Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Chrome won't launch


  • Please log in to reply
9 replies to this topic

#1 owd66

owd66

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 03 December 2015 - 11:22 AM

For some reason Chrome has stopped working.  Since the time it stopped working I've downloaded and installed new version but it still won't open and run.  am I infected?



BC AdBot (Login to Remove)

 


#2 hena

hena

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:29 PM

Posted 06 December 2015 - 01:00 PM

Hello. I am Hena and I will be helping you. 

Please do not use slang or idioms, as english is not my primary language.

Lets get to the point. 

Step 1

Please download Spybot Search and Destroy or SUPERANTISPYWARE. Not both, but one.

If either detect something, then please post the log.

Step 2

Download MBAM or Avast!. Not both, but one.

If either detect something, then please post the log.

 

Please allow me atleast 48 hours to respond, as I might be at school.



#3 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:29 PM

Posted 07 December 2015 - 08:56 AM

Hi there,

I would not recommend using Spybot or SAS. Both perform very poorly comparing to MBAM.

You can (and should) use MBAM with another antivirus.

Please run these tools to get some information about your computer.

:step1: MiniToolbox by Farbar

Disable your antivirus if it does not allow you to download the tool!
Please download MiniToolBox, save it to your desktop and run it.
Place a checkmark in Select all, then click Go and post the result (MTB.txt). A copy of Result.txt will be saved in the same directory the tool is run.

===

:step2: Security Check by screen317
  • Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt. Please copy and paste the contents of the log in your next reply.

Please let me know if you run into any issues running the tools.

Regards,
Alex

#4 owd66

owd66
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 07 December 2015 - 09:56 AM

MiniToolBox by Farbar  Version: 02-11-2015
Ran by Graphic Image (administrator) on 07-12-2015 at 09:16:33
Running from "C:\Users\Graphic Image\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: M68MT-S2 Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15463 entries.

========================= IP Configuration: ================================

NVIDIA nForce 10/100/1000 Mbps Ethernet  = Local Area Connection (Connected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : GraphicImage-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
   Physical Address. . . . . . . . . : 50-E5-49-9F-59-66
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::fd1a:dfaa:f863:3315%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.200.28(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, December 07, 2015 9:04:17 AM
   Lease Expires . . . . . . . . . . : Tuesday, December 08, 2015 9:04:05 AM
   Default Gateway . . . . . . . . . : 192.168.200.1
   DHCP Server . . . . . . . . . . . : 192.168.200.1
   DHCPv6 IAID . . . . . . . . . . . : 240182601
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-B6-EC-56-50-E5-49-9F-59-66
   DNS Servers . . . . . . . . . . . : 192.168.200.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Home:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  ZXHN_H368C.Home
Address:  192.168.200.1

Name:    google.com
Addresses:  216.68.10.113
   216.68.10.84
   216.68.10.112
   216.68.10.110
   216.68.10.121
   216.68.10.88
   216.68.10.106
   216.68.10.123
   216.68.10.90
   216.68.10.101
   216.68.10.91
   216.68.10.117
   216.68.10.95
   216.68.10.80
   216.68.10.102
   216.68.10.99

Pinging google.com [216.68.10.113] with 32 bytes of data:
Reply from 216.68.10.113: bytes=32 time=2ms TTL=61
Reply from 216.68.10.113: bytes=32 time=1ms TTL=61

Ping statistics for 216.68.10.113:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 2ms, Average = 1ms
Server:  ZXHN_H368C.Home
Address:  192.168.200.1

Name:    yahoo.com
Addresses:  98.139.183.24
   98.138.253.109
   206.190.36.45

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=52ms TTL=53
Reply from 98.139.183.24: bytes=32 time=38ms TTL=53

