Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Help - Chromium bug infected - maybe other bugs, too


  • Please log in to reply
14 replies to this topic

#1 DW1029

DW1029

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:09 AM

Posted 15 April 2017 - 01:32 PM

My daughter brought me her computer to fix.  Chromium (I suspect a malware version) keeps popping up, asking to be set as default browser, and asking to restore pages.  Chromium does not show up as an installed application in the Settings/system/apps&features list.

I ran tds killer, adwCleaner, JRT, and Malwarebytes but was unable to get rid of it.  I did find several other things (mainly PUPs) and removed them.

Computer is running Windows 10 64bit.

Only defense is Windows Defender.

I appreciate any and all help cleaning up this system for her.



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:09 AM

Posted 15 April 2017 - 01:54 PM

Welcome to BC...

 

If Google Chrome and/ or Chromium shows in the list of installed programs then use Download Revo Uninstaller Freeware  to completely uninstall...including profile.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


Edited by buddy215, 15 April 2017 - 01:54 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 DW1029

DW1029
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:09 AM

Posted 15 April 2017 - 02:22 PM

Welcome to BC...

 

If Google Chrome and/ or Chromium shows in the list of installed programs then use Download Revo Uninstaller Freeware  to completely uninstall...including profile.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.

 

Revo found leftover registry items, and is asking if I want to delete them or continue.  I can see Chromium entries.  Do I delete all of these?



#4 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:09 AM

Posted 15 April 2017 - 02:40 PM

Yes...delete them


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 DW1029

DW1029
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:09 AM

Posted 15 April 2017 - 03:00 PM

Ok, here are the three text files requested.

 

Startups:

 

Yes HKCU:Run BingSvc © 2015 Microsoft Corporation C:\Users\Alexa Revolve 810\AppData\Local\Microsoft\BingSvc\BingSvc.exe
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run Chromium The Chromium Authors "c:\users\alexa revolve 810\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
Yes HKCU:Run EADM Electronic Arts "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
Yes HKCU:Run OneDrive Microsoft Corporation "C:\Users\Alexa Revolve 810\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
Yes HKCU:Run ooVoo.exe  C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
Yes HKLM:Run Apoint Alps Electric Co., Ltd. C:\Program Files\Alps\GlidePoint\Apoint.exe
Yes HKLM:Run BlueStacks Agent BlueStack Systems, Inc. C:\Program Files (x86)\BlueStacks\HD-Agent.exe
Yes HKLM:Run Dropbox Dropbox, Inc. "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
Yes HKLM:Run File Sanitizer  C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
Yes HKLM:Run IFXSPMGT Infineon Technologies AG "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes HKLM:Run PDF Complete  C:\Program Files (x86)\PDF Complete\pdfsty.exe
Yes HKLM:Run QLBController Hewlett-Packard Company C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
Yes HKLM:Run RemoteControl10 CyberLink Corp. "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
Yes HKLM:Run RtsCM  RTSCM64.EXE
Yes HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Yes HKLM:Run USB3MON Intel Corporation "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
Yes HKLM:Run WindowsDefender  "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
Yes HKLM:Run YouCam Mirage CyberLink "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
Yes HKLM:Run YouCam Tray CyberLink Corp. "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
Yes Startup Common FAH.lnk Nico Mak Computing C:\Program Files\WinZip\FAH\FAHConsole.exe
Yes Startup Common NFC Connection Utility Icon.lnk Intel Corporation Pvt Ltd. C:\Program Files\IntelNFC\UI\NFCUIc64.exe
Yes Startup Common WinZip Preloader.lnk WinZip Computing, S.L. C:\Program Files\WinZip\WzPreloader.exe
Yes Startup User IMVU.lnk  C:\Users\Alexa Revolve 810\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
 

 

Scheduled Tasks:

 

Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task DropboxUpdateTaskMachineCore Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Yes Task DropboxUpdateTaskMachineUA Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task HPCeeScheduleForAlexa Revolve 810 Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAlexa Revolve 810 (null)
Yes Task OneDrive Standalone Update Task  C:\Users\Alexa Revolve 810\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Yes Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
 

 

Uninstalls:

 

