Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Update & Chrome plus other problems with my PC


  • Please log in to reply
16 replies to this topic

#1 mishasham01

mishasham01

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:34 AM

Posted 06 April 2018 - 08:31 PM

Hi,

 

My computer has Windows 7 (SP1). 

 

The computer has a few problems, and I think they are all related.

 

1) Windows Update does not work.  I get the error code 80080005.  I tried every solution I found by googling to no avail.  Nothing worked.  I tried the FixIt, special updates for the Update service, etc, etc, and none of that worked.

 

2) Chrome too often has a problem with the security certificate.  It says "your connection is not private".  I tried googling and tried every solution I could find, again, to no avail.  Nothing worked.

 

3) A lot of times, while trying solutions to the above problems, I had issues with the user permissions.  For example, I tried a solution to the Windows Update not working problem, and it involved using the command prompt, and the command prompt told me the access was denied.  I have only one User on this PC and it's listed as the Administrator.

 

I think these 3 problems are all related.   I really need your help resolving these problems and getting my PC working properly again.  Ideally, I would like an expert to guide me through the process, no matter how long it takes and how many steps, to solve these issues, for which I would be VERY, VERY appreciative and greatful!

 

Thank you!


Edited by mishasham01, 06 April 2018 - 09:06 PM.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,857 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:02:34 AM

Posted 08 April 2018 - 08:15 AM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy taking care to post the link of the snapshot in your next post.

   Go to Piriform's website, and download the free version on the left.  Click Download from Piriform.com (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version. You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.

    After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy.
 
     Once inside Speccy, it will look similar to this (with your computer's specifications, of course):
 
post-33068-0-86653600-1480692866_thumb.j

     Now, at the top, click File > Publish Snapshot.

     Click Yes > then Copy to Clipboard

Now, once you are back in the forum topic you are posting in, click the ADD REPLY or REPLY TO THIS TOPIC button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.

Louis



#3 mightywiz

mightywiz

  • Members
  • 781 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:34 AM

Posted 10 April 2018 - 12:02 PM

if you've tried everything suggested online from microsoft and others then it's time for a fresh install of windows. myself I won't waste all day beating a dead horse and not getting anywhere.

 

you can fight these issues for weeks or just do a factory restore and be up and running the same day.

 

myself my time is valuable and it just makes more sense to backup important data and then do a factory restore.  especially being a tech, my customers don't want to pay for hours of work

when a factory restore would have them back up and running in a day or so.



#4 mishasham01

mishasham01
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:34 AM

Posted 10 April 2018 - 07:15 PM

hamluis,

 

Thank you VERY MUCH for your reply! 

 

Speccy link: http://speccy.piriform.com/results/ymgb2k8NNWulM63JX7MlPQQ

 

MTB report:

MiniToolBox by Farbar  Version: 17-06-2016
Ran by emil shamilov (administrator) on 10-04-2018 at 19:56:32
Running from "C:\Users\emil shamilov\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: Inspiron One 2320 Manufacturer: Dell Inc.

Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/10/2018 07:55:34 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.
Details:      The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (04/10/2018 07:55:34 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:      The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (04/10/2018 07:55:34 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:      The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (04/10/2018 07:55:34 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <MSSearch.IpsPi> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:      The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (04/10/2018 07:55:34 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:   The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (04/10/2018 07:55:34 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:  The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (04/10/2018 07:55:34 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.MapPI> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (04/10/2018 07:55:21 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.
Details:    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (04/10/2018 07:55:21 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (04/10/2018 07:55:21 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)


System errors:
=============
Error: (04/10/2018 07:55:34 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 11 time(s).

Error: (04/10/2018 07:55:34 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147218170.

Error: (04/10/2018 07:55:21 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 10 time(s).

Error: (04/10/2018 07:55:21 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147218170.

Error: (04/10/2018 07:55:20 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 9 time(s).

Error: (04/10/2018 07:55:20 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147218170.

Error: (04/10/2018 07:55:19 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 8 time(s).

Error: (04/10/2018 07:55:19 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147218170.

Error: (04/10/2018 07:38:17 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 7 time(s).

Error: (04/10/2018 07:38:17 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147218170.

