Solved

popups

Posted on 2014-12-27
20
124 Views
Last Modified: 2014-12-30
I am seeing in the websites there are lot of popups coming. Can you please help to remove that like unwanted webcasts some ads poping up I am using google chrome
please help.


Thanks,
0
Comment
Question by:jeevan mathew
  • 7
  • 4
  • 3
  • +3
20 Comments
 
LVL 18

Accepted Solution

by:
*** Hopeleonie *** earned 500 total points
ID: 40519866
I would install Adblock Plus from:
https://adblockplus.org/en/

Then run a scan with:
-  AdwCleaner
https://toolslib.net/downloads/viewdownload/1-adwcleaner/

- Malwarebytes
http://www.malwarebytes.org/mbam-download.php

- HitmanPro
http://get.hitmanpro.com/
0
 
LVL 7

Expert Comment

by:Network Zero
ID: 40519882
Run all these - you may want to run some in safemode.

- Malware bytes anti exploit

http://downloads.malwarebytes.org/file/mbae

- Malware bytes Root kit Beta

https://www.malwarebytes.org/antirootkit/
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 40519884
Also, if you think the pop-us are viruses, try the following:

Download, install and run Process Explorer from Microsoft. Look under the explorer tree and see if there are any strange alphanumeric labelled processes. If so, kill them (using process explorer) but do NOT restart. Run MBAM again and see if it gets rid of more processes. Then restart.

See if this helps.
0
 
LVL 18

Expert Comment

by:*** Hopeleonie ***
ID: 40519890
@jeevan mathew
never run Malwarebytes in safemode
0
 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
ID: 40519918
MBAM website recommends nor running MBAM in safe mode unless you can't run out any other way. You can try chameleon from mbam. Run the svchost file in the chameleon directory. It will kill any rogue processes then update MBAM then run a full scan.
0
 
LVL 21

Expert Comment

by:Larry Struckmeyer MVP
ID: 40519948
@hopeleonie

Can you provide a link to substantiate your advice?  I have researched this before and I believe Thomas Zucker-Scharff to be correct.... MBAM advice is to run in safe mode if normal mode is not successful in removing all the malware.  I have indeed done this.

What harm would your expect?
0
 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
ID: 40519969
If you mean harm running in safe mode - none.  It is just that MBAM  and other like products work best when the OS is completely booted, as in a normal boot. When you boot  to safe mode,  the virii in question may not be active.
0
 
LVL 7

Expert Comment

by:Network Zero
ID: 40520020
I've seen Malwarebytes run in normal and cham mode and not be able to remove all malware in *some* instances and after running the scan in safe mode it deals results but this is only after all regular scans have not worked 100%.
0
 
LVL 18

Expert Comment

by:*** Hopeleonie ***
ID: 40520252
Hi Larry Struckmeyer

and @Network Zero

As Malware removal is my daily job (Client & Server's), I can visit many courses. In each course we are told
- never run safe mode scans of any removal tool
- never run boot cd / dvd scans
- never run slaved drive scans


There are other solutions we learn if you can't run a tool any other way or detect malware in scans.

Also look here. All this is still valid:

SAFE MODE SCANS

 (The following comments in italics are courtesy of rpggamergirl):

During a Safe Mode boot, most malware processes are not running and Malwarebytes' heuristic detection can't detect them.

 Malware processes must be active while doing the scan so scanning in Safe Mode is not going to be as effective.

 Malwarebytes’ Direct Disk Access (DDA) is not running so the detection of rootkits and other stealth hidden nasties in this mode is not optimized.

 While malware processes are not active in Safe Mode, most rootkits are - so MBAM is disadvantaged and will miss detecting them.

Harm:
 Windows File Protection is not on in Safe Mode in Windows 2000/XP/2003 Server so any patched system files e.g. explorer.exe, winlogon.exe, userinit.exe that are deleted by the scanner will not be replaced.

 Naturally, if the system will only boot to "Safe Mode", then you will have to run your scans that way. You should warn people of the inherent problems when doing so and let them know that they need to run a full scan in "Normal Mode" ASAP.

