0

I've got some adware and it opens a URL. Let's call it "ads".

I tried to troubleshoot with different anti-spyware but it was ineffective.

I want to intercept ANY call to Chrome which is opening the page called "ads". When it happens I want to know what was the caller process (if outside Chrome) or the extension (if inside Chrome).

Can you help me?

The supposed duplicate question is extremely generic so the answers assume to deal with kind of virus which are dangerous and thus the proposed solution may involve a system format or a previous backup. Here the idea is completely different. While an antivirus is a software and it doesn't have any artificial intelligence I know very well the solution I need: "simply and immediately block and delete whatever tries to open the ads page".

The problem is just technical. If this operation would be obvious through the antivirus or windows many adware problems could be easier to solve. That's why I see this question as being important. Because it's about a methodological investigation which can be used against a whole class of problems.

thilina R
  • 2,973
  • 5
  • 28
  • 36
Revious
  • 365

1 Answers1

0

Use Microsoft Sysinternals Process Monitor to find any process(es) that may open chrome.

  1. Enable capture on Process Monitor
  2. As soon as Chrome is opened, disable capture on Process Monitor
  3. Review events on Process Monitor that occurred just before chrome was called

This tutorial shows how you can use it more effectively and provides an example to investigate malware (which has some similar characteristics to adware) and how to detect calls to open browsers etc.

thilina R
  • 2,973
  • 5
  • 28
  • 36