Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Remove Tencent QQ and qq(.)com Ads from Your Browser and PC

qq-messenger-sensorstechforumQQ started out 17 years ago with the idea to have a messenger for China similar to programs like Skype or ICQ. Since then, the program was developed a lot, and it became the most widespread instant messaging engine. Currently, Tencent QQ has also developed a mobile application transferring its huge user base to mobile devices. It all sounds great until users have reported observing a variant of the program that heavily displays advertisements on the user PCs.

Name Tencent QQ
Type PUP, Browser Hijacker
Short Description The software changes settings to the user’s web browser may collect user information and installs plugins without notification. Also difficult to erase from the PC.
Symptoms The user may witness his home page changed to qq(.)com and may notice it in Programs and Features in Windows.
Distribution Method Via PUPs, installed by bundling (Browser Hijackers) or by visiting a suspicious third-party site that is advertising it.
Detection Tool Download Malware Removal Tool, to See If Your System Has Been Affected by Tencent QQ
User Experience Join our forum to discuss Tencent QQ.

Tencent QQ – How Is It Spread

There may be several methods by which Tencent QQ may spread onto your computer. The program may be encountered as a bundled application in case you download applications from third-party websites. Such websites may be of the following character:

  • Torrent websites sharing software installers.
  • Randomly visited third-party software providing websites found online.
  • Websites that are advertised via adware on your computer.
  • Sites which are advertised on social media.
  • Programs that are shared in p2p sharing software such as DC++, for example.

Imagine the following scenario – you have cleanly reinstalled Windows, and you have to download all of the free programs you have previously used. To do this, you have to search for those programs online one by one. Here is where you may have the bad luck of downloading an app from a software provider that has Tencent QQ included(bundled) in your installer, for example:

qq-bundling

blade and soulAnd this is not the only way of distribution. Besides it, the application may be automatically downloaded without your permission by other ad-supported programs that have elevated privileges to do it or even malware. Some users have even reported on Reddit forums to get the suspicious ad-supported version of QQ via playing online games, like the Chinese Blade and Soul.

The program can also be found in an international version on websites such as download.com. However we could not manage to download it via this method:

tencent-download-failed

Tencent QQ Ads Variant in Detail

The original version of the program itself has all of the necessary features of a chat software. However, it is all good until one point – the point where it situates approximately 200 MB which is highly untypical for chat engines. To put this in perspective, Skype is ~76 MB in size.

Not only this but when the program was installed, the anti-malware tool installed on the test device immediately detected it as an unknown software:

tencentqq-unknown-object-sensorstechforum

When we checked for any bundled applications along with QQ in Programs and Features and not to our amazement, we have found that it had a QQ email plugin installed along it:

qqmail-plugin-tencent

We were surprised however when after a system restart, we opened Mozilla Firefox only to discover QQ’s plugins spread all over it and there was no notification during install that there will be any:

tencent-add-ons-sensorstechforum

Just when we thought the nightmare was over, we decided to check Internet Explorer, only to find out that Tencent QQ has modified Registry Entires to set its website qq(.)com as a home page:

qq-home-page

The cherry on the cake was when we decided to use the search engine of the software, which redirected us via a new tab to a hoax search engine, called Sogou, which is known in the malware research world as a name copied by several browser hijackers, like the Sogou Browser Hijacker:

qq-browser-hijacker

This situation is considered to be potentially harmful to the user, due to several different reasons:

  • The software may collect user information and share it with third-parties.
  • Advertisements may display web links to third-party websites that could either collect information themselves, advertise other PUPs (Potentially Unwanted Programs).
  • The user could be redirected to a malicious website that may or may not infects his computer with malware.

Remove Tencent QQ from Your Computer

Uninstalling Tencent may be tricky. When you attempt it, most likely you may be able to uninstall the plugin of Tencent, but you may not eventually be able to uninstall the main software. On attempt to uninstall the program, Tencent displays the following pop-up:

tencent-uninstall-failage

This is why manually removing this software may take some work because it also modifies your web browsers. For maximum effectiveness, we have created the following instructions to help you successfully get rid of it and clean your PC without having to reinstall it.

Delete Tencent QQ from Windows and Your Browser

1.Remove Tencent QQ in Windows
2.Remove Tencent QQ from Your Browser

Remove Tencent QQ automatically by downloading an advanced anti-malware program.

1. Remove Tencent QQ with SpyHunter Anti-Malware Tool
2. Back up your data to secure it against attacks related to Tencent QQ in the future
Optional: Using Alternative Anti-Malware Tools

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.