Jump to content

Welcome to Geeks to Go
Geeks to Go Welcome
Create Account Login to Account
Photo

Removal instructions for VK OK Adblock

- - - - -

  • Please log in to reply
No replies to this topic

#1
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Content is republished with permission from Malwarebytes.

What is VK OK Adblock?

The Malwarebytes research team has determined that VK OK Adblock is a browser hijacker. These so-called "hijackers" manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.
This one is a member of the NeoBar family.

How do I know if my computer is affected by VK OK Adblock?

You may see this entry in your list of installed software:

warning4.png

and these warnings during install:

main.png

warning1.png

these browser add-ons:

warning2.png

warning5.png

warning6.png

and these Scheduled Tasks:

warning3.png

How did VK OK Adblock get on my computer?

Browser hijackers use different methods for distributing themselves. This particular one was bundled with other software.

How do I remove VK OK Adblock?

Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted program.
  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Enable free trial of Malwarebytes Anti-Malware Premium
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan Now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
Is there anything else I need to do to get rid of VK OK Adblock?
  • No, Malwarebytes' Anti-Malware removes VK OK Adblock completely.
  • If you are using Opera, you may have to remove the Extension manually under Opera > Extensions click the x behind VK OK Adblock and click OK in the prompt to confirm.
  • If you are using Chrome, you may have to remove the Extension manually under Tools > Settings > Extensions. Remove the checkmark and click on the bin behind the VK OK Adblock entry.
  • This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks.
How would the full version of Malwarebytes Anti-Malware help protect me?

We hope our application and this guide have helped you eradicate this hijacker.

As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the VK OK Adblock hijacker. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late.

protection1.png


Technical details for experts

No visible signs in a HijackThis log

Possible signs in FRST logs:

 GroupPolicy: Restriction - Chrome <======= ATTENTION
 CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 FF Extension: VK+OK AdBlock - C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\Extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575} [2016-01-07] [not signed]
 CHR Extension: (VK+OK AdBlock) - C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh [2016-01-07]
 OPR Extension: (VK+OK AdBlock) - C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll [2016-01-07]
 C:\Windows\System32\Tasks\Update Service for VK OK AdBlock2
 C:\Windows\System32\Tasks\Update Service for VK OK AdBlock
 C:\Windows\Tasks\Update Service for VK OK AdBlock2.job
 C:\Windows\Tasks\Update Service for VK OK AdBlock.job
 C:\Program Files (x86)\VK OK AdBlock

VK OK AdBlock (HKLM-x32\...\VK OK AdBlock) (Version: 1.3.20 - Company Inc.)
Task: {22C8EFEA-DE9D-4507-9649-1A0B26356545} - System32\Tasks\Update Service for VK OK AdBlock => C:\Program Files (x86)\VK OK AdBlock\hXUhtwI.exe [2015-10-26] ()
Task: {FE15AD87-0B58-439D-AC4D-BB4ED86090BF} - System32\Tasks\Update Service for VK OK AdBlock2 => C:\Program Files (x86)\VK OK AdBlock\hXUhtwI.exe [2015-10-26] ()
Task: C:\Windows\Tasks\Update Service for VK OK AdBlock.job => C:\Program Files (x86)\VK OK AdBlock\hXUhtwI.exe
Task: C:\Windows\Tasks\Update Service for VK OK AdBlock2.job => C:\Program Files (x86)\VK OK AdBlock\hXUhtwI.exe
Alterations made by the installer:

