viruses being detected

Viruses and worms
1

been using avast! for about a week now since my computer was running really slow and ever since i installed it and let it run the scanners there’s one that it can’t seem to get rid of. it’s basically from chrome everytime and different sites such as “theparenttrace” “files2share” etc etc etc, i get atleast 20 while on the computer for around 10 minutes, sometimes without even opening chrome itself…

I tried using Malwarebytes Anti-malware to scan but it gets stuck about 3/4 of the way through and i’ve left it to finish for about 3 hours and nothing, still says scanning… shall i leave it running overnight? any help would be appreciated! thanks in advance

2

Hi lets see what you have… Could you attach a screenshot of the Avast popup

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

[*]Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
[*]Select additions at the bottom
[*]Press Scan button.

https://dl.dropboxusercontent.com/u/73555776/frst.JPG

[*]It will produce a log called FRST.txt in the same directory the tool is run from.
[*]Please attach both logs generated.

THEN

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the “Scan” button to start scan

https://dl.dropboxusercontent.com/u/73555776/AswMBR%20scan.JPG

On completion of the scan click save log, save it to your desktop and post in your next reply

3

It wouldn’t properly scan with aswMBR, it’s stopped scanning for 20 minutes at this.

http://i.imgur.com/SWlsGog.png

it does the same with avast. I think it’s something in google chrome but I can’t see anything when i go to apps/extensions. They must be hidden. I attached the other files if they’re any use to you.

4

OK the first thing you must do is uninstall Chrome, you can re-install once we have finished

