on anything you think could be linked to FindClix, then select uninstall, and follow the prompts to delete the app.
Press Ctrl + Shift + Esc, click More Details (if it’s not already clicked), and look for suspicious entries that may be linked to FindClix.
If you come across a questionable process, right-click it, click Open File Location, scan the files with the free online malware scanner shown below, and then delete anything that gets flagged as a threat.
After that, if the rogue process is still visible in the Task Manager, right-click it again and select End Process.
Undo FindClix changes made to different system settings
It’s possible that FindClix has affected various parts of your system, making changes to their settings. This can enable the malware to stay on the computer or automatically reinstall itself after you’ve seemingly deleted it. Therefore, you need to check the following elements by going to the Start Menu, searching for them, and pressing Enter to open them and to see if anything has been changed there without your approval. Then you must undo any unwanted changes made to these settings in the way shown below:
- DNS
- Hosts
- Startup
- Task
Scheduler - Services
- Registry
Type in Start Menu: View network connections
Right-click on your primary network, go to Properties, and do this:
Type in Start Menu: C:\Windows\System32\drivers\etc\hosts
Type in the Start Menu: Startup apps
Type in the Start Menu: Task Scheduler
Type in the Start Menu: Services
Type in the Start Menu: Registry Editor
Press Ctrl + F to open the search window
Remove FindClix from your browsers
- Delete FindClix from Chrome
- Delete FindClix from Firefox
- Delete FindClix from Edge
- Go to the Chrome menu > More tools > Extensions, and toggle off and Remove any unwanted extensions.
- Next, in the Chrome Menu, go to Settings > Privacy and security > Clear browsing data > Advanced. Tick everything except Passwords and click OK.
- Go to Privacy & Security > Site Settings > Notifications and delete any suspicious sites that are allowed to send you notifications. Do the same in Site Settings > Pop-ups and redirects.
- Go to Appearance and if there’s a suspicious URL in the Custom web address field, delete it.
- Firefox menu, go to Add-ons and themes > Extensions, toggle off any questionable extensions, click their three-dots menu, and click Remove.
- Open Settings from the Firefox menu, go to Privacy & Security > Clear Data, and click Clear.
- Scroll down to Permissions, click Settings on each permission, and delete from it any questionable sites.
- Go to the Home tab, see if there’s a suspicious URL in the Homepage and new windows field, and delete it.
- Open the browser menu, go to Extensions, click Manage Extensions, and Disable and Remove any rogue items.
- From the browser menu, click Settings > Privacy, searches, and services > Choose what to clear, check all boxes except Passwords, and click Clear now.
- Go to the Cookies and site permissions tab, check each type of permission for permitted rogue sites, and delete them.
- Open the Start, home, and new tabs section, and if there’s a rogue URL under Home button, delete it.
Leave a Comment