File system details [View: All details] (Selection)
---------------------------------------------------
    Adds the folder C:\Program Files (x86)\VK OK AdBlock
       Adds the file hXUhtwI.exe"="26/10/2015 15:09, 62184 bytes, A
       Adds the file uninstall.exe"="26/10/2015 15:09, 1502248 bytes, A
    In the existing folder C:\ProgramData
       Adds the file ntuser.pol"="07/01/2016 08:52, 626 bytes, RHSA
    In the existing folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default
       Alters the file Preferences
        11/12/2015 08:40, 183859 bytes, A ==> 07/01/2016 08:52, 197806 bytes, A
       Alters the file Secure Preferences
        11/12/2015 08:40, 40931 bytes, A ==> 07/01/2016 08:52, 72005 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0
       Adds the file BrowsersFix.js"="26/10/2015 15:09, 777 bytes, A
       Adds the file Content.js"="26/10/2015 15:09, 1413 bytes, A
       Adds the file Kernel.js"="26/10/2015 15:09, 21218 bytes, A
       Adds the file manifest.json"="07/01/2016 08:52, 1380 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\_locales
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\files
       Adds the file background.js"="26/10/2015 15:09, 22432 bytes, A
       Adds the file foreground.js"="26/10/2015 15:09, 6403 bytes, A
       Adds the file main.css"="26/10/2015 15:09, 558 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\icons
    In the existing folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default
       Alters the file prefs.js
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}
       Adds the file bootstrap.js"="26/10/2015 15:09, 12004 bytes, A
       Adds the file chrome.manifest"="26/10/2015 15:09, 78 bytes, A
       Adds the file install.rdf"="26/10/2015 15:09, 17937 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome
       Adds the file background.html"="26/10/2015 15:09, 69 bytes, A
       Adds the file background.xul"="26/10/2015 15:09, 452 bytes, A
       Adds the file Kernel.js"="26/10/2015 15:09, 18396 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\_locales
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\files
       Adds the file background.js"="26/10/2015 15:09, 14177 bytes, A
       Adds the file foreground.js"="26/10/2015 15:09, 6404 bytes, A
       Adds the file main.css"="26/10/2015 15:09, 558 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\icons
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\skin
    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0
       Adds the file BrowsersFix.js"="26/10/2015 15:09, 777 bytes, A
       Adds the file Content.js"="26/10/2015 15:09, 1413 bytes, A
       Adds the file Kernel.js"="26/10/2015 15:09, 21218 bytes, A
       Adds the file manifest.json"="07/01/2016 08:52, 1133 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\_locales
    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\files
       Adds the file background.js"="26/10/2015 15:09, 22432 bytes, A
       Adds the file foreground.js"="26/10/2015 15:09, 6403 bytes, A
       Adds the file main.css"="26/10/2015 15:09, 558 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\icons
       Adds the file icon128.png"="26/10/2015 15:09, 21298 bytes, A
       Adds the file icon16.png"="26/10/2015 15:09, 17527 bytes, A
       Adds the file icon48.png"="26/10/2015 15:09, 18599 bytes, A
    In the existing folder C:\Windows\System32\GroupPolicy
       Adds the file gpt.ini"="07/01/2016 08:52, 268 bytes, A
    Adds the folder C:\Windows\System32\GroupPolicy\Adm
       Adds the file chrome.adm"="07/01/2016 08:52, 1838 bytes, A
    Adds the folder C:\Windows\System32\GroupPolicy\Machine
       Adds the file Registry.pol"="07/01/2016 08:52, 572 bytes, A
    Adds the folder C:\Windows\System32\GroupPolicy\User
    In the existing folder C:\Windows\System32\Tasks
       Adds the file Update Service for VK OK AdBlock"="07/01/2016 08:52, 2654 bytes, A
       Adds the file Update Service for VK OK AdBlock2"="07/01/2016 08:52, 3112 bytes, A
    In the existing folder C:\Windows\Tasks
       Adds the file Update Service for VK OK AdBlock.job"="07/01/2016 08:52, 334 bytes, A
       Adds the file Update Service for VK OK AdBlock2.job"="07/01/2016 08:52, 334 bytes, A

Registry details [View: All details] (Selection)
------------------------------------------------
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
       "Update Service for VK OK AdBlock.job"="REG_BINARY, .............................Q..
       "Update Service for VK OK AdBlock.job.fp"="REG_DWORD", 1349886790
       "Update Service for VK OK AdBlock2.job"="REG_BINARY, ................................
       "Update Service for VK OK AdBlock2.job.fp"="REG_DWORD", 279464017
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallWhitelist]
       "1"="REG_SZ", "eoebpcbiklhocbchcfjlejdfhfaimfoh"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VK OK AdBlock]
       "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\VK OK AdBlock\uninstall.exe"
       "DisplayName"="REG_SZ", "VK OK AdBlock"
       "DisplayVersion"="REG_SZ", "1.3.20"
       "NoModify"="REG_DWORD", 1
       "NoRepair"="REG_DWORD", 1
       "Publisher"="REG_SZ", "Company Inc."
       "UninstallString"="REG_SZ", "C:\Program Files (x86)\VK OK AdBlock\uninstall.exe"
       "URLInfoAbout"="REG_SZ", ""
Excerpt of the Malwarebytes Anti-Malware log (full log available on request):

