Chromium Malware - How to remove

First things first, we should mention that Chromium is a completely legitimate web browser project. You can check its website – Chromium.org. This is an open-source project that serves as the base of the Google Chrome web browser, as well as the Edge, Opera, Vivaldi, Brave, and others.

But cybercriminals sometimes take advantage of Chromium to create their own low-quality or even dangerous browsers to help them hijack people’s browsing activity.

Chromium lacks a lot of features that Google Chrome and other legitimate browsers have (for instance, it can’t play some videos), but it’s still a functional browser.

Legitimate groups take Chromium and build new features into it to make a unique and useful product.

Malicious actors take Chromium and modify it slightly to inject ads, open affiliated websites, and spy on the user’s browsing activity. If the crooks can trick people into installing their browser and setting it as their default, they can then control how those people browse the web, which can be very dangerous.

How malware makers use Chromium

They abuse Chromium to create unsafe browsers

Sadly, the Chromium project is very convenient for malware makers.

Firstly, it is more or less compatible with all modern browser standards and it is much easier to use it than to create a fresh browser from scratch.

Secondly, as it is open-source, you can easily add additional functionality or rename it and show it as your own. Even if the browser process were chromium.exe, the name of the window, logo, and descriptions might be changed. New features and be added while old features can be changed.

Additionally, Chromium lacks any safeguards for extension installs, so malware makers can preinstall plugins that are not allowed on Google Chrome Webstore. And there are plenty of these that were removed for one reason or another and do not need any extra coding.

Chromium malware is used as adware

One might ask why malware makers need a separate browser? There are a few reasons:

1. The browser might be left running in the background and click on ads invisibly, thus earning scammers money from advertising networks.
2. The browser could replace Google Chrome (or the default web browser) and run insecure, adware-infested plugins. It could show unwanted ads or even steal information.
3. The browser might be released under a different name and distributed with various bundles by claiming that it provides some sort of “value”. In some cases, there are additional features programmed in. In others, the Chromium malware is just a hoax to install some bundled adware or hijacker. E.g. Torch Browser was used to display ads and was bundled with the Ask toolbar.

What are the symptoms of the Chromium virus?

Chromium virus causes ads and redirects

Famously, the eFast browser attempted to replace and impersonate Google Chrome. It used an extremely similar logo, replaced links on the desktop, and even dropped adware on the infected computer.

So what exactly are those symptoms caused by Chromium infection? How can you tell if you’re infected?

Some of the effects of Chromium viruses are very similar to those caused by browser hijackers and adware.

• First, if your web browser was replaced by a Chromium virus, you should notice that it looks different. Quick links, settings, your home page might be different from what you’re used to.
• Unexpected websites might open randomly.
• Very likely, you will encounter more advertisements than you’re used to.

There are other, less visible problems that Chromium viruses cause:

• Chromium malware can track you, logging your browsing activity in a way that is much more intrusive than something like cookies.
• Since fake Chromium browsers are created by cybercriminals, they tend to not be updated regularly. This means that Chromium viruses quickly become unsafe to use for web browsing. Unpatched bugs in old Chromium versions may be abused by other malicious actors to infect your device with malware.

How to tell if your computer is infected with Chromium malware?

If all or some of those symptoms mentioned above familiar, you should go and check if you are using the real Google Chrome (or another) web browser. That can be done by simply opening the Help page.

Open Settings (usually, it’s the three-dot button in the upper right) and click “About …” in the lower left.

Alternatively, type “about:help” without the quote marks into your address bar. This should open the same page without you having to navigate menus.

Or you can visit WhatIsMyBrowser.com.

If your browser is a Chromium virus, you might see the promotional text of the company that made the browser, for example: “eFast – a web browser built for speed, simplicity and security”.

How to avoid and remove Chromium-based viruses?

Uninstall Chromium malware

In case you’re not sure how to remove unwanted programs, there is a more user-friendly method to do that – scan your computer with an anti-malware program, like Spyhunter for Windows or Combo Cleaner for macOS. Either of those programs will detect malicious files and will inform you about them.

However, not all Chromium viruses get flagged by antivirus scanners. Some of them are so unpopular that they fly under the radar, while others are simply potentially unwanted and not dangerous enough to get detected. You can uninstall unwanted programs manually, below are the instructions for how to do that.

Avoid malware infections

As most of the time, potentially unwanted applications like the various Chromium viruses are distributed bundled with free programs. During a program’s installation, you might be offered to “enhance” your browsing experience or try out a new browser. If you fail to decline, you might get a Chromium virus installed and set as your default browser.

There is no list of free programs that bundled Chromium, so the thing you should do in order to avoid malware is to pay attention to the installation process of freeware. Or, again, you can protect your computer with anti-malware software which would make sure that no unwanted software is installed on your system.

In case you have any questions regarding this topic, do not hesitate to ask them right in the comment section below.

How to remove Chromium Malware using Windows Control Panel

Many hijackers and adware like Chromium malware install some of their components as regular Windows programs as well as additional software. This part of malware can be uninstalled from the Control Panel. To access it, do the following.

• Start→Control Panel (older Windows) or press Windows Key→Search and enter Control Panel and then press Enter (Windows 8, Windows 10).
• Choose Uninstall Program (if you don't see it, click in the upper right next to "View by" and select Category).
• Go through the list of programs and select entries related to Chromium Malware . You can click on "Name" or "Installed On" to reorder your programs and make Chromium malware easier to find.
• Click the Uninstall button. If you're asked if you really want to remove the program, click Yes.
• In many cases anti-malware programs are better at detecting related parasites, thus I recommend installing Spyhunter to identify other programs that might be a part of this infection.

How to remove Chromium Malware from macOS

Delete Chromium malware from your applications.

1. Open Finder.
2. In the menu bar, click Go.
3. Select Applications from the dropdown.
4. Find the Chromium Malware app.
5. Select it and right-click it (or hold the Ctrl and click the left mouse button).
6. In the dropdown, click Move to Bin/Trash. You might be asked to provide your login password.

(Optional) Delete related settings

Some malicious apps make themselves difficult to delete by changing various settings and leaving behind malicious files. Remove settings related to Chromium malware.

• Click the Apple logo in the menu bar. Open System Preferences.
• Some malicious applications set profiles to enforce unwanted settings. Remove unwanted configuration profiles.

1. 1. In System Preferences, click the Profiles icon. This icon is only visible if there are profiles on your Mac.
   2. Select unwanted profiles and remove them by pressing the minus '-'  button at the bottom.

• Some adware applications set SOCKS proxy to manipulate your internet traffic. Remove unwanted proxies:

1. 1. In System Preferences, click Network, Advanced, Proxies.
   2. If a proxy is set without your permission, uncheck it and click OK.

(Optional) Delete malicious files

Some malicious apps leave behind dangerous files in your Library folders. Delete files related to Chromium Malware.

1. Open Finder.
2. In the menu bar, click Go -> Computer.
3. In the search box, type in Chromium malware and variations of it.
4. Delete the files that are found and that seem to be related to Chromium Malware.

Automatic Malware removal tools