beardyweirdy Posted November 24, 2018 ID:1282867 Share Posted November 24, 2018 Hi, I started having some issues on Chrome. Additional windows opening up when I clicked on links (typically, but not always taking me to a Yahoo Search page), also additional adds appearing at the top of Google searches (saying 'Ads by Aura'). I'm afraid I've tried a number of things before a friend directed me here, and currently MWB isn't showing any threats. I've therefore attached both my current log and a log from yesterday morning when a threat was found. Actions taken yesterday: - run a Malwarebytes scan - one threat found and quarantined. Now runs clean- run an Adwcleaner scan - clean- run an Avira scan - clean- run a Hitman Pro scan - clean- disabled all extensions- checked the 'New Tab' setting in chrome opens up google.com- removed all search engines apart from google in the search engines setting- run the inbuilt Chrome 'find and remove harmful software' scan - clean- reset Chrome to default settings- uninstalled and reinstalled Chrome- uninstalled Chrome using RevoUninstaller (inc scan and remove any lingering files or registry entries)- run ccleaner registry tool (with Chrome uninstalled) - uninstalled Avira and installed Kapersky - has found some threats, and the browser tool is blocking repeated download attempts from a site '24.11.2018 14.44.19;Download blocked;https://cdncache-a.akamaihd.net/sub/qbc5245/popsmon/l.js?pid=2700&ext=aura&rvz_subid=2001-1001;HEUR:Trojan.Script.Generic;https://cdncache-a.akamaihd.net/sub/qbc5245/popsmon/l.js?pid=2700&ext=aura&rvz_subid=2001-1001;Google Chrome;Trojan program;11/24/2018 14:44:19 MWB log from yesterday and log from today attached, along with FRST and additions. Any help anybody can give would be very gratefully received. Addition.txt FRST.txt MWB_log_201891123_0907.txt MWB_log_201891124_1433.txt Link to post Share on other sites More sharing options...
nasdaq Posted November 24, 2018 ID:1282883 Share Posted November 24, 2018 Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The tool will create a log (Fixlog.txt) please post it to your reply. === Reset Chrome... Open Google Chrome, click on menu icon or the 3 vertical dots located right side top of the google chrome. Click "Settings" then "Show advanced settings" at the bottom of the screen. Click "Reset and clean up" > "Restore settings to their original defaults" Restart Chrome. <<<>>> Let me know if the problem persists. fixlist.txt Link to post Share on other sites More sharing options...
beardyweirdy Posted November 24, 2018 Author ID:1282899 Share Posted November 24, 2018 Many thanks Nasdaq. I've followed your instructions and everything seems to be back to normal now. I've attached the fixlog from FRST. Is there anything else I need to do now or can I sleep comfortably again?! Fixlog.txt Link to post Share on other sites More sharing options...
nasdaq Posted November 24, 2018 ID:1282905 Share Posted November 24, 2018 Glad we could help. Link to post Share on other sites More sharing options...
beardyweirdy Posted November 24, 2018 Author ID:1282910 Share Posted November 24, 2018 Fantastic. Thanks again @nasdaq Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted November 29, 2018 Root Admin ID:1283856 Share Posted November 29, 2018 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks Link to post Share on other sites More sharing options...
Recommended Posts