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 07/01/2016
Scan Time: 09:07
Logfile: mbamVKOKAdblock.txt
Administrator: Yes

Version: 2.2.0.1020
Malware Database: v2016.01.07.01
Rootkit Database: v2016.01.05.01
License: Premium
Malware Protection: Disabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {username}

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 314749
Time Elapsed: 4 min, 43 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 3
PUP.Optional.NeoBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VK OK AdBlock, Quarantined, [f6d7be78aaeff145d78af9cdfc08ee12], 
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Update Service for VK OK AdBlock, Delete-on-Reboot, [d4f970c67f1a54e27ae9e43c7094cc34], 
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Update Service for VK OK AdBlock2, Delete-on-Reboot, [399461d560394fe72c376eb253b16b95], 

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 192
PUP.Optional.NeoBar, C:\Program Files (x86)\VK OK AdBlock, Quarantined, [e3ea2f071485f93d28cb6a55fc06768a], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\files, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\icons, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\skin, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\_locales, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\files, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\icons, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\_locales, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\files, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\icons, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\_locales, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Amigo, C:\Windows\System32\GroupPolicy\Adm, Quarantined, [dfee89ad7227b87e838a0cc425df7888], 

Files: 219
PUP.Optional.NeoBar, C:\Users\{username}\Desktop\VKOK.exe, Quarantined, [f0dd46f0e0b984b269f81babae56b749], 
PUP.Optional.NeoBar, C:\Program Files (x86)\VK OK AdBlock\uninstall.exe, Quarantined, [f6d7be78aaeff145d78af9cdfc08ee12], 
PUP.Optional.NeoBar, C:\Windows\System32\Tasks\Update Service for VK OK AdBlock, Quarantined, [b51866d0bddc181e174ae739f3113dc3], 
PUP.Optional.NeoBar, C:\Windows\System32\Tasks\Update Service for VK OK AdBlock2, Quarantined, [7855063029702412c899cd533bc9f40c], 
PUP.Optional.NeoBar, C:\Windows\Tasks\Update Service for VK OK AdBlock.job, Quarantined, [1ab30d293663c6702240a37d6f95fe02], 
PUP.Optional.NeoBar, C:\Windows\Tasks\Update Service for VK OK AdBlock2.job, Quarantined, [1ab3b5819207191d273bc957c143b34d], 
PUP.Optional.NeoBar, C:\Program Files (x86)\VK OK AdBlock\hXUhtwI.exe, Quarantined, [e3ea2f071485f93d28cb6a55fc06768a], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\bootstrap.js, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome.manifest, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\install.rdf, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\background.html, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\background.xul, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\Kernel.js, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\files\background.js, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\files\foreground.js, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\files\main.css, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\icons\icon19.png, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\icons\icon48.png, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\icons\icon64.png, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\skin\arrow.png, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\skin\background.png, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\skin\bindings.css, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\skin\bindings.xml, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.VKAdBlock, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}\chrome\skin\styles.css, Quarantined, [1fae69cd7e1b191d3bf56d5351b18977], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\BrowsersFix.js, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\Content.js, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\Kernel.js, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\manifest.json, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\files\background.js, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\files\foreground.js, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\files\main.css, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\icons\icon128.png, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\icons\icon16.png, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh\361.3.20_0\icons\icon48.png, Quarantined, [77561b1b5346db5b97822aa6ed17af51], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\BrowsersFix.js, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\Content.js, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\Kernel.js, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\manifest.json, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\files\background.js, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\files\foreground.js, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\files\main.css, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\icons\icon128.png, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\icons\icon16.png, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Clicker.ChrPRST, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgfffefkfpmbjmhofnofmiikiolcbhll\1.3.20_0\icons\icon48.png, Quarantined, [efdee353dbbe1224e532b31dd72d837d], 
PUP.Optional.Amigo, C:\Windows\System32\GroupPolicy\Adm\chrome.adm, Quarantined, [dfee89ad7227b87e838a0cc425df7888], 

Physical Sectors: 0
(No malicious items detected)


(end)
As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.
We use different ways of protecting your computer(s):
  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention
Save yourself the hassle and get protected.
  • 0

Advertisements





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

featured
Malware Removal How to Guides Windows 7 System Building Download Files Register welcome

Never used a forum? Learn how.