Jump to content

Recommended Posts

What is FootbalScores24?

The Malwarebytes research team has determined that FootbalScores24 is a browser hijacker. These so-called "hijackers" manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.

How do I know if my computer is affected by FootbalScores24?

You may see this Chrome extension:

main.png

and these warnings during install:

warning1.png

warning2.png

this icon in your Chrome menu-bar:

icons.png

and these changed settings:

warning4.png

How did FootbalScores24 get on my computer?

Browser hijackers use different methods for distributing themselves. This particular one was downloaded from their website:

website.png

but the Chrome extension was also available in the webstore:

webstore.png

How do I remove FootbalScores24?

Our program Malwarebytes can detect and remove this potentially unwanted program.

  • Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.

Is there anything else I need to do to get rid of FootbalScores24?

  • No, Malwarebytes removes FootbalScores24 completely.

How would the full version of Malwarebytes help protect me?

We hope our application and this guide have helped you eradicate this hijacker.

As you can see below the full version of Malwarebytes would have protected you against the FootbalScores24 hijacker. we block the site that spreads the extensions.

Technical details for experts

Possible signs in FRST logs:
 

CHR DefaultSearchURL: Default -> hxxps://www.blpsearch.com/search?sid=836&itype=u&src=ds&p={searchTerms}
CHR DefaultSearchKeyword: Default -> Default-Search
CHR Extension: (24SportApp) - C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo [2018-06-25]

Alterations made by the installer:
 

