Remove Under-Cover.info virus (Removal Instructions) - updated Jan 2021
Under-Cover.info is a browser hijacker that modifies web browser settings in order to show users fake search results
Questions about Under-Cover.info virus
Under-Cover.info is a browser-hijacking application developed by Kinner Lake Limited – a Gibraltar-based company. The unwanted programs usually enter machines without users noticing, as software bundles typically try to hide optional installs under Advanced settings, and most people simply skip this step by choosing the Recommended mode. Once inside the machine, Under-Cover.info virus starts performing a variety of changes, including the ones that modify users' homepage and a new tab, along with the search engine. From that point, users are forced to browse via the hijacked engine,[1] which typically shows them fake search results that include a colossal amount of sponsored links, deal with redirects to questionable websites, and suffer from the slow operation of the browser.
SUMMARY | |
Name | Under-Cover.info |
Type | Browser hijacker, Potentially unwanted program |
Related apps | Under Cover Search, Flowsurf |
Developer | Kinner Lake Limited |
Distribution | Software bundling, third-party websites |
Symptoms | Homepage set to hxxp://under-cover.info/?home=1&a=notset&u=notset&t=8, excessive amount of sponsored links in search results, pop-up ads on various sites, redirects to affiliated or dangerous websites |
Risk factors | Money loss, malware infection, data leak |
Removal | Delete the browser hijacker with security software or use our guide for manual termination |
Optimization | To recover from the infection, scan your device with ReimageIntego |
While browser hijackers are not considered to be severe computer infections, their presence might compromise computer security and users' online safety. In this article, we will explain peculiarities of this type of threat, and will also describe how to remove Under-Cover.info from Google Chrome, Mozilla Firefox, Safari, Opera, or another browser.
The primary goal of Under Cover Search developers is to generate traffic to sponsored websites, which would consequently increase the profits for both parties. For that, PUP authors need to make sure that Under-Cover.info hijacker reaches as many users as possible – hence the shady distribution technique.
Once the changes to the installed browsers are made, Under-Cover.info starts its shady activities by displaying sponsored content, placing a layer of ads on most sites, exposing to altered search results, and also tracking users' web browsing activities. This is done with the help of tracking technologies, such as Beacons[2] or Cookies. This information-gathering allows Under-Cover.info developers to gather the following information:[3]
- technical information transmitted by your device such as type of operating system, device type, default browser;
- your aggregated use of the Software, basically we know if you installed the software;
- usage statistics;
- language and the time stamp;
- approximate geographical location.
This data is collected in order to generate personalized ads, but these are always coming from the affiliates. Therefore, Under-Cover.info hijack can manipulate what sites users visit, influence their interests and make them buy products or services that they otherwise would not.
Therefore, while the browser hijacking changes might seem relatively minor, it might result in the installation of potentially dangerous apps, exposure to online scams, and even malware infection. Thus, if you noticed that your homepage has changed, check your system with security software or perform manual Under-Cover.info removal as explained below. After you kill the PUP, make sure you use ReimageIntego or similar repair software to bring your device to a pristine condition.
Under-Cover.info is a browser hijacker that modifies web browser settings without permission in order to perform the revenue-generating activities
Make use of Advanced installation settings to avoid PUPs
If you do not want to let potentially unwanted programs hijack your computer, you should pay more attention to the software installation process. Contrary to many people’s beliefs, Default or Recommended installation settings are not the ones that should be trusted during the procedure.
In fact, Custom or Advanced settings will allow you to determine which applications are secretly offered to you. Therefore, opt for these settings because they enable you to reject unwanted items added to the desired software. Be aware that most of the free apps will include some sort of “offer” or “deal,” and it might be hidden in various ways, including grayed out buttons, pre-ticked boxes, misleading placement of the toggle, etc.
There are two ways to terminate Under-Cover.info from your computer
As we already mentioned, the presence of a browser hijacker will not bring you any benefit but instead will manipulate the search results and expose you to potentially dangerous content. For that reason, it is best to take care of Under-Cover.info removal before you compromise your computer safety.
You can remove Under-Cover.info virus manually or automatically. The latter option is best for those who are less tech-savvy, however. It will allow you to terminate the unwanted application in just a few minutes. Simply download and install a security program that focuses on potentially unwanted program removal and then perform a full system scan. Alternatively, you can also use our instructions below to delete the PUP manually.
You may remove virus damage with a help of ReimageIntego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.
To remove Under-Cover.info virus, follow these steps:
Uninstall Under-Cover.info from Windows systems
There are several programs that might be related to appearance of Under-Cover.info site and browser redirect problem. Therefore, you should look for Under Cover, Flowsurf, and other programs published by Kinner Lake Limited. Remove all of them, and then thoroughly check every web browser for suspicious components and revert modified settings. The tutorial we provide should help you to complete this task.
To remove Under-Cover.info virus from Windows 10/8 machines, please follow these steps:
- Enter Control Panel into Windows search box and hit Enter or click on the search result.