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 38ms, Maximum = 52ms, Average = 45ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...50 e5 49 9f 59 66 ......NVIDIA nForce 10/100/1000 Mbps Ethernet
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.200.1   192.168.200.28     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link    192.168.200.28     30
  169.254.255.255  255.255.255.255         On-link    192.168.200.28    276
    192.168.200.0    255.255.255.0         On-link    192.168.200.28    276
   192.168.200.28  255.255.255.255         On-link    192.168.200.28    276
  192.168.200.255  255.255.255.255         On-link    192.168.200.28    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    192.168.200.28    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    192.168.200.28    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 10    276 fe80::/64                On-link
 10    276 fe80::fd1a:dfaa:f863:3315/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/07/2015 09:09:46 AM) (Source: Application Error) (User: )
Description: Faulting application name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
Faulting module name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
Exception code: 0x40000015
Fault offset: 0x00093534
Faulting process id: 0xa2c
Faulting application start time: 0xPSIA.exe0
Faulting application path: PSIA.exe1
Faulting module path: PSIA.exe2
Report Id: PSIA.exe3

Error: (12/05/2015 09:47:02 AM) (Source: Application Error) (User: )
Description: Faulting application name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
Faulting module name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
Exception code: 0x40000015
Fault offset: 0x00093534
Faulting process id: 0x854
Faulting application start time: 0xPSIA.exe0
Faulting application path: PSIA.exe1
Faulting module path: PSIA.exe2
Report Id: PSIA.exe3

Error: (12/04/2015 02:32:32 PM) (Source: Application Error) (User: )
Description: Faulting application name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
Faulting module name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
Exception code: 0xc0000005
Fault offset: 0x0004c19c
Faulting process id: 0x68c
Faulting application start time: 0xPSIA.exe0
Faulting application path: PSIA.exe1
Faulting module path: PSIA.exe2
Report Id: PSIA.exe3

Error: (12/03/2015 11:32:22 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from function:'DBMgr::DBConnPool::init'

Error: (12/03/2015 11:32:22 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
Connection String:CON=QBConnectionPool-Probe-QB_data_engine_23; ;DBF=E:\Laptop 5-27-15\GIP QB 2015\Graphic Image1-2013.QBW;ENG=QB_data_engine_23;DBN=7f3c0f1421cd430facbf27fa04f3d31d

Error: (12/03/2015 11:32:22 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
Connection Error:Invalid user ID or password

Error: (12/02/2015 02:31:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
Faulting module name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
Exception code: 0xc0000005
Fault offset: 0x00049b14
Faulting process id: 0x988
Faulting application start time: 0xPSIA.exe0
Faulting application path: PSIA.exe1
Faulting module path: PSIA.exe2
Report Id: PSIA.exe3

Error: (12/02/2015 01:33:24 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling add notification to Left Nav Bar- TxnType: INVOICE, TxnID: 45017

Error: (12/02/2015 10:58:58 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling modify notification to Left Nav Bar - TxnType: BILLPAYMENTCHECK, TxnID: 45012

Error: (12/02/2015 10:58:58 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling modify notification to Left Nav Bar - TxnType: BILL, TxnID: 44573

System errors:
=============
Error: (12/07/2015 09:09:49 AM) (Source: Service Control Manager) (User: )
Description: The Secunia PSI Agent service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/07/2015 09:05:02 AM) (Source: WudfUsbccidDriver) (User: NT AUTHORITY)
Description: UpdateCardCapabilities: ATR too short.-8053063480x00x00x00x0

Error: (12/07/2015 09:05:02 AM) (Source: WudfUsbccidDriver) (User: NT AUTHORITY)
Description: ScCardPowerColdReset: IccPowerOnStatusError-8053059920x30x00x420xfe

Error: (12/07/2015 09:05:02 AM) (Source: WudfUsbccidDriver) (User: NT AUTHORITY)
Description: 0x800x20x10xfe0x00x0

Error: (12/07/2015 09:05:02 AM) (Source: WudfUsbccidDriver) (User: NT AUTHORITY)
Description: UpdateCardCapabilities: ATR too short.-8053063480x00x00x00x0