Microsoft Office Sessions:
=========================
Error: (04/10/2018 07:55:34 PM) (Source: Windows Search Service)(User: )
Description:
Details:    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (04/10/2018 07:55:34 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application
Details:    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (04/10/2018 07:55:34 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
Details:    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (04/10/2018 07:55:34 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
Details:    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
MSSearch.IpsPi

Error: (04/10/2018 07:55:34 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
Details:    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
Search.TripoliIndexer

Error: (04/10/2018 07:55:34 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
Details:    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
Search.JetPropStore

Error: (04/10/2018 07:55:34 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
Details:    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
Search.MapPI

Error: (04/10/2018 07:55:21 PM) (Source: Windows Search Service)(User: )
Description:
Details:    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (04/10/2018 07:55:21 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application
Details:    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (04/10/2018 07:55:21 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
Details:    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

CodeIntegrity Errors:
===================================
  Date: 2015-06-13 17:46:31.001
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-06-13 17:46:30.923
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-06-13 17:46:30.845
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-06-13 17:46:30.767
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
7-zip v9.20 (HKLM-x32\...\7-zip) (Version: v9.20 - TUGUU SL)
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon MX920 series User Registration (HKLM-x32\...\Canon MX920 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
CyberLink YouPaint (HKLM-x32\...\InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}) (Version: 1.2.2124 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Digital Delivery (HKLM-x32\...\{98CB551E-EDB1-4535-82A6-E3258597F64E}) (Version: 2.7.1000.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell KM632 Wireless Keyboard Caps Lock Indicator (HKLM-x32\...\{55586382-6704-4237-AAA7-85FF9C055022}) (Version: 2.1.9.0401 - Dell)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell Stage (HKLM-x32\...\{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}) (Version: 1.5.201.0 - Fingertapps)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell)
Dell Touch Software Suite Games (HKLM-x32\...\{6FB3428E-23AA-4CA1-BA9D-E6D5F3F692E4}) (Version: 1.5.133.0 - Fingertapps)
Dell Update (HKLM-x32\...\{3FB000F3-7444-41C1-A0A6-53E8FD0B7D9C}) (Version: 1.6.1007.0 - Dell Inc.)
Dell VideoStage  (HKLM-x32\...\{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
DoWnLouwApop (HKLM-x32\...\{15BFA1EF-4B89-F075-6B00-0B4EAD6EFA43}) (Version: 2.2.0.1811 - DoWWnLowApp)
Face Recognition (HKLM\...\{2C5BEF49-4219-4751-9106-39604462939D}) (Version: 3.0.85.1 - Sensible Vision)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version:  - ) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2401 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (HKLM\...\{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}) (Version: 1.1.0.0157 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel® WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 1.0.74.380.g1fcff12a - Spotify AB)
StickyNotes (HKLM-x32\...\{B0789AE7-70D4-454A-90D1-5BA5728E254A}) (Version: 1.5.135.0 - Dell)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

========================= Memory info: ===================================
Percentage of memory in use: 64%
Total physical RAM: 4001.09 MB
Available physical RAM: 1405.18 MB
Total Virtual: 8000.37 MB
Available Virtual: 4566.97 MB

========================= Partitions: =====================================
1 Drive c: (OS) (Fixed) (Total:916.66 GB) (Free:795.34 GB) NTFS

========================= Users: ========================================
User accounts for \\EMILSHAMILOV-PC

Administrator            emil shamilov            Guest                    


**** End of log ****
 


Edited by hamluis, 11 April 2018 - 06:29 AM.


#5 Phantom010

Phantom010

  • Members
  • 1,022 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cyberspace
  • Local time:03:34 AM

Posted 10 April 2018 - 07:31 PM

You may have checked that already, but incorrect computer date and time (and time zone) can cause all three of your problems.


You don't seem to have an antivirus installed on that computer, and using µTorrent. Speccy shows antivirus : disabled. There's a very good chance your computer is infected and causing your troubles.


Edited by hamluis, 11 April 2018 - 06:32 AM.
Merged posts - Hamluis.


#6 mishasham01

mishasham01
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:34 AM

Posted 10 April 2018 - 08:43 PM

Hi mightywiz,

 

System Restore doesn't go far back enough to fix these issues.  I've had the issue with the Windows Update for a couple of years, but never bothered to try to fix it until recently Chrome started giving me the security certificate issues.  I was trying to see if someone here knowledgeable on these matters might be able to help me fix it, without me having to re-install Windows.

 

Hi Phantom,

 

I tried the Time and Date solution, and successfully updated the time and date many times through connecting to one of the time servers, but it doesn't resolve anything. 

