Jump to content

Search the Community

Showing results for tags 'Chrome'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Hello - I have been “infected” by some sort of browser redirect, where ALL Google searches on both Chrome AND Safari are automatically redirected to Yahoo. On Chrome, the tab w/ results says “Wajam Yahoo Search” and on Safari, a URL that includes “searchpage.com” appears briefly before the Yahoo results page. I’ve tried multiple things on various forums and YouTube video, but nothing addresses this specific problem. Malwarebytes found 7 threats that were cleared, but none of them solved for the browser redirect problem. Please help, I’m getting desperate and don’t want to resort to a time machine backup restore.
  2. I keep receiving the popup notification for "Website blocked due to riskware". It happens randomly while my browser is open and sometimes when I click onto new sites. Report: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 4/28/18 Protection Event Time: 11:52 PM Log File: 21d2a0d6-4b69-11e8-a3b9-60e327017c38.json Administrator: Yes -Software Information- Version: 3.4.5.2467 Components Version: 1.0.342 Update Package Version: 1.0.4902 License: Trial -System Information- OS: Windows 10 (Build 16299.371) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: RiskWare Domain: webmine.pro IP Address: 104.31.95.91 Port: [56960] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)
  3. Hello, So ive been furiously researching and trying to get rid of some malware (Ad by Advertise) i noticed on my Mac and I can't get rid of it. I downloaded malwarebytes and got zero hits at all. downloaded another program Antivirus Zap from app store and it found 3 items, deleted them all, and adware still there. I then noticed that if I opened chrome on a different chrome user account i had no adware at all and i was fine. I tested this further and opened a fresh windows server and downloaded chrome and then signed into my chrome account and WALA got adware. So basically I know for a fact 10/10 that its associated to my google chrome account. I even deleted every none essential chrome extension. The only ones left are from the chrome webstore which I assume to be safe (please correct me if this is an incorrect assumption). Which the exception of weird extensions I don't even know how malware would go about linking to a chrome account like that, and further more I have no clue how to delete or address it. Please help. Any advice would be fantastic. Even as i type this, random words on the page have been turned into adware links.
  4. At least once a minute, for 15 minutes, from 11:27 to 11:42 local time, MalwareBytes notified me that it was blocking an outgoing connection to howlong.top at the IP address 109.206.182.9 and the port 60089, referencing that the connection was coming from Chrome and telling me the website was being blocked for malware threats. I've been using the premium trial of MalwareBytes for a bit now, and it expires in about 3 days. I performed a manual scan that found nothing as soon as I realized something may be wrong, and after it concluded, I got about 1 or 2 more notifications that the site had been blocked, but it has now stopped while I've been writing this. malwareblock.txt scanreport.txt Addition.txt FRST.txt
  5. Hello all, Everytime I open chrome I get a notification telling me that malwarebytes has blocked "api.testrequest.info" and there is usually a 1-4 after api. I have scanned with malwarebytes and used adwcleaner but the problem still persists. Anybody got an idea of how to fix this?
  6. I received an alert from tonights scan that contained the info at the bottom. Each of the mentioned Registry keys is completely empty. An example of one of the triggered files c:\userdata\ntuser.pol is clearly not infected by anything. The other .pol files are very similar, no indication of any malware. Although its uncler what that .exe is (i tried to run it in EC2 instance and it wont execute/install), the fact that empty registry keys and normal .pol files are mentioned give me concern about this detection. Nor am I experiencing any issues. Reg� [ S o f t w a r e \ P o l i c i e s \ M i c r o s o f t \ W i n d o w s \ G r o u p P o l i c y O b j e c t s \ L o c a l G r o u p P o l i c y ; * * C o m m e n t : G P O N a m e : L o c a l G r o u p P o l i c y ; � ; ; ] [ S o f t w a r e \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ P o l i c i e s \ E x p l o r e r ; ; ; ; ] [ S o f t w a r e \ P o l i c i e s \ M i c r o s o f t \ W i n d o w s \ W i n d o w s S e a r c h ; A l l o w C o r t a n a ; � ; � ; ] [ S o f t w a r e \ P o l i c i e s \ M i c r o s o f t \ W i n d o w s \ W i n d o w s U p d a t e \ A U ; N o A u t o R e b o o t W i t h L o g g e d O n U s e r s ; � ; � ; � ] Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 4/12/18 Scan Time: 2:40 AM Log File: 65135b06-3e1c-11e8-b1d1-f80f4196759f.json Administrator: Yes -Software Information- Version: 3.4.5.2467 Components Version: 1.0.342 Update Package Version: 1.0.4706 License: Trial -System Information- OS: Windows 10 (Build 16299.371) CPU: x64 File System: NTFS User: System -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Scheduler Result: Completed Objects Scanned: 375143 Threats Detected: 11 Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 14 min, 1 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 4 PUP.Optional.NovaRambler.