Jump to content

Can't remove malware on Google Chrome


Recommended Posts

Hi, I am having to scan 2 or 3 times a day on my PC to get rid of pop up ones Google Chrome. 

It is driving me mad, it is all for inappropriate games and apps.

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 17/03/2021
Scan Time: 13:23
Log File: e8c4897c-8723-11eb-9e2d-2cfda1bbbf93.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1217
Update Package Version: 1.0.38293
Licence: Premium

-System Information-
OS: Windows 10 (Build 19042.867)
CPU: x64
File System: NTFS
User: DESKTOP-FE9B2E8\jenny

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 333691
Threats Detected: 5
Threats Quarantined: 5
Time Elapsed: 16 min, 52 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 1
Adware.PopAds, C:\USERS\JENNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\EXTENSION, Quarantined, 13775, 811740, 1.0.38293, , ame, , , 

File: 4
Adware.PopAds, C:\USERS\JENNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\EXTENSION\BACKGROUND.JS, Quarantined, 13775, 811740, 1.0.38293, , ame, , 4481379B407893AA2454FBFC53D236EF, 6E7E01D92B649D635CD22135EA07C9CDA805C4F3EA03D8DB8597DAFCCE3F879E
Adware.PopAds, C:\Users\jenny\AppData\Local\Google\Chrome\User Data\Extension\content.js, Quarantined, 13775, 811740, , , , , 7FC1683361825B973C16B8B16FB51A10, 6ED0961C1EE8CA37AACADEC54967E9EFE390A54E5C4BBF3E7FB8444E7C760B6C
Adware.PopAds, C:\Users\jenny\AppData\Local\Google\Chrome\User Data\Extension\icon.png, Quarantined, 13775, 811740, , , , , 494F963DC73BE3D20FC01E4A7F765A2A, B969B076E6C87AB5A94623441F40E5ECDED74037A5F2E56036C43C550BC846A4
Adware.PopAds, C:\Users\jenny\AppData\Local\Google\Chrome\User Data\Extension\manifest.json, Quarantined, 13775, 811740, , , , , A5EA9528990EDC624BC81B032C3E004D, 0E3D24B8A9B950FA0871C4D05C51134281FD2A126E9FB6C71214FF0E409AEBEA

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

Hiya Jennyjj,

Resetting sync should not affect your bookmarks, if they have gone try the following:

Navigate to the is folder: C:\Users\{Your user name}\appdata\local\google\chrome\user data\default

Inside that folder you should see the following two entries:

Bookmarks

Bookmanks.Bak

Rename Bookmarks to Bookmarks.old and Bookmarks.Bak to Bookmarks

Bookmarks.Bak is a backup of your Bookmarks

Let me know if that works for you... If Chrome is still having issues a fresh install will need to be done, I`ll give instructions later...

Thanks,

Kevin..

 


 

 
Link to post
Share on other sites

Hiya Jennyjj,

The appdata is folder is normally hidden, you will have to unhide to complete the instructions.. Use instructions at the following link:

https://support.microsoft.com/en-us/windows/view-hidden-files-and-folders-in-windows-10-97fbc472-c603-9d90-91d0-1166d1d9f4b5

If the issue with Chrome is still happening a fresh install of Chrome maybe needed...

Thanks,

Kevin..

Link to post
Share on other sites

It is really odd, I have just made up my bookmarks again and it is actually much tidier.

The virus was back this morning when I turned on my PC, it is an extension that keeps adding itself to google chrome. I have added 4 different add blocker extension to it and it hasn't returned yet. I will let you know tomorrow if it is back.

It is definitely a nasty one.

Link to post
Share on other sites

Hiya Jennyjj,

Aplogies, try the following..

Before resetting Google Chrome please review the following links and export your bookmarks to a folder location outside of any Google folders such as My Documents
How to Back Up and Restore Your Chrome Bookmarks Locally

Review your current extension in Google Chrome so that you can reinstall those that you want to keep
How to Install and Manage Extensions in Chrome

Please save/export your passwords as this process will delete them.
Saving passwords in a browser is a very bad idea and not recommended. Recommend that you use a password manager instead.
How to Manage Saved Passwords in Chrome

Password Management software
Password Managers Compared: LastPass vs KeePass vs Dashlane vs 1Password

Bitwarden
KeePass Password Safe

 

Reset Google Chrome
Reset Chrome back to defaults to completely clear out issues with Chrome.

