I have an extension called Apps 1.5 that I can't remove (something about it being installed by my administrator). I has no description and it's ID is pejhfhcoekcajgokallhmklcjkkeemgj. I never downladed this and it has a bunch of permissions I very much do not want it to have, such as being able to read and change all your data on all websites. I think it's also the reason why chrome keeps switching to yahoo, but I could be wrong please help.
I can't remove an extension
- Thread starter Ridisberg
- Start date
This thread is waiting for a member reply to continue
- Status
- Mar 9, 2017
- 530
Hello, Welcome to MalwareTips..! 
My name is icotonev and I'm here to help you remove malware ..! For all my friends I am Ico, so you can call me that too ..!
Before we begin, please note the following:
Please follow the following instruction ..:
Download Farbar Recovery Scan Tool and save it to your desktop. --> IMPORTANT
If your antivirus software detects the tool as malicious, it’s safe to allow FRST to run. It is a false-positive detection.
If English is not your primary language, right click on FRST.exe/FRST64.exe and rename to FRSTEnglish.exe/FRST64English.exe
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
In your next reply, please include:
My name is icotonev and I'm here to help you remove malware ..! For all my friends I am Ico, so you can call me that too ..!
Before we begin, please note the following:
- First, please keep in mind most of us at MalwareTips volunteer our assistance for your benefit in your time of need. Please try to match our commitment to you with your patience toward us.
- It is important to not run any tools or take any steps other than those I will provide for you.
- Please perform all steps in the order they are listed. If things are not clear or you experience problems be sure to stop and let me know.
- Please copy and paste all logs into your post unless otherwise requested.
- When your computer is clean I will let you know, provide instructions to remove tools and reports, and offer you information about how you can combat future infections.
- If you do not reply to your topic after 2 days I will assume it has been abandoned and I will close it.
Please follow the following instruction ..:
Download Farbar Recovery Scan Tool and save it to your desktop. --> IMPORTANT
If your antivirus software detects the tool as malicious, it’s safe to allow FRST to run. It is a false-positive detection.
If English is not your primary language, right click on FRST.exe/FRST64.exe and rename to FRSTEnglish.exe/FRST64English.exe
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
- Double-click the FRST icon to run the tool. When the tool opens click Yes to disclaimer.
- Press Scan button and wait for a while.
- The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
- Please attach the content of these two logs in your next reply.
In your next reply, please include:
- FRST.txt
- Addition.txt
here you go:Hello, Welcome to MalwareTips..!
My name is icotonev and I'm here to help you remove malware ..! For all my friends I am Ico, so you can call me that too ..!
Before we begin, please note the following:
- First, please keep in mind most of us at MalwareTips volunteer our assistance for your benefit in your time of need. Please try to match our commitment to you with your patience toward us.
- It is important to not run any tools or take any steps other than those I will provide for you.
- Please perform all steps in the order they are listed. If things are not clear or you experience problems be sure to stop and let me know.
- Please copy and paste all logs into your post unless otherwise requested.
- When your computer is clean I will let you know, provide instructions to remove tools and reports, and offer you information about how you can combat future infections.
- If you do not reply to your topic after 2 days I will assume it has been abandoned and I will close it.
Please follow the following instruction ..:
Download Farbar Recovery Scan Tool and save it to your desktop. --> IMPORTANT
If your antivirus software detects the tool as malicious, it’s safe to allow FRST to run. It is a false-positive detection.
If English is not your primary language, right click on FRST.exe/FRST64.exe and rename to FRSTEnglish.exe/FRST64English.exe
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
---------------------------------------------------
- Double-click the FRST icon to run the tool. When the tool opens click Yes to disclaimer.
- Press Scan button and wait for a while.
- The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
- Please attach the content of these two logs in your next reply.