3D Builder Microsoft Corporation 12/24/2016  12.0.3131.0
7-Zip 15.14 Igor Pavlov 10/18/2016 3.43 MB 15.14
ACG Player Axilesoft 4/12/2017  1.11.850.0
Alarms & Clock Microsoft Corporation 4/12/2017  10.1703.602.0
ALPS GlidePoint Driver Alps Electric 4/15/2017 43.0 MB 10.1201.1717.104
App connector Microsoft Corporation 10/19/2016  1.3.3.0
App Installer Microsoft Corporation 3/8/2017  1.0.10332.0
Apple Application Support (32-bit) Apple Inc. 7/27/2016 152 MB 4.3.2
Apple Application Support (64-bit) Apple Inc. 7/27/2016 170 MB 4.3.2
Apple Mobile Device Support Apple Inc. 4/4/2016 43.0 MB 9.3.0.15
Apple Software Update Apple Inc. 4/4/2016 4.91 MB 2.2.0.150
Atmel Touchscreen Power Management Settings Atmel Corp 3/4/2014 2.09 MB 1.7.0.1
BlueStacks App Player BlueStack Systems, Inc. 10/7/2015 2.89 GB 0.10.6.8001
Bonjour Apple Inc. 4/4/2016 3.28 MB 3.1.0.1
Calculator Microsoft Corporation 4/12/2017  10.1703.601.0
Camera Microsoft Corporation 4/12/2017  2017.214.20.0
CCleaner Piriform 4/15/2017  5.28
CyberLink Media Suite 10 CyberLink Corp. 3/4/2014 39.0 MB 10.0.1.2106
CyberLink PhotoDirector CyberLink Corp. 3/4/2014 126 MB 2.0.1.3317
CyberLink PowerDirector 10 CyberLink Corp. 3/4/2014 437 MB 10.0.1.2204
CyberLink PowerDVD CyberLink Corp. 3/4/2014 191 MB 10.0.7.4721
CyberLink YouCam CyberLink Corp. 3/4/2014 95.4 MB 4.1.1.3423
Device Access Manager for HP ProtectTools Hewlett-Packard Company 3/4/2014 33.4 MB 7.1.2.0
Drive Encryption For HP ProtectTools Hewlett-Packard Company 3/4/2014 67.6 MB 7.0.39.32378
Dropbox Dropbox, Inc. 4/14/2017 192 MB 23.4.19
Embedded Security for HP ProtectTools Hewlett-Packard Company 3/4/2014 58.3 MB 7.0.100.3001
Energy Star Digital Logo Hewlett-Packard 3/4/2014 600 KB 1.0.1
ESET Online Scanner v3  4/15/2017  
Evernote v. 4.5.8 Evernote Corp. 7/17/2013 115 MB 4.5.8.7356
Express Zip File Compression NCH Software 10/18/2016 3.99 MB 3.03
Face Recognition for HP ProtectTools Hewlett-Packard Company 10/18/2016 32.8 MB 7.2.2.4549
Feedback Hub Microsoft Corporation 4/12/2017  1.1702.811.0
FIFA 16 Demo Electronic Arts 10/18/2016 3.65 GB 1.0.0.0
File Sanitizer For HP ProtectTools Hewlett-Packard Company 3/4/2014 50.6 MB 7.0.2.2
Get Office Microsoft Corporation 4/12/2017  17.8017.5925.0
Groove Music Microsoft Corporation 4/13/2017  10.17022.10301.0
HP AiO Printer Remote HP Inc. 12/24/2016  65.1.190.0
HP Connection Manager Hewlett-Packard Company 3/4/2014 111 MB 4.5.25.1
HP Documentation Hewlett-Packard 3/4/2014 47.6 MB 1.1.1.0
HP ESU for Microsoft Windows 7 Hewlett-Packard Company 7/17/2013 30.7 MB 2.0.8.1
HP Hotkey Support Hewlett-Packard Company 5/7/2016 38.3 MB 5.0.28.1
HP ProtectTools Security Manager Hewlett-Packard Company 10/18/2016 32.8 MB 7.0.2.1213
HP Setup Hewlett-Packard Company 7/17/2013 64.4 MB 9.1.15453.4066
HP SoftPaq Download Manager HP 10/6/2016 81.3 MB 4.3.4.0
HP Software Framework Hewlett-Packard Company 7/17/2013 16.1 MB 4.6.13.1
HP Software Setup Hewlett-Packard Company 7/17/2013 34.1 MB 8.5.4.1
HP Support Assistant Hewlett-Packard Company 11/8/2015 89.3 MB 8.3.34.7
HP Support Solutions Framework Hewlett-Packard Company 11/8/2015 10.5 MB 12.5.32.37
HP System Default Settings Hewlett-Packard Company 7/17/2013 3.17 MB 2.4.3.1
Icecream Screen Recorder version 3.12 Icecream Apps 1/29/2016 119 MB 3.12
IDT Audio IDT 3/4/2014 235 MB 1.0.6454.0
IMVU Avatar Chat Software  10/18/2016  
Intel® Management Engine Components Intel Corporation 8/15/2015  8.1.30.1350
Intel® Network Connections Drivers Intel 10/18/2016 1.78 MB 17.3
Intel® Processor Graphics Intel Corporation 12/25/2015  10.18.10.4276
Intel® PROSet/Wireless for Bluetooth® + High Speed  3/4/2014  
Intel® PROSet/Wireless NFC Software Intel Corporation 10/18/2016 3.56 MB 1.1.0.009
Intel® Rapid Start Technology Intel Corporation 10/18/2016 4.07 MB 1.0.0.1031
Intel® SDK for OpenCL - CPU Only Runtime Package Intel Corporation 3/4/2014  2.0.0.37149
Intel® USB 3.0 eXtensible Host Controller Driver Intel Corporation 3/4/2014  1.0.6.245
Intel® PROSet/Wireless WiFi Software Intel Corporation 3/4/2014 134 MB 15.02.0000.1258
iTunes Apple Inc. 7/27/2016 282 MB 12.4.2.4
Java 8 Update 121 Oracle Corporation 4/14/2017 53.2 MB 8.0.1210.13
