Jump to content

Search the Community

Showing results for tags 'Chrome'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. I'm pretty sure that I know what caused the problem, I installed PDF Exchange and during the install I accidentally gave my permission for it to change my default search engine to Yahoo. When I changed back to Google it kept changing back to Yahoo on reboot. I managed to stop the reinstall of Yahoo by doing a cleanup of Chrome, including removing it & reinstalling, but now on bootup of the OS (W10) on starting Chrome hangs with a blank white screen. If I close the window & restart Chrome will restart asking if I want to restore tabs. It then works fine until the next reboot. I've done an extensive range of actions, but whatever I do the malware reinstalls itself. I've used Malwarebytes, Spybot S&D, & HitmanPro. Malwarebytes does the best job in finding Malware. I attach the report. The problem comes down to:- If I do a Malwarebytes Scan it finds 13 threats I then Quarantine them Reboot the OS If I then do an immediate Malwarebytes Scan it finds the same 13 threats Malwarebytes Chrome Virus.txt
  2. Everyday, I receive the same notification for the same PUP to be quarantined. I don't use Chrome and haven't done for some time. I did have a file with old Firefox settings stored on my desktop, but I have shredded that. I am at a loss as to why these PUPs keep recurring.
  3. Hi I posted a reply to a thread, actually I spent a couple of hours making sure it was accurate from my experience and it seems to have been removed. My account states that I posted in that thread but the post does not show after one day or so. It was not contravening the guidelines for posting and to my mind was helpful not only to the OP but to all searching for a solution. My question is why has it been removed?
  4. The reason that these pups are not going away is because they are syncing across Chrome on all devices including Mac Linux Android and PC. It is the same file being sent by Chrome across all platforms. It is only detected by Malwarebytes on the PC, it is not detected by malwarebytes for Android or for Mac. I tried the following experiment: I disable all of my devices except for say, one mac and one PC and I clean the PC and then I let the PC in the Mac sync the infection comes back to the PC even though the Mac tested clean (I eat with the Mac version of Malwarebytes). The same is true for Android and Linux. Android tests clean, I cannot tell you about Linux other than it does not show up in bitdefender. I performed an additional experiment to test the hypothesis that the infection is syncing with the Google cloud as well, in addition to syncing with other machines- however I do not think that's the case because when I disable all devices except one PC, and then clean the one PC with Malwarebytes, the one PC does not get infected until I fire up Chrome on another device. Perhaps Malwarebytes could list these PUPs along with the platform-specific virus definitions for mac and Android, however that will not fix the problem for Linux, and something else has to be done there. If you have a beta version of malwarebytes for Linux this would be a good time to release a limited functionality version of it to just do this one thing. - B
  5. Anyone have a solution or advice on the issue... after quarantine select on all items... reboot does not eliminate this detection.
  6. I'm a fan of the Chrome browser's Desktop Icons†, and had several of them, principally an icon for my Gmail. After installing MalWareBytes, and running a scan, and then quarantining the 21 items found, I was horrified to discover that my Chrome Icons had disappeared. I've appended the log as Malwarebytes.txt so you can see which files had been quarantined. I re-built my desktop icons and the next day, after Malwarebytes had quarantined the same 21 items, the icons were gone again. I began to notice the pattern. How can I determine if these 21 items are false positives, or indicative that I need to do something about some of the files in Google Chrome UserData? It seems that the 21 items re-appear in my UserData directory whenever I launch any program which invokes the chrome browser. † Chrome browser desktop icons are icons that the Chrome Browser creates on the Windows Desktop. When launched, they open the browser to a specified URL but with the browser's controls removed. So you see the content of the webpage, and almost nothing else. Ideal for things like Gmail. MalwareBytes.txt
  7. Hello. I've tried uninstalling Chrome, resetting the data and running the malwarebytes free version scan - then i delete the quarantined results and restart the PC. After rescanning it once the computer has signed in i keep getting the same adware.yontoo appearing in the scanned results. See below; How can i make sure i remove this once and for all so it doesnt appear again? I've tried the MalwareBytes Adware cleaner - that has removed other stuff but this Adware.Yontoo is driving me insane. Please can anyone recommend what i should do? Thank you. j4v3d
  8. I'm having the same issue, running decrapifier I found this, I'm not sure if it's related to the issue. This is driving me insane. Could it be a rootkit? GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19
  9. So I ran a a malware scan today and its flagging chrome as a PUP for both my laptop and desktop. Here is a picture, please fix soon.