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, No Action By User, [299], [-1],0.0.0 PUP.Optional.NovaRambler.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, No Action By User, [299], [-1],0.0.0 PUP.Optional.NovaRambler.ChrPRST, HKLM\SOFTWARE\POLICIES\CHROMIUM, No Action By User, [299], [-1],0.0.0 PUP.Optional.NovaRambler.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\CHROMIUM, No Action By User, [299], [-1],0.0.0 Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 7 PUP.Optional.BundleInstaller, C:\$RECYCLE.BIN\S-1-5-21-3940657776-1240908072-4294066368-1001\$RK9Q0LV.EXE, No Action By User, [396], [496654],1.0.4706 PUP.Optional.NovaRambler.ChrPRST, C:\USERS\ILYA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, No Action By User, [299], [493310],1.0.4706 PUP.Optional.NovaRambler.ChrPRST, C:\USERS\ILYA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, [299], [493310],1.0.4706 PUP.Optional.NovaRambler.ChrPRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, No Action By User, [299], [-1],0.0.0 PUP.Optional.NovaRambler.ChrPRST, C:\PROGRAMDATA\NTUSER.POL, No Action By User, [299], [-1],0.0.0 PUP.Optional.NovaRambler.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, No Action By User, [299], [-1],0.0.0 PUP.Optional.NovaRambler.ChrPRST, C:\USERS\ILYA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, [299], [493310],1.0.4706 Physical Sector: 0 (No malicious items detected) (end)
  7. Dear Forum members. I installed the Swagbucks extension into Chrome. It is a nuisance, and I'd like to get rid of it. I saw some tips on YouTube, which didn't help. Can't really find an answer using Google. So I'm turning to my trusted source of information ... this forum. I know you have all the answers ... right? KPP
  8. Trovi and Spigot returns every time I open Chrome. If I remove and restart and scan without opening Chrome, nothing is detected. If I then run Chrome and do a scan it will detect it. Please help. Log are attached. I appreciate it very much thank you! Addition.txt FRST.txt MBLog.txt
  9. Do you guys know some new/good (Material Designs) that i can enable in Chrome and some worth flags to enable for more security/speed and for Omnibox-tweaks such as Favicons and need some good/virus-free, trusted (Black Theme for Chrome, from Chrome Store!) that is good for the eyes. Already have enabled these Flags on Windows/Android: Fast tab/window close Smooth Scrolling Material Design in the rest of the browser's native UI Number of raster threads Tab audio muting UI control Strict site isolation (i have it enabled but it doesn't increase my RAM i have 4GB Ram xD) Enable Material Design bookmarks Enable Material Design extensions Scroll Anchoring Framebusting requires same-origin or a user gesture Parallel downloading (Can it really speed up my Downloads by Accelerate the Download speed?) Cheers!
  10. Hey there, just an short question does Google chrome Themes from the official Chrme Store (For Desktop) can have Viruses inside them? or does Google always scan the themes that People have created and uploaded, is it even possible to get virus from Themes from the Google store :/ bc i want a good Black theme for my Chrome browser but i cant finy any good one, and im scared that i get a virus from themes hope somebody can help me out
  11. So thank god for my older brother finding out about the crytomining drive by going on now effecting millions of people. I was one of them as my computer would start up launch chrome in background and will cause HDD usage to 100%. I used adwCleaner and found the PUPs. I actually said screw it and uninstalled Chrome entirely and Im now using Firefox. Now I did try and using aswMBR to scan and did see something show up in gold in some sorts saying somelike "memory lockup" for a driver or something and then it BSOD in in regular and safe mode. This is making me feel uneasy and I did make a scan with Farbar and wanted to know if you guys see something that sticks out like a sore thumb. Thanks guys!!! FRST_13-02-2018 02.12.54.txt Addition_13-02-2018 02.12.54.txt Shortcut_13-02-2018 02.12.54.txt
  12. Hello I need some help getting rid of an unwanted malware that took over the search engine on my chrome. It seems to be from yahoo but it is a malware. Reading other posts I saw that I needed to post my own topic so here I am. I will attached a screenshot of this nightmare thanks in advance.
