Jump to content

somthing keeps installing an unwanted extension on my browser


Go to solution Solved by kevinf80,

Recommended Posts

poor decisions were made but hopefully someone here can help me fix this without me having to reinstall windows i have removed the extension multiple times but that doesent seem to work i have my ideas for what it did but that wont help me fix it since i wouldn't know were to start below are the scans i would apriciate the help since reinstalling windows for a piece of adware would really suck and would appriciate the input of someone better at troubleshooting things like this

Addition.txt AdwCleaner[C01].txt FRST.txt Malwarebytes Threat Scan log.txt rtp detection.txt trojan 1.txt

Link to post
Share on other sites

Hiya DanielHuren and welcome to Malwarebytes,

Do not see any obvious Malware or Infection present in FRST logs, RTP blocks indicate an issue with your default browser "Chrome" use the instructions from the following link, see if the issue clears...

https://forums.malwarebytes.com/topic/258886-chrome-secure-preferences-detection-always-returns/

Thank you,

Kevin.
Link to post
Share on other sites

Try the following,

Please download Zemana AntiMalware and save it to your Desktop.
 
  • Install the program and once the installation is complete it will start automatically.
  • Without changing any options, press Scan to begin.
  • After the short scan is finished, if threats are detected press Next to remove them.


Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please re-boot your computer manually.

Open Zemana again then do the following to get the latest report

Open Reports > select the report in question to highlight > select "Ctrl - A" keys together to highlight full report message > then "Ctrl - C" keys to copy to clipboard > then open notepad and select paste to copy the report there, then attach to reply....

Let me see that log....
Link to post
Share on other sites

i got an idea after i saw that firefox was doing it too in that last scan i think it might have bin caused by the two browsers syncing because after that scan removed it from firefox and i reinstalled chrome its not poping up anymore im not a hundred percent shure its gone so i dont want to close this yet but that last scan seemed to remove it from firefox and i cleared literaly everything i could from chrome before reinstalling it, my guess is whenever i relaunched chrome it pulled the extensions from firefox and then reinfected my chrome browser if i dont post a reply again within the next couple hours you can probably close this

 

  • Like 1
Link to post
Share on other sites

Hiya DanielHuren,

Desyncing Chrome will have more than likely helped. As you state Zemana cleared it in Firefox... As long as your system is back on track we can finish up..

Right click on FRST here: C:\Users\Daniel\Desktop\FRST.exe and rename uninstall.exe when complete right click on uninstall.exe and select "Run as Administrator"

If you do not see the .exe appended that is because file extensions are hidden, in that case just rename FRST to uninstall

That action will remove FRST and all created files and folders...

Next,

Remove all System Restore Points: https://www.tenforums.com/tutorials/33593-delete-system-restore-points-windows-10-a.html#option2

Create clean fresh Restore Point: http://www.thewindowsclub.com/create-system-restore-point

Run Windows Disk Clean Up Utility - https://neosmart.net/wiki/disk-cleanup/

Consider the following:

Disable Remote Desktop: https://www.tenforums.com/tutorials/92433-enable-disable-remote-desktop-connections-windows-10-pc.html

Disable Windows Telemetry: https://helpdeskgeek.com/windows-10/how-to-disable-windows-10-telemetry/

Malwarebytes Browser Guard (Free) for Firefox: https://addons.mozilla.org/en-GB/firefox/addon/malwarebytes/

Malwarebytes Browser Guard (Free) for Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee Will also work for Opera and Edge..

PatchMyPC, keep all your software upto date - https://patchmypc.com/home-updater#download

From there you should be good to go...

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin... user posted image
Link to post
Share on other sites

  • Solution
Make clean install of Google Chrome, see if that clears the issue...

If your Chrome Bookmarks are important do this first:

Go to this link: http://www.wikihow.com/Export-Bookmarks-from-Chrome follow the instructions and Export your Bookmarks from Chrome, save to your Desktop or similar. Note the instructions can also be used to Import the bookmarks.....

For your Passwords go here:

https://www.intowindows.com/how-to-backup-saved-passwords-in-google-chrome-browser/

Continue for a clean install:

Download Chrome installer and save to install later:

https://www.google.com/intl/en_uk/chrome/browser/desktop/index.html

https://www.google.com/intl/en_usa/chrome/browser/desktop/index.html

Next,

Open Chrome and sign into your account, open a new tab and type or copy paste chrome://settings hit enter...


user posted image


In the new window that opens "Turn Off" option will show, select that option.


user posted image


You will then be given notice of what will be cleared. Checkmark the box that gives an option to clear bookmarks, passwords, history etc. Confirm that action by selecting "Turn Off" tab


user posted image


Next.

Uninstall Chrome: https://support.google.com/chrome/answer/95319?hl=en-GB follow those instructions, ensure the option to "Also delete your browsing data" is selected. <<--- Very important!!

Navigate to C:\Users\Your user name\Appdata\Local from that folder delete the folder named Google (you will need to show hidden files/folders to see the folder Appdata)

How to show hidden files and folders for windows: http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/


user posted image


If you use Google Drive, open the Google folder, right click on Drive and select "Copy" then right click on your Desktop or a folder of choice and select "Paste" to save that folder and its contents.


user posted image


When you successfully saved Google drive go back to Local folder, delete the folder named Google


user posted image


Next,

Install Google Chrome :

Next,

Import your Bookmarks... (instructions in the first step)

Import Passwords... (instructions in second step above)

Next,

Install Malwarebytes Browser Extension (Free) https://chrome.google.com/webstore/detail/malwarebytes-browser-exte/ihcjicgdanjaechkgeegckofjjedodee

Next,

Install uBlock Origin for Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en

If you previously had Google Drive you will nee to download and install again: https://www.google.com/intl/en_rw/drive/download/

When that is completed transfer the contents of the save google drive folder to the new one...

Does that help..?
Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.