- Under Programs, select Uninstall a program.
- From the list, find entries related to Under-Cover.info virus (or any other recently installed suspicious program).
- Right-click on the application and select Uninstall.
- If User Account Control shows up, click Yes.
- Wait till uninstallation process is complete and click OK.
If you are Windows 7/XP user, proceed with the following instructions:
- Click on Windows Start > Control Panel located on the right pane (if you are Windows XP user, click on Add/Remove Programs).
- In Control Panel, select Programs > Uninstall a program.
- Pick the unwanted application by clicking on it once.
- At the top, click Uninstall/Change.
- In the confirmation prompt, pick Yes.
- Click OK once the removal process is finished.
Eliminate Under-Cover.info from Mac OS X system
Remove Under-Cover.info virus from Applications folder:
- From the menu bar, select Go > Applications.
- In the Applications folder, look for Under-Cover.info virus-related entries.
- Click on the app and drag it to Trash (or right-click and pick Move to Trash)
To fully remove Under-Cover.info virus, you need to access Application Support, LaunchAgents, and LaunchDaemons folders and delete relevant files:
- Select Go > Go to Folder.
- Enter /Library/Application Support and click Go or press Enter.
- In the Application Support folder, look for any dubious entries related to Under-Cover.info virus and then delete them.
- Now enter /Library/LaunchAgents and /Library/LaunchDaemons folders the same way and terminate all the Under-Cover.info virus-related entries.
Get rid of Under-Cover.info from Internet Explorer (IE)
Remove dangerous add-ons:
- Open Internet Explorer, click on the Gear icon (IE menu) on the top-right corner of the browser
- Pick Manage Add-ons.
- You will see a Manage Add-ons window. Here, look for Under-Cover.info virus and other suspicious plugins. Click on these entries and select Disable.
Change your homepage if it was altered:
- Open IE and click on the Gear icon.
- Select Internet Options.
- In the General tab, delete the Home page address and replace it by your preferred one (for example, Google.com).
- Click Apply and then select OK.
Delete temporary files:
- Press on the Gear icon and select Internet Options.
- Under Browsing history, click Delete…
- Select relevant fields and press Delete.
Reset Internet Explorer:
- Click on Gear icon > Internet options and select Advanced tab.
- Select Reset.
- In the new window, check Delete personal settings and select Reset again to complete Under-Cover.info virus removal.
Remove Under-Cover.info virus from Microsoft Edge
Delete unwanted extensions from MS Edge:
- Select Menu (three horizontal dots at the top-right of the browser window) and pick Extensions.
- From the list, pick the Under-Cover.info virus-related extension and click on the Gear icon.
- Click on Uninstall at the bottom.
Clear cookies and other browser data:
- Click on the Menu (three horizontal dots at the top-right of the browser window) and select Privacy & security.
- Under Clear browsing data, pick Choose what to clear.
- Select everything (apart from passwords, although you might want to include Media licenses as well, if applicable) and click on Clear.
Restore new tab and homepage settings:
- Click the menu icon and choose Settings.
- Then find On startup section.
- Click Disable if you found any suspicious domain.
Reset MS Edge if the above steps did not work:
- Press on Ctrl + Shift + Esc to open Task Manager.
- Click on More details arrow at the bottom of the window.
- Select Details tab.
- Now scroll down and locate every entry with Microsoft Edge name in it. Right-click on each of them and select End Task to stop MS Edge from running.
If this solution failed to help you, you need to use an advanced Edge reset method. Note that you need to backup your data before proceeding.
- Find the following folder on your computer: C:\\Users\\%username%\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
- Press Ctrl + A on your keyboard to select all folders.
- Right-click on them and pick Delete
- Now right-click on the Start button and pick Windows PowerShell (Admin).
- When the new window opens, copy and paste the following command, and then press Enter:
Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\\AppXManifest.xml” -Verbose
Instructions for Chromium-based Edge
Delete extensions from MS Edge (Chromium):
- Open Edge and click select Settings > Extensions.
- Delete unwanted extensions by clicking Remove.
Clear cache and site data:
- Click on Menu and go to Settings.
- Select Privacy and services.
- Under Clear browsing data, pick Choose what to clear.
- Under Time range, pick All time.
- Select Clear now.
Reset Chromium-based MS Edge:
- Click on Menu and select Settings.
- On the left side, pick Reset settings.
- Select Restore settings to their default values.
- Confirm with Reset.
Erase Under-Cover.info from Mozilla Firefox (FF)
Do not forger to reset Mozilla Firefox to make sure that all the setting changes performed by the hijacker are reverted:
Remove dangerous extensions:
- Open Mozilla Firefox browser and click on the Menu (three horizontal lines at the top-right of the window).
- Select Add-ons.
- In here, select plugins that are related to Under-Cover.info virus and click Remove.
Reset the homepage:
- Click three horizontal lines at the top right corner to open the menu.
- Choose Options.
