Lingering malware after removal of Chromestera.

Status
Not open for further replies.
mbs5380

mbs5380

New Member
Thread author
Oct 8, 2023
3
First some background.

I accidentally installed the Chromestera virus a few weeks ago. I immediately uninstalled the main program from Settings -> Apps and ran a virus and malware scan. It didn't catch everything as these three issues remain.

1. There is a related app called "Chromestera Update" that shows up in the list under Settings -> Apps. When I try to uninstall I am given a message "This action is only valid for products that are currently installed".

2. There is a Chrome extension called "AzaleaRhododendron 4.7". The enable/disable switch is grayed out and clicking "Remove" does nothing.

3. This may or may not be related to the other two, but I am also getting redirected to other search engines when doing a google search.

I now ran the Malwarebytes and FRST scans as directed. I included the two requested logs plus the scan log from Malwarebytes. The three issues above persist.

Malwarebytes quarantined a folder "C:\APPS-HELPER" and also replaced one registry item. You will see this in the third output log "mb_scan.txt" which I also attached. These actions didn't resolve the three issues stated above.

I would appreciate any help!
 

Attachments

  • FRST.txt
    56.3 KB · Views: 6
  • Addition.txt
    57.2 KB · Views: 3
  • mb_scan.txt
    1.4 KB · Views: 1
Last edited:
nasdaq

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,597
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Remove this program in bold using the Control Panel > Programs > Programs and Features...
Chromstera Update (HKLM\...\Chromstera Update 1.0.0.0) (Version: 1.0.0.0 - Chromstera Browser Research)

You may have to delete manually.

How to Manually Remove Program Entries from the Apps & Features List
www.majorgeeks.com

How to Manually Remove Program Entries from the Apps & Features List - MajorGeeks

There may come a time when you find that you've uninstalled a program in Apps & Features (Windows 10) or AddRemove Programs (Windows XP, 7, Vista, 8) but the entry is still there. This problem happens when a registry entry wasn't correctly removed during the uninstall.
www.majorgeeks.com

Follow the instructions on the page.
<<<>>>

Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.
 

Attachments

  • Fixlist.txt
    2.6 KB · Views: 10
mbs5380

mbs5380

New Member
Thread author
Oct 8, 2023
3
Sorry for the delay. I needed to get to a good save point in a project I'm working on and back everything up just in case something goes wrong. I'm will now follow the steps posted and report back.
 
mbs5380

mbs5380

New Member
Thread author
Oct 8, 2023
3
The problem is fixed. Thank you!
 

Attachments

  • Fixlog.txt
    21.1 KB · Views: 6
Status
Not open for further replies.

Similar threads

Craig12455
    • Like
  • Locked
Solved Fuschia hybrida extension even after removing chromestera
Replies
15
Views
1,024
Windows Malware Removal Help & Support
icotonev
icotonev
S
  • Locked
Lingering Malware Chrome Extension After Downloading Chromestera
Replies
2
Views
643
Windows Malware Removal Help & Support
nasdaq
nasdaq
M
  • Locked
Accidentally downloaded Chromestera. Now Microsoft Edge is Managed by Organization + Microsoft Edge redirect to Yahoo
Replies
4
Views
878
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top