Error: (12/07/2015 09:05:02 AM) (Source: WudfUsbccidDriver) (User: NT AUTHORITY)
Description: ScCardPowerColdReset: IccPowerOnStatusError-8053059920x30x00x420xfe

Error: (12/07/2015 09:05:02 AM) (Source: WudfUsbccidDriver) (User: NT AUTHORITY)
Description: 0x800x20x10xfe0x00x0

Error: (12/07/2015 09:05:02 AM) (Source: SCardSvr) (User: )
Description: The smart card is not responding to a reset.Hewlett-Packard Company CCID Interface 0POWER01 00 00 00

Error: (12/07/2015 09:05:02 AM) (Source: SCardSvr) (User: )
Description: The smart card is not responding to a reset.Hewlett-Packard Company CCID Interface 0POWER01 00 00 00

Error: (12/07/2015 09:05:02 AM) (Source: WudfUsbccidDriver) (User: NT AUTHORITY)
Description: UpdateCardCapabilities: ATR too short.-8053063480x00x00x00x0

Microsoft Office Sessions:
=========================
Error: (12/07/2015 09:09:46 AM) (Source: Application Error)(User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a824000001500093534a2c01d130f82daeeba0C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exe2b3ccd00-9cec-11e5-924a-50e5499f5966

Error: (12/05/2015 09:47:02 AM) (Source: Application Error)(User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353485401d12f6b0d801900C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exe0b63abe0-9b5f-11e5-a0e9-50e5499f5966

Error: (12/04/2015 02:32:32 PM) (Source: Application Error)(User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82c00000050004c19c68c01d12ec94fecc420C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exec30e7060-9abd-11e5-a2ed-50e5499f5966

Error: (12/03/2015 11:32:22 AM) (Source: QuickBooks)(User: )
Description: QuickBooks Pro 2013DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from function:'DBMgr::DBConnPool::init'

Error: (12/03/2015 11:32:22 AM) (Source: QuickBooks)(User: )
Description: QuickBooks Pro 2013Connection String:CON=QBConnectionPool-Probe-QB_data_engine_23; ;DBF=E:\Laptop 5-27-15\GIP QB 2015\Graphic Image1-2013.QBW;ENG=QB_data_engine_23;DBN=7f3c0f1421cd430facbf27fa04f3d31d

Error: (12/03/2015 11:32:22 AM) (Source: QuickBooks)(User: )
Description: QuickBooks Pro 2013Connection Error:Invalid user ID or password

Error: (12/02/2015 02:31:40 PM) (Source: Application Error)(User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82c000000500049b1498801d12d37232670a0C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exe4f5f6720-992b-11e5-b7f0-50e5499f5966

Error: (12/02/2015 01:33:24 PM) (Source: QuickBooks)(User: )
Description: QuickBooks Pro 2013LeftNavDataHelper: Error handling add notification to Left Nav Bar- TxnType: INVOICE, TxnID: 45017

Error: (12/02/2015 10:58:58 AM) (Source: QuickBooks)(User: )
Description: QuickBooks Pro 2013LeftNavDataHelper: Error handling modify notification to Left Nav Bar - TxnType: BILLPAYMENTCHECK, TxnID: 45012

Error: (12/02/2015 10:58:58 AM) (Source: QuickBooks)(User: )
Description: QuickBooks Pro 2013LeftNavDataHelper: Error handling modify notification to Left Nav Bar - TxnType: BILL, TxnID: 44573