  • Open Chrome and at the top right, click ellipse.png.2829aeeb2aea006bc956de077091and then More tools and then Extensions
  • Write down the list of Extensions installed.
  • Next, go to >> Google Sync << and sign in to your account. Make sure you know your password as this will clear it from the browser.
  • Scroll down until you see the   "reset sync" button to clear your data from the server and remove your passphrase.
  • Now, close all Chrome windows. Chrome cannot be running for the next step. If needed, print this information or use another browser to read the information.
  • Press the Windows key + R at the same time, to bring up the Run dialog box.

image.png

  • Type in (or copy/paste) the following and press Enter:     %localappdata%\Google\Chrome\User Data\Default\
  1. Press Ctrl + A to select all the files and folders.
  2. Hold down Ctrl + A and click once on the files "Bookmarks" and "Bookmarks.bak". This will unselect them.
  3. With all the files selected (except for your Bookmarks), press the Delete key and click Yes to delete the files and folders.
  4. Example of all files and folders selected, except Bookmarks
  5. WARNING: If the folders do not look similar do not continue deleting. You may not be in the correct folder.

chrome_files_folders.png.00938ead26fa2bdb08ba3436ef59f54f.png

 

Restart your computer now and make sure there are no longer any redirects or other browser issues and let us know the results before reinstalling any Extensions in Chrome

Thank you,

Kevin..

Link to post
Share on other sites

Hiya Jennyjj,

Not sure why those folders do not show on your system... Lets try a fresh install of Chrome instead..

If your Chrome Bookmarks are important do this first:

Go to this link: http://www.wikihow.com/Export-Bookmarks-from-Chrome follow the instructions and Export your Bookmarks from Chrome, save to your Desktop or similar. Note the instructions can also be used to Import the bookmarks.....

For your Passwords go here:

https://www.intowindows.com/how-to-backup-saved-passwords-in-google-chrome-browser/

Continue for a clean install:

Download Chrome installer and save to install later:

https://www.google.com/intl/en_uk/chrome/browser/desktop/index.html

https://www.google.com/intl/en_usa/chrome/browser/desktop/index.html

Next,

Open Chrome and sign into your account, open a new tab and type or copy paste chrome://settings hit enter...


user posted image


In the new window that opens "Turn Off" option will show, select that option.


user posted image


You will then be given notice of what will be cleared. Checkmark the box that gives an option to clear bookmarks, passwords, history etc. Confirm that action by selecting "Turn Off" tab


user posted image


Next.

Uninstall Chrome: https://support.google.com/chrome/answer/95319?hl=en-GB follow those instructions, ensure the option to "Also delete your browsing data" is selected. <<--- Very important!!

Navigate to C:\Users\Your user name\Appdata\Local from that folder delete the folder named Google (you will need to show hidden files/folders to see the folder Appdata)

How to show hidden files and folders for windows: http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/


user posted image


If you use Google Drive, open the Google folder, right click on Drive and select "Copy" then right click on your Desktop or a folder of choice and select "Paste" to save that folder and its contents.


user posted image


When you successfully saved Google drive go back to Local folder, delete the folder named Google


user posted image


Next,

Install Google Chrome :

Next,

Import your Bookmarks... (instructions in the first step)

Import Passwords... (instructions in second step above)

Next,

Install Malwarebytes Browser Extension (Free) https://chrome.google.com/webstore/detail/malwarebytes-browser-exte/ihcjicgdanjaechkgeegckofjjedodee

Next,

Install uBlock Origin for Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en

If you previously had Google Drive you will nee to download and install again: https://www.google.com/intl/en_rw/drive/download/

When that is completed transfer the contents of the save google drive folder to the new one...

Does that help...?
 
Kevin..
Link to post
Share on other sites

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.