Help Request (Google Chrome not working with Avast Prem)

Thanks so much for the thread about programs to run and logs to attach!

I had posted my problem of Google Chrome not working well with Avast Prem and it was suggested that I follow the directions in “Logs to assist…” and post my results. Hope that you can help me get Google Chrome working again. It started acting up (slow to load, freezes, etc.) after upgrading to Avast Prem 2015

The frst log was too big for my screen so copy and pasted it into notepad to attach. I noticed that there were left over registry entries for a program I thought I had deleted after it came thru with another download (sweet something or other).

Will reply to this to add the other attachments since only 4 are allowed

The logs probably give you my specs, but just in case:
HP Pavilion g6 Notebook PC
win7 Home Prem 64 bit SP1
avast Prem 2015 (but of course)

Again, thanks for helping me resolve the problems with Google Chrome.

rest of the log files
thanks!

I’d appreciate a response, please. Thanks!

I notified the malware removal experts.
One of them should soon be here to help you.

thanks so much!

Hi sorry we missed you

Could you let me know of chromes behaviour after this please

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - No Path EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

Thanks essexboy! No worries about the delay. I may not have time until tomorrow to follow your ‘fix’, but will be sure to let you know after I do.
all the best

Thanks! I wish I had known that running the FRST Fix would wipe out my entire internet and machine history! I didn’t know to look through all the tabs to unclick things. dang … oh well … nothing to be done now.

Chrome seems to be behaving, at least haven’t replicated the earlier probs so far.

would you please tell me what the logs indicate?

Thanks so much!

attaching the log file and here’s adw log

AdwCleaner v4.108 - Report created 18/01/2015 at 07:35:22

Updated 17/01/2015 by Xplode

Database : 2015-01-13.2 [Live]

Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

Username : Beth - GRAMMIES

Running from : C:\Users\Beth\Desktop\AdwCleaner.exe

Option : Clean

***** [ Services ] *****

Service Deleted : CouponPrinterService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
Folder Deleted : C:\Program Files (x86)\Coupons
Folder Deleted : C:\Users\Beth\AppData\Local\PackageAware
File Deleted : C:\Users\Beth\AppData\Roaming\Mozilla\Firefox\Profiles\dpj9xoq9.default-1407163418563\searchplugins\web-search.xml

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
Key Deleted : HKLM\SOFTWARE\Classes\CLSID{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{2fa28606-de77-4029-af96-b231e3b8f827}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\CompeteInc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.1.3
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Browsers ] *****

-\ Internet Explorer v11.0.9600.17496

-\ Mozilla Firefox v35.0 (x86 en-US)

-\ Google Chrome v39.0.2171.95

[C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}


AdwCleaner[R0].txt - [6186 octets] - [18/01/2015 07:32:42]
AdwCleaner[S0].txt - [5607 octets] - [18/01/2015 07:35:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5667 octets] ##########

Basaically it was several adware programmes and residue that probably caused the hiccups you were experiencing. Are you experiencing any further problems ?

Thanks so much! I deeply appreciate all of your assistance. Chrome seems to be working fine now. Hooray!

suggestion: if/when you advise someone to run these fixes, you might want to let them know that their internet history will be wiped out and that they need to look at all the tabs in adw program results (since there’s no longer ‘click to confirm each’.

wishing you all the best!

Thanks I will bear that in mind

Subject to no further problems :slight_smile:

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix

https://dl.dropboxusercontent.com/u/73555776/delfix.JPG

: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version

https://dl.dropboxusercontent.com/u/73555776/javara.JPG

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

https://dl.dropboxusercontent.com/u/73555776/CryptoPrevent.JPG

Malwarebytes.

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme :wink:

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:

Thanks! Before I start installing new programs, what exactly do they do? are they truly necessary? What happens when I reset System Restore points thru DelFix?

I do need Java for ancestry.com, but have it updated and set to run on demand. I do use Malwarebytes (free version) weekly. I think I’m good with firewall and av protection by using Avast! Premier 2015 which is always updated and running.

A few glitches since yesterday morning

  1. while browsing the internet yesterday in Chrome a series of XXX rated chat windows popped up as separate tabs. I exited, wiped out history and went back to Firefox.
  2. Some OpenOffice docs don’t open
  3. Computer shut off unexpectedly overnight (I have my machine set to power saver so it’s supposed to turn off, but when I turned it on this morning I got the screen telling me it had shut down incorrectly)

I deeply appreciate all of your help!

CryptoPrevent is a tiny utility to lock down any Windows OS (XP, Vista, 7, 8, 8.1, and 10) to prevent infection by the Cryptolocker malware or ‘ransomware’, which encrypts personal files and then offers decryption for a paid ransom.

Delfix will purge all system restore points and then create a clean one. This ensures that any restore point is starting from a clean base as malware can be restored using an infected system restore. The other parts of delfix are to remove all the tools you downloaded whilst we were working, and to reset system files back to hidden where appropriate

What error do you get for the office docs ?

Where the chrome tabs opening on a specific website or at random

thanks again!

I’ll download, install, run DelFix and Crytpo for sure!

the OpenOffice docs just hang and they’re not large - other OO docs however open with no problem at all, so it seems weird

Yes, I was on a particular page when the unwanted Chrome tabs appeared - I believe it was a wiki page in Familysearch.org, but don’t recall for sure. Forgot to mention that after clearing Chrome history, checking privacy settings in Chrome, and closing browser I also ran malwarebytes and Ccleaner. I’ve not gone back to Chrome since.

You’re the best!

Do you have Chrome set to synch ?

no, didn’t think I needed to since I don’t have any other devices to synch it too

NOTE on after running DelFix: no Avast! icon in systray, but marked in systray configurations to show. So did a restart, and desktop took longer to load than before; but Avast! icon is now showing

now on to download, install, run your other recs

Thanks!

RE: JavaRA - it’s a zip file and I don’t have winzip - WinZip popup says I have to purchase?

use 7zip … it is free :wink:

Windows has a built in zip manager … Double click the file and a folder will open . Then select extract all to your desktop

Thanks Pondus and essexboy. oh right! 7 Zip - forgot I had that program :wink: Double clicking gave me the same WinZip pop-up, but right click >open with >Windows Explorer opened the files.