Remove (ArabiOnline) virus

This is an examination of an awfully annoying hijacker known as Araby Online which inserts URL value for custom browser settings without user consent. In particular, the entry includes the description of possible infection paths, main symptoms, and removal instructions.

The adware whose analysis is to be provided here reflects the Arabic take on browser compromising. Both the ArabyOnline hijacker itself and its landing pages are very out-of-the-ordinary for the Western users who for some reason are a target audience to the authors of the virus under consideration. Literally everything is eye-catching there: starting from the app’s obtrusiveness – all the way to site design. The onset of this adware on a PC is not a matter of manual installation on the user’s end, because this honest and straightforward path is unacceptable in the context of spreading a malicious cyber entity; no sane person wants to get a nuisance like this. Instead, the payload is always part of some other software, mostly freeware, whose setup wizard contains little to no indication that an additional item is there as well. snapshot snapshot

Not relying on user approval when getting installed, ArabyOnline similarly ignores authorization when changing the way Chrome, Firefox and Internet Explorer are configured. The adware program adds an extension to each one of these browsers if detected on the affected machine. Then this malicious cross-browser add-on immediately alters the values for homepage, default search engine, and new tab page. As a result, the victim will be recurrently ending up on (see snapshot above).

It’s obvious from the way the page looks that it’s extremely graphics-heavy and non-intuitive for the average user. Not only is it all Arabic language-wise, it’s also got other weird specificities such as the search text typing direction (right to left) as well as the abundance of ads, in which component this adware outperforms all of its counterparts we’ve seen by now. Furthermore, simply placing the cursor in the search field will trigger a few new browser windows in the background. It’s therefore clear that online advertising is the main thing this virus is after, but the infected users go nuts because of the accompanying browsing terror.

Getting rid of the ArabyOnline adware is tougher than just toggling some preferences for the compromised web browsers. It takes more complex measures for the cleanup to go smooth and efficient.

Automatic removal of ArabyOnline virus

When it comes to handling infections like this one, using a reputable cleaning tool is the place to start. Sticking to this workflow ensures that every component of the adware gets found and eradicated from the affected computer.

1. Download and install the cleaning tool and click the Start Computer Scan button Download ArabyOnline removal tool

2. The wait is worth it. Once the scan completes, you will see a report listing all malicious or potentially unwanted objects detected on your PC. Go ahead and click the Fix Threats option in order to get ArabyOnline hijacker automatically uninstalled from your machine along with all of its modules. This being done, you should be good to go.

Uninstall ArabyOnline through Control Panel

  • From your Windows menu, go to Control Panel. Select Add or Remove Programs (for Windows XP / Windows 8) or Uninstall a program (Windows Vista / Windows 7) Uninstall a program
  • Find ArabyOnline on the list. If it’s nowhere to be found, look for multimedia related programs (e.g. Flash Enhancer) or other odd-looking apps you remember to have installed lately. Select the suspicious one and click Uninstall/Change Uninstall ArabyOnline related software

Remove ArabyOnline from web browsers manually

The workflow covered below is intended to undo all changes that the ArabyOnline virus made to Chrome, Firefox and Internet Explorer. Be advised there’s some collateral inconvenience you will encounter, namely the loss of all installed add-ons and personalized information (saved passwords, cached data, bookmarks and other content).

Remove ArabyOnline in Chrome

1. Uninstall the ArabyOnline extension
  • Click the Chrome menu icon and select More tools > Extensions Access Chrome Extensions interface
  • Find the add-on associated with ArabyOnline and click the trash bin next to the bad entry Trash the ArabyOnline add-on
2. Restore homepage defaults
  • Go back to Chrome menu and select Settings Go to Settings screen
  • Go to On startup sub-section and activate the Open a specific page or set of pages option. Also, click Set pages Set pages button
  • Locate the ArabyOnline entry under Startup pages and hit X button next to it Remove ArabyOnline from Startup pages
3. Restore correct search preferences
  • Proceed to Manage search engines and select the service you prefer to use Eliminate malicious search provider and select preferred one in Chrome
4. Restart Google Chrome

Remove ArabyOnline in Firefox

1. Eliminate the respective add-on
  • In Firefox, go to Tools > Add-ons Go to Firefox Add-ons screen
  • Hit the Extensions tab and locate ArabyOnline on the list. Click Remove to get rid of it
2. Fix the homepage settings
  • Go to Tools > Options Open up Firefox Options
  • Hit the General tab and click Restore to Default (see image below) Restore home page in Firefox
3. Set the preferred search provider
  • Click the magnifying glass icon in Firefox search box and select Change Search Settings Select the Change Search Settings option
  • Select the search engine to use by default and hit OK to save the changes Select default search engine in Firefox
4. Restart Mozilla Firefox

removal from Internet Explorer

  • Open IE. Go to Tools > Manage Add-ons Manage Add-ons entry in IE
  • Select Toolbars and Extensions in the navigation pane, locate the items related to ArabyOnline, including the ArabyOnline API, right-click each one select Remove in the context menu Remove  from IE Toolbars and Extensions list
  • Restart IE and check for symptoms of the infection. If the ArabyOnline ads are not appearing anymore, then no further action is required. If the adware is still there, proceed to the steps below
  • Go to Tools > Internet Options Reset Internet Explorer 1
  • Hit the Advanced tab and click Reset Reset Internet Explorer 2
  • Make sure the Delete personal settings option on the Reset Internet Explorer Settings dialog is ticked and click Reset Reset Internet Explorer 3
  • Restart Internet Explorer for the changes to take effect

Did the problem go away? Check and see

Computer threats like the ArabyOnline virus can be stealthier than you can imagine, skillfully obfuscating their components inside a compromised computer to evade removal. Therefore, by running an additional security scan you will dot the i’s and cross the t’s in terms of the cleanup.

Download ArabyOnline virus scanner and remover

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.