The process comes from chrome.exe in my C-disk, so I was curious to whats going on…
At the moment Im scanning my PC with Avast and Malwarebytes just to be sure, although I dont think Ill find anything since I scan everyday to make sure and this just happened now all of sudden as I`ve just come home from school to upstart the PC.
So what can do against it? Re-install Chrome or something?
@doktor Did I do it right or?
@Pondus What should I do? The Web Shield pops up everytime I start up Google Chrome about this thing, Its uncomfortable :-\ Here is the log I got from that OTS scan. I attached it so I had to get the picture away which Ill put up a link to instead, as the log and picture are too big to attach.
Just a guess… but it sounds like something set your Chrome home page to that URL. See if you can change the home page to something else (google.com is what I use)or use blank
Mo0nwalker as you have inserted (privacy) for the user name for the fix to work properly you will need to insert the right name or it will fail
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says “Paste fix here” and then click the Run Fix button.
[Unregister Dlls]
[Registry - Safe List]
< FireFox Settings [Prefs.js] > -> C:\Users\(Privacy)\AppData\Roaming\Mozilla\FireFox\Profiles\j4dwz76i.default\prefs.js
YN -> browser.search.defaultenginename -> "Web Search..."
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> "Unattend0000000001{76B1ACF1-877B-4E2A-8688-E6620A420BB8}" -> [c:\komplett\bakgrunn.vbs]
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2
YN -> \{820b7947-15f9-11e0-b856-1c6f65376889} ->
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{820b7947-15f9-11e0-b856-1c6f65376889}\shell ->
YN -> \{820b7947-15f9-11e0-b856-1c6f65376889}\shell\\"" -> [AutoRun]
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{820b7947-15f9-11e0-b856-1c6f65376889}\shell\AutoRun\command ->
YN -> \{820b7947-15f9-11e0-b856-1c6f65376889}\shell\AutoRun\command\\"" -> [F:\BNY2UST.exe]
[Files/Folders - Created Within 30 Days]
NY -> Tempals_inst.exe -> C:\Users\(Privacy)\AppData\Local\Tempals_inst.exe
[Custom Items]
:Files
ipconfig /flushdns /c
:end
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
I will review the information when it comes back in.