Also, I'm glad you asked about the anti-virus as I forgot to mention it in the original post - one of the issues is that I cannot enable the Windows Defender.

I've used uTorrent many years ago a couple of times but that was it, never bothered to uninstall it.  I've ran anti-virus (MalwareBytes) scans before and no virus/malware was present.


Edited by mishasham01, 10 April 2018 - 08:43 PM.


#7 Phantom010

Phantom010

  • Members
  • 1,022 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cyberspace
  • Local time:03:34 AM

Posted 10 April 2018 - 08:53 PM

Hi Phantom,

 

I tried the Time and Date solution, and successfully updated the time and date many times through connecting to one of the time servers, but it doesn't resolve anything. 

Also, I'm glad you asked about the anti-virus as I forgot to mention it in the original post - one of the issues is that I cannot enable the Windows Defender.

I've used uTorrent many years ago a couple of times but that was it, never bothered to uninstall it.  I've ran anti-virus (MalwareBytes) scans before and no virus/malware was present.

 

Unfortunately, you need more than an occasional scan to be well protected with Windows. You need real-time protection from an antivirus. An occasional scan with Malwarebytes is not enough. I'll leave it to hamluis to decide if he'll transfer you to one of the malware removal forums or not, since he started helping you and asked for reports.


Edited by Phantom010, 10 April 2018 - 08:53 PM.


#8 mishasham01

mishasham01
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:34 AM

Posted 11 April 2018 - 04:29 AM

Hi Phantom,

 

I am aware of that.  When that the issue with Windows Update started a few years ago, I'd ran all the anti-virus scans (thorough, flash, etc) with multiple programs to make sure no virus/malware would be present, if any.  But the scans never came up with any malware or virus.  To be honest, I haven't ran a scan this time, because I figured the issue with Chrome is related to the Windows Update.  I will run it today.  To be honest, it's my relative's computer, not mine, so I will have to wait until evening today to run the scan.  We're using TeamVIewer to connect.  I'll keep you posted on the results.


Edited by mishasham01, 11 April 2018 - 04:30 AM.


#9 hamluis

hamluis

    Moderator


  • Moderator
  • 55,857 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:02:34 AM

Posted 11 April 2018 - 06:36 AM

Agree with suggestion for malware check...topic moved to Am I Infected forum for said check.

 

By the way...Windows Defender is not an AV program in Win 7, it is on later versions of Windows.

 

Louis



#10 mishasham01

mishasham01
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:34 AM

Posted 16 April 2018 - 03:29 AM

if you've tried everything suggested online from microsoft and others then it's time for a fresh install of windows. myself I won't waste all day beating a dead horse and not getting anywhere.

 

you can fight these issues for weeks or just do a factory restore and be up and running the same day.

 

myself my time is valuable and it just makes more sense to backup important data and then do a factory restore.  especially being a tech, my customers don't want to pay for hours of work

when a factory restore would have them back up and running in a day or so.

 

Hi mightywiz,

 

Firstly, system restore points are only recent, long after the issues started occurring, so that's not an option.  Secondly, we do not have the original Windows disc in possession to re-install the system.  Thirdly, there is no system image saved which could be used instead of the disc to restore the system.  Besides, I would like to see if it's possible to fix the issues without resorting to the last option, if all else fails.



#11 mishasham01

mishasham01
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:34 AM

Posted 16 April 2018 - 04:22 AM

Agree with suggestion for malware check...topic moved to Am I Infected forum for said check.

 

By the way...Windows Defender is not an AV program in Win 7, it is on later versions of Windows.

 

Louis

 

Hi Louis,
 
If that's the case, I don't understand why I am able to find Windows Defender, except it's turned off and I cannot turn it on - which is just one of the issues this PC is facing.  Please see the attached image below.

 

win7defenderissue.png


Edited by mishasham01, 16 April 2018 - 04:23 AM.


#12 mishasham01

mishasham01
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:34 AM

Posted 16 April 2018 - 04:30 AM

So, I've ran all the 3 scans that MalwareBytes (Premium Trial version) offers.

 

The first one was the Threat Scan and below is its log.  No malicious items were detected except PUPs (see the next post for the Custom Scan's result, which found 1 trojan file).

