Remove Pohs2oom.com “Malware” (Safari/Chrome/FF/IE) Nov. 2018 Update


How irritating is this problem? (4 votes, average: 5.00)
Loading...

This page aims to help you remove Pohs2oom.com “Malware”. Our removal instructions work for Safari,Chrome, Firefox and Internet Explorer, as well as every version of Mac OSX and Windows.

If there have recently been certain changes to the way your Chrome or Firefox browser (or any other browser on your PC) function and if you’ve been subjected to a ceaseless generation and display of nagging ads on your screen while you are on the Internet, know that you’re likely dealing with a piece of software called Pohs2oom.com  “Malware” or a similar software component that also falls under the browser hijacker category. Browser hijackers are applications that initially look like regular add-ons for your browsers but once they get installed on your computer, you’d quickly realize that they are probably not something you’d want to have on your PC. A hijacker can place a new search engine tool, a new toolbar and a new homepage and new-tab page on your browser without asking for your approval. It can also page-redirect you to all kinds of weird and unknown web locations as well as spam your screen with different pop-ups, blinking boxes and other advertising materials that would likely make your browsing experience quite unpleasant and maybe even frustrating. Pohs2oom.com “Malware”, for instance, is a browser hijacker app that has been recently released and currently its creators are seeking to get it installed onto as many PCs as possible as that would increase the revenue gained from the ads displayed by the hijacker. This is, in fact, what the main purpose of most apps like Pohs2oom.com “Malware” seems to be – to advertise stuff and to earn money through the ads. Naturally, in order to get more money, hijackers tend to be rather aggressive in their advertising techniques – their ads can really get on your nerves since they are likely to pop-up most of the time during your browsing sessions. Also, the changes to the browser have their purpose as well – the new search engine would likely show you sponsored results and results have been modified in order to push certain sites, pages and products as a way of advertising them. The new new-tab page and homepage are also a way of advertising the said page. All in all, hijackers like Pohs2oom.com are multifunctional tools for generating revenue through web-advertising and since there’s usually little to nothing that the end-user could benefit from them, removing them is usually the best option. Here is how you could get rid of Pohs2oom.com:

Remove Pohs2oom.com “Malware”

If you have a Windows virus, continue with the guide below.

If you have a Mac virus, please use our How to remove Ads on Mac guide.

If you have an Android virus, please use our Android Malware Removal guide.

If you have an iPhone virus, please use our iPhone Virus Removal guide


Step1

Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).

Step2

WARNING! READ CAREFULLY BEFORE PROCEEDING!

Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab (the “Details” Tab on Win 8 and 10). Try to determine which processes are dangerous. 

malware-start-taskbar

Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Drag and Drop Files Here to Scan
Maximum file size: 128MB.

This scanner is free and will always remain free for our website's users. You can find its full-page version at: https://howtoremove.guide/online-virus-scanner/




Scan Results


Virus Scanner Result
ClamAV
AVG AV
Maldet


After you open their folder, end the processes that are infected, then delete their folders. 

Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections. 

Step3

Hold together the Start Key and R. Type appwiz.cpl –> OK.

appwiz

You are now in the Control Panel. Look for suspicious entries. Uninstall it/them.

Type msconfig in the search field and hit enter. A window will pop-up:

msconfig_opt

Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.

Step4

Hold the Start Key and R –  copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

hosts_opt (1)

If there are suspicious IPs below “Localhost” – write to us in the comments.

Open the start menu and search for Network Connections (On Windows 10 you just write it after clicking the Windows button), press enter.

  1. Right-click on the Network Adapter you are using —> Properties —> Internet Protocol Version 4 (ICP/IP), click  Properties.
  2. The DNS line should be set to Obtain DNS server automatically. If it is not, set it yourself.
  3. Click on Advanced —> the DNS tab. Remove everything here (if there is something) —> OK.

DNS

Step5

  • After you complete this step, the threat will be gone from your browsers. Finish the next step as well or it may reappear on a system reboot.

Right click on the browser’s shortcut —> Properties.

NOTE: We are showing Google Chrome, but you can do this for Firefox and IE (or Edge).

browser-hijacker-taskbar-properties

Properties —–> Shortcut. In Target, remove everything after .exe.

ie9-10_512x512  Remove Pohs2oom.com from Internet Explorer:

Open IE, click  IE GEAR —–> Manage Add-ons.

pic 3

Find the threat —> Disable. Go to IE GEAR —–> Internet Options —> change the URL to whatever you use (if hijacked) —> Apply.

firefox-512 Remove Pohs2oom.com from Firefox:

Open Firefoxclick  mozilla menu  ——-> Add-ons —-> Extensions.

pic 6

Find the adware/malware —> Remove.
chrome-logo-transparent-backgroundRemove Pohs2oom.com from Chrome:

Close Chrome. Navigate to:

 C:/Users/!!!!USER NAME!!!!/AppData/Local/Google/Chrome/User Data. There is a Folder called “Default” inside:

Rename the Folder to Backup Default

Rename it to Backup Default. Restart Chrome.

Step6

Type Regedit in the windows search field and press Enter.

Inside, press CTRL and F together and type the threat’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

Hopefully, the removal guide from this page and the anti-malware tool that we’ve included in it would help you get rid of Pohs2oom.com “malware”. However, some of you might be wondering if it really is that necessary to remove the hijacker. Many users out there are in fact not overly-bothered by the nagging ads, page redirects and browser changes and are thus able to put up with the hijacker’s presence. If you are one of those users, then you need to know something – browser hijackers are not viruses, they are not like Ransomware or Trojan Horse infections. However, they are not overly-safe either. The control over the ads you are displayed and the pages you might get redirected to is oftentimes non-existent meaning it’s possible some of those pop-ups, redirect links, banners and so on might originate from sources with shady reputation. Oftentimes, it only takes a few clicks for you to get your computer targeted by some nasty malware virus like a Spyware, a Rootkit, a Ransomware or a Trojan. That is why it’s advisable you do not interact in any way with the advertising materials that Pohs2oom.com “Malware” or any other browser hijacker might try to put on your screen no matter how appealing and interesting the advertised offers might appear. In this line of thinking, the best way to stay away from the ads is to get rid of their source which brings us back to the importance of using the instructions from this page or the removal tool and remove the undesirable software piece.

Keeping away from apps like Pohs2oom.com

Removing the hijacker is important but you also need to make sure it doesn’t get back. To ensure you don’t get any more such apps on your PC, you should be cautions while on the Internet. Keep away from sites and pages that look shady and do not open anything that looks like spam. Also, never forget to acquaint yourself with the details in every setup installer for programs you want to install – make sure that you know if there are any bundled “bonus” components added to the installation manager and if you think that any of them might be hijackers or some other type of unwanted software, be sure to leave them out before continuing.

SUMMARY:

Name Pohs2oom.com
Type  Browser Hijacker
Danger Level Medium (nowhere near threats like Ransomware, but still a security risk)
Symptoms  The thing that most commonly gives away the presence of hijackers on the PC are the ads and the unwanted changes to the browser.
Distribution Method All kinds of methods such as installation bundles, spam messages and malvertising can be used for distribution of such apps.
Detection Tool

If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!


Leave a Comment