Jump to content

Chrome extension "Pop up blocker 5.8 build 1" PUP.Optional.Cardinaldata


Kz0713ep

Recommended Posts

Daily scheduled scan, today's extension update detected PUP Cardinaldata

Pop up blocker for Chrome™ - Poper Blocker 5.8 Build 1

Version: 4.5.9.198
Components Version: 1.0.1689
Update Package Version: 1.0.55972

Registry Value: 2
PUP.Optional.Cardinaldata, HKU\S-1-5-18\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|bkkbcggnhapdmkeljlodobbkopceiche, No Action By User, 15778, 635567, , ,
PUP.Optional.Cardinaldata, HKU\S-1-5-21\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|bkkbcggnhapdmkeljlodobbkopceiche, No Action By User, 15778, 635567, , ,

Folder: 2
PUP.Optional.Cardinaldata, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche, No Action By User, 15778, 635567, , ,
PUP.Optional.Cardinaldata, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BKKBCGGNHAPDMKELJLODOBBKOPCEICHE, No Action By User, 15778, 635567, , , 

File: 9
PUP.Optional.Cardinaldata, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, 15778, 635567, , , , , 6277294A60B4DB9A28C5CE6C1F07EEA8, FD4BF2B0D0A2F0EBE61CB15A61A3313460AC5FBCC49AD0B7C7D1FB25B2404E66
PUP.Optional.Cardinaldata, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, 15778, 635567, , , , , EA2FCEA36D6D05B990BD1ECE516F764B, 7E1AD89BB67884DA4D4D8730C075A80A7F829EB1D0F850241BA38C480800363A
PUP.Optional.Cardinaldata, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\000003.log, No Action By User, 15778, 635567, , , 984EC059849F9223D6FB9E22B5A17188, 4076DDEFAC9859616B1D1006F2FE0B7C594CE58DDF42A2207852DC46BABE122A
PUP.Optional.Cardinaldata, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\CURRENT, No Action By User, 15778, 635567, , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.Cardinaldata, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\LOCK, No Action By User, 15778, 635567, , ,
PUP.Optional.Cardinaldata, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\LOG, No Action By User, 15778, 635567, , , D58774A798B663738CDB6963C81B18DF, F27777C7F49C6CD4761320B09AEC86698DA1CA58114BA340B56CA27DC7B26ABC
PUP.Optional.Cardinaldata, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\LOG.old, No Action By User, 15778, 635567, , , 94AF32B177E7F11F20B14BA7EBA2C318, 9C5EBE89F5F32768F137DFAEE8F23447B603B2329E8D1BD2EB4F79ABAC8C8A05
PUP.Optional.Cardinaldata, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\MANIFEST-000001, No Action By User, 15778, 635567, , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.Cardinaldata, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BKKBCGGNHAPDMKELJLODOBBKOPCEICHE\5.8_0\BACKGROUND.JS, No Action By User, 15778, 635567, 1.0.55972, , ame, , 5C7C136E9B61E83576C592E15285878E, B45B397385A15FB56CB6249806934F9427A592D8D11D5704BDC0AD62746C277B

 

Link to post
Share on other sites

3 minutes ago, miekiemoes said:

你好,

請張貼檢測日誌。 

Version: 4.5.9.198
Components Version: 1.0.1689
Update Package Version: 1.0.56005

Scan Type: Threat Scan
Threats Detected: 13

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

Registry Value: 2
Trojan.CrthRazy, HKU\S-1-5-18\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|bkkbcggnhapdmkeljlodobbkopceiche, No Action By User, 3053, 976804, , , , , , 
Trojan.CrthRazy, HKU\S-1-5-21\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|bkkbcggnhapdmkeljlodobbkopceiche, No Action By User, 3053, 976804, , , , , , 

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 2
Trojan.CrthRazy, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche, No Action By User, 3053, 976804, , , , , , 
Trojan.CrthRazy, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BKKBCGGNHAPDMKELJLODOBBKOPCEICHE, No Action By User, 3053, 976804, 1.0.56005, , ame, , , 

