Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: Chrome Adware  (Read 2019 times)

0 Members and 1 Guest are viewing this topic.

ExaBast

    Topic Starter


    Rookie

    • Experience: Experienced
    • OS: Windows 10
    Chrome Adware
    « on: September 20, 2020, 09:02:52 AM »
    Hello and thanks for your help,

    I have recently got some ads in chrome when searching something. I use Ublock Origin but it doesn't seem to care.

    Here's a screenshot : https://imgur.com/a/vXxa44a

    And here are the logs:

    # -------------------------------
    # Malwarebytes AdwCleaner 8.0.7.0
    # -------------------------------
    # Build:    07-22-2020
    # Database: 2020-07-20.1 (Local)
    # Support:  https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Clean
    # -------------------------------
    # Start:    09-20-2020
    # Duration: 00:00:04
    # OS:       Windows 10 Home
    # Cleaned:  2
    # Failed:   2


    ***** [ Services ] *****

    No malicious services cleaned.

    ***** [ Folders ] *****

    Deleted       C:\ProgramData\Tencent
    Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
    Not Deleted   C:\Users\exxab\AppData\Local\Tencent
    Not Deleted   C:\Users\exxab\AppData\Roaming\Tencent

    ***** [ Files ] *****

    No malicious files cleaned.

    ***** [ DLL ] *****

    No malicious DLLs cleaned.

    ***** [ WMI ] *****

    No malicious WMI cleaned.

    ***** [ Shortcuts ] *****

    No malicious shortcuts cleaned.

    ***** [ Tasks ] *****

    No malicious tasks cleaned.

    ***** [ Registry ] *****

    No malicious registry entries cleaned.

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries cleaned.

    ***** [ Chromium URLs ] *****

    No malicious Chromium URLs cleaned.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries cleaned.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs cleaned.

    ***** [ Hosts File Entries ] *****

    No malicious hosts file entries cleaned.

    ***** [ Preinstalled Software ] *****

    No Preinstalled Software cleaned.


    *************************

    • Delete Tracing Keys
    • Reset Winsock


    *************************

    AdwCleaner[S00].txt - [5746 octets] - [20/09/2020 15:15:39]
    AdwCleaner[C00].txt - [3925 octets] - [20/09/2020 15:19:38]
    AdwCleaner[S01].txt - [3295 octets] - [20/09/2020 16:40:09]

    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########








    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 9/20/20
    Scan Time: 4:47 PM
    Log File: 2b0572ca-fb50-11ea-a8ac-54e1ad3dac52.json

    -Software Information-
    Version: 4.2.1.89
    Components Version: 1.0.1045
    Update Package Version: 1.0.30139
    License: Trial

    -System Information-
    OS: Windows 10 (Build 18362.1082)
    CPU: x64
    File System: NTFS
    User: LAPTOP-LGVVI57O\Bastien

    -Scan Summary-
    Scan Type: Quick Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 3699
    Threats Detected: 0
    Threats Quarantined: 0
    Time Elapsed: 0 min, 7 sec

    -Scan Options-
    Memory: Enabled
    Startup: Disabled
    Filesystem: Disabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Disabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 0
    (No malicious items detected)

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 0
    (No malicious items detected)

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)






     Results of screen317's Security Check version 1.014 --- 12/23/15 
       x64 (UAC is enabled) 
     Internet Explorer 11 
    ``````````````Antivirus/Firewall Check:``````````````[/u]
     Windows Firewall Enabled! 
    Avast Antivirus   
    Windows Defender   
    Avast Antivirus   
    Malwarebytes       
     Antivirus up to date!   
    `````````Anti-malware/Other Utilities Check:`````````[/u]
     Java 8 Update 231 
     Java 8 Update 241 
     Java version 32-bit out of Date!
     Google Chrome (85.0.4183.102)
     Google Chrome (SetupMetrics...)
    ````````Process Check: objlist.exe by Laurent````````[/u] 
     Malwarebytes Anti-Malware mbamservice.exe 
     Malwarebytes Anti-Malware mbamtray.exe 
     Intel Intel(R) Online Connect Access IntelTechnologyAccessService.exe 
     Intel Intel(R) Online Connect Access LegacyCsLoaderService.exe 
     Intel Intel(R) Online Connect ioc.exe 
     Common Files Oracle Java javapath\AvastSvc.exe -?-
     AVAST Software Avast aswEngSrv.exe 
     AVAST Software Avast AvastUI.exe 
    `````````````````System Health check`````````````````[/u]
     Total Fragmentation on Drive C:  %
    ````````````````````End of Log``````````````````````[/u]

    SuperDave

    • Malware Removal Specialist
    • Moderator


    • Genius
    • Thanked: 1000
    • Certifications: List
    • Experience: Expert
    • OS: Windows 8
    Re: Chrome Adware
    « Reply #1 on: September 20, 2020, 03:57:34 PM »
    Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

    1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
    2. The fixes are specific to your problem and should only be used for this issue on this machine.
    3. If you don't know or understand something, please don't hesitate to ask.
    4. Please DO NOT run any other tools or scans while I am helping you.
    5. It is important that you reply to this thread. Do not start a new topic.
    6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
    7. Absence of symptoms does not mean that everything is clear.

