Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Chrome 32 Virus. Tried Everything.


  • Please log in to reply
25 replies to this topic

#1 Hsmith22

Hsmith22

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:00 PM

Posted 09 May 2016 - 04:45 PM

I've had the chrome 32 virus on my computer for a long time now and haven't been able to get rid of it. It's not just with chrome either. I've uninstalled chrome and used other browsers but the same virus series poped up, just with the name changed to whichever browser I was using. I've used Malwarebytes, CCleaner, SUPER anti-spyware, Microsoft Defender, Spy Hunter, ESET Poweliks remover, AVG Anti-Virus, Bitdefender, Kaspersky, and a few more I can't remember. I've followed tutorials to no avail. I've searched through the Regedit and found nothing. It's also infected my system repair points so that's not an option, and it certainly doesn't show up in the control panel programs list. How do I get rid of it?



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,420 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:00 AM

Posted 09 May 2016 - 07:40 PM

Welcome to BC....

 

First, confirm you are infected with Poweliks.

 

From the web: The easiest way to see if your computer is infected with malware running under the “Chrome.exe” name, is to open your Windows Task Manager by pressing CTRL + ALT + DEL on your keyboard, right-click on the Chrome.exe *32 which you suspect is malware, and then click on “Open file location”.
The real Chrome.exe from Google should be located in the C:\Program Files (x86)\Google\Chrome\Application folder. Any file named “Chrome.exe” located in other folder can be considered as suspicious.

 

 

After doing the above and you still suspect you are infected with Poweliks, follow the instructions in link below

for using MBAM's anti-rootkit and resetting of IE.

Removal instructions for Poweliks - Malware Removal Guides and Self-Help Guides - Malwarebytes Forums


Edited by buddy215, 09 May 2016 - 08:47 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Hsmith22

Hsmith22
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:00 PM

Posted 10 May 2016 - 03:52 PM

The file location is C:\Program Files (x86)\Google\Chrome\Application. I ran MBAM's anti-rootkit and it found nothing. If it's not poweliks what else could it be?



#4 buddy215

buddy215

  • Moderator
  • 13,420 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:00 AM

Posted 10 May 2016 - 04:04 PM

What symptoms of malware or adware do you see?

 

There is one program you mentioned that I suggest you remove....SpyHunter. Use Download Revo Uninstaller Freeware in Advanced Mode to uninstall

SpyHunter.

 

See what the two programs below will find and remove.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 Hsmith22

Hsmith22
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:00 PM

Posted 11 May 2016 - 07:05 PM

In my website IP bar whenever I go to any kind of webpage, it shows a bunch of ads and ad website loading on the IP bar that slow my computer down considerably. Also pop-ups appear everywhere. Here's the logs. Neither of them found anything serious.

 

# AdwCleaner v5.116 - Logfile created 11/05/2016 at 18:36:56
# Updated 09/05/2016 by Xplode
# Database : 2016-05-09.1 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : User - USER-PC
# Running from : C:\Users\User\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search provided by yahoo.com
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_06&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtB0Fzz0D0A0AyDtA0AtB0CyE0DtAyDtN0D0Tzu0StCyEzyzytN1L2XzutAtFtCzztFtDtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyBtAyC0Ezz0A0C0CtGyByC0B0DtG0DzzyD0AtGtByEtB0BtGyD0C0BzztA0AyC0B0FtCzy0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CzzzytBtA0CyDyBtG0A0DyEyEtGyEzz0F0AtG0BtA0AtBtGtByB0CyCtAtDtCyDtD0D0E0F2QtN0A0LzuyE%26cr%3D617878319%26a%3Dwncy_ir_16_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_07&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtB0Fzz0D0A0AyDtA0AtB0CyE0DtAyDtN0D0Tzu0StCyDtCtCtN1L2XzutAtFtCzztFtCtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyByB0EtAzyyE0FtGyE0BtA0CtGyEzzzztAtGtDyB0CtDtG0D0A0F0FyC0B0A0CtDyE0F0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CzzzytBtA0CyDyBtG0A0DyEyEtGyEzz0F0AtG0BtA0AtBtGtByB0CyCtAtDtCyDtD0D0E0F2QtN0A0LzuyE%26cr%3D1552036581%26a%3Dwncy_ir_16_07%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_06&param1=1&param2=f%3D1%26b%3DChrome%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtB0Fzz0D0A0AyDtA0AtB0CyE0DtAyDtN0D0Tzu0StCyEzyzytN1L2XzutAtFtCzztFtDtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyBtAyC0Ezz0A0C0CtGyByC0B0DtG0DzzyD0AtGtByEtB0BtGyD0C0BzztA0AyC0B0FtCzy0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CzzzytBtA0CyDyBtG0A0DyEyEtGyEzz0F0AtG0BtA0AtBtGtByB0CyCtAtDtCyDtD0D0E0F2QtN0A0LzuyE%26cr%3D617878319%26a%3Dwncy_ir_16_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [4894 bytes] - [06/05/2016 17:09:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [3115 bytes] - [11/05/2016 18:36:56]
C:\AdwCleaner\AdwCleaner[S1].txt - [5269 bytes] - [06/05/2016 16:44:27]
C:\AdwCleaner\AdwCleaner[S2].txt - [3215 bytes] - [11/05/2016 18:31:31]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [3334 bytes] ##########
 
and
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64 
Ran by User (Administrator) on Wed 05/11/2016 at 18:52:51.69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 5 
 
