Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I seem to have a virus when using Chrome


  • Please log in to reply
21 replies to this topic

#1 pusssykatt

pusssykatt

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 18 April 2015 - 08:34 PM

I'm not sure if I can post this here or if it should be in another forum.

 

Today I noticed that when using Chrome rather than having to enter my password, it was entered. Also, when I close Chrome and re-start, the same 3 pages keep coming up. I use ESET NOD32 Antivirus 8. When I ran a scan I got the following:

C:\Users\billie\Downloads\7Zip.exe - a variant of Win32/InstallIQ.A potentially unwanted application - cleaned by deleting - quarantined [1]

Number of scanned objects: 856844

Number of threats found: 1

Number of cleaned objects: 1

Time of completion: 5:46:43 PM  Total scanning time: 1552 sec (00:25:52)

[1] Object has been deleted as it only contained the virus body.

[4] Object cannot be opened. It may be in use by another application or operating system.

I re-booted and it's still the same.

 

I also ran Malwarebyes:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/18/2015
Scan Time: 6:15:31 PM
Logfile:
Administrator: Yes

Version: 2.01.4.1018
Malware Database: v2015.04.18.04
Rootkit Database: v2015.03.31.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: billie

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 429520
Time Elapsed: 15 min, 15 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-4097201986-577593745-1789045046-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\APJKPJCHFBCKHJHOKINLGDBMIBPBBJAK, Quarantined, [e824452901897abc3d0f46786c9731cf],

Registry Values: 1
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-4097201986-577593745-1789045046-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\apjkpjchfbckhjhokinlgdbmibpbbjak|path, C:\Users\billie\AppData\Local\CRE\apjkpjchfbckhjhokinlgdbmibpbbjak.crx, Quarantined, [e824452901897abc3d0f46786c9731cf]

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup, Quarantined, [6e9efe70e2a895a19e3810ad857e54ac],

Files: 1
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\DEL_UnRegisterExtensions.exe, Quarantined, [6e9efe70e2a895a19e3810ad857e54ac],

Physical Sectors: 0
(No malicious items detected)


(end)


I re-booted and it's still the same.

I also ran Malwarebyes Anti-Root Kit and ESET Poweliks Cleaner tool, and both showed nothing.

I ran a deep ESET scan and it showed nothing.

Many thanks!



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,324 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:02 PM

Posted 18 April 2015 - 09:04 PM

Hey...you're on a roll...don't stop now..

 

Run the programs below. They find and remove a lot of adware. After running the programs and allowing them to delete/ remove what they find,

and you still see a problem do a reset of Chrome.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  •  

 

  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

 

Google Chrome gives you the option to reset your browser settings in one easy click. In some cases, programs that you install can change your Chrome settings without your knowledge. You may see additional extensions and toolbars or a different search engine. Resetting your browser settings will reset the unwanted changes caused by installing other programs. However, your saved bookmarks and passwords will not be cleared or changed.

Reset your Chrome browser settings
  1. In the top-right corner of the browser window, click the Chrome menu
  2. Select Settings.
  3. At the bottom, click Show advanced settings.
  4. Under the section "Reset settings,” click Reset settings.
  5. In the dialog that appears, click Reset.

Edited by buddy215, 18 April 2015 - 09:06 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 pusssykatt

pusssykatt
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 18 April 2015 - 10:26 PM

Thank you for your quick response. Here is the jrt.txt

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.8 (04.17.2015:1)
OS: Windows 7 Home Premium x64
Ran by billie on Sat 04/18/2015 at 23:17:19.75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 04/18/2015 at 23:19:57.44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#4 pusssykatt

pusssykatt
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 18 April 2015 - 10:29 PM

I also reset Chrome. I'm still getting https with a red line through it when I'm trying to sign into my aol mail.


Edited by pusssykatt, 18 April 2015 - 10:30 PM.


#5 buddy215

buddy215

  • Moderator
  • 13,324 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:02 PM

Posted 19 April 2015 - 06:34 AM

Rerun MBAM using the settings below and be sure to change the setting PUP: Warn to PUP: enable. Allow MBAM to remove all that it finds.

What about the AdwCleaner log?

 

  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
  • POST THE LOG FOR REVIEW.