    If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
    *************************************************************************
    I can't see the picture that you posted. Try to post the picture again. The scan shows you are running more than one AV on your computer: Avast and Windows Defender. WD is the resident AV that comes with Windows 10. One Av should be disabled.
    Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

    ExaBast

      Topic Starter


      Rookie

      • Experience: Experienced
      • OS: Windows 10
      Re: Chrome Adware
      « Reply #2 on: September 21, 2020, 11:35:06 AM »
      Here's the screenshot again: https://imgur.com/a/epX1x0x

      I actually managed to find the name of the malware, it's "findsearchresults.info"

      Also uninstalled Avast

      SuperDave

      • Malware Removal Specialist
      • Moderator


      • Genius
      • Thanked: 1000
      • Certifications: List
      • Experience: Expert
      • OS: Windows 8
      Re: Chrome Adware
      « Reply #3 on: September 21, 2020, 04:07:29 PM »
      You will need to go to Control Panel, Programs and Features and look for any suspicious program that was installed just prior to this event happening on your computer. If you can find one, please uninstall it and run MBAM and Adwcleaner again.
      Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

      ExaBast

        Topic Starter


        Rookie

        • Experience: Experienced
        • OS: Windows 10
        Re: Chrome Adware
        « Reply #4 on: September 22, 2020, 09:03:15 AM »
        I checked the programs and there isn't any i don't know.




        Malwarebytes
        www.malwarebytes.com

        -Log Details-
        Scan Date: 9/22/20
        Scan Time: 4:56 PM
        Log File: c569b526-fce3-11ea-81ac-54e1ad3dac52.json

        -Software Information-
        Version: 4.2.1.89
        Components Version: 1.0.1045
        Update Package Version: 1.0.30250
        License: Trial

        -System Information-
        OS: Windows 10 (Build 18362.1082)
        CPU: x64
        File System: NTFS
        User: LAPTOP-LGVVI57O\Bastien

        -Scan Summary-
        Scan Type: Threat Scan
        Scan Initiated By: Manual
        Result: Completed
        Objects Scanned: 344487
        Threats Detected: 0
        Threats Quarantined: 0
        Time Elapsed: 1 min, 57 sec

        -Scan Options-
        Memory: Enabled
        Startup: Enabled
        Filesystem: Enabled
        Archives: Enabled
        Rootkits: Disabled
        Heuristics: Enabled
        PUP: Detect
        PUM: Detect

        -Scan Details-
        Process: 0
        (No malicious items detected)

        Module: 0
        (No malicious items detected)

        Registry Key: 0
        (No malicious items detected)

        Registry Value: 0
        (No malicious items detected)

        Registry Data: 0
        (No malicious items detected)

        Data Stream: 0
        (No malicious items detected)

        Folder: 0
        (No malicious items detected)

        File: 0
        (No malicious items detected)

        Physical Sector: 0
        (No malicious items detected)

        WMI: 0
        (No malicious items detected)


        (end)





        # -------------------------------
        # Malwarebytes AdwCleaner 8.0.7.0
        # -------------------------------
        # Build:    07-22-2020
        # Database: 2020-07-20.1 (Local)
        # Support:  https://www.malwarebytes.com/support
        #
        # -------------------------------
        # Mode: Clean
        # -------------------------------
        # Start:    09-22-2020
        # Duration: 00:00:02
        # OS:       Windows 10 Home
        # Cleaned:  16
        # Failed:   2


        ***** [ Services ] *****

        No malicious services cleaned.

        ***** [ Folders ] *****

        Deleted       C:\ProgramData\Tencent
        Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
        Not Deleted   C:\Users\exxab\AppData\Local\Tencent
        Not Deleted   C:\Users\exxab\AppData\Roaming\Tencent

        ***** [ Files ] *****

        No malicious files cleaned.

        ***** [ DLL ] *****

        No malicious DLLs cleaned.

        ***** [ WMI ] *****

        No malicious WMI cleaned.

        ***** [ Shortcuts ] *****

        No malicious shortcuts cleaned.

        ***** [ Tasks ] *****

        No malicious tasks cleaned.

        ***** [ Registry ] *****

        No malicious registry entries cleaned.

        ***** [ Chromium (and derivatives) ] *****

        No malicious Chromium entries cleaned.

        ***** [ Chromium URLs ] *****

        No malicious Chromium URLs cleaned.

        ***** [ Firefox (and derivatives) ] *****

        No malicious Firefox entries cleaned.

        ***** [ Firefox URLs ] *****

        No malicious Firefox URLs cleaned.