JMicron Flash Media Controller Driver JMicron Technology Corp. 10/18/2016 1.89 MB 1.0.72.4
Mail and Calendar Microsoft Corporation 4/13/2017  17.8104.42387.0
Malwarebytes Anti-Malware version 2.1.8.1057 Malwarebytes Corporation 9/12/2015 52.6 MB 2.1.8.1057
Maps Microsoft Corporation 4/12/2017  5.1703.762.0
Messaging Microsoft Corporation 10/19/2016  3.19.1001.0
Microsoft Office Professional Plus 2013 - en-us Microsoft Corporation 4/12/2017 2.69 GB 15.0.4903.1002
Microsoft OneDrive Microsoft Corporation 4/12/2017 84.8 MB 17.3.6799.0327
Microsoft Solitaire Collection Microsoft Studios 4/12/2017  3.16.3302.0
Microsoft Sticky Notes Microsoft Corporation 4/12/2017  1.8.0.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 3/4/2014 256 KB 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 3/4/2014 348 KB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 3/4/2014 596 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 3/4/2014 1.21 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 4/7/2016 1.48 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 4/23/2013 1.48 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 7/3/2015 680 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 4/7/2016 2.55 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 4/23/2013 1.16 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 3/4/2014 1.16 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 7/3/2015 1.17 MB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 8/15/2015 17.9 MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 8/15/2015 16.0 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Corporation 10/18/2016 20.5 MB 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 Microsoft Corporation 10/18/2016 17.4 MB 11.0.51106.1
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 1/20/2017 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 1/20/2017 17.1 MB 12.0.30501.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 10/18/2016 2.42 MB 10.0.50903
Microsoft Wi-Fi Microsoft Corporation 10/19/2016  1.1604.4.0
Minecraft Mojang 7/3/2015 2.45 MB 1.0.3.0
Money Microsoft Corporation 12/24/2016  4.18.37.0
Movies & TV Microsoft Corporation 4/12/2017  10.17022.10311.0
News Microsoft Corporation 12/24/2016  4.18.41.0
OneNote Microsoft Corporation 4/12/2017  17.7967.57751.0
Open Broadcaster Software  10/18/2016  
Origin Electronic Arts, Inc. 4/15/2017 325 MB 10.4.6.33873
Paid Wi-Fi & Cellular Microsoft Corporation 10/19/2016  1.1607.6.0
PDF Complete Corporate Edition PDF Complete, Inc 4/15/2017 116 MB 4.2.11
People Microsoft Corporation 4/12/2017  10.2.831.0
Phone Microsoft Corporation 10/19/2016  2.17.27003.0
Phone Companion Microsoft Corporation 10/19/2016  10.1609.2561.0
Photos Microsoft Corporation 4/13/2017  17.313.10010.0
Privacy Manager for HP ProtectTools Hewlett-Packard Company 3/4/2014 44.0 MB 7.0.1.892
Revo Uninstaller 2.0.3 VS Revo Group, Ltd. 4/15/2017 21.1 MB 2.0.3
Screencast-O-Matic v2.0 Screencast-O-Matic 10/18/2016  v2-1.8
Skype Skype 4/14/2017  11.13.133.0
Skype™ 7.14 Skype Technologies S.A. 11/26/2015 156 MB 7.14.106
Sports Microsoft Corporation 12/24/2016  4.18.37.0
Store Microsoft Corporation 4/13/2017  11701.1001.99.0
Store Purchase App Microsoft Corporation 10/19/2016  11608.1000.2431.0
Sway Microsoft Corporation 3/8/2017  17.7870.45131.0
The Sims™ 3 Electronic Arts Inc. 10/18/2016 4.45 GB 1.69.43.024017
The Sims™ 3 Island Paradise Electronic Arts Inc. 10/18/2016 4.45 GB 1.0.0.0
The Sims™ 4 Electronic Arts Inc. 1/20/2017 13.2 GB 1.26.96.1010
Theft Recovery for HP ProtectTools Hewlett-Packard Company 3/4/2014 1.18 MB 7.0.1.02
Tips Microsoft Corporation 4/12/2017  5.0.13.0
VIP Access SDK (1.1.0.7) Symantec Inc. 3/4/2014  1.1.0.7
Voice Recorder Microsoft Corporation 4/12/2017  10.1703.601.0
Weather Microsoft Corporation 4/13/2017  4.18.52.0
Windows DVD Player Microsoft Corporation 10/19/2016  3.6.13291.0
WinZip 19.5 WinZip Computing, S.L.  8/7/2015 367 MB 19.5.11532
Wizard101 KingsIsle Entertainment, Inc. 7/31/2015  1.0.0
Xbox Microsoft Corporation 4/12/2017  27.28.8007.0
Xbox 360 SmartGlass Microsoft Corporation 10/19/2016  1.4.3.0
Xbox Identity Provider Microsoft Corporation 10/19/2016  11.19.19003.0
Zip Opener Tiny Opener 3/8/2017  1.3.12.0
 