 

 

 

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 4/13/18
Scan Time: 2:34 PM
Log File: 4b11acc0-3f49-11e8-b2f4-88532e502499.json
Administrator: Yes
 
-Software Information-
Version: 3.4.5.2467
Components Version: 1.0.342
Update Package Version: 1.0.4724
License: Trial
 
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 372343
Threats Detected: 74
Threats Quarantined: 74
Time Elapsed: 1 hr, 8 min, 12 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 39
PUP.Optional.BuzzSocialPoints, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\BuzzSocialPoints_DNS_Checker, Quarantined, [2802], [236361],1.0.4724
PUP.Optional.BuzzSocialPoints, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B7F4F2F5-AB05-4D4A-97E6-8F16095CEB14}, Quarantined, [2802], [236361],1.0.4724
PUP.Optional.BuzzSocialPoints, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{B7F4F2F5-AB05-4D4A-97E6-8F16095CEB14}, Quarantined, [2802], [236361],1.0.4724
PUP.Optional.OptimumPCBoost, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Optimum_Daily, Quarantined, [1235], [349350],1.0.4724
PUP.Optional.OptimumPCBoost, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{19EAA223-95AB-4B86-8F79-F12B48CB55EF}, Quarantined, [1235], [349350],1.0.4724
PUP.Optional.OptimumPCBoost, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{19EAA223-95AB-4B86-8F79-F12B48CB55EF}, Quarantined, [1235], [349350],1.0.4724
PUP.Optional.OptimumPCBoost, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Optimum_LogOn, Quarantined, [1235], [349350],1.0.4724
PUP.Optional.OptimumPCBoost, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F06EF920-AE4B-4BB5-85A8-804A7DC01DA9}, Quarantined, [1235], [349350],1.0.4724
PUP.Optional.OptimumPCBoost, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{F06EF920-AE4B-4BB5-85A8-804A7DC01DA9}, Quarantined, [1235], [349350],1.0.4724
PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Quarantined, [1474], [243667],1.0.4724
PUP.Optional.SuperOptimizer, HKU\S-1-5-21-672674941-3518348205-4107734500-1000\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Quarantined, [1474], [243667],1.0.4724
PUP.Optional.W3i, HKU\S-1-5-21-672674941-3518348205-4107734500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9972A306-74C3-4952-A881-B4087703CF20}, Quarantined, [7087], [362630],1.0.4724
PUP.Optional.SearchQu, HKU\S-1-5-21-672674941-3518348205-4107734500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}, Quarantined, [1499], [242757],1.0.4724
PUP.Optional.MyFreeze, HKLM\SOFTWARE\WOW6432NODE\Freeze.com, Quarantined, [1165], [241027],1.0.4724
PUP.Optional.SysTweak, HKLM\SOFTWARE\WOW6432NODE\Systweak, Quarantined, [1433], [327155],1.0.4724
PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, Quarantined, [1474], [243672],1.0.4724
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3F7549F8-FC54-4ADA-A504-C7604A56FD48}, Quarantined, [3], [253595],1.0.4724
PUP.Optional.SearchQu, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}, Quarantined, [1499], [242758],1.0.4724
PUP.Optional.SearchQu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}, Quarantined, [1499], [242758],1.0.4724
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AdvancedSystemProtector_RASAPI32, Quarantined, [669], [246262],1.0.4724
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AdvancedSystemProtector_RASMANCS, Quarantined, [669], [246262],1.0.4724
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr, Quarantined, [379], [244209],1.0.4724
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, Quarantined, [1406], [253643],1.0.4724
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, Quarantined, [1406], [253644],1.0.4724
PUP.Optional.BitGuard, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{13829AC1-9593-4412-BA39-A92286C3197C}, Quarantined, [4860], [260956],1.0.4724
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F35CE540-A1CA-4155-A104-921ECB5EDEB8}, Quarantined, [669], [259033],1.0.4724
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{F35CE540-A1CA-4155-A104-921ECB5EDEB8}, Quarantined, [669], [186789],1.0.4724
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Advanced System Protector_startup, Quarantined, [669], [186789],1.0.4724
PUP.Optional.BitGuard, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{13829AC1-9593-4412-BA39-A92286C3197C}, Quarantined, [4860], [235838],1.0.4724
PUP.Optional.BitGuard, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\BitGuard, Quarantined, [4860], [235838],1.0.4724
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}, Quarantined, [71], [169264],1.0.4724
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}, Quarantined, [71], [169264],1.0.4724
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}, Quarantined, [71], [169264],1.0.4724
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}, Quarantined, [71], [169264],1.0.4724
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}, Quarantined, [71], [169264],1.0.4724
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}, Quarantined, [71], [169264],1.0.4724
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [71], [169264],1.0.4724
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [71], [169264],1.0.4724
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [71], [169264],1.0.4724
 