File system details [View: All details] (Selection)
---------------------------------------------------
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0
       Adds the file Archive created by free jZip.url"="11/26/2013 11:21 AM, 58 bytes, A
       Adds the file manifest.json"="6/25/2018 8:12 AM, 2050 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\_locales\en
       Adds the file messages.json"="6/25/2018 8:12 AM, 11223 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\_locales\en_US
       Adds the file messages.json"="6/25/2018 8:12 AM, 11223 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\_metadata
       Adds the file computed_hashes.json"="6/25/2018 8:12 AM, 46689 bytes, A
       Adds the file verified_contents.json"="6/10/2018 11:43 AM, 11404 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html
       Adds the file background.html"="6/10/2018 11:39 AM, 443 bytes, A
       Adds the file index.html"="6/10/2018 11:39 AM, 5847 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css
       Adds the file flags16.css"="6/10/2018 11:39 AM, 10682 bytes, A
       Adds the file flags32.css"="6/10/2018 11:39 AM, 10656 bytes, A
       Adds the file select2.css"="6/10/2018 11:39 AM, 19669 bytes, A
       Adds the file select2.png"="6/10/2018 11:39 AM, 613 bytes, A
       Adds the file select2-spinner.gif"="6/10/2018 11:39 AM, 1849 bytes, A
       Adds the file select2x2.png"="6/10/2018 11:39 AM, 845 bytes, A
       Adds the file style.css"="6/10/2018 11:39 AM, 25130 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css\images
       Adds the file flags16.png"="6/10/2018 11:39 AM, 20266 bytes, A
       Adds the file flags32.png"="6/10/2018 11:39 AM, 52279 bytes, A
       Adds the file logo.png"="6/10/2018 11:39 AM, 4701 bytes, A
       Adds the file match-icons.png"="6/10/2018 11:39 AM, 1835 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images
       Adds the file icon.png"="6/25/2018 8:12 AM, 5241 bytes, A
       Adds the file icon_red.png"="6/10/2018 11:39 AM, 5432 bytes, A
       Adds the file icon-19.png"="6/25/2018 8:12 AM, 644 bytes, A
       Adds the file icon-19-active.png"="6/10/2018 11:39 AM, 1627 bytes, A
       Adds the file red-card.png"="6/10/2018 11:39 AM, 6941 bytes, A
       Adds the file spinner.gif"="6/10/2018 11:39 AM, 14425 bytes, A
       Adds the file yellow-card.png"="6/10/2018 11:39 AM, 6934 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\guide
       Adds the file 1.png"="6/10/2018 11:39 AM, 58817 bytes, A
       Adds the file 2.png"="6/10/2018 11:39 AM, 45008 bytes, A
       Adds the file finished.png"="6/10/2018 11:39 AM, 46838 bytes, A
       Adds the file live.png"="6/10/2018 11:39 AM, 50504 bytes, A
       Adds the file note.png"="6/10/2018 11:39 AM, 12335 bytes, A
       Adds the file prefs.png"="6/10/2018 11:39 AM, 34864 bytes, A
       Adds the file upcoming.png"="6/10/2018 11:39 AM, 47936 bytes, A
       Adds the file yc.png"="6/10/2018 11:39 AM, 16639 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\js
       Adds the file background.js"="6/10/2018 11:39 AM, 21847 bytes, A
       Adds the file bg.js"="6/10/2018 11:39 AM, 11964 bytes, A
       Adds the file brand.js"="6/10/2018 11:39 AM, 525 bytes, A
       Adds the file gui.js"="6/10/2018 11:39 AM, 52844 bytes, A
       Adds the file jquery.autocomplete.min.js"="6/10/2018 11:39 AM, 13062 bytes, A
       Adds the file jquery.scrollTo.min.js"="6/10/2018 11:39 AM, 2706 bytes, A
       Adds the file jquery-2.1.4.min.js"="6/10/2018 11:39 AM, 84345 bytes, A
       Adds the file moment.js"="6/10/2018 11:39 AM, 75194 bytes, A
       Adds the file moment-duration-format.js"="6/10/2018 11:39 AM, 12442 bytes, A
       Adds the file select2.min.js"="6/10/2018 11:39 AM, 65979 bytes, A
       Adds the file utils.js"="6/10/2018 11:39 AM, 29998 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\css
       Adds the file bootstrap.min.css"="6/10/2018 11:39 AM, 122540 bytes, A
       Adds the file bootstrap-theme.min.css"="6/10/2018 11:39 AM, 23357 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\fonts
       Adds the file glyphicons-halflings-regular.eot"="6/10/2018 11:39 AM, 20127 bytes, A
       Adds the file glyphicons-halflings-regular.svg"="6/10/2018 11:39 AM, 108738 bytes, A
       Adds the file glyphicons-halflings-regular.ttf"="6/10/2018 11:39 AM, 45404 bytes, A
       Adds the file glyphicons-halflings-regular.woff"="6/10/2018 11:39 AM, 23424 bytes, A
       Adds the file glyphicons-halflings-regular.woff2"="6/10/2018 11:39 AM, 18028 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\js
       Adds the file bootbox.min.js"="6/10/2018 11:39 AM, 8740 bytes, A
       Adds the file bootstrap.min.js"="6/10/2018 11:39 AM, 36816 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\font-awesome\css
       Adds the file font-awesome.min.css"="6/10/2018 11:39 AM, 27466 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\font-awesome\fonts
       Adds the file FontAwesome.otf"="6/10/2018 11:39 AM, 109688 bytes, A
       Adds the file fontawesome-webfont.eot"="6/10/2018 11:39 AM, 70807 bytes, A
       Adds the file fontawesome-webfont.svg"="6/10/2018 11:39 AM, 365616 bytes, A
       Adds the file fontawesome-webfont.ttf"="6/10/2018 11:39 AM, 142072 bytes, A
       Adds the file fontawesome-webfont.woff"="6/10/2018 11:39 AM, 83588 bytes, A
       Adds the file fontawesome-webfont.woff2"="6/10/2018 11:39 AM, 66624 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages
       Adds the file about.html"="6/10/2018 11:39 AM, 1177 bytes, A
       Adds the file contact.html"="6/10/2018 11:39 AM, 2350 bytes, A
       Adds the file guide.html"="6/10/2018 11:39 AM, 2040 bytes, A
       Adds the file privacy.html"="6/10/2018 11:39 AM, 1569 bytes, A
       Adds the file welcome.css"="6/10/2018 11:39 AM, 1764 bytes, A
       Adds the file welcome.html"="6/10/2018 11:39 AM, 1647 bytes, A
       Adds the file welcome.js"="6/10/2018 11:39 AM, 1945 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\images
       Adds the file arrow.png"="6/10/2018 11:39 AM, 30960 bytes, A
       Adds the file favs-640.png"="6/10/2018 11:39 AM, 144511 bytes, A
       Adds the file finished-640.png"="6/10/2018 11:39 AM, 154673 bytes, A
       Adds the file live-640.png"="6/10/2018 11:39 AM, 150382 bytes, A
       Adds the file note-640.png"="6/10/2018 11:39 AM, 308884 bytes, A
       Adds the file prefs-640.png"="6/10/2018 11:39 AM, 127512 bytes, A
       Adds the file search-640.png"="6/10/2018 11:39 AM, 151627 bytes, A
       Adds the file upcoming-640.png"="6/10/2018 11:39 AM, 153110 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\sounds
       Adds the file cheers.ogg"="6/10/2018 11:39 AM, 16486 bytes, A
       Adds the file goal.ogg"="6/10/2018 11:39 AM, 18572 bytes, A
       Adds the file whistle.ogg"="6/10/2018 11:39 AM, 4498 bytes, A

