BpolApp is the latest addition to a large family of almost identical malware apps known for showing aggressive and potentially harmful pop-ups on the user’s screen. It installs on the computer through file bundles which is why most users don’t realize when or how they got it on their PCs.
Other rogue apps similar to BpolApp are Civia App and RoxiApp and they are all notoriously difficult to remove due to their use of various persistence mechanisms that let them evade traditional uninstallation. However, we’ve dealt with similar malware in the past, so we are confident we can help you fully get rid of BpolApp as well as any additional malware it might have brought along.
BpolApp Removal Steps
While I was researching BpolApp, a few users reported that performing a conventional uninstallation worked for them in removing the malware. This won’t always lead to successful removal, but I suggest you try it first, as you may end up saving yourself a bunch of time if you are lucky:
- Use the Start Menu to search for “Apps & Features” and open it.
- Then sort the applications by their installation date to reveal new or unfamiliar programs.
- Select BpolApp (if you see it there) or any suspicious program you notice. Click “Uninstall” and follow the prompts, but always carefully read what the prompts say or you may end up installing other malware in your system or letting BpolApp stay on the computer.
- After uninstalling, visit the installation directory (if you know where that is). Some files and folders often remain, even after using the uninstall feature.
- Delete any files or folders that might have been left behind after you completed the uninstallation process.
Restart the system and start using it normally. Look out for any signs of the malware’s presence and if it’s still there, proceed to the advanced removal steps below.
Video walkthrough for this step:
SUMMARY:
Important! Read Before Continuing
The next steps will guide you through a very detailed manual removal process that both takes time (an hour or more) and some technical know-how to complete.
I recommend that you first skim through the instructions and if you think won’t be able to perform everything (or don’t have the time to), you can instead use SpyHunter 5.
It’s an advanced and reliable removal tool available on this page that’s very effective at finding and erasing rogue software like BpolApp alongside any auxiliary apps that the malware may have brought into your system.
How to Remove the BpolApp Virus
The removal process will require you to find and delete malware files, which can be made difficult by the files being hidden or blocked. Therefore, you first need to complete these two preparatory steps, before proceeding to the actual removal:
- Open “Folder Options” from the Start Menu, select the View section, and enable “Show hidden files, folders, and drives“. Apply these settings and the hidden items will appear in a semi-transparent format, distinguishing them from regular files.
- Get the free LockHunter app and install it. It lets you delete files that are still in use by other software, which is often the case with files linked to rogue programs that want to keep their data intact.
With the hidden files revealed and LockHunter installed, it’s time to find and eliminate the rogue BpolApp data.
Video walkthrough for this step:
Delete BpolApp Virus Files
The first place you need to visit and search for malware files is C:\Users\YourUsername\AppData\Roaming.
Look for folders named BpolApp or similarly suspicious names and delete them.
Note that most malware programs like BpolApp are created by fake companies that usually have strange names that give them away. For instance, a couple of adware apps we encountered recently were developed by “Yusiq Axo S” and “Trix Winqz Ro”, respectively, and created folders with the same names in the system.
These are obviously not the names of real companies and stick out like a sore thumb among your regular folders, so look for such folders with similarly unusual names, as they will almost certainly be linked to the malware.
When deleting rogue files or folders, you might get an error that a given file is in use and can’t be removed right now. The solution is LockHunter:
If you’ve already installed LockHunter (make sure you have), right-click the stubborn file/folder and select “What’s locking this file/folder?”. Then click the “Delete it!” option in the next window and the item will be sent to the Bin.
After clearing out AppData, access the Temp folder by typing “%Temp%” in the Start Menu and hitting Enter.
Press Ctrl + A and delete everything stored in that folder. It’s okay to empty it.
Then check the Program Files and Program Files (x86) folders in your C: drive and see if there are any oddly-named sub-folders in them that you need to delete.
Also, do the same thing in these two directories:
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
- C:\Users\YourUsername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Once you’ve cleared all mentioned locations, proceed to the next step.
How to Delete Persistent Files with Lock Hunter
Video walkthrough for this step:
How to Remove the BpolApp Malware Through the Task Scheduler
A trick many forms of malware use to gain persistence in the system is to create scheduled tasks that let them reinstall themselves even if the user is successful in deleting them.