 

When the MBAM and Adw Cleaner scan has completed and you have posted what they found, do this:

 

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 pusssykatt

pusssykatt
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 19 April 2015 - 11:42 AM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/19/2015
Scan Time: 12:02:42 PM
Logfile: malwarebytes.txt
Administrator: Yes

Version: 2.01.4.1018
Malware Database: v2015.04.19.04
Rootkit Database: v2015.03.31.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: billie

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 434737
Time Elapsed: 20 min, 17 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

# AdwCleaner v4.201 - Logfile created 19/04/2015 at 12:37:29
# Updated 08/04/2015 by Xplode
# Database : 2015-04-19.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : billie - BILLIE-HP
# Running from : C:\Users\billie\Downloads\adwcleaner_4.201(1).exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\billie\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.1 (x86 en-US)


-\\ Google Chrome v42.0.2311.90

[C:\Users\billie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://searchservice.myspace.com/index.cfm?fuseaction=sitesearch.results&type=People&qry={searchTerms}&pg={startPage?}&g={myspace:gender?}&npic={myspace:hasPhoto?}&minAge={myspace:minAge?}&maxAge={myspace:maxAge?}&loc={myspace:location?}&d={myspace:distance?}
[C:\Users\billie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
[C:\Users\billie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\billie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\billie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.petco.com/shop/searchresults.aspx?Ntt={searchTerms}&x=13&y=18
[C:\Users\billie\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : niloccemoadcdkdjlinkgdfekeahmflj

*************************

AdwCleaner[R0].txt - [4661 bytes] - [18/04/2015 22:59:47]
AdwCleaner[R1].txt - [2200 bytes] - [19/04/2015 12:33:15]
AdwCleaner[R2].txt - [2263 bytes] - [19/04/2015 12:36:34]
AdwCleaner[S0].txt - [4080 bytes] - [18/04/2015 23:01:25]
AdwCleaner[S1].txt - [2202 bytes] - [19/04/2015 12:37:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2261  bytes] ##########



#7 pusssykatt

pusssykatt
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 19 April 2015 - 11:47 AM

Yes    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No    HKCU:Run    Google Update        "C:\Users\billie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
No    HKCU:Run    Wisdom-soft ScreenHunter 5.1 Free        0
No    HKLM:Run    APSDaemon    Apple Inc.    "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
No    HKLM:Run    ArcSoft Connection Service    ArcSoft Inc.    C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Yes    HKLM:Run    egui    ESET    "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
Yes    HKLM:Run    HP Software Update    Hewlett-Packard    C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Yes    HKLM:Run    hpsysdrv    Hewlett-Packard    c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
No    HKLM:Run    PDF Complete        C:\Program Files (x86)\PDF Complete\pdfsty.exe
No    HKLM:Run    QuickTime Task    Apple Inc.    "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
No    HKLM:Run    SunJavaUpdateSched    Oracle Corporation    "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
No    Startup Common    Install Webroot FF RunOnce.lnk    Webroot Software, Inc.    C:\PROGRA~2\COMMON~1\WRUNIN~1.EXE -q -name=webroot -ffuuid {8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} --disablenotes --disableidentities --disablevault --disablecontext
No    Startup Common    Install Webroot IE RunOnce.lnk    Webroot Software, Inc.    C:\PROGRA~2\COMMON~1\WRUNIN~1.EXE -p -name=webroot -ffuuid {8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} --disablenotes --disableidentities --disablevault --disablecontext
No    Startup Common    Microsoft Works Calendar Reminders.lnk    Microsoft® Corporation    C:\PROGRA~2\COMMON~1\MICROS~1\WORKSS~1\wkcalrem.exe
No    Startup User    Launch Utility Application.lnk        C:\Users\billie\AppData\Roaming\Verizon\UA_ar\UTILIT~1.EXE
No    Startup User    Monitor Ink Alerts - HP Deskjet 1000 J110 series.lnk    Microsoft Corporation    C:\Windows\system32\RunDll32.exe "C:\Program Files\HP\HP Deskjet 1000 J110 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN34C19QJV05YD;CONNECTION=USB;MONITOR=1;
Yes    Startup User    Monitor Ink Alerts - HP Deskjet 1510 series.lnk    Microsoft Corporation    C:\Windows\system32\RunDll32.exe
No    Startup User    Verizon Wireless Software Utility Application for Android – Samsung.lnk    SAMSUNG Electornics Co., Ltd.    C:\Users\billie\AppData\Roaming\Verizon\UA_ar\UA.exe
 

Yes    Task    Adobe Flash Player Updater    Adobe Systems Incorporated    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes    Task    CCleanerSkipUAC    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineCore1d041a0d4d2abe6    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    GoogleUpdateTaskMachineUA1d041a0d515526e    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    Health-Check        C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe -scan
Yes    Task    Health-Check-auto        C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe -startup
Yes    Task    HPCeeScheduleForbillie    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForbillie (null)
Yes    Task    HPCustParticipation HP Deskjet 1510 series    Hewlett-Packard Co.    "C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe" /UA 12.5 /DDV 0x0b00
Yes    Task    RMCreator    CyberLink    C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe
Yes    Task    {50C2D5E9-FDDF-4552-AE78-3802C1CD00EA}        K:\AOL PRESS\AOLPRESS\AOLpress.exe
Yes    Task    {52247CC1-FF18-4732-B9F7-CEC66E1A9EA0}        K:\AOL PRESS\AOLPRESS\AOLpress.exe
Yes    Task    {9389F908-169A-4F0E-A3EA-468EAE536BA9}    Microsoft Corporation    C:\Windows\system32\pcalua.exe -a J:\VZW_Software_upgrade_assistant_installer.exe -d J:\
Yes    Task    {ACE180FD-7EB1-469A-AFAC-7780D9520222}        C:\Users\billie\AOL PRESS\AOLPRESS\AOLpress.exe
Yes    Task    {B4C446F7-FAE2-4FAD-9D01-A31A6710CD8A}        K:\AOL PRESS\AOLPRESS\AOLpress.exe
Yes    Task    {B8265E34-6477-4B8C-B8A6-08E4E04FE892}        K:\AOL PRESS\AOLPRESS\AOLpress.exe
 



#8 pusssykatt

pusssykatt
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 19 April 2015 - 11:49 AM

Adobe Flash Player 17 NPAPI    Adobe Systems Incorporated    4/18/2015    6.00 MB    17.0.0.169
Apple Application Support    Apple Inc.    2/28/2014    64.0 MB    2.3.6
Apple Software Update    Apple Inc.    12/6/2012    2.38 MB    2.1.3.127
ArcSoft MediaImpression SE for Kodak    ArcSoft    11/20/2011        2.0.69.800
ATI Catalyst Install Manager    ATI Technologies, Inc.    7/7/2011    22.3 MB    3.0.774.0
CCleaner    Piriform    3/28/2015        5.04
DHTML Editing Component    Microsoft Corporation    1/6/2012    554 KB    6.02.0001
ESET NOD32 Antivirus    ESET, spol s r. o.    11/29/2014    92.1 MB    8.0.304.0
FileZilla Client 3.10.1.1    Tim Kosse    2/12/2015    23.2 MB    3.10.1.1
Google Chrome    Google Inc.    4/9/2014        42.0.2311.90
HP Deskjet 1510 series Basic Device Software    Hewlett-Packard Co.    3/6/2015    144 MB    32.2.188.47710
HP Deskjet 1510 series Help    Hewlett Packard    3/6/2015    6.13 MB    30.0.0
HP LinkUp    Hewlett-Packard    7/7/2011    71.7 MB    2.01.026
HP MediaSmart/TouchSmart Netflix    Hewlett-Packard    7/7/2011    9.67 MB    1.0.6.0
HP MovieStore    Hewlett-Packard    7/8/2011    96.6 MB    2.0
HP Odometer        2/11/2011        
HP Photo Creations    HP    7/10/2013    14.6 MB    1.0.0.7702
HP Setup    Hewlett-Packard Company    7/7/2011        8.6.4530.3651
HP Setup Manager    Hewlett-Packard Company    7/7/2011    8.31 MB    1.1.13253.3682
HP Support Assistant    Hewlett-Packard Company    1/16/2014    80.2 MB    7.4.45.4
HP Support Information        2/11/2011        
HP Support Solutions Framework    Hewlett-Packard Company    2/17/2015    7.34 MB    11.51.0048
HP Update    Hewlett-Packard    3/6/2015    3.99 MB    5.005.002.002
HP Vision Hardware Diagnostics    Hewlett-Packard    7/7/2011    11.5 MB    2.5.0.0
Java 7 Update 65    Oracle    11/8/2013    120 MB    7.0.650
Java 7 Update 65 (64-bit)    Oracle    7/19/2014    118 MB    7.0.650
KompoZer 0.8b3    KompoZer    2/14/2015    22.6 MB    
Malwarebytes Anti-Malware version 2.1.4.1018    Malwarebytes Corporation    4/18/2015    57.5 MB    2.1.4.1018
Microsoft .NET Framework 4.5.2    Microsoft Corporation    1/28/2015    38.8 MB    4.5.51209
Microsoft Silverlight    Microsoft Corporation    7/24/2014    249 MB    5.1.30514.0
Microsoft SQL Server 2005 Compact Edition [ENU]    Microsoft Corporation    7/7/2011    1.69 MB    3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053    Microsoft Corporation    1/24/2012    260 KB    8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053    Microsoft Corporation    1/24/2012    252 KB    8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable    Microsoft Corporation    11/16/2011    300 KB    8.0.56336
Microsoft Visual C++ 2005 Redistributable (x64)    Microsoft Corporation    2/11/2011    1.48 MB    8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17    Microsoft Corporation    2/11/2011    788 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148    Microsoft Corporation    7/7/2011    788 KB    9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161    Microsoft Corporation    11/16/2011    788 KB    9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17    Microsoft Corporation    2/11/2011    596 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148    Microsoft Corporation    7/7/2011    592 KB    9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161    Microsoft Corporation    11/16/2011    600 KB    9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319    Microsoft Corporation    2/9/2012    13.7 MB    10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319    Microsoft Corporation    2/9/2012    11.0 MB    10.0.30319
Microsoft Works 2000    Microsoft Corporation    11/15/2011    62.0 MB    1.0.0.0000
Mozilla Firefox 37.0.1 (x86 en-US)    Mozilla    4/6/2015    98.6 MB    37.0.1
Mozilla Maintenance Service    Mozilla    5/10/2014    341 KB    29.0.1
MSXML 4.0 SP2 (KB954430)    Microsoft Corporation    11/15/2011    1.27 MB    4.20.9870.0
MSXML 4.0 SP2 (KB973688)    Microsoft Corporation    11/15/2011    1.33 MB    4.20.9876.0
PageBreeze Free HTML Editor        1/6/2012        
PlayReady PC Runtime amd64    Microsoft Corporation    7/7/2011    2.05 MB    1.3.0
PlayReady PC Runtime x86    Microsoft Corporation    7/7/2011    1.65 MB    1.3.0
Product Improvement Study for HP Deskjet 1510 series    Hewlett-Packard Co.    3/6/2015    9.67 MB    32.2.188.47710
QuickTime 7    Apple Inc.    10/30/2014    70.2 MB    7.76.80.95
Realtek High Definition Audio Driver    Realtek Semiconductor Corp.    7/7/2011        6.0.1.6251
Remote Graphics Receiver    Hewlett-Packard    7/7/2011        5.4.5
RoxioNow Player    RoxioNow    7/7/2011    10.9 MB    1.9.5.103
SAMSUNG USB Driver for Mobile Phones    SAMSUNG Electronics Co., Ltd.    1/8/2013    42.9 MB    1.5.6.0
SUABnR    Samsung Electronics Co., Ltd.    5/12/2014    63.2 MB    1.1.0.13103_1
Toddler Keys    none    11/6/2013    1.07 MB    00.97.0000
Uniblue RegistryBooster 2    Uniblue    11/15/2011        
Verizon Wireless Software Upgrade Assistant - Samsung(ar)    Samsung Electronics Co., Ltd.    5/12/2014    42.2 MB    2.14.0410
Verizon Wireless Software Utility Application for Android - Samsung    Samsung Electronics Co., Ltd.    5/12/2014    13.6 MB    2.14.0402
Windows Live Essentials    Microsoft Corporation    7/7/2011        15.4.3508.1109
Windows Live Mesh ActiveX Control for Remote Connections    Microsoft Corporation    7/7/2011    5.57 MB    15.4.5722.2
 



#9 buddy215

buddy215

  • Moderator
  • 13,324 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:02 PM

Posted 19 April 2015 - 12:52 PM

Disable these Windows Startups: (Use Ccleaner. Click to highlight each item then choose either Disable, Remove or Uninstall)

Yes    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

Yes    HKLM:Run    egui    ESET    "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
Yes    HKLM:Run    HP Software Update    Hewlett-Packard    C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

Yes    Startup User    Monitor Ink Alerts - HP Deskjet 1510 series.lnk    Microsoft Corporation    C:\Windows\system32\RunDll32.exe

 

Disable these Tasks:

Yes    Task    Adobe Flash Player Updater    Adobe Systems Incorporated    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes    Task    CCleanerSkipUAC    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineCore1d041a0d4d2abe6    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    GoogleUpdateTaskMachineUA1d041a0d515526e    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    Health-Check        C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe -scan (Remove if offered)
Yes    Task    Health-Check-auto        C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe -startup (Remove if offered)

Yes    Task    HPCustParticipation HP Deskjet 1510 series    Hewlett-Packard Co.    "C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe" /UA 12.5 /DDV 0x0b00
Yes    Task    RMCreator    CyberLink    C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe
Yes    Task    {50C2D5E9-FDDF-4552-AE78-3802C1CD00EA}        K:\AOL PRESS\AOLPRESS\AOLpress.exe
Yes    Task    {52247CC1-FF18-4732-B9F7-CEC66E1A9EA0}        K:\AOL PRESS\AOLPRESS\AOLpress.exe
Yes    Task    {9389F908-169A-4F0E-A3EA-468EAE536BA9}    Microsoft Corporation    C:\Windows\system32\pcalua.exe -a J:\VZW_Software_upgrade_assistant_installer.exe -d J:\
Yes    Task    {ACE180FD-7EB1-469A-AFAC-7780D9520222}        C:\Users\billie\AOL PRESS\AOLPRESS\AOLpress.exe
Yes    Task    {B4C446F7-FAE2-4FAD-9D01-A31A6710CD8A}        K:\AOL PRESS\AOLPRESS\AOLpress.exe
Yes    Task    {B8265E34-6477-4B8C-B8A6-08E4E04FE892}        K:\AOL PRESS\AOLPRESS\AOLpress.exe

I suggest removing all of the AOL items...not just disable

 

Uninstall these Programs:

Google Chrome    Google Inc.    4/9/2014        42.0.2311.90 (or update)

HP MovieStore    Hewlett-Packard    7/8/2011    96.6 MB    2.0

Java 7 Update 65    Oracle    11/8/2013    120 MB    7.0.650 (old Java programs are malware magnets)
Java 7 Update 65 (64-bit)    Oracle    7/19/2014    118 MB    7.0.650

RoxioNow Player    RoxioNow    7/7/2011    10.9 MB    1.9.5.103

Uniblue RegistryBooster 2    Uniblue    11/15/2011

Windows Live Essentials    Microsoft Corporation    7/7/2011        15.4.3508.1109
Windows Live Mesh ActiveX Control for Remote Connections    Microsoft Corporation    7/7/2011    5.57 MB    15.4.5722.2

 

If you have a problem uninstalling any program...especially the Uniblue one...use Download Revo Uninstaller Freeware in Advanced mode.

 

 

The MBAM scan still shows PUP: warn but it didn't warn you this time of any pup so AdwCleaner must have removed the PUP.

 

After doing the above, let me know if the computer is running up to par or not....any problems.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 pusssykatt

pusssykatt
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 19 April 2015 - 02:18 PM

I disabled the startups, however, it wouldn't allow me to disable ESET. Could that be because it is my virus protection?

I use AOL Press, so I kept those.

My Chrome was already up to date. Is there a way for me to backup my bookmarks so that I might delete and reinstall Chrome? All searches for this info are at least 2 years old, and don't apply.

I uninstalled all of the other programs, except RoxioNow. Do I need that for making CD's?

I'm still getting the https with a red line through it when I try to sign into AOL, and my name and password are showing up with a yellow background.

 

Thanks!



#11 buddy215

buddy215

  • Moderator
  • 13,324 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:02 PM

Posted 19 April 2015 - 02:42 PM

Ooops...meant to change that after I saw Eset was installed as your security program.

 

Do these instructions work? How to Move Chrome Bookmarks to a New Computer | Chron.com It gives instructions for saving to an external medium.

 

Google Chrome turns the https red and draws a line through it:

chrome_cert_error_address_bar.jpg

Clicking on the broken padlock in Chrome displays information about the secure connection and its problems:

chrome_cert_error_info.jpg


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 pusssykatt

pusssykatt
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 19 April 2015 - 03:17 PM

I uninstalled and re-installed Chrome.

 

When I click on the lock I get the same message as above. It just started yesterday.



#13 buddy215

buddy215

  • Moderator
  • 13,324 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:02 PM

Posted 19 April 2015 - 03:54 PM

Most likely AOL hasn't renewed their certificate. Give it a day or two. If it was your bank site then there would be reason to really worry and not go to the site.

You can play it extra safe and just not visit the site until they have renewed the certificate.

 

Other than that...if no other problem such as ad popups then I would say you are good to go.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 pusssykatt

pusssykatt
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 19 April 2015 - 04:58 PM

Thank you for all of your help. The problem I initially was concerned about regarding the password still exists, but as you said it might just be AOL. However, my other problems have been resolved. If the AOL problem isn't resolved I hope I can feel free to open this thread again. I think my next stop is ESET to see if they have an answer. Again, I appreciate all of your help!



#15 buddy215

buddy215

  • Moderator
  • 13,324 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:02 PM

Posted 19 April 2015 - 05:01 PM

I wouldn't bet a leg but I would give odds that AOL will be renewing its certificate within a day or two. Hey, its the weekend.

You're welcome and this topic will not be closed.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users