Jump to content

Recurring Chromium URLs


Go to solution Solved by fklstv7,

Recommended Posts

I've run adw cleaner multiple times and the same 4 Chromium URLs always come up as threats. It says they are deleted but every time I run the software they always come back.

Are these real threats? How could I go about permanently deleting them off of my system?

 

 

ADW log.png

Link to post
Share on other sites

Hi. My name is Maurice. I will be guiding you.

Do the steps on this pinned topic. & Let me know after it has been done.

Just don't run Adwcleaner any further.

https://forums.malwarebytes.com/topic/258886-chrome-secure-preferences-detection-always-returns/

 

 

Link to post
Share on other sites

We want to put aside Adwcleaner.  We will deal with the adwares by other means.

Does this pc have Malwarebytes for Windows?

In Malwarebytes for Windows program, we want to do a special scan.

Click Settings ( gear icon) at the top right of Malwarebytes window. We want to see the SETTINGS window.

Then click the Security tab.   

Scroll down and lets be sure the line in SCAN OPTIONs for "Scan for rootkits" is ON 👈

Click it to get it ON if it does not show a blue-color

.

Next, click the small x on the Settings line to go to the main Malwarebytes Window.

Next click the blue button marked Scan.

When the scan phase is done, be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical.

You can actually click ( tick ) the topmost left check-box on the very top line to get ALL lines ticked ( all selected). 👈

🔻

Then click on Quarantine selected.

Then, locate the Scan run report; export out a copy; & then attach in with your reply.

See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4

Link to post
Share on other sites

Please, as we go along, always attach the report of each tool that I have you run.  That is always helpful, regardless of result. 

We will be doing other report tools & scans.

Tell me, did this system used to have Chrome browser but that it was at some point removed in a non-standard way ?

Link to post
Share on other sites

I would suggest a free scan with the ESET Online Scanner

Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe

 

It will start a download of "esetonlinescanner.exe"

Save the file to your system, such as the Downloads folder, or else to the Desktop.

Go to the saved file, and double click it to get it started.

When presented with the initial ESET options, click on "Computer Scan".

Next, when prompted by Windows, allow it to start by clicking Yes

When prompted for scan type, Click on Full scan

Look at & tick ( select ) the radio selection "Enable ESET to detect and quarantine potentially unwanted applications" and click on Start scan button.

Have patience. The entire process may take an hour or more. There is an initial update download.

There is a progress window display.

You should ignore all prompts to get the ESET antivirus software program. ( e.g. their standard program). You do not need to buy or get or install anything else.

When the scan is completed, if something was found, it will show a screen with the number of detected items. If so, click the button marked “View detected results”.

Click The blue “Save scan log” to save the log.

If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files” ( in blue, at bottom).

Press Continue when all done. You should click to off the offer for “periodic scanning”.

Please attach the log.

Link to post
Share on other sites

After all the above is done. Please run this report tool & ATTACH report files.

Please download the Farbar Recovery Scan Tool 64-bit and save it to your desktop.

 

Right-click on FRST64.exe and select Run as Administrator to start the tool , and reply YES to allow it to proceed and run.

_Windows 10 users will be prompted about Windows *SmartScreen protection* - click line More info information on that screen and click button Run anyway on next screen._

Click YES when prompted by Windows U A C prompt to allow it to run.

Note: If you are prompted by Windows SmartScreen, click More info & followup & choose Run anyway.

 

Approve the Windows UAC prompt on Windows Vista and newer operating systems by clicking on Continue or Yes. 

 

Click Yes when the *disclaimer* appears in FRST.

The tool may want to update itself - in that case you'll be prompted when the update is completed and ready to use.

 

Make sure that Addition options is *checked* - the configuration should look exactly like on the screen below (do not mark additional things unless asked).

Press Scan button and wait.

 

The tool will produce 2 logfiles on your desktop: FRST.txt , Addition.txt 

Click OK button when it shows up. Close the Notepad windows when they show on screen. The tool saves the files.

Please attach these 2 files to your next reply.

Thank you.

Link to post
Share on other sites

Good afternoon.  I am going to post to you 2 messages. Please do these in order.

There are two  ( 2 )  user profiles logged as both being logged in on Windows.

Be sure to do one LOGOFF from the START menu.

And then do a Shutdown.

Wait a minute.  Then a Windows Restart.  

That is a good thing to do.

Next.  uninstall the Adobe FLASH player.  It is no longer maintained.  And should be uninstalled.

Link to post
Share on other sites

The script Fixlist.txt  needs to be saved to the same folder that contains FRST64.exe   /  you have yours saved on Downloads.

 

The custom script on this post is ONLY for this machine and NO other.  

Please be sure to Close any open work files, documents,  any apps you started yourself  before starting this.

 

If there are any CD / DVD / or USB-flash-thumb or USB-storage drives attached,  please disconnect any of those.

The system will be rebooted after the script has run.

 

Please save the (attached file named) FIXLIST.txt   to the  Downloads folder.

 

Start the Windows Explorer and then, to the Downloads.

 

RIGHT click on  FRST64.exe   and select RUN as Administrator and allow it to proceed.  Reply YES when prompted to allow to run the tool. If the tool warns you the version is outdated, please download and run the updated version.

IF Windows prompts you about running this, select YES to allow it to proceed.

 

IF you get a block message from Windows about this tool......

click line More info information on that screen

and click button Run anyway on next screen.

 

on the FRST window:

Click the Fix button just once, and wait.

PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. This run here should be fairly quick.

If you receive a message that a reboot is required, please make sure you allow it to restart normally.

The tool will complete its run after restart.

When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

Please attach the FIXLOG.txt with your next reply later, at your next opportunity   

Please know this will do a Windows Restart.   Just let it do its thing.  

Do let me know how things are overall,  after all this.

Fixlist.txt

Edited by Maurice Naggar
Link to post
Share on other sites

I completed all of the steps provided. It seems like it did a reset on everything including chrome. 

 

Chrome gave me the option to restore settings but I pressed cancel.

 

I ran ADW cleaner 1 more time and the same 4 chromium urls came up.

 

It is the only software that alerts me of these, otherwise it seems like nothing has changed.

Link to post
Share on other sites

# 2. Please also do this special  search. 

There is the FRST64 tool on the Downloads folder. We will use that to do a search.

 

Find & then start FRST64

Type the following ( better yet, use COPY  then Paste)  into the search box exactly as shown  then press the Search Files button 

SearchAll: avg;mystart

 

Please wait while the program searches for all entries relating to this program, when done a  search.txt  log will be saved to the desktop. Please attach this log to your next reply. 

Edited by Maurice Naggar
Link to post
Share on other sites

Good morning.

This is in addition to my next to last message.

For Adwcleaner we would like for you to turn On it's Debug log option. See https://support.malwarebytes.com/hc/en-us/articles/360038520134-Malwarebytes-AdwCleaner-Application-settings

In Adwcleaner, in Settings section, at "Mode" , turn ON the generate debug log.  Then do a new scan in Adwcleaner.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.