Successfully deleted: C:\ProgramData\935546 (Folder) 
Successfully deleted: C:\ProgramData\SPL2796.tmp (File) 
Successfully deleted: C:\ProgramData\SPL7A67.tmp (File) 
Successfully deleted: C:\ProgramData\SPLB57C.tmp (File) 
Successfully deleted: C:\ProgramData\SPLE45F.tmp (File) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 05/11/2016 at 18:58:04.60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#6 buddy215

buddy215

  • Moderator
  • 13,420 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:00 AM

Posted 11 May 2016 - 07:22 PM

Did you uninstall Spy Hunter?

 

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Once installed and after running CCleaner....do this:

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 Hsmith22

Hsmith22
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:00 PM

Posted 14 May 2016 - 08:12 PM

Spy hunter is uninstalled. 

 

Startup

 
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task {40E59018-EBF0-4BB2-AF9F-61DC3DF96787} Microsoft Corporation C:\Windows\system32\pcalua.exe -a D:\fate-setup.exe -d D:\
Yes Task {BAC8C964-40C2-4CDD-9806-A6730DB59A29} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Program Files\InterActual\InterActual Player\inuninst.exe"
 
Install
 
3D Builder Microsoft Corporation 4/22/2016 10.10.38.0
ABBYY FineReader 6.0 Sprint ABBYY Software House 5/26/2015 117 MB 6.00.2146.41621
Alarms & Clock Microsoft Corporation 4/22/2016 10.1603.12020.0
AMD Catalyst Control Center AMD 4/21/2016 1.00.0000
App connector Microsoft Corporation 4/22/2016 1.3.3.0
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver Atheros Communications Inc. 3/15/2015 1.0.0.36
ATI Catalyst Install Manager ATI Technologies, Inc. 3/15/2015 28.7 MB 3.0.800.0
Broadcom 802.11 Network Adapter Broadcom Corporation 4/21/2016 5.100.249.2
Calculator Microsoft Corporation 4/22/2016 10.1601.49020.0
Camera Microsoft Corporation 4/22/2016 2016.325.60.0
Candy Crush Soda Saga king.com 5/4/2016 1.65.800.0
CCleaner Piriform 4/29/2016 17.7 MB 5.15
Cisco EAP-FAST Module Cisco Systems, Inc. 3/15/2015 1.52 MB 2.2.14
Cisco LEAP Module Cisco Systems, Inc. 3/15/2015 838 KB 1.0.19
Cisco PEAP Module Cisco Systems, Inc. 3/15/2015 1.28 MB 1.1.6
ELAN Touchpad 11.15.0.18_X64 ELAN Microelectronic Corp. 4/24/2016 11.15.0.18
Get Office Microsoft Corporation 5/5/2016 17.6927.23501.0
Get Skype Skype 4/22/2016 3.2.1.0
Get Started Microsoft Corporation 4/22/2016 3.5.11.0
Google Chrome Google Inc. 4/16/2016 481 MB 50.0.2661.102
Google Drive Google, Inc. 5/1/2016 68.6 MB 1.29.2074.1528
Groove Music Microsoft Corporation 4/22/2016 3.6.15131.0
InterActual Player 5/11/2016
Lexmark S600 Series Lexmark International, Inc. 4/29/2016 14.7 MB
Mail and Calendar Microsoft Corporation 5/4/2016 17.6868.40731.0
Malwarebytes Anti-Malware version 2.2.1.1043 Malwarebytes 3/27/2016 56.6 MB 2.2.1.1043
Maps Microsoft Corporation 4/22/2016 4.1601.10150.0
Messaging + Skype Microsoft Corporation 4/22/2016 2.15.20002.0
Microsoft Office Home and Student 2010 Microsoft Corporation 5/12/2016 27.8 MB 14.0.7015.1000
Microsoft Solitaire Collection Microsoft Studios 5/11/2016 3.9.5100.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 8/29/2015 3.39 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 3/15/2015 600 KB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 2/8/2016 4.49 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2/10/2016 1.53 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2/8/2016 4.12 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2/10/2016 1.17 MB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 3/18/2015 27.5 MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 3/18/2015 22.2 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Corporation 4/21/2016 20.4 MB 11.0.50727.1
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 4/21/2016 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Corporation 4/21/2016 17.3 MB 11.0.50727.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 4/21/2016 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 4/21/2016 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 4/21/2016 17.1 MB 12.0.30501.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 4/29/2016 10.0 MB 10.0.50903
Microsoft Wi-Fi Microsoft Corporation 4/28/2016 1.1604.4.0
Money Microsoft Corporation 4/26/2016 4.9.51.0
Movies & TV Microsoft Corporation 4/22/2016 3.6.19761.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 6/27/2015 2.55 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 6/28/2015 2.66 MB 4.20.9876.0
News Microsoft Corporation 4/26/2016 4.9.51.0
OneNote Microsoft Corporation 5/6/2016 17.6868.57841.0
People Microsoft Corporation 4/22/2016 10.0.10811.0
Phone Microsoft Corporation 4/22/2016 2.15.28004.0
Phone Companion Microsoft Corporation 4/22/2016 10.1602.3010.0
Photos Microsoft Corporation 4/22/2016 16.325.12390.0
Qualcomm Atheros Fast Reconnect QualComm Atheros 3/15/2015 93.0 KB 1.0
RAR Opener Tiny Opener 5/8/2016 1.2.8.0
Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 3/15/2015 9.82 MB 6.1.7600.30122
Sports Microsoft Corporation 4/26/2016 4.9.51.0
Store Microsoft Corporation 4/30/2016 11602.1.26.0
SUPERAntiSpyware SUPERAntiSpyware.com 4/29/2016 10.4 MB 6.0.1216
Sway Microsoft Corporation 5/5/2016 17.6965.45161.0
Visual Studio 2012 x64 Redistributables AVG Technologies 4/16/2016 3.79 MB 14.0.0.1
Visual Studio 2012 x86 Redistributables AVG Technologies CZ, s.r.o. 4/16/2016 3.38 MB 14.0.0.1
Voice Recorder Microsoft Corporation 4/22/2016 10.1512.21110.0
Weather Microsoft Corporation 4/26/2016 4.9.51.0
Windows DVD Player Microsoft Corporation 4/23/2016 3.6.13291.0
Windows Live Essentials Microsoft Corporation 8/29/2015 16.4.3528.0331
Xbox Microsoft Corporation 5/6/2016 15.17.3003.0
 