Therefore, it’s critical to go to the Task Manager and check it for rogue entries that could be linked to the malware:
Search “Task Scheduler” in the Start Menu.
Open it and review the tasks listed in the Task Scheduler Library. Unusual items in this folder may indicate BpolApp’s attempts to reinstate itself.
You must inspect all tasks – they aren’t that many, so it shouldn’t take too much time.
Click each task, open the Actions, and look at what type of action is performed by the task. Be on the lookout for the following and note down their file paths:
- Strange executables and scripts that the task is set to run.
- Any file located in AppData or Roaming.
- Links that the task is set to open.
If you notice any such tasks, delete them immediately, then go to the path displayed in the Actions tab, and delete the file that the task was set to open.
You must make sure that you’ve checked all tasks and there’s nothing rogue left in the Task Scheduler.
Video walkthrough for this step:
Uninstall BpolApp Through the System Registry
Nearly all malware introduces rogue keys to the System Registry. Therefore, it’s usually not enough to only remove the malware files, but you must also perform a Registry cleanup. This is how you do it;
Open the Registry Editor: type “regedit” in the Start Menu. Run it as administrator.
The editor allows the deletion of registry keys linked to BpolApp, but caution is vital here. If you delete the wrong thing, your system could destabilize and start experiencing unexpected errors.
Use Ctrl + F to open the Find window and search for “BpolApp”.
Delete each result found in the left panel of the Registry. You must run multiple searches to ensure all rogue keys are deleted.
Then you must manually go to the following Registry directories and explore their contents in the right panel:
Look at the values to the right and see if any of them have strange, unusual names that could be linked to BpolApp.
If you see such a value (or values) delete it in the right panel, but leave the key to the left that contains it intact.
Video walkthrough for this step:
Get Rid of BpolApp Malware Policies
It’s possible that the adware has made changes in the browser and introduced a rogue third-party policy that stops you from reversing the changes. Here are two simple solutions:
The first option to eliminate these browser modifications is to open the Group Policy Editor from the Start Menu (search for “Edit Group Policy“.
Then go to Computer Configuration > Administrative Templates. Right-click Administrative Templates, then click the Add/Remove option, and delete everything you see in the following window.
If you are a Chrome user, you can also try the Chrome Policy Remover, which is a free tool that doesn’t require installation and deletes any and all Chrome policies in just a couple of clicks.
Download and run this tool as administrator and if you get a Windows warning, just click More Info and Run Anyway to ignore it. Don’t worry about the warning – the Chrome Policy Remover is a safe tool.
Once you launch it, it will automatically run a script that will get rid of all policies in a matter of seconds.
Video walkthrough for this step:
Manual Group Policy Removal
Automatic Group Policy Removal
Uninstall BpolApp From Your Browser
You’ll now finally be able to reverse any changes to the browser settings made by the adware.
Launch the affected browser, open its menu, and go to Settings.
First, access the Extensions Manager and delete any suspicious items. Anything that wasn’t added by you counts as suspicious and should be removed.
Then open Privacy and Security, select Clear/delete browsing data, and clear everything except passwords using the “All Time” range setting.
Open Site Settings within Privacy and Security (if you are on Chrome) or Cookies and Side Data (if you are on Edge).
Check all permissions and block any unusual URLs under “Allow”.
You must then go to the Search Engine setting and ensure your default search engine is a reliable one – Google, Bing, etc.
Also, take a look at the Manage Search Engines section and remove from it any unfamiliar and suspicious URLs.
Lastly, visit the On Startup and Appearance tabs to verify no new rogue URLs or settings have been applied by BpolApp.
If you see any questionable addresses there, delete them.
And that should do it. After you are done with the browser cleanup, there should be no traces of BpolApp left in your PC.
Video walkthrough for this step:
Chrome
Microsoft Edge
Mozilla Firefox
However, you do need to understand that no matter how good a manual removal guide is, mistakes can happen and the user could miss something. Also, a change in the malware itself might make it more difficult to remove and render this guide less effective.
So, if for whatever reason, BpolApp is still on your PC even after you’ve performed every step, I strongly recommend using the professional anti-malware tool SpyHunter 5 to delete the rogue app. The tool can be found on this page and will let you quickly and safely get rid of the adware.
Leave a Comment