Jump to content

Malwarebytes - Blocked Fraud Website Concern 9/24/20


Recommended Posts

Browsing the internet for solutions and stumbled upon the following below. I went through the 3 steps but I'm not sure if it resolved everything. Appreciate any help.

 

1. Malwarebyte scan results in two (2) items detected, and only one (1) items fixed.

2. Ran AdwCleaner and it quarantined two PUPs:

a) PUP.Optional.22ChromeEXT

b) PUP.Optional.Legacy

I sent both to quarantine. So I'm not sure if they're completely deleted or not. Plus, I did NOT see a 'click and repair' button.

3. Then I ran Farbar Recovery Scan Tool, and create a FIRST and Addition file. 

 

Now I'm not sure what else to do. Files attached. Pictures and Logs (or whatever they're called).

 

 

 

STEP 1 a - 0 PC HELP malwarebytes EXPORT.png

STEP 1 b - 0 PC HELP malwarebytes 02.png

STEP 2 a - 2. 0 PC HELP malwarebytes 03 (AdwCleaner).png

STEP 2 b - 3. 0 PC HELP malwarebytes 03 (AdwCleaner) 02.png

STEP 2 c - 4. 0 PC HELP malwarebytes 03 (AdwCleaner) 03 a.png

STEP 2 c - 6. 0 PC HELP malwarebytes 04 (FRST64) 01.png

STEP 2 d - 5. 0 PC HELP malwarebytes 03 (AdwCleaner) 04 a.png

STEP 1 c - 0 PC HELP malwarebytes EXPORT.txt STEP 3 a - FRST.txt STEP 3 b - Addition.txt

Link to post
Share on other sites

I decided to go ahead and do another scan with AdwCleaner. Is there anything else that I need to do? 


The following thread talked about the same two PUPs, but there were instructions to use a now long gone fixit thing (the link in the thread for the fixit is no longer present).  Where would I get that same fixit? Do I need to do it? Or is my computer 'fixed' or 'clean'? I"m not sure where else I suppose to go from here, or what other measures I need to take.

 

a) PUP.Optional.22ChromeEXT

b) PUP.Optional.Legacy

 

 

A Malwarebytes AdwCleaner 0.png

A Malwarebytes AdwCleaner 1.png

A Malwarebytes AdwCleaner 2 (After AdwCleaner Scan and remove, then restart PC).png

A Malwarebytes AdwCleaner 3 (Next ) a.png

A Malwarebytes AdwCleaner 3 (Run Basic Repair) a.png

A Malwarebytes AdwCleaner 3 (Run Basic Repair) b.png

A Malwarebytes AdwCleaner 3 (Run Basic Repair) c.png

A Malwarebytes AdwCleaner 3 (Run Basic Repair) d.png

Link to post
Share on other sites

Ran the process in the link. Done. Attaching images (about " 1 of .... " to "21 of ... ", and  "2 more QUESTIONS"), including four Adwcleaner log:

(1) 2 scan [S07 and S08]

(2) 2 logs [C07 and C08]

 

Couple questions and points to make. Prior to your suggestion on the same day I decided to post this thread, closing out the Chrome browser then running the Malwarebyte scan plus AdwCleaner scan seems to have "removed" the pop up threat, returning 'clean' malwarebytes and adwcleaner scans. Regardless, after I received a notification that you posted, I followed the steps you've outlined in the link.

I do have a couple questions though (these questions are also posted as an image to provide more visual detail about my concerns):

(1) Question 1: Do I need to log out (or sign out) completely from google to perform another scan?

(2) Question 2: Is it a concern before performing "Reset Sync" that 11 tabs were listed as open even though I ONLY had 1 tab open?

(3) extra  Question that I just thought about: Should I (I'm thinking about doing it anyways) remove all chrome extension? Then reinstalling the ones I need).

