Jump to content

MWB AdWare Cleaner keeps picking up the same 7 threats. Not sure whats going on here.


Dyrstan
 Share

Recommended Posts

So basically, I decided to download it and check for adware since I hadn't done so yet. I was then met with 7 threats (I will attach the log to this post below), so I chose to remove them. Once I rebooted I noticed my Ransomware protection in MWB was turned off, and if I tried to turn it back on it would just say "starting.." and wouldn't actually turn on. Do keep in mind that nothing else was turned off. I proceeded to get a little worried and did a clean install of Windows, however after reinstalling and signing back into Chrome I decided to run the scan again, and it picked up the same 7 results, and they are still there even after cleaning and rebooting. I have no homepages set, and my only extension is Adblock Pro. I would greatly appreciate any help. Also I think this happened after I "signed into Chrome" to get my bookmarks and such, if that would have any effect on it.

Log: 

# AdwCleaner v6.041 - Logfile created 25/12/2016 at 14:38:10
# Updated on 16/12/2016 by Malwarebytes
# Database : 2016-12-23.1 [Local]
# Operating System : Windows 10 Home (X64)
# Username : Me - DESKTOP-InsertNumbersHereJustInCaseINeedToKeepThisOut
# Running from : C:\Users\Me\Desktop\adwcleaner_6.041.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****



***** [ Web browsers ] *****

[-] [C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: search.conduit.com__
[-] [C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: mysearch.avg.com
[-] [C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: search.conduit.com_
[-] [C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: search.conduit.com
[-] [C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: gjkpcnacdgdlpfejlgflolpaigoicibh


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1568 Bytes] - [25/12/2016 14:38:10]
C:\AdwCleaner\AdwCleaner[S0].txt - [1142 Bytes] - [25/12/2016 14:32:26]
C:\AdwCleaner\AdwCleaner[S1].txt - [1946 Bytes] - [25/12/2016 14:37:28]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1787 Bytes] ##########

Link to post
Share on other sites

  • Staff

Hello,

It seems to be related to Chrome synchronization.

You can keep your “Bookmarks” if you want to keep them, but you have to export them first – >> Export Bookmarks << – Everything else should be removed.

Then I need you to go to >> Google Sync << and sign into your account.
Scroll down until you see the reset sync button and click on the button
At the prompt click on Ok.

Then, rescan + remove what have been found, and relaunch Chrome. It should be better now.

Best regards,

 

Link to post
Share on other sites

41 minutes ago, fr33tux said:

Hello,

It seems to be related to Chrome synchronization.

You can keep your “Bookmarks” if you want to keep them, but you have to export them first – >> Export Bookmarks << – Everything else should be removed.

Then I need you to go to >> Google Sync << and sign into your account.
Scroll down until you see the reset sync button and click on the button
At the prompt click on Ok.

Then, rescan + remove what have been found, and relaunch Chrome. It should be better now.

Best regards,

 

I think that did the trick, thanks! What was causing this? Am I not allowed to sync with Chrome or something?

Link to post
Share on other sites

  • Staff

Hello,

Sorry for the delay. The Chrome synchronization doesn't care if an extension is malicious or not, so it will sync and apply everything. That's what happened here, where the malicious extensions was removed, but re-installed because of the synchronization.

The solution is to purge the sync data, clean Chrome data, and then re-enable the synchronization if you want to use it.

Best regards,

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.