In your next reply, please include:
- FRST.txt
- Addition.txt
- Mar 9, 2017
- 530
I am checking out your logs..!..! While I check your logs my may read this article and try some of the suggested fixes.
forums.malwarebytes.com
www.howtogeek.com
Resetting Google Chrome to clear unexpected issues
Resetting Google Chrome to clear unexpected issues General Precautions - Recommendations Before resetting Google Chrome please review the following links and export your bookmarks to a folder location outside of any Google folders such as My DocumentsHow to Back Up and Restore Your Chrome Bookmar...
forums.malwarebytes.com
How to Uninstall or Disable Extensions in Google Chrome
Need to uninstall or disable an extension in Google Chrome? Here's how to do it.
www.howtogeek.com
- Mar 9, 2017
- 530
- Download the Revo Uninstaller (Free Download) and save it on your Desktop.
- Double click on the exe file created on your Desktop to run the installer, and follow the instructions to install the program.
- Double click the program's icon to open it.
- Write in the search area, on the top left, the following program:
Code:
App Explorer (HKU\S-1-5-21-589406437-390383431-3530117362-1001\...\Host App Service) (Version: 0.273.4.565 - SweetLabs) <==== ATTENTION
App Explorer (HKU\S-1-5-80-2318606733-4105731500-2265514868-2382646068-3090068018\...\Host App Service) (Version: 0.273.3.150 - SweetLabs) <==== ATTENTION- Choose the Uninstall tab from the menu and let the program to create a Restore point.
- Choose Scan, and then the Advanced mode scan.
- Select all the Online Services items found, Delete and Next.
- Let the procedure be completed and click on Finish.
- Restart the computer.
I unistalled the App explorer, but I still have the extension. Did I do something wrong?
- Mar 9, 2017
- 530
And these instructions didn't help..?
Farbar Recovery Scan Tool - Fix
NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.
Please download the attached file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
In your next reply, please include:
Resetting Google Chrome to clear unexpected issues
Resetting Google Chrome to clear unexpected issues General Precautions - Recommendations Before resetting Google Chrome please review the following links and export your bookmarks to a folder location outside of any Google folders such as My DocumentsHow to Back Up and Restore Your Chrome Bookmar...
How to Uninstall or Disable Extensions in Google Chrome
Need to uninstall or disable an extension in Google Chrome? Here's how to do it.
Farbar Recovery Scan Tool - Fix
NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.
Please download the attached file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
In your next reply, please include:
- Fixlog.txt
- Mar 9, 2017
- 530
Thanks..!
Please run FRST tool once more, and attach for me fresh logs:
Please run FRST tool once more, and attach for me fresh logs:
- Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
- Press Scan button and wait for a while.
- The scanner will produce two logs on your Desktop: FRST.txt and Addition.txt.
- Please attach these two logs in your next reply.
- Mar 9, 2017
- 530
Malwarebytes Anti-Malware
Run AdwCleaner (Scan mode)
Download AdwCleaner and save it to your desktop.
in your next reply, please include:
- If you already have Malwarebytes installed then open Malwarebytes and click on the Scan button. It will automatically check for updates and run a Threat Scan.
- If you don't have Malwarebytes installed yet please download it from here and install it.
- Once installed then open Malwarebytes and select Scan and let it run.
- Once the scan is completed make sure you have it quarantine any detections it finds.
- If no detections were found click on the Save results drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
- If there were detections then once the quarantine has completed click on the View report button, Then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
- If the computer restarted to quarantine you can access the logs from the Detection History, then the History tab. Highlight the most recent scan and double-click to open it. Then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
- If Malwarebytes won't run then please skip to the next step and let me know in your next reply that the scanner would not run.
Run AdwCleaner (Scan mode)
Download AdwCleaner and save it to your desktop.
- Double click AdwCleaner.exe to run it.
- Click Scan Now.
- When the scan has finished, a Scan Results window will open.
- Click Cancel (at this point do not attempt to Quarantine anything that is found)
- Now click the Log Filestab.
- Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number. The latest scan will have the largest number)
- A Notepad file will open containing the results of the scan.
- Please post the contents of the file in your next reply.
in your next reply, please include:
- The AdwCleaner[S0*].txt
- The Malwarebytes report
- Mar 9, 2017
- 530
AdwCleaner (Clean mode)
In your next reply, please post:
- Double click AdwCleaner.exe on your Desktop, to run it as you did before.
- Click Scan Now.