#6 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:09 AM

Posted 15 April 2017 - 03:29 PM

Disable these Windows Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes HKCU:Run BingSvc © 2015 Microsoft Corporation C:\Users\Alexa Revolve 810\AppData\Local\Microsoft\BingSvc\BingSvc.exe

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

Yes HKCU:Run EADM Electronic Arts "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
Yes HKCU:Run OneDrive Microsoft Corporation "C:\Users\Alexa Revolve 810\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

Yes HKCU:Run ooVoo.exe  C:\Program Files (x86)\ooVoo\oovoo.exe /minimized

Yes HKLM:Run Dropbox Dropbox, Inc. "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
Yes HKLM:Run File Sanitizer  C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe

Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes HKLM:Run PDF Complete  C:\Program Files (x86)\PDF Complete\pdfsty.exe

Yes Startup Common FAH.lnk Nico Mak Computing C:\Program Files\WinZip\FAH\FAHConsole.exe

Yes Startup Common WinZip Preloader.lnk WinZip Computing, S.L. C:\Program Files\WinZip\WzPreloader.exe
Yes Startup User IMVU.lnk  C:\Users\Alexa Revolve 810\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe

 

Delete these Windows Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes HKCU:Run Chromium The Chromium Authors "c:\users\alexa revolve 810\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session

 

Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes Task DropboxUpdateTaskMachineCore Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Yes Task DropboxUpdateTaskMachineUA Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Yes Task HPCeeScheduleForAlexa Revolve 810 Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAlexa Revolve 810 (null)
Yes Task OneDrive Standalone Update Task  C:\Users\Alexa Revolve 810\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Yes Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe

 

Delete these Tasks:

Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

 

Please let me know if the original problem still exists after completing the above and rebooting.