Registry Value: 16
PUP.Optional.W3i, HKU\S-1-5-21-672674941-3518348205-4107734500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9972A306-74C3-4952-A881-B4087703CF20}|URL, Quarantined, [7087], [362630],1.0.4724
PUP.Optional.SearchQu, HKU\S-1-5-21-672674941-3518348205-4107734500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}|SUGGESTIONSURL_JSON, Quarantined, [1499], [242757],1.0.4724
PUP.Optional.SearchResults, HKU\S-1-5-21-672674941-3518348205-4107734500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}|URL, Quarantined, [160], [184971],1.0.4724
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3F7549F8-FC54-4ADA-A504-C7604A56FD48}|APPPATH, Quarantined, [3], [253595],1.0.4724
PUP.Optional.SearchQu, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}|SUGGESTIONSURL_JSON, Quarantined, [1499], [242758],1.0.4724
PUP.Optional.SearchQu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}|SUGGESTIONSURL_JSON, Quarantined, [1499], [242758],1.0.4724
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, Quarantined, [379], [244208],1.0.4724
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.exe|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, Quarantined, [379], [244208],1.0.4724
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, Quarantined, [379], [244208],1.0.4724
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, Quarantined, [379], [244208],1.0.4724
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, Quarantined, [379], [244209],1.0.4724
PUP.Optional.BitGuard, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{13829AC1-9593-4412-BA39-A92286C3197C}|PATH, Quarantined, [4860], [260956],1.0.4724
PUP.Optional.OptimumPCBoost, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{19EAA223-95AB-4B86-8F79-F12B48CB55EF}|PATH, Quarantined, [1235], [349333],1.0.4724
PUP.Optional.BuzzSocialPoints, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B7F4F2F5-AB05-4D4A-97E6-8F16095CEB14}|PATH, Quarantined, [2802], [384156],1.0.4724
PUP.Optional.OptimumPCBoost, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F06EF920-AE4B-4BB5-85A8-804A7DC01DA9}|PATH, Quarantined, [1235], [349333],1.0.4724
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F35CE540-A1CA-4155-A104-921ECB5EDEB8}|PATH, Quarantined, [669], [259033],1.0.4724
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 6
PUP.Optional.AdvancedSystemProtector, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\Advanced System Protector, Quarantined, [669], [175380],1.0.4724
PUP.Optional.BuzzSocialPoints, C:\WINDOWS\BUZZSOCIALPOINTSCHECKER, Quarantined, [2802], [175962],1.0.4724
PUP.Optional.MyPCBackup, C:\PROGRAM FILES (X86)\MYPC BACKUP, Quarantined, [507], [178618],1.0.4724
PUP.Optional.SysTweak, C:\PROGRAMDATA\SYSTWEAK, Quarantined, [1433], [327152],1.0.4724
PUP.Optional.SysTweak, C:\USERS\EMIL SHAMILOV\APPDATA\ROAMING\SYSTWEAK, Quarantined, [1433], [327152],1.0.4724
PUP.Optional.OptimizerPro, C:\USERS\EMIL SHAMILOV\DOCUMENTS\OPTIMIZER PRO, Quarantined, [734], [241439],1.0.4724
 
