How can I remove the searchbaron virus from chrome?

[terra1000]

Hi everyone,

I have this dreaded searchbaron virus and cant get rid of it.I have reset the browser, used cleanmymac and malwarebytes to no avail.I have found no suspicious looking apps.The free version of combocleaner found 4 infected files (see sceenshot) but I am not sure if they are the culprit, maybe someone does..?Not looking to but another cleaner that wont do the job...

Also, I cant remove the searchbaron file

tp://www.searchbaron.com/v1/hostedsearch?aid=&data=aWlkPTIyJnVpZD0xNTIzNzEwNjk=&sto=1&keyword=%s (outdated link removed)

from the default browser (see screenshot) but can edit it, possibly someone would know what to replace it with..?

Thanks to all for your time and effort and happy new year!

 

[chscag]

Welcome to our forums.

Read the following article and follow directions:

Practical ways to remove Search Baron from Mac

Has your browser suddenly started redirecting or showing tons of ads? It’s because of an adware attack. Here’s how you can remove Search Baron from Mac.

macpaw.com

 

[terra1000]

Already read it, not useful...

 

[terra1000]

Btw, I ran cleanmymac several times and it did not remove the malware..is that program overrated?

 

[chscag]

Yes, Clean My Mac 2 and previous versions are overrated in our opinion. The app does what your Mac already does during sleeping hours. Besides that, the OnyX app is free and provides most of what CMM does.

As for getting rid of the malware you have, try the free version of "DetectX Swift":

DetectX

kicking out badware on macOS since 2014

sqwarq.com

Also the free version of VirusBarrier Scanner which you can find in the Mac App Store:

VirusBarrier Scanner | Intego

Number 1 Leading Mac security and antivirus software since 1997. Award-winning AV, network security, utility and parental control software exclusively for Mac OS X and macOS

www.intego.com

 

[terra1000]

Thanks for the info, I am installing Mac internet security x9 but the installation seems to be stuck on running package scripts for an hour indicating it will take only one more minute, is this normal?

 

[IWT]

is this normal?

No; it's not. In the past, I've use the full paid-for system and it always installed within a minute or two. As this is the "lightweight" version, it should install almost instantaneously. Something is awry.

I cannot identify the problem, but I am concerned that you've used "Clean My Mac" "several times". This can cause issues at all levels on the Mac. I'm not saying it did, only that it is well known that it can.

Perhaps you could try aborting the installation, then remove any remnants of it and try again.

Ian

 

[terra1000]

I cant use the uninstaller and have the software mounted in my top display but its not in the application folder so I dont know where to look for it to erase it! Any help?

 

[terra1000]

And the virus barrier feature is not working.

 

[terra1000]

Ok, was able to uninstall the non working version!Will try to reinstall.

 

[terra1000]

Now I get the picture below for 20 minutes but the blue ray is moving...

 

[terra1000]

I have a very old macbook, could that be the culprit of things...?

 

[Rod]

Maybe it could cause problems running the apps concerned but the operating system is more relevant, you don't say what macOS you have or which browser you are using.
CMM is not very good at removing malware, its really just window dressing. If the automated removal apps fail for whatever reason you can always just search for the components of searchbaron and remove them manually. EasyFind is a good free search app for that purpose.
If you are using a third party browser like Firefox or Chrome you could just delete it and reinstall. I have had success with that method in the past and it's one of the reasons I don't use Safari as my primary browser.

 

[terra1000]

Ok, I was able to install virus barrier, scanned my macbook, found and deleted 42 infected files but searchbaron ist still there...I am using mac os 10.11.6 and chrome 87.0.4280.88

 

[terra1000]

Maybe it could cause problems running the apps concerned but the operating system is more relevant, you don't say what macOS you have or which browser you are using.
CMM is not very good at removing malware, its really just window dressing. If the automated removal apps fail for whatever reason you can always just search for the components of searchbaron and remove them manually. EasyFind is a good free search app for that purpose.
If you are using a third party browser like Firefox or Chrome you could just delete it and reinstall. I have had success with that method in the past and it's one of the reasons I don't use Safari as my primary browser.