  10. It is in the office PC, now here it is quite midnight, sure tomorow I will post. Hi
  11. Today I realised after a malwarebytes scan that I have the babylon PUP infecting(?) google chrome. I have tried many tools including malwarebytes, avast, ADWcleaner, FRST etc to try and diagnose and resolve the problem but with no luck. I (think) I have narrowed the problem down to a single file: C:\Users\"Username"\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences There is a line in this file which sets a startup URL to "http://search.babylon.com/?affID=111434&tt=010712_4&babsrc=HP_ss&mntrId=6e7008aa00000000000090a4dea255ab""http://search.babylon.com/?affID=111434&tt=010712_4&babsrc=HP_ss&mntrId=6e7008aa00000000000090a4dea255ab" I can manually delete this file, but every time I start chrome, it is added again? I have no idea what else I can do so any help will be greatly appreciated
  12. So i guess this is kind of a two part post. So we just replaced our on prem endpoint clients with the cloud endpoint clients and that seemed to go fine using the mbam clean tool. The problem some of our users are seeing is their chrome and firefox will lock up for 20+ minutes and just be frozen. I have turned off Web Protection and Anti Exploit to see if that fixes it, i haven't heard an update on the issue yet but i was curious if anyone has ran into this issue before. Part two, We have two policies, one for our computers and the other for our virtual machines/VDI's that DO NOT use anti exploit. I realized that using the endpoint installer provided it only uses the default policy and i can't install an endpoint solely to a specific policy like we kind of could with the on prem solution (install with anti exploit, one without). Is there a way besides installing then moving the machine to the correct policy to install the specific client to that specific policy?
  13. So i'm sure i'm in the same boat as a lot of other people, after seeing high activity on the forums about this, but i've followed some 'solutions' and yet i'm still getting the same the same 4 files appear on the scans i'm running, i don't know whether i should be worried about this as so many other people are having the same issue i just wanted to post here so someone could help me once a solution has been found as multiple attempts of deleting these web data files just isn't working nor is resetting my sync could someone explain to me what is going on and a way to solve this so it stops happening, it'll be highly appreciated thanks in advance PUP.txt
  14. The same thing happens to me, I tried in all possible ways, but it keeps showing up
  15. I'm having the same problem. I've tried turning chrome sync off and rescaning and it still comes up.
  16. I'm getting the exact same behavior, with Pup.optional.Conduit and Pop.optional.SweetIM, starting today. I've literally formatted my hard drive, reinstalled nothing but Chrome, and got the same thing immediately. ???
  17. Yeah i am having the same issue. These are the viruses Malwarebytes www.malwarebytes.com -Detalles del registro- Fecha del análisis: 8/11/17 Hora del análisis: 14:55 Archivo de registro: 8aa06649-c48c-11e7-bb24-4ccc6acd231e.json Administrador: Sí -Información del software- Versión: 3.3.1.2183 Versión de los componentes: 1.0.236 Versión del paquete de actualización: 1.0.3206 Licencia: Gratis -Información del sistema- SO: Windows 10 (Build 15063.674) CPU: x64 Sistema de archivos: NTFS Usuario: DANI-PC\danie -Resumen del análisis- Tipo de análisis: Análisis de amenazas Resultado: Completado Objetos analizados: 362716 Amenazas detectadas: 6 Amenazas en cuarentena: 0 (No hay elementos maliciosos detectados) Tiempo transcurrido: 0 min, 41 seg -Opciones de análisis- Memoria: Activado Inicio: Activado Sistema de archivos: Activado Archivo: Activado Rootkits: Desactivado Heurística: Activado PUP: Detectar PUM: Detectar -Detalles del análisis- Proceso: 0 (No hay elementos maliciosos detectados) Módulo: 0 (No hay elementos maliciosos detectados) Clave del registro: 0 (No hay elementos maliciosos detectados) Valor del registro: 0 (No hay elementos maliciosos detectados) Datos del registro: 0 (No hay elementos maliciosos detectados) Secuencia de datos: 0 (No hay elementos maliciosos detectados) Carpeta: 0 (No hay elementos maliciosos detectados) Archivo: 6 PUP.Optional.Softonic, C:\USERS\DANIE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, [665], [455288],1.0.3206 Adware.Elex.ShrtCln, C:\USERS\DANIE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, [2309], [454693],1.0.3206 PUP.Optional.Spigot, C:\USERS\DANIE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, [648], [454814],1.0.3206 PUP.Optional.Softonic, C:\USERS\DANIE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, [665], [455288],1.0.3206 PUP.Optional.ASK, C:\USERS\DANIE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, [527], [454823],1.0.3206 PUP.Optional.Softonic, C:\USERS\DANIE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, [665], [455288],1.0.3206 Sector físico: 0 (No hay elementos maliciosos detectados) (end)
