Chrome has "Managed by your organisation" message, casued by virus, and Edge has extension FelisCatus that I cannot remove or disable

[tonewarrior]

I rather stupidly downloaded a chromium link to listen to mp3s, thinking it was something to do with a google update, and immediately realised my mistake and uninstalled it.
Since then I have a new message on Chrome "managed by your organistaion". Chrome is the browswer I use. I also looked in Edge (which I dont use) and that now has the same message, plus an extenstion I do not recognize FelisCatus that I cannot disable, remove or delete. It has some very nasty permissions, to

• Read and change all your data on all websites
• Manage your apps, extensions, and themes

I tried to use uncle google for a solution, over several hours making a number of changes and edits to remove this malware, and it hasnt worked.
I have used malwarebytes and then, after finding your group, alose used FRST.

I have attached both of the auto generated txt files it produced, and also a couple of screen shots of edge and chrome.
I am only assuming this "FelisCatus" extension is the culprit, I dont know....but I dont recognise it, and I have removed anything else I do not recognise, or that is new (excluding a new version of itunes and sonos I got from their websites)

EDIT I have also downloaded an old game (very old) through steam yesterday, and just in case that was the problem, I uninstalled that game too, and that didnt fix the issue.

Fingers crossed you can help.

Best regards
Andy

 

[nasdaq]

Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

In order to complete my research and give you sound advice i need to see the FRST64.txt created by running the Farbar probram.

please attach the file in your next reply.

 

[tonewarrior]

Thank you Nasdaq,
File attached .
Kind regards
Andy

 

[tonewarrior]

Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

In order to complete my research and give you sound advice i need to see the FRST64.txt created by running the Farbar probram.

please attach the file in your next reply.

PS.... In case you also need the, the MBAM report file from July 19th when this issue was first noticed be my, and also a new scan text today showing no problems

 

[nasdaq]

Hi!

Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===



Please post the Fixlog.txt and let me know what problem persists.

 

[tonewarrior]

Hi!

Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===



Please post the Fixlog.txt and let me know what problem persists.

Good morning nasdaq,

I ran the "fix" and the log is attached.

The problem now looks to be fully fixed, the menu item in Chrome is no longer there, and the extension that I could not disable or remove from edge is also gone.
Thank you for your incredible help, simple and easy to follow instructions and speedy responses.

Very much appreciated.
Sincere best regards
Andy

 

[nasdaq]

Glad we could help.