Solved

popups

Posted on 2014-12-27
20
127 Views
Last Modified: 2014-12-30
I am seeing in the websites there are lot of popups coming. Can you please help to remove that like unwanted webcasts some ads poping up I am using google chrome
please help.


Thanks,
0
Comment
Question by:jeevan mathew
  • 7
  • 4
  • 3
  • +3
20 Comments
 
LVL 19

Accepted Solution

by:
*** Hopeleonie *** earned 500 total points
ID: 40519866
I would install Adblock Plus from:
https://adblockplus.org/en/

Then run a scan with:
-  AdwCleaner
https://toolslib.net/downloads/viewdownload/1-adwcleaner/

- Malwarebytes
http://www.malwarebytes.org/mbam-download.php

- HitmanPro
http://get.hitmanpro.com/
0
 
LVL 7

Expert Comment

by:Network Zero
ID: 40519882
Run all these - you may want to run some in safemode.

- Malware bytes anti exploit

http://downloads.malwarebytes.org/file/mbae

- Malware bytes Root kit Beta

https://www.malwarebytes.org/antirootkit/
0
 
LVL 93

Expert Comment

by:John Hurst
ID: 40519884
Also, if you think the pop-us are viruses, try the following:

Download, install and run Process Explorer from Microsoft. Look under the explorer tree and see if there are any strange alphanumeric labelled processes. If so, kill them (using process explorer) but do NOT restart. Run MBAM again and see if it gets rid of more processes. Then restart.

See if this helps.
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 19

Expert Comment

by:*** Hopeleonie ***
ID: 40519890
@jeevan mathew
never run Malwarebytes in safemode
0
 
LVL 27

Expert Comment

by:Thomas Zucker-Scharff
ID: 40519918
MBAM website recommends nor running MBAM in safe mode unless you can't run out any other way. You can try chameleon from mbam. Run the svchost file in the chameleon directory. It will kill any rogue processes then update MBAM then run a full scan.
0
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 40519948
@hopeleonie

Can you provide a link to substantiate your advice?  I have researched this before and I believe Thomas Zucker-Scharff to be correct.... MBAM advice is to run in safe mode if normal mode is not successful in removing all the malware.  I have indeed done this.

What harm would your expect?
0
 
LVL 27

Expert Comment

by:Thomas Zucker-Scharff
ID: 40519969
If you mean harm running in safe mode - none.  It is just that MBAM  and other like products work best when the OS is completely booted, as in a normal boot. When you boot  to safe mode,  the virii in question may not be active.
0
 
LVL 7

Expert Comment

by:Network Zero
ID: 40520020
I've seen Malwarebytes run in normal and cham mode and not be able to remove all malware in *some* instances and after running the scan in safe mode it deals results but this is only after all regular scans have not worked 100%.
0
 
LVL 19

Expert Comment

by:*** Hopeleonie ***
ID: 40520252
Hi Larry Struckmeyer

and @Network Zero

As Malware removal is my daily job (Client & Server's), I can visit many courses. In each course we are told
- never run safe mode scans of any removal tool
- never run boot cd / dvd scans
- never run slaved drive scans


There are other solutions we learn if you can't run a tool any other way or detect malware in scans.

Also look here. All this is still valid:

SAFE MODE SCANS

 (The following comments in italics are courtesy of rpggamergirl):

During a Safe Mode boot, most malware processes are not running and Malwarebytes' heuristic detection can't detect them.

 Malware processes must be active while doing the scan so scanning in Safe Mode is not going to be as effective.

 Malwarebytes’ Direct Disk Access (DDA) is not running so the detection of rootkits and other stealth hidden nasties in this mode is not optimized.

 While malware processes are not active in Safe Mode, most rootkits are - so MBAM is disadvantaged and will miss detecting them.

Harm:
 Windows File Protection is not on in Safe Mode in Windows 2000/XP/2003 Server so any patched system files e.g. explorer.exe, winlogon.exe, userinit.exe that are deleted by the scanner will not be replaced.

 Naturally, if the system will only boot to "Safe Mode", then you will have to run your scans that way. You should warn people of the inherent problems when doing so and let them know that they need to run a full scan in "Normal Mode" ASAP.