  18. Hi I have the same issue Malwarebytes www.malwarebytes.com -Détails du journal- Date de l'analyse: 08/11/2017 Heure de l'analyse: 15:26 Fichier journal: bebb6e4c-c490-11e7-84de-5cf9dd5d407f.json Administrateur: Oui -Informations du logiciel- Version: 3.3.1.2183 Version de composants: 1.0.236 Version de pack de mise à jour: 1.0.3206 Licence: Gratuit -Informations système- Système d'exploitation: Windows 7 Service Pack 1 Processeur: x64 Système de fichiers: NTFS Utilisateur: COMPUTER\padawan -Résumé de l'analyse- Type d'analyse: Analyse des menaces Résultat: Terminé Objets analysés: 384153 Menaces détectées: 3 Menaces mises en quarantaine: 3 Temps écoulé: 11 min, 56 s -Options d'analyse- Mémoire: Activé Démarrage: Activé Système de fichiers: Activé Archives: Activé Rootkits: Désactivé Heuristique: Activé PUP: Détection PUM: Détection -Détails de l'analyse- Processus: 0 (Aucun élément malveillant détecté) Module: 0 (Aucun élément malveillant détecté) Clé du registre: 0 (Aucun élément malveillant détecté) Valeur du registre: 0 (Aucun élément malveillant détecté) Données du registre: 0 (Aucun élément malveillant détecté) Flux de données: 0 (Aucun élément malveillant détecté) Dossier: 0 (Aucun élément malveillant détecté) Fichier: 3 Adware.Elex.ShrtCln, C:\USERS\PADAWAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Web Data, Remplacé, [2309], [454691],1.0.3206 Adware.Elex.ShrtCln, C:\USERS\PADAWAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Remplacé, [2309], [454691],1.0.3206 Adware.Elex.ShrtCln, C:\USERS\PADAWAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Remplacé, [2309], [454691],1.0.3206 Secteur physique: 0 (Aucun élément malveillant détecté) (end)
  19. Hey, I have the same issue, and it also started yesterday. I believe I saw another post about this.
  20. Well I've followe exactly all suggested in https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/ and I run Malwarebytes several times (chrome closed and not sync) but every time it finds these: Malwarebytes www.malwarebytes.com -Dettagli log- Data scansione: 08/11/17 Ora scansione: 11:54 File di log: 3b982270-c473-11e7-a611-308d99f946d3.json Amministratore: Sì -Informazioni software- Versione: 3.2.2.2029 Versione componenti: 1.0.212 Aggiorna versione pacchetto: 1.0.3204 Licenza: Free -Informazioni sistema- SO: Windows 10 (Build 16299.19) CPU: x64 File system: NTFS Utente: HPenvy\Danieluvi -Riepilogo scansione- Tipo di scansione: Ricerca elementi nocivi Risultati: Completata Elementi analizzati: 637332 Minacce rilevate: 6 Minacce messe in quarantena: 6 Tempo impiegato: 42 min, 25 sec -Opzioni di scansione- Memoria: Attivata Esecuzioni automatiche: Attivata File system: Attivata Archivi compressi: Attivata Rootkit: Attivata Analisi euristica: Attivata PUP: Rilevare PUM: Rilevare -Dettagli scansione- Processo: 0 (Nessun elemento nocivo rilevato) Modulo: 0 (Nessun elemento nocivo rilevato) Chiave di registro: 0 (Nessun elemento nocivo rilevato) Valore di registro: 0 (Nessun elemento nocivo rilevato) Dati di registro: 0 (Nessun elemento nocivo rilevato) Flusso di dati: 0 (Nessun elemento nocivo rilevato) Cartella: 0 (Nessun elemento nocivo rilevato) File: 6 PUP.Optional.Conduit, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sostituito, [579], [454832],1.0.3204 PUP.Optional.Conduit, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sostituito, [579], [454832],1.0.3204 PUP.Optional.SweetIM, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sostituito, [1183], [455282],1.0.3204 PUP.Optional.SweetIM, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sostituito, [1183], [455282],1.0.3204 PUP.Optional.ASK, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sostituito, [527], [454827],1.0.3204 PUP.Optional.ASK, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sostituito, [527], [454827],1.0.3204 Settore fisico: 0 (Nessun elemento nocivo rilevato) (end) malware.txt
  21. Hello, same issue here! Web Data.zip Scan results.txt
  22. Adware.Elex.ShrtCln, C:\USERS\ANONY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Secure Preferences, Rimozione non riuscita, [2309], [454711],1.0.3202 Adware.Elex.ShrtCln, C:\USERS\ANONY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Secure Preferences, Rimozione non riuscita, [2309], [454711],1.0.3202
  23. Hi, I have a similar issue, though the malware is in another Chrome file.please help me , i need to keep safe my bitcoin on exchange
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.