More info:
http://www.experts-exchange.com/Software/Anti_Spyware/A_6650-Malware-Fighting-Best-Practices.html
http://www.experts-exchange.com/Software/Anti_Spyware/A_5124-Stop-the-Bleeding-First-Aid-for-Malware.html
http://www.experts-exchange.com/Software/Anti-Virus/A_4922-Rogue-Killer-What-a-great-name.html
0
 
LVL 21

Expert Comment

by:Larry Struckmeyer MVP
ID: 40520330
@hopeleonie

As stated on the MBAM site, and ironically by yourself, use safe mode when necessary.  That is a long way from "never".   Clarity above all.
0
Want to promote your upcoming event?

Are you going to an event? Are you going to be exhibiting at a tradeshow? Talking at a conference? Using a promotional banner in your email signature ensures that your organization’s most important contacts stay in the know and can potentially spread the word about the event.

 
LVL 18

Expert Comment

by:*** Hopeleonie ***
ID: 40520342
Then use safe mode, it is your choice. :-)

Hope you saw this part:
Windows File Protection is not on in Safe Mode in Windows, so any patched system files e.g. explorer.exe, winlogon.exe, userinit.exe that are deleted by the scanner will not be replaced.
0
 
LVL 21

Expert Comment

by:Larry Struckmeyer MVP
ID: 40520409
I saw it... what does it mean, exactly?  If after safe mode one is then able to start in normal mode and run (anti-malware of choice) again, will the mentioned files be replaced?  If so, by what and under what circumstances?
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 40520412
This is a big long side discussion that has little to do with the question. Perhaps the author can chime in and say whether the pop ups are legitimate advertising or whether the pop ups are viruses.
0
 
LVL 18

Expert Comment

by:*** Hopeleonie ***
ID: 40520416
Agree with John, this has nothing to do with the question.
0
 
LVL 21

Expert Comment

by:Larry Struckmeyer MVP
ID: 40520430
I did not raise this "side issue".  If no one cares to answer it here, perhaps someone will write an article and then link to the article.

As for the author's intent, I thought it clear and so did the first few responders:
Can you please help to remove that like unwanted webcasts some ads poping up I am using google chrome

If they turn out to be legitimate, no harm in running the anti malware.  But perhaps the author will clarify.
0
 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
ID: 40520434
As long as the safe scan log is posted before the OP does anything,  he won't damage anything.
0
 
LVL 18

Expert Comment

by:*** Hopeleonie ***
ID: 40520438
Hi Larry

I answered your question about safe mode. If you don't believe I'm not willing to lose my time here. I never use safe mode scans, boot scans or slaved drive scans. I'm working for the Government and all courses I visit can't just be lies.

Have a nice day
0
 
LVL 7

Expert Comment

by:Network Zero
ID: 40520490
@hope

let me clarify my response.

This all comes down to saying that you should "NEVER" run malware bytes in safe mode.

before I build up an argument here's 2 references one from TWO malwarebytes administrators and one from university of delaware on running malwarebytes in safe mode.

http://www.udel.edu/it/help/anti-malware/malwarebytes-already-installed.html

https://forums.malwarebytes.org/index.php?/topic/90791-safe-mode-scanning-less-effective/?gopid=458941

** Now let me re-clarify my self I would only run MALWARE BYTES in safe mode if and only if the problem is still going on and also if malware bytes is not able to run  successful **

"The only time safe mode should be used is if mbam wont run in normal mode because of an infection blocking. "
- Malware bytes administrator.

The same limitation that malwarebytes has in safe mode is a also a strength since certain things wont load and it may have a chance to properly remove; ie this is why safe mode was invented.

No means to disrespect or anything but this is an experts exchange - I also work removing malware of all types.
0
 
LVL 18

Expert Comment

by:*** Hopeleonie ***
ID: 40521337
@jeevan mathew
Do you still need help?
0
 

Author Closing Comment

by:jeevan mathew
ID: 40524639
This is good.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

If you can connect to your internal network or can connect to your router but are not able to connect to the Internet follow these steps in order until the problem is resolved.   1. Right click on the network icon on the task bar and select "Troub…
In Q3 of last year, Experts Exchange introduced a new Messaging System, allowing any member to communicate directly with other members. During an especially long thread with a member, I wanted to go back to previous messages in the exchange to re…
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
This Micro Tutorial will demonstrate how to updated your Facebook updates after changing anything in the title or description of a shared article.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now