It’s always a nuisance if your preferred web browser is acting up. Sometimes the problem is about a slowdown, which can be fixed by clearing its cache and other junk files piling up over time. In some cases, though, the issue requires a more insightful inspection and comes down to malware interference, as is the case with the r.eaburl.com redirects.
Table of Contents
What is the r.eaburl.com virus?
Although it may appear that browser hijacking is a clear-cut phenomenon denoting unauthorized manipulations with one’s Internet traffic, there are actually several different flavors of it. Specifically, the discrepancy can be in the logic of implementing the redirect process. Most of these culprits simply forward the victim’s web navigation to a predefined site by replacing browser defaults, such as the homepage, new tab and search page, with a rogue URL. Some, however, engage an intermediate “dispatch” domain to redistribute the intercepted traffic within a wave of malvertising. The r.eaburl.com virus falls into the second group. Its denomination stands for the domain residing in between the original site that the victim is currently on or was planning to visit and the final landing page promoted by the cybercriminals who run this campaign.
In other words, r.eaburl.com performs a purely auxiliary function and there is no authentic web page behind this URL proper. It will either return Google start page if you enter it in the browser, or it will lead to some cheesy online resource. It’s the latter scenario that the plagued users tend to suffer from. Whenever they click on random external links on social networks or other sites, they are rerouted to r.eaburl.com followed by a string of multiple alphanumeric characters. This tail is an identifier of a specific shady affiliate campaign, so it may vary in different cases. However, this domain name appears in the address bar momentarily, only to be instantly replaced with the predefined destination page. The common landing resource is going to be some ecommerce site, where you will be offered to purchase something, perhaps with a discount. Although the resulting pages are mostly harmless, the fact that you got there via a browser redirect is certainly upsetting.
The users who are experiencing these issues wonder what’s causing the redirects. This is a controversial matter, to be frank. The victims don’t remember having installed anything suspicious prior to the emergence of the problem, but they are probably looking at the wrong place. The thing is, the most likely cause is a browser add-on that’s generally categorized as benign and even useful. It’s called Easy AdBlocker – by the way, the “eab” acronym part of the r.eaburl.com may originate from there. Indeed, most of those infected report that they use this browser extension, and it never really caused any inconveniences before. Who knows, maybe there has been a booby-trapped update of the add-on released lately, and now the applet engages in traffic monetization without asking for the users’ consent.
The detailed causality has yet to be discovered. The fact persists, though, that uninstalling Easy AdBlocker and clearing cache in the affected web browsers should solve the problem and prevent redirects via r.eaburl.com from occurring. Everything you need to know about the cleanup process is covered in the following sections of this tutorial.
R.eaburl.com phishing automatic removal
The extermination of R.eaburl.com redirect can be efficiently accomplished with reliable security software. Sticking to the automatic cleanup technique ensures that all components of the infection get thoroughly wiped out from your system.
1. Download recommended security utility and get your PC checked for malicious objects by selecting the Start Computer Scan option
2. The scan will come up with a list of detected items. Click Fix Threats to get the phishing removed from your system. Completing this phase of the cleanup process is most likely to lead to complete eradication of the infection. However, it might be a good idea to consider ascertaining the phishing is gone for good.
Remove R.eaburl.com phishing using Control Panel
- Open Control Panel. On Windows XP / Windows 8, go to Add or Remove Programs. If your OS is Windows Vista / Windows 7 / Windows 10, choose Uninstall a program
- Look down the list and locate an app that appears fishy. Click the Uninstall/Change (Change/Remove) option to get the intruder removed if spotted
R.eaburl.com phishing removal by resetting the affected browser
Please take into consideration that as effective as it is, the procedure of restoring browser defaults will lead to the loss of personalized settings such as saved passwords, bookmarks, browsing history, cookies, etc. In case you are not certain this outcome is suitable despite its obvious efficiency, it’s advised to follow the automatic removal method described in one of the previous sections of this tutorial.
Reset Google Chrome
- Click on the Chrome menu icon and select Settings
- Locate the Advanced option under Settings and click on it to expand the menu. Then, pick the Reset button at the bottom
- When a new screen appears, hit Reset once again
- Chrome will now display a confirmation dialog box listing the types of data that will be lost if you proceed. Read the message carefully and, if you’re sure, click Reset
Reset Mozilla Firefox
- Click on Help menu and select Troubleshooting Information from the drop-down list, or type about:support in the URL field
- On the Troubleshooting Information screen, click Refresh Firefox option and confirm the procedure on another dialog
Reset Internet Explorer
- In IE, go to Tools and select Internet Options from the list
- Hit the Advanced tab and click on the Reset option
- IE will now display Reset Internet Explorer Settings box, where you should put a checkmark next to Delete personal settings option and click Reset at the bottom
Verify whether R.eaburl.com phishing has been completely removed
For certainty’s sake, it’s advised to repeatedly run a scan with the automatic security software in order to make sure no harmful remnants of this redirect are left inside Windows Registry and other operating system locations.