How can I permanently remove a seemingly stealthy ad-ware installer?

For the past one month, there seems to have a stealth installer lingering in my computer that will automatically install malicious plugins to all my browsers. I'm not sure what installer is that and I can never seem to trace them too.

The plugins will show up in names that appear "useful", like Media Player, Video Player, BetterSurf, all sort of crap names. I've uninstalled their browser plugins numerous times, but a few days later, the stealth installer will install another one to my browsers in another name, say Media Player 2 or something.

enter image description here

So recently, after I have been disabling and removing the plugins in the browsers, they have heightened their "security". Now I cannot even uninstall or disable the plugins because, at least in Chrome, it says that the plugin is "installed by enterprise policy".

enter image description here

The most annoying part is it will throw up pop-up advertisements and embed advertisements on webpages:

enter image description here

It does not affect only Chrome, but all my other browsers including IE and Firefox.

enter image description here

I scanned my computer and AVG did find those installers. I removed all of them, but they are not really being removed. A few days later, they all came back again only in different names.

What the heck is this, and how did this come into my computer? Now, how can I remove it permanently, for real?

I'm running on Windows 7.

xenon

Posted 2014-01-30T04:57:53.353

Reputation: 412

Any more questions, or do you want to set something as solution? – davidbaumann – 2018-05-10T08:28:21.520

@davidbaumann None of the answers so far really resolves my question yet. I'm a little hesitant to mark any answers as the solution just for the sake of doing so. I will mark one as solution as better answers come along. – xenon – 2018-05-10T10:05:24.440

Did you try scanning your system with AdwCleaner?

– and31415 – 2014-01-30T10:35:37.373

Remove Media Player 1.1 Extension – Installed by Enterprise Policy – Ƭᴇcʜιᴇ007 – 2014-01-31T17:30:19.597

Install trial version of some good protection suite and scan PC. I never quite trusted AVG myself. You can try Kaspersky if you ask my opinion. – tumchaaditya – 2014-02-05T00:24:17.367

Answers

If your system once has been compromised, there is no way to trust it before completely wiping it.
Also you should change passwords (PayPal, eBay...).

davidbaumann

Posted 2014-01-30T04:57:53.353

Reputation: 2 089

This is the right answer. You do have good backups, right...? – user55325 – 2014-01-30T05:12:07.100

1Nuke it from space, its the only way to be sure. – MDT Guy – 2014-01-30T05:17:16.117

So there is no way I can remove that, other than to format my computer? – xenon – 2014-01-30T05:39:25.713

1Maybe there are ways to remove, but, will it give you the peace of mind and you know for sure it is gone and you can sleep at night peacefully? Really the easiest, and most 'peace of mind' is to format, and reinstall. - Backup all your data first tho. – Darius – 2014-01-30T05:44:26.463

1Do you really nuke the system for every malware? There are far less severe measures that one ought to try before going for nuke.. – tumchaaditya – 2014-02-05T00:26:59.907

I don't usw Malware ;) In fact I only play on Wintendo. – davidbaumann – 2014-02-05T07:23:29.523

I struggled with the same problem.

I found the force extension under the following registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist

Yavor Shahpasov

Posted 2014-01-30T04:57:53.353

Reputation: 101

Boot the system with linux and delete alle the files that you can find related to those installers.

Fabiusp98

Posted 2014-01-30T04:57:53.353

Reputation: 324