A new computer virus has gained popularity online. It is known as Chrome Impersonator Virus and it aims to duplicate the Google Chrome browser. The virus is reported to be extremely effective mainly because of two reasons – Google Chrome has become the most widely used web browser, and it takes a trained eye to spot it. The impersonator aims for the login details of the Google accounts of users. Everyone who has seen Crxbro.exe process in their Task Manager should immediately use the instructions provided below and eliminate the virus. It is strongly recommended to change all of the passwords that have been used in the infected computer as well.
|Short Description||The virus aims to steal login credentials for Google accounts.|
|Symptoms||The user may witness Chrome Browser closing and reopening with a login screen cause by a process, called “crxbro.exe”|
|Distribution Method||Via PUPs, installed by bundling or by visiting a suspicious third-party site that is advertising it as something else.|
|Detection Tool||Download Malware Removal Tool, to See If Your System Has Been Affected by Crxbro Browser|
|User Experience||Join our forum to discuss Crxbro Browser.|
Crxbro.exe Virus – How Did I Get It
The web browser is believed to be automatically installed along with a suspicious program, called WinZipper that is reported to show up in the %Program Files(x86)% directory. It is also seen to locate an uninstaller in Windows Programs and Features:
Source: Google Chrome Help Forum
This software may have come in the user PC in several different ways:
- Via bundled installers of free programs that are downloaded from third-party sites.
- Through downloading installers from torrent sites.
- If someone else installed it on the victim PC.
Crxbro.exe Virus – What Does It Do
As soon as the virus is installed, it creates the same files as Google Chrome in the following order:
The web browser then may automatically close your original Chrome executable and reopen its own which looks exactly the same with the Login screen on it. Users report seeing google profile login web page along with a suspicious message that claims something similar to the following:
→“It was impossible to synchronize your account, so you have to log in again.”
This may be done via a process known as “crxbro.exe” that is reported to run actively at the same time in the Windows Task Manager. Affected users on Reddit forums have reported that when they try to delete the folder, the program may replace the Chrome icon in Windows’s taskbar with a custom icon.
Researchers believe that the Crxbro browser and Win Zipper are created to conduct phishing attacks and obtain different credentials such as login details for Google Accounts.
Remove Crxbro and WinZipper Completely
Since the applications may have running processes on the Windows devices they are installed, it is recommended to try and check Windows Task Manager for new processes. To do this press Ctrl+Alt+Delete and then click on “Task Manager”. Then go to the Details tab to see the processes in detail and stop any suspicious processes, like “crxbro.exe”.
After this is done, you may want to follow the step-by-step removal instructions below to successfully get rid of these and other malicious threats that may be aiming for your information and money. For best results it is recommended to use an advanced anti-malware software since it will make sure that all related registry entries and modules of this virus are removed and restrict it from affecting your computer in the future.
PS: We advise affected users to change immediately their passwords after removing Crxbro Browser.
Step 1: Remove/Uninstall Crxbro Browser in Windows
Here is a method in few easy steps to remove that program. No matter if you are using Windows 8, 7, Vista or XP, those steps will get the job done. Dragging the program or its folder to the recycle bin can be a very bad decision. If you do that, bits and pieces of the program get left behind, and that can lead to unstable work of your PC, mistakes with the file type associations and other unpleasant activities. The proper way to get a program off your computer is to Uninstall it.
Select the program that you want to remove, and press “Uninstall” (fig.3).
Follow the instructions above and you will successfully uninstall Crxbro Browser.
Step 2: Remove Crxbro Browser from your browser
Select the “Add-ons” icon from the menu
Select Crxbro Browser and click “Remove”
After Crxbro Browser is removed, restart Mozilla Firefox by closing it from the red “X” in the top right corner and start it again.
Select Crxbro Browser to remove, and then click ‘Disable’. A pop-up window will appear to inform you that you are about to disable the selected toolbar, and some additional toolbars might be disabled as well. Leave all the boxes checked, and click ‘Disable’.
After Crxbro Browser has been removed, restart Internet Explorer by closing it from the red ‘X’ in the top right corner and start it again.
From the drop menu select ‘Preferences’
In the new window select ‘Extensions’
Click once on Crxbro Browser
A pop-up window will appear asking for confirmation to uninstall Crxbro Browser. Select ‘Uninstall’ again, and the Crxbro Browser will be removed.