 

 


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 DW1029

DW1029
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:09 AM

Posted 15 April 2017 - 03:44 PM

Disable these Windows Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes HKCU:Run BingSvc © 2015 Microsoft Corporation C:\Users\Alexa Revolve 810\AppData\Local\Microsoft\BingSvc\BingSvc.exe

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

Yes HKCU:Run EADM Electronic Arts "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
Yes HKCU:Run OneDrive Microsoft Corporation "C:\Users\Alexa Revolve 810\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

Yes HKCU:Run ooVoo.exe  C:\Program Files (x86)\ooVoo\oovoo.exe /minimized

Yes HKLM:Run Dropbox Dropbox, Inc. "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
Yes HKLM:Run File Sanitizer  C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe

Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes HKLM:Run PDF Complete  C:\Program Files (x86)\PDF Complete\pdfsty.exe

Yes Startup Common FAH.lnk Nico Mak Computing C:\Program Files\WinZip\FAH\FAHConsole.exe

Yes Startup Common WinZip Preloader.lnk WinZip Computing, S.L. C:\Program Files\WinZip\WzPreloader.exe
Yes Startup User IMVU.lnk  C:\Users\Alexa Revolve 810\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe

 

Delete these Windows Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes HKCU:Run Chromium The Chromium Authors "c:\users\alexa revolve 810\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session

 

Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes Task DropboxUpdateTaskMachineCore Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Yes Task DropboxUpdateTaskMachineUA Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Yes Task HPCeeScheduleForAlexa Revolve 810 Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAlexa Revolve 810 (null)
Yes Task OneDrive Standalone Update Task  C:\Users\Alexa Revolve 810\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Yes Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe

 

Delete these Tasks:

Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

 

Please let me know if the original problem still exists after completing the above and rebooting.

 

 

 

So far so good, but Chromium still appears in the Start Menu application list.

 

Also, is it safe to re-install Google Chrome?



#8 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:09 AM

Posted 15 April 2017 - 04:11 PM

You deleted the one I mentioned listed to delete...right? If you see in a list in another location on the computer...can you delete it?

 

Yes, you can reinstall Chrome...but it would be best to remove all references of Chromium first.

Chrome


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 DW1029

DW1029
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:09 AM

Posted 15 April 2017 - 05:13 PM

You deleted the one I mentioned listed to delete...right? If you see in a list in another location on the computer...can you delete it?

 

Yes, you can reinstall Chrome...but it would be best to remove all references of Chromium first.

Chrome

Yes, I deleted everything you said to delete, but it is still there in the Start Menu.



#10 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:09 AM

Posted 15 April 2017 - 05:32 PM

I'm assuming you have Windows 10 OS. So, I found the instructions in the link below for deleting/ removing an item from its Start Menu.

How to Remove Apps from the All Apps List in Windows 10


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#11 DW1029

DW1029
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:09 AM

Posted 15 April 2017 - 05:35 PM

I'm assuming you have Windows 10 OS. So, I found the instructions in the link below for deleting/ removing an item from its Start Menu.

How to Remove Apps from the All Apps List in Windows 10

 

I will do that, but Chromium launches if I click on it in the start menu, so it must still be on the computer.



#12 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:09 AM

Posted 15 April 2017 - 05:50 PM

Do a file search for Chromium. I don't think it is on the computer....but I could be wrong.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#13 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:09 AM

Posted 15 April 2017 - 05:57 PM

Windows 10 is not my cup of tea....never used it...actually use Linux.

 

I found this which I think is the same as my last post...you can confirm.

 

  1. Click on the Start button (or press the Windows key) to open the Start menu, click on the Settings at the top.
  2. Click on App & features on the left menu.
  3. On the right side, locate Chromium and click it, then click on the Uninstall button.
  4. Click on Uninstall to confirm.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 DW1029

DW1029
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:09 AM

Posted 15 April 2017 - 08:00 PM

 

Windows 10 is not my cup of tea....never used it...actually use Linux.

 

I found this which I think is the same as my last post...you can confirm.

 

  1. Click on the Start button (or press the Windows key) to open the Start menu, click on the Settings at the top.
  2. Click on App & features on the left menu.
  3. On the right side, locate Chromium and click it, then click on the Uninstall button.
  4. Click on Uninstall to confirm.

 

As mentioned in the OP, Chromium does not show up on the list of Applications from the Settings menu, yet it is there in the Start menu, and I am able to run it on the computer.  I do not believe this is a legitimate version of Chromium, but rather a virus/malware.



#15 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:09 AM

Posted 16 April 2017 - 04:12 AM

Please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.

  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running FRST which will create two logs.

When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs...start the new topic anyway. Explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can close this one.

 

DO NOT bump your new topic. Wait for a response from one of the Team Members.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users