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:63333;https=127.0.0.1:63333 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1421652496&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1421652392&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1421652496&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1421652392&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88&q={searchTerms} SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=GB&userid=14813b27-3259-2be0-0f19-6d09aa89fd28&searchtype=ds&q={searchTerms}&installDate=16/11/2013 SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1421652392&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88&q={searchTerms} SearchScopes: HKU\S-1-5-21-2190921567-3002956030-1035014947-1000 -> {099A4A17-E294-40F7-A3BC-8CFA58599E1F} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88&ts=1421652541&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2190921567-3002956030-1035014947-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88&ts=1421652541&type=default&q={searchTerms} BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File BHO-x32: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File DPF: HKLM {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc&ts=1421652392&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88 CHR HomePage: Default -> hxxp://uk.ask.com/?o=15434&l=dis CHR StartupUrls: Default -> "", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1421652392&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88", "hxxp://isearch.omiga-plus.com/?type=hppp&ts=1421652496&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88" CHR DefaultSearchKeyword: Default -> google.co.uk CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\internal-nacl-plugin No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll () CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Users\Stu\AppData\Roaming\Mozilla\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java Deployment Toolkit 7.0.710.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java(TM) Platform SE 7 U71) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Unity Player) - C:\Users\Stu\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll () CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) CHR Profile: C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-07] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-07] CHR Extension: (YouTube) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-07] CHR Extension: (Chromoji - Emoji for Google Chrome™) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahedbegdkagmcjfolhdlechbkeaieki [2014-10-07] CHR Extension: (Google Search) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-07] CHR Extension: (ZenMate Security & Privacy VPN) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-02-23] CHR Extension: (AdBlock) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-07] CHR Extension: (Bookmark Manager) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-02-08] CHR Extension: (Google Wallet) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-07] CHR Extension: (Gmail) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-07] CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-23] S2 fdfcd97f; c:\Program Files (x86)\UpgradeLeader\UpgradeLeader.dll [1556992 2015-02-08] () [File not signed] 2015-02-10 07:04 - 2015-02-10 07:04 - 00000000 _____ () C:\Windows\SysWOW64\sho3091.tmp 2015-02-08 23:53 - 2015-02-08 23:55 - 00000000 ____D () C:\Program Files (x86)\SuaaveirPro 2015-02-08 23:27 - 2015-02-08 23:39 - 00000000 ____D () C:\Program Files (x86)\saVinshaope 2015-02-08 23:27 - 2015-02-08 23:39 - 00000000 ____D () C:\Program Files (x86)\saveribox 2015-02-08 23:26 - 2015-02-23 02:37 - 00000000 ____D () C:\Program Files (x86)\SmarttCoMparEE 2015-02-08 23:25 - 2015-02-08 23:53 - 00000000 ____D () C:\ProgramData\17328935941484846146 2015-02-08 23:24 - 2015-02-23 02:37 - 00000000 ____D () C:\Program Files (x86)\APptoU 2015-02-08 15:24 - 2015-02-08 15:24 - 00000000 ____D () C:\ProgramData\WildWestCoupon 2015-02-08 15:03 - 2015-02-08 15:03 - 00000000 ____D () C:\Program Files (x86)\UpgradeLeader 2015-02-08 15:03 - 2015-01-19 07:33 - 00000000 ____D () C:\ProgramData\8915822200006085 2014-09-01 08:18 - 2014-09-01 08:18 - 0001248 _____ () C:\Users\Stu\AppData\Roaming\KWETHZ Task: {1F021751-EE67-4CCF-B56D-6F84D6243949} - System32\Tasks\{A8C14615-6471-4CCE-AB07-54A72DB99AF4} => pcalua.exe -a C:\Users\Stu\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs <==== ATTENTION Task: {4545BD3D-00B5-4787-A88B-5AB9F828C357} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION Task: {565361CD-0CEC-4654-9E4D-D9A9C3F828F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-07] (Google Inc.) Task: {8E764BC1-7F90-409C-9132-5DE356C73551} - System32\Tasks\{7C7F113E-90E0-4ECA-9E43-FAE8AD77BA25} => pcalua.exe -a C:\Users\Stu\Downloads\sp42222.exe -d C:\Users\Stu\Downloads Task: {C30FCCD7-2BDF-4738-8FB5-E768E4C10B97} - System32\Tasks\{D76A49F9-4721-4471-B2A0-A037D849E64C} => pcalua.exe -a "C:\Users\Stu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MH0OWARW\sp57965.exe" -d C:\Users\Stu\Desktop Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Users\Stu\jagex_cl_runescape_LIVE.dat C:\Users\Stu\random.dat C:\Program Files (x86)\Google\Chrome C:\Users\Stu\AppData\Local\Google\Chrome c:\Program Files (x86)\UpgradeLeader C:\Users\Stu\AppData\Roaming\omiga-plus C:\Program Files (x86)\MyPC Backup EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

5
# AdwCleaner v4.111 - Logfile created 28/02/2015 at 00:06:27 # Updated 18/02/2015 by Xplode # Database : 2015-02-18.3 [Server] # Operating system : Windows 7 Home Premium Service Pack 1 (x64) # Username : Stu - STU-HP # Running from : C:\Users\Stu\Downloads\AdwCleaner.exe # Option : Cleaning

***** [ Services ] *****

Service Deleted : YahooAUService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\yuna software
Folder Deleted : C:\Users\Stu\AppData\Local\Conduit
Folder Deleted : C:\Users\Stu\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Stu\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Stu\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Stu\AppData\LocalLow\Minibar
Folder Deleted : C:\Users\Stu\AppData\Roaming\OpenCandy
File Deleted : C:\END
File Deleted : C:\Users\Guest\Desktop\FastPlayer.lnk
File Deleted : C:\Users\Mcx1-STU-HP\Desktop\FastPlayer.lnk

***** [ Scheduled tasks ] *****

Task Deleted : update-sys
Task Deleted : update-S-1-5-21-2190921567-3002956030-1035014947-1000

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Lightshot]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fdfcd97f}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib{C7405EEB-2E16-40FE-9E27-1F48CAAB15E1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\AppDataLow{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKLM\SOFTWARE{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Email Notifier
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\yuna software
Key Deleted : HKLM\SOFTWARE{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
Key Deleted : [x64] HKLM\SOFTWARE\yuna software
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\ Internet Explorer v11.0.9600.17631