- When the scan has finished a Scan Results window will open.
- Please check all the boxes and then click Quarantine.
- Click Next.
- If any pre-installed software was found on your machine, a prompt window will open. Click OK to close it.
- Check any pre-installed software items you want to remove.
- Click Quarantine.
- A prompt to save your work will appear.
- Click Continue when you're ready to proceed.
- A prompt to restart your computer will appear.
- Click Restart Now.
- Once your computer has restarted:
- If it doesn't open automatically, please start AdwCleaner.
- Click the Log Files tab.
- Double click on the latest Clean log (Clean logs have a [C0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
- A Notepad file will open containing the results of the removal.
- Please post the contents of the file in your next reply.
In your next reply, please post:
- The AdwCleaner[C0*].txt
- Mar 9, 2017
- 530
Thanks..! Good job ..! How your computer behaves ..?
FRST scan
How your computer behaves ..?FRST scan
- Double-click FRST.exe/FRST64.exe to run it.
- Press the Scan button.
- When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
- Please copy and paste the logs in your next reply.
Here you go:Thanks..! Good job ..!
FRST scan
- Double-click FRST.exe/FRST64.exe to run it.
- Press the Scan button.
- When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
- Please copy and paste the logs in your next reply.
- Mar 9, 2017
- 530
Turn Off + Reset Sync:
Next ...:
www.timeatlas.com
Next ...:
Farbar Recovery Scan Tool - Fix
NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.
Please download the attached file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
In your next reply, please include:
- Open Google Chrome
- Click your Profile in the top right corner of your browser screen (next to the three dots)
A small window will open in the top right corner - Click Sync is On
A new browser window will open to allow you to change your Google account settings - Click Turn Off at the top
A small confirmation window will appear in the middle of your browser window - Click Turn Off again to confirm that you wish to stop syncing to the Google cloud
The confirmation window will close, returning you to the Google account settings screen.
This will also sign you out of Google. - Next, open Account settings: Your browser is not supported.
A Google login screen will be shown in your browser window. - Enter your Google username and password
The "Data from Chrome sync" screen will be displayed to show basic information on what information is being synchronized to the cloud - Scroll to the bottom and click Reset Sync
A window will be displayed to let you know that synchronization to Google’s cloud will now be stopped.
Next ...:
Boost Your Productivity: Remove Chrome Extensions in 5 Min
Need a solution for those pesky Chrome extensions? This tutorial provides insights into tackling those stubborn add-ons. The article details several ways to disable or remove the browser extensions either permanently or just for the session. These instructions should also work with Microsoft...
www.timeatlas.com
Next ...:
Farbar Recovery Scan Tool - Fix
NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.
Please download the attached file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
In your next reply, please include:
- Fixlog.txt
here you go. also can I turn on sync again?Turn Off + Reset Sync:
- Open Google Chrome
- Click your Profile in the top right corner of your browser screen (next to the three dots)
A small window will open in the top right corner- Click Sync is On
A new browser window will open to allow you to change your Google account settings- Click Turn Off at the top
A small confirmation window will appear in the middle of your browser window- Click Turn Off again to confirm that you wish to stop syncing to the Google cloud
The confirmation window will close, returning you to the Google account settings screen.
This will also sign you out of Google.- Next, open Account settings: Your browser is not supported.
A Google login screen will be shown in your browser window.- Enter your Google username and password
The "Data from Chrome sync" screen will be displayed to show basic information on what information is being synchronized to the cloud- Scroll to the bottom and click Reset Sync
A window will be displayed to let you know that synchronization to Google’s cloud will now be stopped.
Next ...:
Boost Your Productivity: Remove Chrome Extensions in 5 Min
Need a solution for those pesky Chrome extensions? This tutorial provides insights into tackling those stubborn add-ons. The article details several ways to disable or remove the browser extensions either permanently or just for the session. These instructions should also work with Microsoft...
Next ...:
Farbar Recovery Scan Tool - Fix
NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.
Please download the attached file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
In your next reply, please include:
- Fixlog.txt
- Mar 9, 2017
- 530
- Status
Similar threads
