Chrome Sync2 virus

Dear Avast-helpers,

I have a problem with my laptop.
Everytime I open Chrome or click a link in Chrome my Avast pops up with:
Object: http://…/sync2/?q=…
Infection: URL:Mal
Process: C:.…\chrome.exe

It started a while ago but I never achieved to fix it.

Attached:
Adittion.txt + FRST.txt
aswMBR.txt
Mbam.txt (Malware bytes)

Hi Yorrick,

Whenever you are on Windows did you try to run the Software Removal Tool for Google Chrome; https://www.google.com/chrome/srt/
For set up/handling instructions etc. read: https://support.google.com/chrome/answer/6086368?hl=en
Whenever the problem remains we should seek a qualified remover to look into your “predicament”.

polonus

Let me know if this stops it

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

FF Extension: No Name - C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\ag6u4kg6.default\extensions\addon@defaulttab.com.xpi [Not Found] FF Extension: No Name - C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\ag6u4kg6.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [Not Found] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-21] CHR StartMenuInternet: Google Chrome - chrome.exe CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION C:\Users\Public\AlexaNSISPlugin.1560.dll EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

Sorry for the late response…

The fixlist.txt log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-09-2014
Ran by Sara at 2014-09-30 17:48:00 Run:1
Running from C:\Users\Sara\Downloads
Loaded Profile: Sara (Available profiles: Sara)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
FF Extension: No Name - C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\ag6u4kg6.default\extensions\addon@defaulttab.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\ag6u4kg6.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-21] 
CHR StartMenuInternet: Google Chrome - chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\Public\AlexaNSISPlugin.1560.dll
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\ag6u4kg6.default\extensions\addon@defaulttab.com.xpi not found.
C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\ag6u4kg6.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb => Moved successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Value was restored successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKCU\SOFTWARE\Policies\Google" => Key deleted successfully.
C:\Users\Public\AlexaNSISPlugin.1560.dll => Moved successfully.

=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {CA065FC7-BA12-4ED5-A667-E999962FDB0C}.
0 out of 1 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 1.8 GB temporary data.


The system needed a reboot. 

==== End of Fixlog ====

Adwcleaner log:

# AdwCleaner v3.310 - Log utworzony 30/09/2014 o 17:57:33
# Aktualizacja 12/09/2014 przez Xplode
# System operacyjny : Windows 7 Home Premium Service Pack 1 (64 bits)
# Użytkownik : Sara - SARA-KOMPUTER
# Ścieżka : C:\Users\Sara\Downloads\adwcleaner_3.310.exe
# Opcja : Szukaj

***** [ Usługi ] *****


***** [ Pliki / Foldery ] *****


***** [ Zadania ] *****


***** [ Skróty ] *****


***** [ Rejestr ] *****

Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Klucz Znaleziono : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Klucz Znaleziono : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Klucz Znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

***** [ Przeglądarki internetowe ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v

[ Plik : C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\ag6u4kg6.default\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ Plik : C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [32805 octets] - [06/09/2014 16:16:08]
AdwCleaner[R1].txt - [285 octets] - [06/09/2014 16:17:02]
AdwCleaner[R2].txt - [31822 octets] - [06/09/2014 16:23:41]
AdwCleaner[R3].txt - [31883 octets] - [06/09/2014 16:29:47]
AdwCleaner[R4].txt - [4132 octets] - [17/09/2014 20:20:13]
AdwCleaner[R5].txt - [1421 octets] - [17/09/2014 20:46:59]
AdwCleaner[R6].txt - [1422 octets] - [17/09/2014 20:48:00]
AdwCleaner[R7].txt - [2022 octets] - [30/09/2014 17:57:33]
AdwCleaner[S0].txt - [29088 octets] - [06/09/2014 16:33:34]
AdwCleaner[S1].txt - [3618 octets] - [17/09/2014 20:25:19]

########## EOF - C:\AdwCleaner\AdwCleaner[R7].txt - [2203 octets] ##########

The problem is still there