        ***** [ Hosts File Entries ] *****

        No malicious hosts file entries cleaned.

        ***** [ Preinstalled Software ] *****

        Deleted       Preinstalled.LenovoIMController   Folder   C:\ProgramData\LENOVO\IMCONTROLLER
        Deleted       Preinstalled.LenovoIMController   Folder   C:\Users\exxab\AppData\Local\LENOVO\IMCONTROLLER
        Deleted       Preinstalled.LenovoIMController   Folder   C:\Windows\LENOVO\IMCONTROLLER
        Deleted       Preinstalled.LenovoIMController   Folder   C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
        Deleted       Preinstalled.LenovoIMController   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
        Deleted       Preinstalled.LenovoServiceBridge   Folder   C:\Users\exxab\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
        Deleted       Preinstalled.LenovoServiceBridge   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1
        Deleted       Preinstalled.LenovoUpdate   Folder   C:\Program Files (x86)\LENOVO\SYSTEM UPDATE
        Deleted       Preinstalled.LenovoUpdate   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{03C6CC92-68F2-4961-9A73-CAECA350BD08}
        Deleted       Preinstalled.LenovoUpdate   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1
        Deleted       Preinstalled.LenovoUtility   Folder   C:\Program Files\LENOVO\LENOVOUTILITY
        Deleted       Preinstalled.LenovoUtility   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility
        Deleted       Preinstalled.LenovoUtility   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility
        Deleted       Preinstalled.LenovoUtility   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1


        *************************

        • Delete Tracing Keys
        • Reset Winsock


        *************************

        AdwCleaner[S00].txt - [5746 octets] - [20/09/2020 15:15:39]
        AdwCleaner[C00].txt - [3925 octets] - [20/09/2020 15:19:38]
        AdwCleaner[S01].txt - [3295 octets] - [20/09/2020 16:40:09]
        AdwCleaner[C01].txt - [1911 octets] - [20/09/2020 16:41:12]
        AdwCleaner[S02].txt - [3417 octets] - [22/09/2020 17:00:10]

        ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

        SuperDave

        • Malware Removal Specialist
        • Moderator


        • Genius
        • Thanked: 1000
        • Certifications: List
        • Experience: Expert
        • OS: Windows 8
        Re: Chrome Adware
        « Reply #5 on: September 22, 2020, 03:25:53 PM »
        Please re-set Google Chrome to its defaults. If you can't do that uninstall Chrome and re-install it.
        Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

        ExaBast

          Topic Starter


          Rookie

          • Experience: Experienced
          • OS: Windows 10
          Re: Chrome Adware
          « Reply #6 on: September 23, 2020, 08:55:49 AM »
          I was hoping I didn't have to, but oh well.

          Symptoms are gone, thanks a lot!

          ExaBast

            Topic Starter


            Rookie

            • Experience: Experienced
            • OS: Windows 10
            Re: Chrome Adware
            « Reply #7 on: September 23, 2020, 09:08:34 AM »
            Nevermind they're back...

            The only thing I downloaded was the media creation tool for windows 10 : https://support.microsoft.com/de-ch/help/15088/windows-10-create-installation-media

            SuperDave

            • Malware Removal Specialist
            • Moderator


            • Genius
            • Thanked: 1000
            • Certifications: List
            • Experience: Expert
            • OS: Windows 8
            Re: Chrome Adware
            « Reply #8 on: September 23, 2020, 05:19:36 PM »
            This is a browser hijacker. You can find more information here. Usually resetting your browser to its defaults cures the problem.
            Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

            ExaBast

              Topic Starter


              Rookie

              • Experience: Experienced
              • OS: Windows 10
              Re: Chrome Adware
              « Reply #9 on: September 24, 2020, 09:58:12 AM »
              I know, I did my own research on it.
              It's still there though :/

              SuperDave

              • Malware Removal Specialist
              • Moderator


              • Genius
              • Thanked: 1000
              • Certifications: List
              • Experience: Expert
              • OS: Windows 8
              Re: Chrome Adware
              « Reply #10 on: September 24, 2020, 04:04:26 PM »
              Did you try any of the methods suggested? Does it do it on other browsers?
              Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

              ExaBast

                Topic Starter


                Rookie

                • Experience: Experienced
                • OS: Windows 10
                Re: Chrome Adware
                « Reply #11 on: October 01, 2020, 09:10:50 AM »
                Sorry for the delayed response.
                I tried what I could find, including the browser reset. I checked if the problem occurs on MS Edge and it doesn't.

                SuperDave

                • Malware Removal Specialist
                • Moderator


                • Genius
                • Thanked: 1000
                • Certifications: List
                • Experience: Expert
                • OS: Windows 8
                Re: Chrome Adware
                « Reply #12 on: October 01, 2020, 03:45:26 PM »
                The problem is with Google Chrome. Uninstall Chrome and re-install a fresh copy to see if that helps.
                Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender