Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cant redownload google chrome PLEASE HELP


  • This topic is locked This topic is locked
12 replies to this topic

#1 camE

camE

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:58 AM

Posted 22 July 2015 - 06:14 PM

So I got a virius called 'Ads by EnormouSales' so I googled how to get rid of it and came to this http://www.bleepingcomputer.com/forums/t/575273/infected-by-ads-by-enormousales/   I followed all of the steps that 'B-boy/StyLe/' left and now I cannot re download google chrome and I have no idea why please help me


Edited by Chris Cosgrove, 24 July 2015 - 06:15 AM.
Moved from Am I Infected to 'Virus, trojan etc. logs'.


BC AdBot (Login to Remove)

 


m

#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:58 PM

Posted 22 July 2015 - 06:47 PM

Hello camE and Welcome -

 

Please note that there were several items included like this one below - -
 

STEP 2

Please download the following file => txt.gif  fixlist.txt   1.15KB   22 downloads and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

These may only apply to a specific computer, and not be "generic" fixes.

 

If you do have a problem, take it to that forum area, Use the Preparation Guide and post there.

Each computer may have a slight problem related to installed programs and errors, so it is hard to use one fix for all problems.

I have seen too many people attempt too many repairs without help, and the system can be ruined.

 

Please do not use any more tools without an expert helping you, and although you may need to wait a day or more, you will get personal help.

 

Thank You -



#3 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:01:58 PM

Posted 23 July 2015 - 11:52 AM

Hello,

 

 

I've just received your PM. As noknojon said the steps are individual for each user and you shouldn't follow them without supervision. Doing so can severely cripple or render your computer.

I usually delete my old fixes in order to prevent users to download and run them on their own but the topic from where you downloaded the script was missed by me. Anyway regarding the script content I highly doubt that he is the culprit here. Can you please post all of the logs from the tools you ran on your own? Without seeing these logs I cannot help you.

Also can you please describe me your problem with more details. You cannot download or you cannot install Google Chrome?

 

Thank you and sorry for the inconvenience caused.

 

 

Regards,

Georgi


cXfZ4wS.png


#4 camE

camE
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:58 AM

Posted 23 July 2015 - 03:22 PM

Hello,

 

 

I've just received your PM. As noknojon said the steps are individual for each user and you shouldn't follow them without supervision. Doing so can severely cripple or render your computer.

I usually delete my old fixes in order to prevent users to download and run them on their own but the topic from where you downloaded the script was missed by me. Anyway regarding the script content I highly doubt that he is the culprit here. Can you please post all of the logs from the tools you ran on your own? Without seeing these logs I cannot help you.

Also can you please describe me your problem with more details. You cannot download or you cannot install Google Chrome?

 

Thank you and sorry for the inconvenience caused.

 

 

Regards,

Georgi

 

I cant download it. When I go to the website and click download nothing happens. 

 

and how wound I post the log?

 

and thanks for getting back to me



#5 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:01:58 PM

Posted 23 July 2015 - 03:27 PM

Hi,

 

I cant download it. When I go to the website and click download nothing happens.

 

Which browser do you use to download it? Can you download the offline installer and let me know about the results?

 

and how wound I post the log?

 

Open the logs from the tools you ran and then copy and paste their content in your next reply.

 

 

Regards,

Georgi


cXfZ4wS.png


#6 camE

camE
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:58 AM

Posted 23 July 2015 - 04:10 PM

Im using Internet Explorer and I can download the offline thing but when I run it I get this Captsssure.png

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Cam at 2015-07-22 14:35:37 Run:1
Running from C:\Users\Cam\Desktop
Loaded Profiles: Cam (Available Profiles: English Home & Cam)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-1071416686-1465175340-3038554051-1000\...\MountPoints2: {a39a74d7-3d3f-11e4-ac69-fa6e0dd35022} - F:\autorun.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-1071416686-1465175340-3038554051-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
2015-04-20 22:19 - 2015-04-24 14:21 - 00000000 ____D () C:\Program Files (x86)\DealNoDeal
cmd: bitsadmin /reset /allusers
cmd: netsh winsock reset catalog
cmd: ipconfig /flushdns
RemoveProxy:
Hosts:
EmptyTemp:
end
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-1071416686-1465175340-3038554051-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a39a74d7-3d3f-11e4-ac69-fa6e0dd35022} => key not found.
HKCR\CLSID\{a39a74d7-3d3f-11e4-ac69-fa6e0dd35022} => key not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-1071416686-1465175340-3038554051-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value not found.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"C:\Program Files (x86)\DealNoDeal" => File/Folder not found.

=========  bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

=========  netsh winsock reset catalog =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

=========  ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= RemoveProxy: =========

HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1596784633-1391442693-3618663705-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1596784633-1391442693-3618663705-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 3.7 GB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 14:38:20 ====



#7 camE

camE
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:58 AM

Posted 23 July 2015 - 05:04 PM

Hi,

 

I cant download it. When I go to the website and click download nothing happens.

 

Which browser do you use to download it? Can you download the offline installer and let me know about the results?

 

and how wound I post the log?

 

Open the logs from the tools you ran and then copy and paste their content in your next reply.

 

 

Regards,

Georgi

 

 

 

Im using Internet Explorer and I can download the offline thing but when I run it I get this Captsssure.png

 

Quote

 

Fix result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Cam at 2015-07-22 14:35:37 Run:1
Running from C:\Users\Cam\Desktop
Loaded Profiles: Cam (Available Profiles: English Home & Cam)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-1071416686-1465175340-3038554051-1000\...\MountPoints2: {a39a74d7-3d3f-11e4-ac69-fa6e0dd35022} - F:\autorun.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-1071416686-1465175340-3038554051-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
2015-04-20 22:19 - 2015-04-24 14:21 - 00000000 ____D () C:\Program Files (x86)\DealNoDeal
cmd: bitsadmin /reset /allusers
cmd: netsh winsock reset catalog
cmd: ipconfig /flushdns
RemoveProxy:
Hosts:
EmptyTemp:
end
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-1071416686-1465175340-3038554051-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a39a74d7-3d3f-11e4-ac69-fa6e0dd35022} => key not found.
HKCR\CLSID\{a39a74d7-3d3f-11e4-ac69-fa6e0dd35022} => key not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-1071416686-1465175340-3038554051-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value not found.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"C:\Program Files (x86)\DealNoDeal" => File/Folder not found.

=========  bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

=========  netsh winsock reset catalog =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

=========  ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= RemoveProxy: =========

HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1596784633-1391442693-3618663705-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1596784633-1391442693-3618663705-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 3.7 GB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 14:38:20 ====



#8 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:01:58 PM

Posted 23 July 2015 - 10:47 PM

Yeah...that was I thought. We will fix it.

I need you to post the Addition.txt log from FRST.

 

 

Also please download SystemLook from the link below and save it to your Desktop.
SystemLook (32-bit) => for 32 bit system
SystemLook (64-bit) => for 64 bit system

  • Double-click SystemLook.exe or SystemLook_x64.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :folderfind
    Google
    :regfind
    Google
    :reg
    HKCU\SOFTWARE\Google
    HKCU\SOFTWARE\Google\Update\Clients /s
    HKCU\SOFTWARE\Google\Update\ClientState /s
    HKLM\SOFTWARE\Google
    HKLM\SOFTWARE\Wow6432Node\Google
    HKLM\SOFTWARE\Google\Update\Clients /s
    HKLM\SOFTWARE\Google\Update\ClientState /s
    HKLM\SOFTWARE\Wow6432Node\Google\Update\Clients /s
    HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState /s
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

 

 

Edit: typo.

 

 

Regards,

Georgi


Edited by B-boy/StyLe/, 23 July 2015 - 11:26 PM.

cXfZ4wS.png


#9 camE

camE
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:58 AM

Posted 23 July 2015 - 11:34 PM

My  Addition.txt

 

My SystemLook.txt

 

thank you so much for helping me btw

 

and do I have to quote you for you to get the notification?


Edited by camE, 23 July 2015 - 11:34 PM.


#10 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:01:58 PM

Posted 24 July 2015 - 06:14 AM

Hi,

 

 

Please download the following file => fixlist.txt and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

Next go ahead and uninstall Google Update Helper from the Control Panel.

 

 

Reboot the computer and try to install Google Chrome again from the offline installer you downloaded above and let me know how it went.

 

 

Regards,

Georgi


cXfZ4wS.png


#11 camE

camE
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:58 AM

Posted 24 July 2015 - 08:55 AM

Fixlog.txt

 

im sorry but I don't see the 'Google Update Helper from the Control Panel'

 

It worked though thank you so much.



#12 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:01:58 PM

Posted 24 July 2015 - 09:31 AM

Hi,

 

I am glad I could help. :)

Is there anything else I can do for you before I go ahead and close the topic?

Do you experience any issues and do you feel that your PC is malware free or you want me to check your PC's health further?

 

 

Regards,

Georgi


cXfZ4wS.png


#13 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:01:58 PM

Posted 25 July 2015 - 10:49 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

cXfZ4wS.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users