- Under Home options, enter your preferred site that will open every time you newly open the Mozilla Firefox.
Clear cookies and site data:
- Click Menu and pick Options.
- Go to Privacy & Security section.
- Scroll down to locate Cookies and Site Data.
- Click on Clear Data…
- Select Cookies and Site Data, as well as Cached Web Content and press Clear.
Reset Mozilla Firefox
In case Under-Cover.info virus did not get removed after following the instructions above, reset Mozilla Firefox:
- Open Mozilla Firefox browser and click the Menu.
- Go to Help and then choose Troubleshooting Information.
- Under Give Firefox a tune up section, click on Refresh Firefox…
- Once the pop-up shows up, confirm the action by pressing on Refresh Firefox – this should complete Under-Cover.info virus removal.
Delete Under-Cover.info from Google Chrome
Delete malicious extensions from Google Chrome:
- Open Google Chrome, click on the Menu (three vertical dots at the top-right corner) and select More tools > Extensions.
- In the newly opened window, you will see all the installed extensions. Uninstall all the suspicious plugins that might be related to Under-Cover.info virus by clicking Remove.
Clear cache and web data from Chrome:
- Click on Menu and pick Settings.
- Under Privacy and security, select Clear browsing data.
- Select Browsing history, Cookies and other site data, as well as Cached images and files.
- Click Clear data.
Change your homepage:
- Click menu and choose Settings.
- Look for a suspicious site like Under-Cover.info virus in the On startup section.
- Click on Open a specific or set of pages and click on three dots to find the Remove option.
Reset Google Chrome:
If the previous methods did not help you, reset Google Chrome to eliminate all the Under-Cover.info virus-components:
- Click on Menu and select Settings.
- In the Settings, scroll down and click Advanced.
- Scroll down and locate Reset and clean up section.
- Now click Restore settings to their original defaults.
- Confirm with Reset settings to complete Under-Cover.info virus removal.
Uninstall Under-Cover.info from Safari
Remove unwanted extensions from Safari:
- Click Safari > Preferences…
- In the new window, pick Extensions.
- Select the unwanted extension related to Under-Cover.info virus and select Uninstall.
Clear cookies and other website data from Safari:
- Click Safari > Clear History…
- From the drop-down menu under Clear, pick all history.
- Confirm with Clear History.
Reset Safari if the above-mentioned steps did not help you:
- Click Safari > Preferences…
- Go to Advanced tab.
- Tick the Show Develop menu in menu bar.
- From the menu bar, click Develop, and then select Empty Caches.
After uninstalling this potentially unwanted program (PUP) and fixing each of your web browsers, we recommend you to scan your PC system with a reputable anti-spyware. This will help you to get rid of Under-Cover.info registry traces and will also identify related parasites or possible malware infections on your computer. For that you can use our top-rated malware remover: ReimageIntego, SpyHunter 5Combo Cleaner or Malwarebytes.
Choose a proper web browser and improve your safety with a VPN tool
Online spying has got momentum in recent years and people are getting more and more interested in how to protect their privacy online. One of the basic means to add a layer of security – choose the most private and secure web browser. Although web browsers can't grant full privacy protection and security, some of them are much better at sandboxing, HTTPS upgrading, active content blocking, tracking blocking, phishing protection, and similar privacy-oriented features. However, if you want true anonymity, we suggest you employ a powerful Private Internet Access VPN – it can encrypt all the traffic that comes and goes out of your computer, preventing tracking completely.
Lost your files? Use data recovery software
While some files located on any computer are replaceable or useless, others can be extremely valuable. Family photos, work documents, school projects – these are types of files that we don't want to lose. Unfortunately, there are many ways how unexpected data loss can occur: power cuts, Blue Screen of Death errors, hardware failures, crypto-malware attack, or even accidental deletion.
To ensure that all the files remain intact, you should prepare regular data backups. You can choose cloud-based or physical copies you could restore from later in case of a disaster. If your backups were lost as well or you never bothered to prepare any, Data Recovery Pro can be your only hope to retrieve your invaluable files.
- ^ Jacob Roach. What is Browser Hijacking? Sneakier Than You Think. Cloudwards. Independent cloud storage and web services reviews, news and comparison tables.
- ^ What are beacons and how do they work. Intellectsoft. Software Development Company.
- ^ Privacy Policy. Under-cover. Official site.
Your opinion regarding Under-Cover.info virus
You must be logged in to post a comment.
November 28th, 2016 at 2:08 am
Under Cover is insanely useless dont try to use it… .Im telling ya
November 28th, 2016 at 2:09 am
Under-cover.info infected chrome, mozilla, and IE…. now i gotta clean them all, and its so disturbing. i have to waste my time because some nasty browser hijacker wnats me to use this stupid search engine! Thats not fair!
November 28th, 2016 at 2:10 am
Why did I click on that “Install UnderCover” button….
November 28th, 2016 at 2:10 am
Finally fixed the PC!!!! Nailed it