Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware in Chrome extention


  • This topic is locked This topic is locked

#16
beefheart_1

beefheart_1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts

First one: I use AVG as anti virus software. Should I hit clean anyway? 

 

# AdwCleaner v6.042 - Logbestand aangemaakt 09/01/2017 op 16:50:45
# Bijgewerkt op 06/01/2017 door Malwarebytes
# Database : 2017-01-09.2 [Server]
# Besturingssysteem : Windows 10 Home  (X64)
# Gebruikersnaam : Gebruiker - PC
# Gestart vanuit : D:\Downloads\adwcleaner_6.042.exe
# Mode: Scannen
 
 
 
***** [ Services ] *****
 
Geen kwaadaardige services gevonden.
 
 
***** [ Mappen ] *****
 
Map gevonden:  C:\ProgramData\Avg_Update_0116av
Map gevonden:  C:\ProgramData\Avg_Update_0316av
Map gevonden:  C:\ProgramData\Avg_Update_0915av
Map gevonden:  C:\ProgramData\Avg_Update_1015av
Map gevonden:  C:\ProgramData\Avg_Update_1215av
Map gevonden:  C:\Users\Public\Pokki
 
 
***** [ Bestanden ] *****
 
Geen kwaadaardige bestanden gevonden.
 
 
***** [ DLL ] *****
 
Geen kwaadaardige DLLs gevonden.
 
 
***** [ WMI ] *****
 
Geen kwaadaardige sleutels gevonden.
 
 
***** [ Snelkoppelingen ] *****
 
Geen geïnfecteerde snelkoppeling gevonden.
 
 
***** [ Geplande Taken ] *****
 
Taak gevonden:  Software Update Application
 
 
***** [ Register ] *****
 
Sleutel gevonden:  HKU\S-1-5-21-1411249327-469253726-3180003296-1001\Software\Classes\pokki
Sleutel gevonden:  HKCU\Software\Classes\pokki
Sleutel gevonden:  [x64] HKCU\Software\Classes\pokki
Sleutel gevonden:  HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Sleutel gevonden:  HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Waarde gevonden:  HKU\S-1-5-21-1411249327-469253726-3180003296-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
Sleutel gevonden:  HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
Sleutel gevonden:  HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Sleutel gevonden:  [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
 
 
***** [ Internetbrowsers ] *****
 
Geen kwaadaardige op Firefox gebaseerde browser items gevonden.
Chromium pref gevonden:  [C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Web data] - mysearch.avg.com
Chromium pref gevonden:  [C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.homepage-web.com
Chromium pref gevonden:  [C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Web data] - homepage-web.com
Chromium pref gevonden:  [C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - fcfenmboojpjinhpgggodefccipikbpd
Chromium pref gevonden:  [C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://mysearch.avg.com?cid={2815E66B-4F90-4D5B-AB1B-87BA5C63D262}&mid=8df03b01ee1847d2a1e191b969b3227b-b4df8f04
 
*************************
 
C:\AdwCleaner\AdwCleaner[S0].txt - [2791 bytes] - [09/01/2017 16:50:45]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2864 bytes] ##########

  • 0

Advertisements


#17
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,806 posts

First one: I use AVG as anti virus software. Should I hit clean anyway?

Yes

clean or schoon button on adwCleaner
  • 0

#18
beefheart_1

beefheart_1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
# AdwCleaner v6.042 - Logbestand aangemaakt 09/01/2017 op 16:59:33
# Bijgewerkt op 06/01/2017 door Malwarebytes
# Database : 2017-01-09.2 [Lokaal]
# Besturingssysteem : Windows 10 Home  (X64)
# Gebruikersnaam : Gebruiker - PC
# Gestart vanuit : D:\Downloads\adwcleaner_6.042.exe
# Mode: Verwijderen
 
 
 
***** [ Services ] *****
 
 
 
***** [ Mappen ] *****
 
[-] Map verwijderd: C:\Users\Public\Pokki
 
 
***** [ Bestanden ] *****
 
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Snelkoppelingen ] *****
 
 
 
***** [ Geplande Taken ] *****
 
[-] Taak verwijderd: Software Update Application
 
 
***** [ Register ] *****
 
[-] Sleutel verwijderd: HKU\S-1-5-21-1411249327-469253726-3180003296-1001\Software\Classes\pokki
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\Classes\pokki
[#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\Classes\pokki
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
[-] Waarde verwijderd: HKU\S-1-5-21-1411249327-469253726-3180003296-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
[-] Sleutel verwijderd: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
 
 
***** [ Browsers ] *****
 
[-] [C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: mysearch.avg.com
[-] [C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: search.homepage-web.com
[-] [C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: homepage-web.com
[-] [C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default] [extension] Verwijderd: fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default] [homepage] Verwijderd: hxxp://mysearch.avg.com?cid={2815E66B-4F90-4D5B-AB1B-87BA5C63D262}&mid=8df03b01ee1847d2a1e191b969b3227b-b4df8f044880664ab2a0cd2305eeaffc82b6f1fc&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-20 08:42:07&v=18.1.0.443&pid=safeguard&sg=&sap=hp
 
 
*************************
 
:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [2605 bytes] - [09/01/2017 16:59:33]
C:\AdwCleaner\AdwCleaner[S0].txt - [2951 bytes] - [09/01/2017 16:50:45]
C:\AdwCleaner\AdwCleaner[S1].txt - [2779 bytes] - [09/01/2017 16:59:08]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2824 bytes] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64 
Ran by Gebruiker (Administrator) on ma 09-01-2017 at 17:01:28,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 0 
 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ma 09-01-2017 at 17:03:10,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

  • 0

#19
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,806 posts
dank je,

If the probleem still persists I'll give you instructions to reinstall Chrome
  • 0

#20
beefheart_1

beefheart_1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts

Everything seems to be working fine. Thanks again so much!!!

 

Now for future references, should I run adwarecleaner everytime after I run Malwarebytes Anti-Malware or was that only something I needed to do now? 

 

Can I throw FRST64 in the trash or do I need to uninstall it? 

 

Any other software besides Malwarebytes that I need to run regularly? 


  • 0

#21
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,806 posts
Hallo,

I don't suggest running adwCleaner or Junkware removal tool unless you're getting help from a forum. You may delete all tools we used and there associated log files as well.

Malwarebytes should be the only software you need to run on a weekly basis or when you think something just doesn't seem right.

I'll leave this topic open just to be sure the computer runs ok for a while.

een prettige dag!
  • 0

#22
beefheart_1

beefheart_1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts

Ok then I will throw them in the trash. Again thanks so so much for taking the time out to help me.

 

Jij ook :)


  • 0

#23
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,806 posts
You usually get infected because your security settings are too low.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

Safe Computing Practices please read Here


Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Thanks
Joe :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP