Hello There, Guest! Register

lupacexi2How to remove malware on chrome?
#1
Hi, I need some help to remove the malware that appears on my laptop, especially chrome. They appear whenever I click on it. I do not know what to do. I used windows 7. I tried uninstalling, reinstalling or running anti-virus software but still not working. I do not want to reinstall windows because there are very important data in it.
Reply
#2
1. Download MBAM and run a full scan: https://www.malwarebytes.com/mwb-download
2. Reboot
3. Download ADWCleaner and run a full scan: https://www.malwarebytes.com/adwcleaner
4. Reboot
Reply
#3
(08-19-2018, 04:28 PM)Ani Wrote: 1. Download MBAM and run a full scan: https://www.malwarebytes.com/mwb-download
2. Reboot
3. Download ADWCleaner and run a full scan: https://www.malwarebytes.com/adwcleaner
4. Reboot

the only secure way is to format your HDD and re-install Windows from a clean Installation CD. Of course all executable files are lost since they can be infected.
Reply
#4
> the only secure way is to format your HDD and re-install Windows from a clean Installation CD.
Depends on the malware really. If you know what you're doing, in most infection cases you don't need to format, most common adware/malware does not go that deep, and by the user's description this case looks like an adware infection case - it persists if you try removing it normally, it doesn't get removed by regular AVs (they don't act on adware), and it mostly appears on chrome - indicating it's very likely an ad infection.

> Of course all executable files are lost since they can be infected.
Not really. Most malware doesn't go around infecting all of your executables. Sality/Ramnit type viruses - which are the ones who do that - are not that common, and even with an infection like that, you can recover the files with specialized software that restores the files instead of removing them such as SalityKiller from Kaspersky. Obviously, with an infection like that you should never perform a regular AV scan, it will flag every executable and remove it, and you'll end up with an unusable system as soon as it removes infected critical system executables.
Reply
#5
(09-16-2018, 01:52 AM)Ani Wrote:


It were smart for Malware to hide everywhere to achive a Ping Pong Effect. Once Removed the host will be re-infected. So hiding behind all executable files so the payload will start again and re-infecting the host again.

Malware wants to stay on the System and if it can't prevent removal it were a wise step (from Malware Point of View) to re-infect the host as fast as possible.

how can you be sure for 100% that a Malware which you have not written has no behaviour to hide itself deeply inside the System to Prevent effective removal?

As an example someone writes a Programm and adds some Code to it, which is obfuscated and all Kind of stuff to Prevent reverse Engineering and compiles it. could you determine if it is a harmful Software without Looking in the Code? You should Keep in Mind it does not behave harmful does not mean it is not. The malicious Code can be dormant and wait a time.
Reply
#6
(01-08-2019, 02:25 PM)RPCS3_FAN Wrote: It were smart for Malware to hide everywhere to achive a Ping Pong Effect. Once Removed the host will be re-infected. So hiding behind all executable files so the payload will start again and re-infecting the host again.

Yes, Sailty type malware which I just mentioned does exactly that, and it's really easy to notice because executable file sizes are really inflated.
I do suggest formatting in these cases, but if you actually want to keep infected files you do have to follow the removal path. It is possible to completely remove well known stripes of Sality (mainly the old ones) and that without having to nuke all your executables (obviously, otherwise Windows wouldn't boot in the next boot attempt).
AVG has a tool that does that: https://www.avg.com/en-us/remove-win32-sality, there are several others too like the one I previously mentioned

Either way, we're not discussing that kind of malware here, we're discussing a common browser adware.

(01-08-2019, 02:25 PM)RPCS3_FAN Wrote: Malware wants to stay on the System and if it can't prevent removal it were a wise step (from Malware Point of View) to re-infect the host as fast as possible.

how can you be sure for 100% that a Malware which you have not written has no behaviour to hide itself deeply inside the System to Prevent effective removal?

As an example someone writes a Programm and adds some Code to it, which is obfuscated and all Kind of stuff to Prevent reverse Engineering and compiles it. could you determine if it is a harmful Software without Looking in the Code? You should Keep in Mind it does not behave harmful does not mean it is not. The malicious Code can be dormant and wait a time.

Because it's a common browser adware as the user described, I've seen and removed loads of those and they don't do anything other than being a pain in the ass to remove. It's really easy to install one of those by mistake.
If you go off formatting everyone's computers every time they install a browser adware, you can be sure you are wasting your time.

People who write malware with advanced heuristic bypasses and all the cool kids techniques wouldn't give it away by displaying some random ads in the browser. They'd botnet your computer, use it for attacks and feed off your information.

If his MBAM scan returns nothing else other than Adware, he's fine.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)