File: 13
PUP.Optional.BuzzSocialPoints, C:\Windows\BuzzSocialPointsChecker\BSP_lidns.exe, Quarantined, [2802], [175962],1.0.4724
PUP.Optional.BuzzSocialPoints, C:\Windows\BuzzSocialPointsChecker\BuzzSocialPoints_lidns.exe, Quarantined, [2802], [175962],1.0.4724
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\DEL_UnRegisterExtensions.exe, Quarantined, [507], [178618],1.0.4724
PUP.Optional.BuzzSocialPoints, C:\WINDOWS\SYSTEM32\TASKS\BuzzSocialPoints_DNS_Checker, Quarantined, [2802], [236361],1.0.4724
PUP.Optional.OptimizerPro, C:\USERS\EMIL SHAMILOV\DOCUMENTS\OPTIMIZER PRO\COOKIESEXCEPTION.TXT, Quarantined, [734], [241439],1.0.4724
PUP.Optional.SearchProtect.AppFlsh, C:\WINDOWS\APPPATCH\APPPATCH64\SPVCLDR64.DLL, Quarantined, [1406], [253626],1.0.4724
PUP.Optional.SearchProtect.AppFlsh, C:\WINDOWS\APPPATCH\CUSTOM\{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, Quarantined, [1406], [253628],1.0.4724
PUP.Optional.SearchProtect.AppFlsh, C:\WINDOWS\APPPATCH\CUSTOM\CUSTOM64\{CF2797AA-B7EC-E311-8ED9-005056C00008}.SDB, Quarantined, [1406], [253629],1.0.4724
PUP.Optional.OptimumPCBoost, C:\WINDOWS\SYSTEM32\TASKS\Optimum_Daily, Quarantined, [1235], [349350],1.0.4724
PUP.Optional.OptimumPCBoost, C:\WINDOWS\SYSTEM32\TASKS\Optimum_LogOn, Quarantined, [1235], [349350],1.0.4724
PUP.Optional.SysTweak, C:\WINDOWS\SYSTEM32\ROBOOT64.EXE, Quarantined, [1433], [395666],1.0.4724
PUP.Optional.MultiPlug, C:\PROGRAMDATA\DOWNLOUWAPOP\ZBA.TLB, Quarantined, [71], [169264],1.0.4724
PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\SASNATIVE64.EXE, Quarantined, [669], [52109],1.0.4724
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)

Edited by mishasham01, 16 April 2018 - 04:40 AM.


#13 mishasham01

mishasham01
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:34 AM

Posted 16 April 2018 - 04:37 AM

The second one was the Custom Scan and when configuring it, I checked off all 4 items - including the "Scan for rootkits".  The scan took 44 hours (see attached image at the bottom) and found 1 trojan file.  Below is its log.

 

 

 

Malwarebytes

www.malwarebytes.com
 
-Log Details-
Scan Date: 4/13/18
Scan Time: 7:52 PM
Log File: ade22d9e-3f75-11e8-8026-88532e502499.json
Administrator: Yes
 
-Software Information-
Version: 3.4.5.2467
Components Version: 1.0.342
Update Package Version: 1.0.4726
License: Trial
 
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: emilshamilov-PC\emil shamilov
 
-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 535068
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 43 hr, 56 min, 24 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 1
Trojan.Tracur.CHR, C:\QOOBOX\QUARANTINE\C\USERS\EMIL SHAMILOV\APPDATA\LOCAL\TEMP\EPPCNPKDEB.DLL.VIR, Quarantined, [11908], [68465],1.0.4726
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)
 
scan_time.png

Edited by mishasham01, 16 April 2018 - 04:40 AM.


#14 mishasham01

mishasham01
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:34 AM

Posted 16 April 2018 - 04:42 AM

The third one was the Hyper Scan.  It found nothing - below is its log.

 

 

 

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 4/15/18
Scan Time: 10:17 PM
Log File: 40fc8118-411c-11e8-a699-88532e502499.json
Administrator: Yes
 
-Software Information-
Version: 3.4.5.2467
Components Version: 1.0.342
Update Package Version: 1.0.4746
License: Trial
 
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: emilshamilov-PC\emil shamilov
 
-Scan Summary-
Scan Type: Hyper Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 2126
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 0 min, 46 sec
 
-Scan Options-
Memory: Enabled
Startup: Disabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Disabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)

Edited by mishasham01, 16 April 2018 - 04:42 AM.


#15 mishasham01

mishasham01
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:34 AM

Posted 16 April 2018 - 04:55 AM

All told, after the scans and the quarantines, the same issues are affecting the computer as before. I've attached images showing some of them.

 

"Your connection is not private" issues on Chrome - for example, Gmail and Wikipedia:

 

connxnotprivateissue_wikipedia.png

 

connxnotprivateissue_gmail.png

 

 

 

"Access denial" issues (there's only 1 user account for the PC and it's set as the Administrator) when trying to access a folder or delete an unused, unnecessary drive (don't even know what its for; the computer has OpenOffice):

 

permissions_issue_Q_is_not_accessible.pn

 

permissions_issue_folder_access.png

 

 

 

Windows update issue:

 

winupdate_issue.png

 

 

 

"Windows Defender not turning on" issue:

 

win7defenderissue.png

 

 


Edited by mishasham01, 16 April 2018 - 05:52 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users