The fix button IS enabled in aswmbr
"Bitmotion-New Tab" added in Chrome (can't get rid of it
Posted 30 June 2017 - 10:23 AM
Posted 30 June 2017 - 10:40 AM
Turned the sync off after logging in....here are the results (I'm still getting new windows popping open with "junk" websites, just happened when I clicked on the bookmark for geekstogo)
Posted 30 June 2017 - 12:01 PM
Let's see if we can fake it out. FRST can make a dummy file in its place. Wonder if that will help?
fixlist.txt 454bytes 43 downloads
Also after the fix, put
in FRST's search box and then hit Search Registry. Post the file you get.
Posted 30 June 2017 - 12:06 PM
Here's the full aswmbr.txt. It DID stop but it wasn't my doing. Maybe the screensaver or something stopped it. Fix button was NOT on, but Fixmbr was again.
Posted 30 June 2017 - 12:08 PM
Chrome opened a new window when I was trying to post and froze so i had to open task manager and do an end task. Then I re-booted and ran aswmbr again. I will try the frst again.
Posted 30 June 2017 - 12:15 PM
Posted 30 June 2017 - 12:17 PM
Did you run the fixlist (start up FRST and hit Fix after downloading the Fixlist?)
Posted 30 June 2017 - 12:48 PM
I just did it again:
Posted 30 June 2017 - 01:53 PM
cookies on-off 1.0.1 is still listed as an extension in Chrome. There is no option to delete it. It says it was "installed by enterprise policy." whatever that means!
Posted 30 June 2017 - 02:18 PM
The fixlist just replaced the active file with a dummy. The infection should still be in Chrome just unable to do anything.
"installed by enterprise policy."
That may be key information.
Let's see what this Fixlist finds:
fixlist.txt 206bytes 50 downloads
This just looks at a registry key. It won't make any changes. I thought FRST would have shown it to us if it existed but perhaps it slipped through the cracks.
Post the fixlog.
Posted 30 June 2017 - 02:24 PM
Posted 30 June 2017 - 02:42 PM
in the FRST search box and then click on Search Registry.
Does it find it anywhere?
Posted 30 June 2017 - 02:47 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users