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]

-\ Google Chrome v40.0.2214.115

AdwCleaner[R0].txt - [6326 bytes] - [28/02/2015 00:01:39]
AdwCleaner[S0].txt - [5740 bytes] - [28/02/2015 00:06:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5799 bytes] ##########

6

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-02-2015 01
Ran by Stu at 2015-02-27 23:44:16 Run:2
Running from C:\Users\Stu\Desktop
Loaded Profiles: Stu (Available profiles: Stu & Mcx1-STU-HP & Guest)
Boot Mode: Normal

Content of fixlist:

CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:63333;https=127.0.0.1:63333
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1421652496&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1421652392&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1421652496&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1421652392&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88&q={searchTerms}
SearchScopes: HKLM-x32 → {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=GB&userid=14813b27-3259-2be0-0f19-6d09aa89fd28&searchtype=ds&q={searchTerms}&installDate=16/11/2013
SearchScopes: HKLM-x32 → {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1421652392&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2190921567-3002956030-1035014947-1000 → {099A4A17-E294-40F7-A3BC-8CFA58599E1F} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88&ts=1421652541&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2190921567-3002956030-1035014947-1000 → {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88&ts=1421652541&type=default&q={searchTerms}
BHO: No Name → {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} → No File
BHO: Hotspot Shield Class → {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} → No File
BHO-x32: No Name → {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} → No File
DPF: HKLM {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc&ts=1421652392&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88
CHR HomePage: Default → hxxp://uk.ask.com/?o=15434&l=dis
CHR StartupUrls: Default → “”, “hxxp://isearch.omiga-plus.com/?type=hp&ts=1421652392&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88”, “hxxp://isearch.omiga-plus.com/?type=hppp&ts=1421652496&from=tugs&uid=WDCXWD5000BPVT-60HXZT3_WD-WX81E71NRW88NRW88”
CHR DefaultSearchKeyword: Default → google.co.uk
CHR DefaultSuggestURL: Default → {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Users\Stu\AppData\Roaming\Mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.710.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U71) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Stu\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
CHR Profile: C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-07]
CHR Extension: (YouTube) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-07]
CHR Extension: (Chromoji - Emoji for Google Chrome™) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahedbegdkagmcjfolhdlechbkeaieki [2014-10-07]
CHR Extension: (Google Search) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-07]
CHR Extension: (ZenMate Security & Privacy VPN) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-02-23]
CHR Extension: (AdBlock) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-07]
CHR Extension: (Bookmark Manager) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-02-08]
CHR Extension: (Google Wallet) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-07]
CHR Extension: (Gmail) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-07]
CHR HKLM.…\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM-x32.…\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11]
CHR HKLM-x32.…\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-23]
S2 fdfcd97f; c:\Program Files (x86)\UpgradeLeader\UpgradeLeader.dll [1556992 2015-02-08] () [File not signed]
2015-02-10 07:04 - 2015-02-10 07:04 - 00000000 _____ () C:\Windows\SysWOW64\sho3091.tmp
2015-02-08 23:53 - 2015-02-08 23:55 - 00000000 ____D () C:\Program Files (x86)\SuaaveirPro
2015-02-08 23:27 - 2015-02-08 23:39 - 00000000 ____D () C:\Program Files (x86)\saVinshaope
2015-02-08 23:27 - 2015-02-08 23:39 - 00000000 ____D () C:\Program Files (x86)\saveribox
2015-02-08 23:26 - 2015-02-23 02:37 - 00000000 ____D () C:\Program Files (x86)\SmarttCoMparEE
2015-02-08 23:25 - 2015-02-08 23:53 - 00000000 ____D () C:\ProgramData\17328935941484846146
2015-02-08 23:24 - 2015-02-23 02:37 - 00000000 ____D () C:\Program Files (x86)\APptoU
2015-02-08 15:24 - 2015-02-08 15:24 - 00000000 ____D () C:\ProgramData\WildWestCoupon
2015-02-08 15:03 - 2015-02-08 15:03 - 00000000 ____D () C:\Program Files (x86)\UpgradeLeader
2015-02-08 15:03 - 2015-01-19 07:33 - 00000000 ____D () C:\ProgramData\8915822200006085
2014-09-01 08:18 - 2014-09-01 08:18 - 0001248 _____ () C:\Users\Stu\AppData\Roaming\KWETHZ
Task: {1F021751-EE67-4CCF-B56D-6F84D6243949} - System32\Tasks{A8C14615-6471-4CCE-AB07-54A72DB99AF4} => pcalua.exe -a C:\Users\Stu\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs <==== ATTENTION
Task: {4545BD3D-00B5-4787-A88B-5AB9F828C357} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {565361CD-0CEC-4654-9E4D-D9A9C3F828F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-07] (Google Inc.)
Task: {8E764BC1-7F90-409C-9132-5DE356C73551} - System32\Tasks{7C7F113E-90E0-4ECA-9E43-FAE8AD77BA25} => pcalua.exe -a C:\Users\Stu\Downloads\sp42222.exe -d C:\Users\Stu\Downloads
Task: {C30FCCD7-2BDF-4738-8FB5-E768E4C10B97} - System32\Tasks{D76A49F9-4721-4471-B2A0-A037D849E64C} => pcalua.exe -a “C:\Users\Stu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MH0OWARW\sp57965.exe” -d C:\Users\Stu\Desktop
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\Stu\jagex_cl_runescape_LIVE.dat
C:\Users\Stu\random.dat
C:\Program Files (x86)\Google\Chrome
C:\Users\Stu\AppData\Local\Google\Chrome
c:\Program Files (x86)\UpgradeLeader
C:\Users\Stu\AppData\Roaming\omiga-plus
C:\Program Files (x86)\MyPC Backup
EmptyTemp:
CMD: bitsadmin /reset /allusers