=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (HKLM\...\{BC741628-0AFC-405C-8946-DD46D1005A0A}) (Version: 8.2.4 - Hewlett-Packard) Hidden
Add or Remove Adobe Creative Suite 3 Master Collection (HKLM-x32\...\Adobe_4dcfd9b7e901b57f81f667144603236) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
AHV content for Acrobat and Flash (HKLM-x32\...\{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}) (Version: 1 - Adobe Systems Incorporated) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - BR (HKLM-x32\...\{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (HKLM-x32\...\{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (HKLM-x32\...\{CA3861BA-1D96-4D66-B577-318E1602C4F3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (HKLM-x32\...\{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (HKLM-x32\...\{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (HKLM-x32\...\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - EN (HKLM-x32\...\{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - ES (HKLM-x32\...\{68EE5C41-2F79-4F36-BE85-22A814F55AF7}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Extra Content (HKLM-x32\...\_{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}) (Version:  - Corel Corporation)
CorelDRAW Graphics Suite X5 - Extra Content (HKLM-x32\...\{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (HKLM-x32\...\{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (HKLM-x32\...\{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FR (HKLM-x32\...\{8F18CFF8-8259-4148-AD00-2EE572754E92}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (HKLM-x32\...\{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (HKLM-x32\...\{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (HKLM-x32\...\{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (HKLM-x32\...\{59123CCF-FED2-46FF-9293-D1DC80042219}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (HKLM-x32\...\{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (HKLM-x32\...\{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (HKLM-x32\...\{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (HKLM-x32\...\{260ED378-2B8C-4831-ADAE-D0712D119AC5}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (HKLM-x32\...\{9244E956-5939-4B88-930C-0699D4AB2B95}) (Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (HKLM-x32\...\{368FCA18-C510-4F87-B60E-192B9BDBAE3D}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW® Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
DAO 3.5 (HKLM-x32\...\DAO 3.5) (Version:  - )
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.27.37 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.1 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet 200 color M251 (HKLM-x32\...\{6682B5C4-530A-4FB8-ACAC-80DB5CCC68DD}) (Version: 5.0.12200.1036 - Hewlett-Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
hpbDSService (HKLM-x32\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM251DSService (HKLM-x32\...\{413E98C3-2CA1-4D04-AFC2-8D8D873A3178}) (Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDXP (HKLM-x32\...\{6BA4598F-9ECC-453D-B6F7-ABAEEFA35561}) (Version: 3.0.26.12 - HP) Hidden
HPLaserJet200color-M251_HelpLearnCenter_SI (HKLM-x32\...\{DDEBEA89-2B5A-4E5B-8702-369882BB3F52}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (HKLM-x32\...\{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}) (Version: 020.021.004 - HP) Hidden
HPLJUTCore (HKLM-x32\...\{0C779D9C-FD0F-4A53-86BE-3D53E58B2900}) (Version: 004.005.0001 - HP) Hidden
HPLJUTM251 (HKLM-x32\...\{663A3950-CA55-4541-8B46-646BD548641D}) (Version: 3.00.0003 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{180D6813-95E0-415C-B58A-5B9493DE2DDA}) (Version: 009.027.00856 - Hewlett-Packard) Hidden
hppM251LaserJetService (HKLM-x32\...\{09C0DA15-AB94-43BC-9B02-57DF3FEB469F}) (Version: 001.019.00639 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{46A99EAE-98DA-4BE5-94C3-D41BA4C266DA}) (Version: 050.037.00142 - Hewlett Packard) Hidden
hpStatusAlertsM251 (HKLM-x32\...\{A1EF28FB-74A8-4157-91E9-9C164CAB10F8}) (Version: 050.034.00131 - Hewlett-Packard) Hidden
LJDXPHelperUI (HKLM-x32\...\{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}) (Version: 020.021.004 - HP) Hidden
LSI PCI-SV92PP Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4771.1004 - Microsoft Corporation)
Microsoft Outlook Web Access S/MIME (HKLM-x32\...\{6CF08AD2-00C5-4A63-B74B-2EFFFAFEBE1A}) (Version: 6.5.7651.60 - Microsoft)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
PDF Settings (HKLM-x32\...\{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
QuickBooks (HKLM-x32\...\{3167CC62-C775-4E47-92C1-73EBB845751A}) (Version: 23.0.4014.2305 - Intuit Inc.) Hidden
QuickBooks Pro 2013 (HKLM-x32\...\{3C631966-387E-4054-85D9-BBFFABE32BD8}) (Version: 23.0.4001.2305 - Intuit Inc.)
Quicken Basic 2000 (HKLM-x32\...\Quicken Basic 2000) (Version:  - )
SAGE Online (HKLM-x32\...\{A310CA85-AACA-11D5-91C4-00A0CC5BB661}) (Version: 9.5.0 - Quick Technologies Inc.)
SAGEim (HKLM-x32\...\{75FDCE3D-32B3-4DCD-895F-DD2B1F08AD2C}) (Version: 1.00.0000 - Quick Technologies Inc.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spotify (HKCU\...\Spotify) (Version: 1.0.9.133.gcedaee38 - Spotify AB)

