Solved Adware.Elex.ShrtCln

[D303]

Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 11/8/17
Scan Time: 10:18 PM
Log File: 83c89d9c-c476-11e7-873b-3497f657257f.json
Administrator: Yes
-Software Information-
Version: 3.2.2.2018
Components Version: 1.0.212
Update Package Version: 1.0.3204
License: Premium
-System Information-
OS: Windows 10 (Build 16299.19)
CPU: x64
File System: NTFS
User: DESKTOP-97M8JTG\User
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 369570
Threats Detected: 6
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 0 min, 37 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 6
PUP.Optional.Funmoods, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, No Action By User, [801], [455241],1.0.3204
FraudTool.YAC, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, No Action By User, [6393], [455252],1.0.3204
PUP.Optional.Funmoods, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, No Action By User, [801], [455241],1.0.3204
PUP.Optional.Funmoods, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, No Action By User, [801], [455241],1.0.3204
Adware.Elex.ShrtCln, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Secure Preferences, No Action By User, [2309], [454731],1.0.3204
FraudTool.YAC, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, No Action By User, [6393], [455252],1.0.3204
Physical Sector: 0
(No malicious items detected)

(end)

 

[D303]

I have the same problem.... Adware.Elex.ShrtCln
I bought MalwareBytes premium, however it cannot remove the infection... what should I do?
My version is 3.3.1

I ended up removing the Adware.Elex.ShrtCln. But only after un-installing Google Chrome. Malware Bytes premium 3.2.2 could not remove the virus. Hitman could not remove or find the virus. Zemana Antimalware did sort of find it, and said it removed it after a restart, but it came back. The only way I could remove the virus so far, was by removing google chrome. I hate using Microsoft Edge as a browser, so I am very disappointed that Malware Bytes Premium could not remove the virus. I will try and re-install Google Chrome at some point maybe.

 

[TwinHeadedEagle]

Hello,

Can you update MalwareBytes to the latest version and perform another scan?

 

[Mike Edwards]

I am having the same exact problem.. I did not remove chrome as I depend on it too much. Malwarebytes finds this every night during the scan. I tell it to remove it every morning and it always comes back. I have attempted ADWCleaner which couldn't find it. I have searched for programs with funmoods in the name as well as registry entries, services, and scheduled tasks. I could find nothing.

And I did follow the previous posters request of manually updating malwarebytes. Rescanned, and it came back.. Here is the report...


-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.236
Update Package Version: 1.0.3224
License: Premium

File: 3
PUP.Optional.Funmoods, C:\USERS\LES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, [801], [455240],1.0.3224
PUP.Optional.Funmoods, C:\USERS\LES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, [801], [455240],1.0.3224
PUP.Optional.Funmoods, C:\USERS\LES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, [801], [455240],1.0.3224

 

[StuB]

I'm having the same problem with Binkiland, Spigot, and Speedial. Hitman and Adwcleaner both say my system is clean, but Malwarebytes keeps finding these but can't remove them.

 

[D303]

Hello,

Can you update MalwareBytes to the latest version and perform another scan?

Thank you for the reply. Attached is my latest scan using MalwareIbytes 3.3.1. I have removed the virus after many scans and re-tries. I did browse through this website yesterday, and noticed a few other Adware.Elex.ShrtCln posts.
2 days ago I totally removed Google Chrome from my PC and today I downloaded everything from Hitman Pro to Kaspersky. I re-installed Google Chrome this morning and re-stored to default, and it look liked the virus returned straight away.
Malwarebytes (Premium) actually found 4 items after the install of Chrome, but they were not 'Adware.Elex.ShrtCln' after the new re-install. They were 'Fun Moods' or 'Facemoods' viruses. (They aren't actually classed as Severe Viruses, but they can cause problems). Hitman Pro was the program that actually removed the 'suspicious item' from the Google Chrome search settings and all viruses were gone.

I can only recommend to try Hitman Pro with Malwarebytes Premium, remove Chrome, re-install it, then re-scan with both programs.

Hello,

Can you update MalwareBytes to the latest version and perform another scan?

 

[TwinHeadedEagle]

You can try this solution:

Chrome Secure Preferences detection always comes back

 

[Mike Edwards]

You can try this solution:

Chrome Secure Preferences detection always comes back

I read thru that solution and it looks dangerous. It basically will delete all synced data from chrome meaning I will lose all my saved passwords which I am not willing to do. Maybe a better solution is to just ignore this error. Does it actually hurt to have this listed in chrome? What harm can it cause?

 

[TwinHeadedEagle]

You can disable only Setting sync. After that uninstall chrome, install it again and login to your Google Account. I am confident this will stop syncing it. Yes it is a stupid logic from Google not to be able to manually delete something from your Sync.

 

[Wilfredo Martinez]

I have tried all the solutions above and the virus, or a false positive keeps reappearing. Maybe I did something wrong? I did not: delete my browsing history while uninstalling (it was not mentioned above) and when I reinstalled Chrome I was already signed in to Google? Should I try again and do these things?

 

[TwinHeadedEagle]

When you uninstall Chrome, make sure to delete Google folder from these locations:

%localappdata%
%programdata%
C:\Program Files
C:\Program Files (x86)

 

[dmurphy]

I am running into the exact same issue(s) that are listed here and although I've tried a million different things, it still keeps coming back when I reinstall Chrome. :-/

 

[TwinHeadedEagle]

@dmurphy

Yes, that's because it is syncing with your Google account. You need to reset your sync.

https://chrome.google.com/sync?hl=en-US

 

[dmurphy]

Thanks for that info'. Although that partly works (resetting the Google sync), that would not totally remove it.
I had to couple resetting the sync with also deleting the 'Web Data' file located in Windows here:

C:\Users\youralias\AppData\Local\Google\Chrome\User Data\Default\Web Data

Once I deleted the 'Web Data' file after the sync, then I was able to finally get rid of it via MalwareBytes and it hasn't come back.