Restore point was successfully created.
HKLM\SOFTWARE\Policies\Google => Key not found.
HKU.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable => value deleted successfully.
HKU.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer => value deleted successfully.
HKLM\Software\Microsoft\Internet Explorer\Main\Start Page => Value was restored successfully.
HKLM\Software\Microsoft\Internet Explorer\Main\Search Page => Value was restored successfully.
HKLM\Software\Microsoft\Internet Explorer\Main\Default_Page_URL => Value was restored successfully.
HKLM\Software\Microsoft\Internet Explorer\Main\Default_Search_URL => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key not found.
HKCR\Wow6432Node\CLSID{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\Wow6432Node\CLSID{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKU\S-1-5-21-2190921567-3002956030-1035014947-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{099A4A17-E294-40F7-A3BC-8CFA58599E1F} => Key not found.
HKCR\CLSID{099A4A17-E294-40F7-A3BC-8CFA58599E1F} => Key not found.
HKU\S-1-5-21-2190921567-3002956030-1035014947-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{d43b3890-80c7-4010-a95d-1e77b5924dc3} => Key not found.
HKCR\CLSID{d43b3890-80c7-4010-a95d-1e77b5924dc3} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => Key not found.
HKCR\CLSID{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} => Key not found.
HKCR\CLSID{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => Key not found.
HKCR\Wow6432Node\CLSID{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => Key not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key not found.
HKCR\CLSID{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key not found.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\Default => Value was restored successfully.
Chrome HomePage not detected.
Chrome StartupUrls not detected.
Chrome DefaultSearchKeyword not detected.
Chrome DefaultSuggestURL not detected.
C:\Users\Stu\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758_platform_specific\win_x86\widevinecdmadapter.dll not found.
C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll not found.
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\internal-nacl-plugin No File not found.
C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll not found.
C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll not found.
C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll not found.
C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll not found.
C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll not found.
C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll not found.
C:\Users\Stu\AppData\Roaming\Mozilla\plugins\np-mswmp.dll not found.
C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL not found.
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll not found.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll not found.
C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll not found.
C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll not found.
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll not found.
C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll not found.
C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll not found.
C:\Users\Stu\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll not found.
C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll not found.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll not found.
c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll not found.
CHR Profile: C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default => Error: No automatic fix found for this entry.
C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf directory not found.
C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn directory not found.
C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo directory not found.
C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahedbegdkagmcjfolhdlechbkeaieki directory not found.
C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf directory not found.
C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme directory not found.
C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom directory not found.
C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik directory not found.
C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda directory not found.
C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\jeaohhlajejodfjadcponpnjgkiikocn => Key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aepeildmfnnehghlknddebgjghlompfe => Key not found.
“C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx” => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => Key not found.
Could not move “C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx” => Scheduled to move on reboot.
fdfcd97f => Service not found.
“C:\Windows\SysWOW64\sho3091.tmp” => File/Directory not found.
“C:\Program Files (x86)\SuaaveirPro” => File/Directory not found.
“C:\Program Files (x86)\saVinshaope” => File/Directory not found.
“C:\Program Files (x86)\saveribox” => File/Directory not found.
“C:\Program Files (x86)\SmarttCoMparEE” => File/Directory not found.
“C:\ProgramData\17328935941484846146” => File/Directory not found.
“C:\Program Files (x86)\APptoU” => File/Directory not found.
“C:\ProgramData\WildWestCoupon” => File/Directory not found.
“C:\Program Files (x86)\UpgradeLeader” => File/Directory not found.
“C:\ProgramData\8915822200006085” => File/Directory not found.
“C:\Users\Stu\AppData\Roaming\KWETHZ” => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{1F021751-EE67-4CCF-B56D-6F84D6243949} => Key not found.
C:\Windows\System32\Tasks{A8C14615-6471-4CCE-AB07-54A72DB99AF4} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree{A8C14615-6471-4CCE-AB07-54A72DB99AF4} => Key not found.