  13. Heya, So lately I've noticed that our computer has one PUP file in the Google Chrome directory that keeps popping up. I can delete it, but whenever we start Google Chrome it reappears in scans. When I delete it, Google Chrome shuts down. Last time I ran a scan and it seemed that our PUP file has multiplied itself, at least I suspect that (there where 75 PUP files suddenly). After deleting these, they haven't showed up again. Nevertheless, because of this I really want to get rid of that one single PUP file that keeps reappearing whenever I open Google Chrome. Its name is PUP.Optional.Trovi. Do I need to uninstall and reinstall Google Chrome to get rid of it? Thanks in advance!
  14. My other machine is blocked from the Internet as reported by Chrome and IE. Malwarebytes is blocking outbound every few seconds, referring to dropbox,norton wifi privacy, chrome, etc. I ran both Norton and Malwarebytes without a cable or wireless enabled. Neither found any issue. I'm typing this from another machine using the same network with no issue. Two other machines have accessed the network, also with no issues. I need some assistance to get the faulty machine back online. Thanks. Joel
  15. About an hour ago malwarebytes suddenly began flagging a bunch of outbound and inbound processes on my computer as malicious. I ran a scan (which I do every hour automatically anyway) and it found nothing. I made sure my database was updated. I shut off my modem and computer, etc. I tried getting onto the internet with opera instead of chrome, but couldn't establish a secure connection from that browser either. I am only on the internet now because I disabled malwarebytes malware protection. I saved screen shots of quite a few of my errors though not all of them. I just renewed my Malwarebytes Anti-Malware Home Premium two months ago and it is version 2.2.1.1043. HELP!
  16. I installed Malwarebytes on my android phone, using recommended settings. No malware found. I had been using Firefox and Chrome. Now neither one functions. I can still make calls. Appreciate any replies, no comment is too basic....
  17. The Fastest and Safest Web browsing experience! I am pleased to announce the Early Technical Preview of Malwarebytes for Chrome. This extension will protect our users from web annoyances such as Tech Support Scams, Ads, Trackers and Clickbait. What is it? Malwarebytes for Chrome provides a safer and faster web browsing experience by cleaning up unwanted content, resulting in up to 3x faster webpage load times while saving megabytes of bandwidth. It is the world’s first innovative browser extension which heuristically identifies and blocks Tech Support Scams browser-lockers which scares users into calling fake tech support scammers, and, filters out fake news, clickbait, coin miners, and other malicious content. Malwarebytes for Chrome also incorporates traditional protection functionalities such as blocking ads, trackers, and known malicious websites. Benefits Protection from Tech Support Scammers Blocks annoying pop-ups, browser hijacks and browser lockers which are abused by scammers to drive victims into call centers who use scare tactics to sell expensive technical support. Faster web page load times Popular websites download a lot of content in the background, unsuspecting to users. By filtering out clickbait, fake news feeds, ads, and trackers, Malwarebytes Proactive Browser Protection can speed up webpage load time by up to 3x times, saving bandwidth. Prevents visits to malicious pages Protects users from inadvertently visiting malicious websites that host malware content, load bitcoin miners in the background which slow down your computer, phishing sites, and a plethora of other malicious content. Features Tech Support Scam Popup Blocker. Proactively protects users from scammers by heuristically detecting and blocking browser lockers which force users to stay on the page with alert loops, popups, etc. Clickbait/Fake news Blocker. Prevents downloading of the modern malvertising commonly known as clickbait. These links/URLs lure users into clicking news articles and ads that are deceptive and malicious in nature, some prevalent examples being “sponsored content” or the well-known “you might also like…”. Fake news blocking is purely based on the deceptive advertising behavior characteristic of clickbait, and is not based on the political views or content. Ad/Tracker Blocker. Blocks loading of ads and tracker networks better than traditional ad blockers. Malware Blocker. Prevents unsuspecting redirection or side-loading of malicious content such as malware, bitcoin miners which result in 100% CPU usage, phishing, and other malicious content. How do I get it? Open this link in your Chrome browser: https://chrome.google.com/webstore/detail/malwarebytes/ihcjicgdanjaechkgeegckofjjedodee
  18. Software (all current as of Jan 13, 2018) OS: Win 7 x64 SP1 MB: Premium 3.3.1 AV: eSet v11 Roboform: 8.4.6.6 Chrome x64 When I'd run Chrome with Roboform enabled, I'd notice lag and high CPU use (2-5% constant) for the Roboform process (rf-chrome-nm-host.exe) attached to Chrome. This does not occur when I use Firefox x64 with Roboform enabled - the same executable is used for Firefox and the filename is not specific for Chrome (weird huh?). I used Procmon (from Sysinternals) to see what the Roboform process was doing only when Chrome was in use. There's a constant registry lookup cycle along with file lookup. I had been trying to figure out what the issue was, but finally involved the Roboform support team. They looked at my Procmon log and ran some internal tests - they said that eSet and/or MB were injecting into those processes. I tested many scenarios and in the end they were correct - MB was the culprit. With MB disabled I can run Chrome with Roboform and no spikes in CPU occur. I then went further to test a brand new Chrome profile with nothing enabled other than Roboform - same issue. I then added the Roboform executable in question to the MB exclusions list, but the CPU issue still exists only in Chrome. The CPU issue with this process only happens with MB enabled, so I now have to choose between either MB or using Roboform in Chrome. Ideas?
