So yesterday morning I tried to install Camstudio with half-awake condition. After downloading the installer, rashly I agree with everything they offer to me without reading them first. After installation is complete, there are some changes to my computer. Some programs that I never installed appear on the desktop. After that when I tried to open Google chrome browser, the browser is broken and a dialog box appear says "Google chrome has stop working". I'm too late to realize it, my computer has been infected with malware named Palikan. I decided to use Mozilla, malware change the default homepage into their website and ads fills the entire screen.
Source : Google Image
examples of a browser that has been infected with malware
If your computer is showing signs as shown above, it can be ascertained that your computer has been infected. So, in here I will explain how I remove it.
1. Don’t Panic
Source: Google Image
Panicking will only make the situation worse, please do not. Recognize the situations that have occurred on your computer. Turn off internet connection to prevent the malware from installing other applications. in my case, the malware has been downloaded opera and chromium browser to my computer when I'm late to turn off the internet connection. Try to solve it as soon as possible and don't turn off the computer when your browser going crazy. Because when you shutdown or restart your computer, the malware will go deeper into the system because they have Rootkit.
2. Uninstall malware and other programs you do not know
Source: Google image
example of uninstalling fishy program
Go to start, select Control panel, in Programs section choose "uninstall program"
Note carefully the name of the program you do not know.
Source: Google image
An advice from me . If you are not sure which program you should uninstall, see the install date . The date when Malware and ads program that is installed will be same with the date when your computer is infected.
Programs that are installed on the same date was most likely malware and unwanted programs
for more details see video below
Source: Youtube
3. Change back homepage and remove the add-ons installed on browser
still in a state not connected to the internet, follow this step
For Internet Explorer
Select tool, choose Internet Option. In the pop-up window, Select “Program” tab, and click on “Manage add-ons” button.
In here, remove any suspicions add-ons.
See video below for more details
Source: Youtube
Go back to “Internet option”, select “General” tab. Change homepage from palikan.com to the website that you want or select “restore to default”
for more details see video below
Source: Youtube
For Mozilla Firefox
Select menu, choose add-ons, Select Extension on tab in the left side, remove any suspicious add-ons.
for more details see video below
Source: Youtube
Back to select menu, choose “Option” and Change homepage from palikan.com to the website that you want select “Restore to default”
for more details see video below
Source: Youtube
For Google chrome
Select the three lines at the end of the right ( option button ), choose “More Tool”, select “Extensions”, Remove all suspicion add-ons.
if you do not want to go through the steps above , you can just reset the browser to their original default. It will disable all add-ons and remove cookies, cache and all browsing data. But this option will not erase your bookmark list. Reset Button is in the bottom of Setting page
for more details see video below
Source: Youtube
4. Delete leftover folder from unwanted software on C: driver
Go to driver c: choose “program file” folder and enter it. Locate the folder that contains the name of an unknown software or malware, select it and press SHIFT + DELETE button at same time to delete the folder permanently
5. Use anti malware software
Source: Google Image
Source: Google Image
all the software installed on the computer will left its mark on computer even after you uninstall it. The leftover is in registry, in fact you can remove them manually through Registry editor. But I do not recommend it because this way is too complicated, if you mistakenly delete a file, it will likely damage any other program or your computer system. Therefore you must use anti- malware software rather than remove them manually. I recommended you to use Malwarebytes. why I choose it? because malwarebytes is free download, fast and have strong protection. This one is more reliable than Spyhunter though.
Source: Google Image
install the software and let them do their job.
image below is the result from my computer.
at first i use spy hunter, but the software didn't allow me to use fix button because i'm a free user.
so, i decide to search another one and found malwarebytes
See video below for more details
Source: Youtube
Conclusion:
Palikan not a virus, it is a malware with additional adware in it, although it did not cause damage to computer systems it could threaten the security of privacy in your browser. Beside, this malware really annoying. It’s hijack your browser, install other software into your computer, make your computer slow because it runs a lot of task without you know. So, before you install any program, in my case Camstudio, i suggest you to download the program from reliable and trustworthy website, and read carefully the installation instruction before you agree on something they offer.
Final Word:
Actually, the step I described above can be used for various types of malware. because in general most of malware work in the same way. Sorry if the explanation is less obvious , because I was working on this article after I managed to remove the malware from my computer so I can not give much clear screen shoot.
I hope you can learn something from my carelessness.and hopefully this article can be useful.
Cheers,
Jingga