7

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{4545BD3D-00B5-4787-A88B-5AB9F828C357} => Key not found.
C:\Windows\System32\Tasks\LaunchSignup not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{565361CD-0CEC-4654-9E4D-D9A9C3F828F2} => Key not found.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{8E764BC1-7F90-409C-9132-5DE356C73551} => Key not found.
C:\Windows\System32\Tasks{7C7F113E-90E0-4ECA-9E43-FAE8AD77BA25} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree{7C7F113E-90E0-4ECA-9E43-FAE8AD77BA25} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{C30FCCD7-2BDF-4738-8FB5-E768E4C10B97} => Key not found.
C:\Windows\System32\Tasks{D76A49F9-4721-4471-B2A0-A037D849E64C} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree{D76A49F9-4721-4471-B2A0-A037D849E64C} => Key not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
“C:\Users\Stu\jagex_cl_runescape_LIVE.dat” => File/Directory not found.
“C:\Users\Stu\random.dat” => File/Directory not found.
“C:\Program Files (x86)\Google\Chrome” => File/Directory not found.
“C:\Users\Stu\AppData\Local\Google\Chrome” => File/Directory not found.
“c:\Program Files (x86)\UpgradeLeader” => File/Directory not found.
“C:\Users\Stu\AppData\Roaming\omiga-plus” => File/Directory not found.
“C:\Program Files (x86)\MyPC Backup” => File/Directory not found.

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 515 KB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-02-27 23:52:04)<=

“C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx” => File could not move.

==== End of Fixlog 23:52:04 ====

8

Lol archangel89 :slight_smile:

Please attach the logs, as you did in reply #2 :wink:

Greetz, Red.

9

Could you now re-install Chrome and let me know if all is well

10

Sorry Rednose I totally forgot! lol

essex it seems to have stopped but it’s taking longer to restart the laptop and when it comes on it tells me catalyst control panel stopped working? i’m unsure if that’s important or not?

11

That is part of your video card and can be disabled unless you do very intensive graphics work

Turn off CCC in MSconfig then reboot