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 8190.46 MB
Available physical RAM: 5210.26 MB
Total Virtual: 24572.67 MB
Available Virtual: 21337.81 MB

========================= Partitions: =====================================

1 Drive c: (Drive) (Fixed) (Total:465.66 GB) (Free:361.27 GB) NTFS
2 Drive d: (Oct 26 2015 Win7) (CDROM) (Total:0.11 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\GRAPHICIMAGE-PC

Administrator            Graphic Image            Guest                   

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

15-11-2015 18:46:12 Windows Update
19-11-2015 13:26:05 Windows Update
22-11-2015 18:25:13 Windows Update
25-11-2015 20:10:41 Windows Update
30-11-2015 04:01:19 Windows Update
03-12-2015 19:39:02 Windows Update
07-12-2015 14:16:23 Windows Update

**** End of log ****

 

 

 

 

 Results of screen317's Security Check version 1.013 --- 11/28/15 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Microsoft Security Essentials  
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File 
 Secunia PSI (3.0.0.10004)  
 Adobe Flash Player 19.0.0.245 
 Google Chrome (46.0.2490.86)
 Google Chrome (47.0.2526.73)
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 



#5 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:29 PM

Posted 07 December 2015 - 10:02 AM

Hi there,

Please uninstall Bing Bar using Programs and Features.

It appears that Quickbook and Secunia PSI crashed a lot - you might want to reinstall those.

After that please run this.

:step1: Emsisoft Emergency Kit

Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).
  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When update is complete, click Malware Scan. When asked if you want the scanner to scan for Potentially Unwanted Programs, click Yes. Emsisoft Emergency Kit will start scanning.
  • When the scan is completed click Quarantine selected objects. Note, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop and post the contents in your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.
===

:step2: Malwarebytes Anti-Malware

Download Malwarebytes Anti-Malware from here.

Double click on the file mbam-setup-2.x.x.xxxx.exe to install the application. (x.x.xxxx is the version)
  • Follow the prompt. At the end place a checkmark in Launch Malwarebytes Anti-Malware, then choose Finish.
  • When MBAM opens it will says Your database is out of date. Choose Fix Now.
  • Click on the Scan tab at the top of the window, choose Threat Scan, then Scan Now.
  • If you receive a message that updates are available, choose Update Now button (the scan will start after updates are completed).
  • Please be patient as the scan will take some time.
  • If MBAM detected threats, choose Quarantine for all items, then click Apply Actions.
  • While still on the Scan tab, choose View detailed log. In the window that opens, click the Export button, choose Text file (*.txt) and save the log to your Desktop.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Regards,
Alex

#6 owd66

owd66
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 07 December 2015 - 01:42 PM

EEK

 

Emsisoft Emergency Kit - Version 10.0
Last update: 12/7/2015 10:47:58 AM
User account: GraphicImage-PC\Graphic Image

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start: 12/7/2015 12:16:52 PM
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}  detected: Application.Toolbar (A)
Key: HKEY_USERS\S-1-5-21-2266368226-46544714-163790294-1000\SOFTWARE\APPDATALOW\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}  detected: Application.Toolbar (A)
Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}  detected: Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}  detected: Application.Toolbar (A)
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}  detected: Application.Win32.InstallAd (A)
Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}  detected: Application.Win32.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}  detected: Application.AdFix (A)