Registry details [View: All details] (Selection)
------------------------------------------------
    [HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings]
       "lachkbglfahpkonadgahobklhpcpikpo"="REG_SZ", "734718DA61EF31D5E0F2615C7E45922FA19A787FE9D5EECBF909B676E37CBE47"

Malwarebytes log:
 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 6/25/18
Scan Time: 8:33 AM
Log File: b9594900-7841-11e8-b1b2-080027235d76.json
Administrator: Yes

-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.365
Update Package Version: 1.0.5615
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {computername}\{username}

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 251448
Threats Detected: 104
Threats Quarantined: 104
Time Elapsed: 3 min, 28 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 23
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\font-awesome\fonts, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\font-awesome\css, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\fonts, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\css, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\font-awesome, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\guide, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\images, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css\images, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\_locales\en_US, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\_locales\en, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\_metadata, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\_locales, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\sounds, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\USERS\{username}\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\LACHKBGLFAHPKONADGAHOBKLHPCPIKPO, Quarantined, [268], [443418],1.0.5615

File: 81
PUP.Optional.DefaultSearch.ShrtCln, C:\USERS\{username}\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\USERS\{username}\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\USERS\{username}\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\LACHKBGLFAHPKONADGAHOBKLHPCPIKPO\1.31.836.56_0\MANIFEST.JSON, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css\images\flags16.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css\images\flags32.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css\images\logo.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css\images\match-icons.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css\flags16.css, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css\flags32.css, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css\select2-spinner.gif, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css\select2.css, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css\select2.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css\select2x2.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\css\style.css, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\guide\1.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\guide\2.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\guide\finished.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\guide\live.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\guide\note.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\guide\prefs.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\guide\upcoming.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\guide\yc.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\icon-19-active.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\icon-19.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\icon.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\icon_red.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\red-card.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\spinner.gif, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\images\yellow-card.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\js\background.js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\js\bg.js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\js\brand.js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\js\gui.js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\js\jquery-2.1.4.min.js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\js\jquery.autocomplete.min.js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\js\jquery.scrollTo.min.js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\js\moment-duration-format.js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\js\moment.js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\js\select2.min.js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\js\utils.js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\css\bootstrap-theme.min.css, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\css\bootstrap.min.css, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\fonts\glyphicons-halflings-regular.eot, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\fonts\glyphicons-halflings-regular.svg, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\fonts\glyphicons-halflings-regular.ttf, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\fonts\glyphicons-halflings-regular.woff, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\fonts\glyphicons-halflings-regular.woff2, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\js\bootbox.min.js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\bootstrap\js\bootstrap.min.js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\font-awesome\css\font-awesome.min.css, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\font-awesome\fonts\fontawesome-webfont.eot, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\font-awesome\fonts\fontawesome-webfont.svg, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\font-awesome\fonts\fontawesome-webfont.ttf, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\font-awesome\fonts\fontawesome-webfont.woff, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\font-awesome\fonts\fontawesome-webfont.woff2, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\lib\font-awesome\fonts\FontAwesome.otf, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\images\arrow.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\images\favs-640.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\images\finished-640.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\images\live-640.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\images\note-640.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\images\prefs-640.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\images\search-640.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\images\upcoming-640.png, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\about.html, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\contact.html, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\guide.html, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\privacy.html, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\welcome.css, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\welcome.html, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\pages\welcome.js, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\background.html, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\html\index.html, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\sounds\cheers.ogg, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\sounds\goal.ogg, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\sounds\whistle.ogg, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\_locales\en\messages.json, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\_locales\en_US\messages.json, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\_metadata\computed_hashes.json, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\_metadata\verified_contents.json, Quarantined, [268], [443418],1.0.5615
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\lachkbglfahpkonadgahobklhpcpikpo\1.31.836.56_0\Archive created by free jZip.url, Quarantined, [268], [443418],1.0.5615

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

As mentioned before the full version of Malwarebytes could have protected your computer against this threat.
We use different ways of protecting your computer(s):

  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention

Save yourself the hassle and get protected. 

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.