  19. On a daily basis Malwarebytes scans detect , Name= PUP.Optional.Conduit , Type = File , Location=C:\Users\usersname\AppData\Local\Google\Chrome\User Data\Default\SecurePrefences So my question is. Is chrome infected with a potential threat or could this be a valid chrome file that is being detected as a threat. Thanks for any input.
  20. When I run Chrome, Malwarebytes popup indicates: "Malwarebytes blocking outbound n65adsrv.com" I found on this forum to run Farbar Recovery Scan Tool. I have done that. I have attached the two text files from Farbar: FRST.txt and addition.txt Addition.txt FRST.txt
  21. Hello again forum, Thank you again AdvancedSetup for helping me with my inclk problem. I logged into my other laptop to clean the same issue, and discovered some additional issues. Hoping to get some assistance please. I ran MalwareBytes and ADWCleaner a few times each. It looks like there are a couple of items that are persistent. 1. Myfree Codec, and 2. Freemake Video Converter. 3. Also, although not in the current set of logs, pup.optional.legacy was also persistent. I also have a number of other computers in my household. Should I post these in the same thread? Or create a different thread for each? Thank you again for your time. AdwCleaner[C2].txt FRST.txt MalwareBytes Report.txt Addition.txt
  22. Hello, I have looked at various post on how to remove yontoo with Malwarebytes and it has come to this. I have followed the steps posted here: https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/ I went ahead and turned off sync for all 3 accounts tied to my Chrome, removed all search engines except Google, and RESET Chrome. I was able to remove 3 of the 4 infections tied to it but the one infection cannot be quarantined at all...... Any help would be GREATLY appreciated. I have also tried HitmanPro as I saw in older post as well. Thanks!
  23. I keep getting this daily from my virus check and when I get it removed, it shuts down Chrome can you tell me how to fix this? C:USERS\ROBYN\APPDATA\LOCAL\GOOGLE\CHROME\USER\DATA\DEFAULT\Web Data
  24. As the title suggests, when I start Chrome I get sketchy outbound connection attempts to brighton.com, venturead.com and a bunch of other sites. This is not tied to a specific page. Malwarebytes finds nothing. Hitman Pro finds nothing. Windows Defender finds nothing. I have reset my browser. I have dumped my cache. I have checked out my browser extensions. I have gone through my running processes. I'm finding nothing. And yet the problem persists. I have attached my Malwarebytes Threat report, which finds nothing. I have attached FRST's report and additions.txt, nothing in which seems particularly interesting. The Deluge torrent program is the only really questionable item I am running and I haven't heard anyone complain about it yet. It is only launched on demand and is not running all the time. I have also attached a Malwarebytes blocked outbound connection attempt example. Any thoughts? Addition.txt FRST.txt malwarebytesReport.txt malwarebytesReport-example.txt
  25. Hello, I am seeking help with a question/problem. I was browsing the internet and noticed that my chrome was working slower than usual, so I decided to close it and start it up again. While restarting chrome I got an error that said something about Chrome_Elf dll missing, however chrome still restarted itself. I ran Malwarebytes to check for infection and noticed that on the first scan it scanned for less objectives than usual and was much faster with the scan. I restarted my computer and this time the scan took longer than usual and there was less objectives scanned. I have included FRST.txt, Addition.txt and the latest scan with Malwarebytes. I have also ran adwcleaner with clean results. Addition.txt FRST.txt MBAM_scan.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.