I now installed easyfind, what file names should I look for? searchbaron or marquis didnt yield results...

 

[Rod]

Wow! Well let Virus Barrier quarantine them but don't delete them just yet. Just in case they turn out to be necessary for something. After a month or so if there are no problems you can just delete the contents of the quarantine folder.
As you are using Chrome you could just uninstall it. That should get rid of any associated files including searchbaron. Here you could use Clean My Mac on Uninstall. It does quite a good job of uninstalling apps.
Are you logged in on Chrome with a Google ID? If so you can safely erase/uninstall it after logging out. When you reinstall it just login again and your data and preferences should be restored.

 

[terra1000]

Next hicup, I tried the virus scanner again it found 25 infected files stating them as quarantined but if I open the quarantine section, its empty...

 

[terra1000]

Wow! Well let Virus Barrier quarantine them but don't delete them just yet. Just in case they turn out to be necessary for something. After a month or so if there are no problems you can just delete the contents of the quarantine folder.
As you are using Chrome you could just uninstall it. That should get rid of any associated files including searchbaron. Here you could use Clean My Mac on Uninstall. It does quite a good job of uninstalling apps.
Are you logged in on Chrome with a Google ID? If so you can safely erase/uninstall it after logging out. When you reinstall it just login again and your data and preferences should be restored.

Unfortunately, I am not the greatest mac technician and I hate to be fiddling around with all my bookmarks ending up losing them when I erase chrome...nothing else I could try..?Nothing I can enter in the default browser section..?

 

[terra1000]

Unfortunately, I am not the greatest mac technician and I hate to be fiddling around with all my bookmarks ending up losing them when I erase chrome...nothing else I could try..?Nothing I can enter in the default browser section..?

How can it be that there is no cleaner that really works??

 

[Randy B. Singer]

I've never heard of "Search Baron" prior to just now. Suspiciously, there is no mention of it from any of the established anti-virus companies or folks who usually track such things closely. I've managed to find three Web sites that mention "how to remove it" (including the one that "chscag" cited in this very thread) and all three are shill sites that want to sell you very questionable software.

The situation sounds very similar to the recent CrossRider adware that was going around:
https://blog.malwarebytes.com/threa...iant-installs-configuration-profiles-on-macs/

Since just about all malware and adware for the macintosh is due to a Trojan Horse, it's almost certain that whatever Search Baron is, you got it by downloading and launching software. Possibly a fake Adobe installer or uninstaller, or possibly it came as part of an otherwise legitmate software bundle deal.

Folks got hit by CrossRider, they ran various anti-malware and anti-adware utilities and couldn't get rid of it, then they went to the Web and found suspicious shill Web sites offering to fix the problem if only they bought and downloaded very suspicious software. I WOULDN"T DOWNLOAD ANY SOFTWARE FROM SUCH A WEB SITE! It's likely to make matters much worse.

Try this: Go into System Preferences. See if there is a preference pane for "Profiles". If there is open it and delete all profiles. Then I'd run DetectX again, just for good measure. Let us know if that fixes the problem.

If it doesn't, then you are going to have to wait until one or more of the well regarded anti-virus companies, such as Intego, analyze this piece of adware and either push out an update to their product to delete it, or give instructions on how to manually delete it. Or...

You can try to manually find and eliminate the adware:

How to Remove Adware, Pop-Ups, and Browser Redirects From Your Mac

What is Adware? Adware is software that automatically displays or downloads advertising material (often unwanted) when a user is online. It's typically found within your web browser and it might be...

support.intego.com

Or...

You can contact Intego to work with them to fix the problem if they haven't seen Search Baron before:

Submit Malware- Help Intego Eliminate Malware

Have you identified malware that affects Macs? Let the Intego Malware Research Team know.

www.intego.com