What was the third list you wanted? I only saw 2 mentioned.


#8 buddy215

buddy215

  • Moderator
  • 13,420 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:00 AM

Posted 14 May 2016 - 09:42 PM

You posted the Scheduled Tasks and Installed Programs....missing is the list of Windows Startups.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups

 

I'm calling it a day and will have recommendations for you tomorrow morning.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 buddy215

buddy215

  • Moderator
  • 13,420 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:00 AM

Posted 15 May 2016 - 06:26 AM

Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task {40E59018-EBF0-4BB2-AF9F-61DC3DF96787} Microsoft Corporation C:\Windows\system32\pcalua.exe -a D:\fate-setup.exe -d D:\
Yes Task {BAC8C964-40C2-4CDD-9806-A6730DB59A29} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Program Files\InterActual\InterActual Player\inuninst.exe"
 
Uninstall these programs:
Candy Crush Soda Saga king.com 5/4/2016 1.65.800.0
InterActual Player 5/11/2016
 
If you need a very good DVD / Movie player then get this....VideoLAN - Official page for VLC media player, the Open Source video framework!
 
Please post the list of Windows Startups....it's the list you see after clicking on Tools and clicking on Startups.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 Hsmith22

Hsmith22
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:00 PM

Posted 15 May 2016 - 03:45 PM

I disabled those tasks and uninstalled those two programs. Here's the startup list:

 

Yes HKCU:Run GoogleDriveSync Google "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
Yes HKCU:Run OneDrive Microsoft Corporation "C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
Yes HKCU:Run SUPERAntiSpyware SUPERAntiSpyware C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
Thanks


#11 buddy215

buddy215

  • Moderator
  • 13,420 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:00 AM

Posted 15 May 2016 - 05:43 PM

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 Hsmith22

Hsmith22
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:00 PM

Posted 16 May 2016 - 04:36 PM

When I open either link it says Account has been suspended.



#13 buddy215

buddy215

  • Moderator
  • 13,420 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:00 AM

Posted 16 May 2016 - 04:40 PM

Try to click here for Security Check. That worked for me just now.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 Hsmith22

Hsmith22
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:00 PM

Posted 16 May 2016 - 06:27 PM

The link says it expires after 10 minutes but if you post it now i'll download it. Sorry about that.



#15 buddy215

buddy215

  • Moderator
  • 13,420 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:00 AM

Posted 16 May 2016 - 07:09 PM

Downloading SecurityCheck

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users