More info:
http://www.experts-exchange.com/Software/Anti_Spyware/A_6650-Malware-Fighting-Best-Practices.html
http://www.experts-exchange.com/Software/Anti_Spyware/A_5124-Stop-the-Bleeding-First-Aid-for-Malware.html
http://www.experts-exchange.com/Software/Anti-Virus/A_4922-Rogue-Killer-What-a-great-name.html
0
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 40520330
@hopeleonie

As stated on the MBAM site, and ironically by yourself, use safe mode when necessary.  That is a long way from "never".   Clarity above all.
0
 
LVL 19

Expert Comment

by:*** Hopeleonie ***
ID: 40520342
Then use safe mode, it is your choice. :-)

Hope you saw this part:
Windows File Protection is not on in Safe Mode in Windows, so any patched system files e.g. explorer.exe, winlogon.exe, userinit.exe that are deleted by the scanner will not be replaced.
0
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 40520409
I saw it... what does it mean, exactly?  If after safe mode one is then able to start in normal mode and run (anti-malware of choice) again, will the mentioned files be replaced?  If so, by what and under what circumstances?
0
 
LVL 93

Expert Comment

by:John Hurst
ID: 40520412
This is a big long side discussion that has little to do with the question. Perhaps the author can chime in and say whether the pop ups are legitimate advertising or whether the pop ups are viruses.
0
 
LVL 19

Expert Comment

by:*** Hopeleonie ***
ID: 40520416
Agree with John, this has nothing to do with the question.
0
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 40520430
I did not raise this "side issue".  If no one cares to answer it here, perhaps someone will write an article and then link to the article.

As for the author's intent, I thought it clear and so did the first few responders:
Can you please help to remove that like unwanted webcasts some ads poping up I am using google chrome

If they turn out to be legitimate, no harm in running the anti malware.  But perhaps the author will clarify.
0
 
LVL 27

Expert Comment

by:Thomas Zucker-Scharff
ID: 40520434
As long as the safe scan log is posted before the OP does anything,  he won't damage anything.
0
 
LVL 19

Expert Comment

by:*** Hopeleonie ***
ID: 40520438
Hi Larry

I answered your question about safe mode. If you don't believe I'm not willing to lose my time here. I never use safe mode scans, boot scans or slaved drive scans. I'm working for the Government and all courses I visit can't just be lies.

Have a nice day
0
 
LVL 7

Expert Comment

by:Network Zero
ID: 40520490
@hope

let me clarify my response.

This all comes down to saying that you should "NEVER" run malware bytes in safe mode.

before I build up an argument here's 2 references one from TWO malwarebytes administrators and one from university of delaware on running malwarebytes in safe mode.

http://www.udel.edu/it/help/anti-malware/malwarebytes-already-installed.html

https://forums.malwarebytes.org/index.php?/topic/90791-safe-mode-scanning-less-effective/?gopid=458941

** Now let me re-clarify my self I would only run MALWARE BYTES in safe mode if and only if the problem is still going on and also if malware bytes is not able to run  successful **

"The only time safe mode should be used is if mbam wont run in normal mode because of an infection blocking. "
- Malware bytes administrator.

The same limitation that malwarebytes has in safe mode is a also a strength since certain things wont load and it may have a chance to properly remove; ie this is why safe mode was invented.

No means to disrespect or anything but this is an experts exchange - I also work removing malware of all types.
0
 
LVL 19

Expert Comment

by:*** Hopeleonie ***
ID: 40521337
@jeevan mathew
Do you still need help?
0
 

Author Closing Comment

by:jeevan mathew
ID: 40524639
This is good.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Send Receive script 6 77
S/MIME Chrome /Firefox 5 1,270
Unable to open Chrome on MAC - SingletonLock: Permission Denied 14 535
How to automate sending periodic email using macOS 2 73
When I'm searching for answers on Experts Exchange, I often use Google because it's built into my browser.  To search only on Experts Exchange, I use the "site:" search operator, which can be cumbersome to type out each time I want to run a search. …
The biggest nightmare for any Exchange Server Administrator is to keep the server running without any issue. But the problems often come and they need to be resolved efficiently and timely. Here are important troubleshooting points: Define the Pr…
This Micro Tutorial will demonstrate Chrome and Firefox's extension MozBar, which allows you to easily highlight followed, no followed, internal, and external links on a page. It is also used to highlight keywords on a page to for adequate optimized…
This Micro Tutorial demonstrates how to quickly find related content for YourTango's posts using MozBar Chrome extension.

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question