File: 9
Trojan.CrthRazy, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, 3053, 976804, , , , , 6277294A60B4DB9A28C5CE6C1F07EEA8, FD4BF2B0D0A2F0EBE61CB15A61A3313460AC5FBCC49AD0B7C7D1FB25B2404E66
Trojan.CrthRazy, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, 3053, 976804, , , , , 70C6177D9C53D3FBEFA0B3F7FF28027A, 30886D6A0E24EDC23F2F7D7702BDCD744CC53CDB21DF382536B9DC8AD50E8BD1
Trojan.CrthRazy, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\000003.log, No Action By User, 3053, 976804, , , , , 984EC059849F9223D6FB9E22B5A17188, 4076DDEFAC9859616B1D1006F2FE0B7C594CE58DDF42A2207852DC46BABE122A
Trojan.CrthRazy, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\CURRENT, No Action By User, 3053, 976804, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
Trojan.CrthRazy, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\LOCK, No Action By User, 3053, 976804, , , , , , 
Trojan.CrthRazy, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\LOG, No Action By User, 3053, 976804, , , , , 6D494D1DAF43D9CC46CDDCCFA45A0915, CA7D2421EFA267DC3D140D92C6EC2F7426FD6995DADFAE1FF538E7C4C2188780
Trojan.CrthRazy, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\LOG.old, No Action By User, 3053, 976804, , , , , 94AF32B177E7F11F20B14BA7EBA2C318, 9C5EBE89F5F32768F137DFAEE8F23447B603B2329E8D1BD2EB4F79ABAC8C8A05
Trojan.CrthRazy, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\MANIFEST-000001, No Action By User, 3053, 976804, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
Trojan.CrthRazy, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BKKBCGGNHAPDMKELJLODOBBKOPCEICHE\5.8_0\BACKGROUND.JS, No Action By User, 3053, 976804, 1.0.56005, , ame, , 5C7C136E9B61E83576C592E15285878E, B45B397385A15FB56CB6249806934F9427A592D8D11D5704BDC0AD62746C277B

Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)

Link to post
Share on other sites

On 2022/6/10 at PM2點37分, miekiemoes said:

你好,

我會看看我是否可以以不同的方式將其列入白名單,因為它會觸發擴展內的惡意 url,在這種情況下用於阻止。 

Version: 4.5.9.198
Components Version: 1.0.1699
Update Package Version: 1.0.56079

PoP Block Extension supports reply confirmation is software error detection, uses Virustotal and MetaDefender to detect 0/64, has been added to the whitelist.

Quarantine.zip pop block 5.8.zip

Link to post
Share on other sites

8 hours ago, miekiemoes said:

你好,

我無法重現檢測。

Version: 4.5.9.198
Components Version: 1.0.1699
Update Package Version: 1.0.56110

Install the extension and use threat scan or custom scan appdata\local\google folder, after moving the google folder, scan again without detection
https://chrome.google.com/webstore/detail/pop-up-blocker-for-chrome/bkkbcggnhapdmkeljlodobbkopceiche

I think mbam false positive detection "bkkbcggnhapdmkeljlodobbkopceiche",  expert system algorithms is not enabled.

Registry Value: 1
Trojan.CrthRazy, HKU\S-1-5-21\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|bkkbcggnhapdmkeljlodobbkopceiche, No Action By User, 3051, 976804, , , , , , 

Folder: 2
Trojan.CrthRazy, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche, No Action By User, 3051, 976804, , , , , , 
Trojan.CrthRazy, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BKKBCGGNHAPDMKELJLODOBBKOPCEICHE, No Action By User, 3051, 976804, 1.0.56110, , ame, , , 

File: 9
Trojan.CrthRazy, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, 3051, 976804, , , , , 3F5B270743413D063F00FF85CC1DA23C, E23C46DE4308416FFF512D6CF2BF042E5ACB3C499511D70DBF109F8849CFEF30
Trojan.CrthRazy, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, 3051, 976804, , , , , E7A1DA501886B35C0F908D1902B54FB4, 3A8E118EA6C45276B7DA412C4173B93B70D805E37D9B92A95537195EF2FBCA81
Trojan.CrthRazy, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\000003.log, No Action By User, 3051, 976804, , , , , 74F8D7F7A76E6604EB2FD247A9269C30, AB5CB46CB71AECE464D6F3C60C77B66EC8A43E7EE7F9A12922F89ACCF6751897
Trojan.CrthRazy, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\CURRENT, No Action By User, 3051, 976804, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
Trojan.CrthRazy, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\LOCK, No Action By User, 3051, 976804, , , , , , 
Trojan.CrthRazy, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\LOG, No Action By User, 3051, 976804, , , , , 8F68F5DE7916684ADEC707861454A4FD, 76AC0A4BC12763DF63E2BBFD826E81F5716250BA09F86226F3339FCDD277397D
Trojan.CrthRazy, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\LOG.old, No Action By User, 3051, 976804, , , , , 9293552ABF885154F95875F775E7E0E7, FA0F1C1AE44DEEDC38898B0E349D7A25404A596802C570848752FE33C195C0E5
Trojan.CrthRazy, F:\Users\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bkkbcggnhapdmkeljlodobbkopceiche\MANIFEST-000001, No Action By User, 3051, 976804, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
Trojan.CrthRazy, F:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BKKBCGGNHAPDMKELJLODOBBKOPCEICHE\5.8_0\BACKGROUND.JS, No Action By User, 3051, 976804, 1.0.56110, , ame, , 5C7C136E9B61E83576C592E15285878E, B45B397385A15FB56CB6249806934F9427A592D8D11D5704BDC0AD62746C277B
 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.