 

MALWAREBYTES QUESTOIN 1.png

MALWAREBYTES QUESTOIN 2.png

Malwarebytes HELP turn google sync off a.png

Malwarebytes HELP turn google sync off b.png

Malwarebytes HELP turn google sync off c.png

Malwarebytes HELP turn google sync off d.png

Malwarebytes HELP turn google sync off e.png

Malwarebytes HELP turn google sync off f.png

Malwarebytes HELP turn google sync off g.png

Malwarebytes HELP turn google sync off g2.png

Malwarebytes HELP turn google sync off h.png

Malwarebytes HELP turn google sync off i.png

Malwarebytes HELP turn google sync off j.png

Malwarebytes HELP turn google sync off k.png

Malwarebytes HELP turn google sync off k2.png

Malwarebytes HELP turn google sync off k3.png

Malwarebytes HELP turn google sync off k4.png

Malwarebytes HELP turn google sync off k5.png

Malwarebytes HELP turn google sync off L.png

Malwarebytes HELP turn google sync off L2.png

Malwarebytes HELP turn google sync off L3.png

Malwarebytes HELP turn google sync off L4.png

Malwarebytes HELP turn google sync off L5.png

AdwCleaner[S07].txt AdwCleaner[C07].txt AdwCleaner[S08].txt AdwCleaner[C08].txt

Link to post
Share on other sites

  • Root Admin

Here is a much more extensive article on clean up Google Chrome.

Yes, removing your extensions, cleaning Chrome and making sure all issues are resolved before putting extensions back in would be a good thing.

 

Malwarebytes iOS works on iPad
Just not the call protection/sms filtering

https://www.malwarebytes.com/ios/

 

 

Link to post
Share on other sites

Steps in the link already completed, but they look exactly like the steps (i..e reset sync) that was completed prior to the most recent link.

After 'resetting sync' on my desktop PC, my Android phone, my ipad's and another PC had the reset sync already greyed out without me having to take any action. Did the malwarebyte scan on the second PC and android phone, but couldn't scan the iPad (according to malwarebytes, apple's ecosystem is locked down, so it can't be scanned). Malwarebytes for iOS is only used as a preventative measure (unless I'm misunderstanding).


A few questions:

(1) I haven't turned on sync yet, but is 'turning on sync' even necessary to truly 'wipe out' any traces. If I do turn on sync after all three systems (e.g. PCs, ipad, android phone) have scanned, free and clear, is that pretty much the end of it?

"When Chrome Sync is turned on, most browser settings – including any unwanted extensions or search hooks – are stored in the Google Cloud, so that your Chrome browsing experience is consistent on all devices you log in to your Google account with."

 

(2) Could this entire process be done at the cloud level? Could someone "reset" the stored cloud setting instead? 

(3) If someone chooses to deletes their existing google account plus their associated cloud account, and create a completely new google account/cloud, is that another potential measure that person could take? Or is this a bit over the top?

(4) I decided to use Chrome Browser 'scan' and 'reset' features as well to "reset Chrome". I'm stopped storing passwords as well. I also completely removed all extensions. Decided to reinstall adblock and origin block directly by googling those chrome extensions.

 

 

 

 

 

Chrome Browser Cleanup 0.png

Chrome Browser Cleanup 1.png

Chrome Browser Cleanup 2.png

Chrome Browser Cleanup 5.png

Chrome Browser Cleanup 6.png

Chrome Browser Cleanup 7.png

Chrome Browser Cleanup 8.png

Chrome Browser Cleanup 9.png

AdwCleaner[S12].txt AdwCleaner[S13].txt AdwCleaner[S14].txt AdwCleaner[S15].txt

Link to post
Share on other sites

  • Root Admin

Yes certain files, settings, etc. are stored in the Google Cloud.
No, I have never heard or seen a proven exploit against the Google Cloud where your information is stored that would allow an attacker to add something to your account. It's added at the local level on your device.
Yes, any device in the chain can add, change both good or bad behavior and put it on the other device.

Once cleaned up and scans are clean then yes you can re-enable your Google Sync

Hopefully I've answered your questions or concerns. If there is anything else I can assist you with or I've misunderstood one of your questions, please let me know.

Thank you

 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.