Help with removal of Adware.ChinAd and Adware.Agent.E

lospider · Jul 19, 2017

Hello, guys!

A few days ago my PC was infected by several malwares (got them from a file I downloaded). I cleaned most of them, but these two remained: Adware.ChinAd and Adware.Agent.E. Both are detected by Malwarebytes which can't remove them (asks for reboot to complete the disinfection, but detects the adwares again).
I tried the following sequence: Safe mode -> Rkill -> Malwarebyes -> HitmanPro -> JRT -> Zemana -> ADWCleaner, but it doesn't work.
Can anyone help me get rid of these "bugs"?

Thanks!

JoshRoss · Jul 20, 2017

Addition to your tried options I suggest you try Spyhunter, it seems to deal with these niche malware quite effectively. Did you do a thorough scan with your anti-virus software? Did you look at your installed programs for any malicious ones?

It is interesting, how your course of action didn't solve the issue, It seemed to have helped everyone else with this issue. You could also try CCleaner to clean up your registries. Let me know if it helps.

mdd1963 · Jul 20, 2017

If malwarebytes identifies exactly where they are located, you might be able to use Sysinternals' Process Explorer to suspend each process, (and identify if this process is spawned/rehatched by another process) . and then delete it/them. (Run Process Explorer as Admin)

lospider · Jul 22, 2017

JoshRoss :

I tried SpyHunter and it deleted 11 register entries (none of them related to those 2).
The antivirus didn't detect anything.
There aren't any malicious software listed on Control Pannel.
I also tried CCleaner and it didn't help either, unfortunatelly.
Thanks for the help!

mdd1963 :

I can't find the processes via Process Explorer. They are located on "C:\WINDOWS\SYSTEM32\drivers\'random name.sys'" and on "C:\WINDOWS\SYSTEM32\R6LSTMP4.DAT", but when I delete them they keep respawning.

Is there anything I can try?

HawesDoesIt · Jul 22, 2017

Backup what you want and clean install Windows if you want.

JoshRoss · Jul 23, 2017

lospider :

What about services that are currently running on your PC? You could use either Task Manager, or more advanced version of that Process Explorer and enable virus total scan in Process Explorer, maybe you can identify the services, find the registries they have made and remove them. It is a long shot though.

Alternatively, you could back-up all of you important data to a free cloud service and do a clean reinstall of your PC, but that is a very inconvenient method.

mdd1963 · Jul 23, 2017

lospider :

Process Explorer's lower pane shows vital data is to where this process originated from, and, hopefully will allow you to see where the tasks are spawning from,,,,; if you can track them, suspend both tasks, then delete both...

If you have some codependent Lazarus processes that keep respawning each other, it will be difficult. At some point, if you can't track them down, delete partitions. and a full reinstall will for sure 'nuke 'em'....

If you can see tasks the assorted mystery tasks in Process Explorer (run it as admin, by the way), suspend all tasks which look suspect; then delete them

JoshRoss · Jul 24, 2017

This is one annoying pest that you have going on.... Keep us posted on your status if you found anything!

Search

Help with removal of Adware.ChinAd and Adware.Agent.E

lospider

Honorable

mdd1963

JoshRoss

Notable

mdd1963

Titan

lospider

Honorable

HawesDoesIt

Reputable

JoshRoss

Notable

mdd1963

Titan

JoshRoss

Notable

TRENDING THREADS

Latest posts

Moderators online

Share this page