Scanned 87730
Found 7

Scan end: 12/7/2015 12:27:36 PM
Scan time: 0:10:44

Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Quarantined Application.AdFix (A)
Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Quarantined Application.Win32.InstallAd (A)
Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Quarantined Application.Toolbar (A)
Key: HKEY_USERS\S-1-5-21-2266368226-46544714-163790294-1000\SOFTWARE\APPDATALOW\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Quarantined Application.Toolbar (A)

Quarantined 4

 

 

MBAM

 

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/12/07 12:31:02 -0500</date>
<logfile>mbam-log-2015-12-07 (12-30-35).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.2.0.1024</version>
<malware-database>v2015.12.07.04</malware-database>
<rootkit-database>v2015.12.07.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<hostname>GRAPHICIMAGE-PC</hostname>
<ip>192.168.200.28</ip>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Graphic Image</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>366863</objects>
<time>1800</time>
<processes>0</processes>
<modules>0</modules>
<keys>3</keys>
<values>3</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>enabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>warn</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE</path><vendor>PUM.Optional.DisableChromeUpdates</vendor><action>success</action><hash>ba86f1b18605f83e90ae7d732bd81be5</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE</path><vendor>PUM.Optional.DisableChromeUpdates</vendor><action>success</action><hash>0e322c760c7fc76f3806935d35ce4db3</hash></key>
<key><path>HKU\S-1-5-21-2266368226-46544714-163790294-1000\SOFTWARE\PRODUCTSETUP</path><vendor>PUP.Optional.ProductSetup</vendor><action>success</action><hash>3907b0f2abe0261071a7693c857e21df</hash></key>
<value><path>HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE</path><valuename>DisableAutoUpdateChecksCheckboxValue</valuename><vendor>PUM.Optional.DisableChromeUpdates</vendor><action>success</action><valuedata>1</valuedata><hash>ba86f1b18605f83e90ae7d732bd81be5</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE</path><valuename>DisableAutoUpdateChecksCheckboxValue</valuename><vendor>PUM.Optional.DisableChromeUpdates</vendor><action>success</action><valuedata>1</valuedata><hash>0e322c760c7fc76f3806935d35ce4db3</hash></value>
<value><path>HKU\S-1-5-21-2266368226-46544714-163790294-1000\SOFTWARE\PRODUCTSETUP</path><valuename>tb</valuename><vendor>PUP.Optional.ProductSetup</vendor><action>success</action><valuedata>0P1C2R1R1D0W0O0R1I1M</valuedata><hash>3907b0f2abe0261071a7693c857e21df</hash></value>
</items>
</mbam-log>
 



#7 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:29 PM

Posted 08 December 2015 - 09:44 AM

Hi there,

How is the computer running?

ESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Regards,
Alex

#8 owd66

owd66
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 09 December 2015 - 08:57 AM

No noticeable improvement.  Chrome still won't launch, applications and IE pages load slow and hang frequently.  I have attempted twice to run ESET.  Both attempts took a long time to run (2+ hours with only 40-50-% completion), but I don't believe either attempt ran to completion.  In both instances I walked away from the computer and returned to find the computer shut down.  I will attempt ESET again today when I know I won't have to walk away.



#9 owd66

owd66
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 09 December 2015 - 10:25 PM

Update - ESET completed on the third attempt, No threats found.  On a previous attempt I did see that an infected file was detected which make me think one of the earlier attempts did finish and remove the file?  After this third attempt, when I select the manage quarantine link there is a list of items.  Will share if I could figure out how to upload or paste an image. Please advise as to next step

 

Otherwise no other changes.  Chrome still won't launch, applications and IE pages load slow and hang frequently.



#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:29 PM

Posted 10 December 2015 - 06:38 AM

Hi there,

How old is this computer?

If Chrome does not launch, I would try completely removing Chrome using Revo Uninstaller, then reinstall it.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users