Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Chrome is not letting me close the pop up windows

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Chrome is not letting me close the pop up windows

Unread postby mustfirstregister » October 3rd, 2015, 1:42 am

* When I Back up registry it says Errors 18/24 Registry Files backed up.
* I created a windows restore point

Issue:
---------------------------------------------------------------------------------------------------------------------------------
Chrome is popping up a window that says "Confirm Navigartion" at the button it says "leave this page" and "stay on this page". Before when I clicked on "leave this page" It will close it. now it wont close it keeps popping up more and more. Very aggravating. Have to end task to close chrome. Then when I open up Chrome again I click on restore and all windows appears again. I have to end task again and when I don't click on restore, everything is fine. But i lost all my windows :'(. I don't think i have a virus or my computer is infected. But I'm going to post the logs for you to look at it. Thanks.
----------------------------------------------------------------------------------------------------------------------------------
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 9/15/2014 11:40:36 PM
System Uptime: 10/2/2015 1:01:40 AM (21 hours ago)
.
Motherboard: Dell Inc. | | 05VJ58
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz | CPU | 2201/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 98 GiB total, 0.44 GiB free.
D: is FIXED (NTFS) - 166 GiB total, 1.148 GiB free.
E: is FIXED (NTFS) - 182 GiB total, 0.366 GiB free.
F: is CDROM ()
G: is CDROM ()
H: is Removable
I: is CDROM (UDF)
J: is CDROM (UDF)
K: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_04D81028&REV_05\3&11583659&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_04D81028&REV_05\3&11583659&0&FB
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
µTorrent
Adobe Shockwave Player 12.1
AVG 2015
AVI Splitter
bestadblocker
BondedBranch
CutThePrice
D3DX10
DAEMON Tools Lite
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dell System Detect
EaseUS Partition Master 10.5
Foxit Reader
Ghostery
Google Chrome
Google Update Helper
Intel(R) Processor Graphics
Intel® PROSet/Wireless WiFi Software
IrfanView (remove only)
Java 8 Update 60
Java Auto Updater
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5.2
Microsoft Application Error Reporting
Microsoft Help Viewer 1.1
Microsoft ODBC Driver 11 for SQL Server
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Hotmail Connector 64-bit
Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit
Microsoft Report Viewer 2014 Runtime
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server 2012 Native Client
Microsoft SQL Server 2014 (64-bit)
Microsoft SQL Server 2014 Policies
Microsoft SQL Server 2014 RS Add-in for SharePoint
Microsoft SQL Server 2014 RsFx Driver
Microsoft SQL Server 2014 Setup (English)
Microsoft SQL Server 2014 Transact-SQL Compiler Service
Microsoft SQL Server 2014 Transact-SQL ScriptDom
Microsoft SQL Server System CLR Types
Microsoft System CLR Types for SQL Server 2014
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
Microsoft Visual Studio 2010 Shell (Isolated) - ENU
Microsoft Visual Studio Tools for Applications x64 Runtime 3.0
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0
Microsoft VSS Writer for SQL Server 2014
Movie Maker
Mozilla Firefox 36.0.4 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT110
MSVCRT110_amd64
NEC Electronics USB 3.0 Host Controller Driver
Photo Common
Photo Gallery
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition
Security Update for Microsoft Word 2010 (KB2883013) 64-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
Skype™ 7.6
SQL Server 2014 Analysis Services
SQL Server 2014 Client Tools
SQL Server 2014 Common Files
SQL Server 2014 Data quality client
SQL Server 2014 Data quality service
SQL Server 2014 Database Engine Services
SQL Server 2014 Database Engine Shared
SQL Server 2014 Distributed Replay
SQL Server 2014 Documentation Components
SQL Server 2014 Full text search
SQL Server 2014 Integration Services
SQL Server 2014 Management Studio
SQL Server 2014 Master Data Services
SQL Server 2014 Reporting Services
SQL Server 2014 RS_SharePoint_SharedService
SQL Server 2014 SQL Data Quality Common
SQL Server Browser for SQL Server 2014
Sql Server Customer Experience Improvement Program
swMSM
Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition
VCE Exam Simulator Demo
Visual Studio 2010 Prerequisites - English
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player
Winamp
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 5.11 (64-bit)
Yahoo Search Set
.
==== Event Viewer Messages From Past Week ========
.
9/30/2015 11:07:57 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
9/26/2015 11:36:51 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The system cannot find the file specified.
9/26/2015 11:36:05 AM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
10/1/2015 6:50:13 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{631E81F5-FE5E-4961-BAC8-C50294528C41} because another computer on the network has the same name. The server could not start.
.
==== End Of File ===========================










DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.18595 BrowserJavaVersion: 11.60.2
Run by Ultra at 22:33:20 on 2015-10-02
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6038.3007 [GMT -7:00]
.
AV: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
C:\Program Files\Microsoft SQL Server\MSSQL12.QAT2014\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files\Microsoft SQL Server\MSSQL12.QAT2014\MSSQL\Binn\SQLAGENT.EXE
C:\Program Files\Microsoft SQL Server\MSSQL12.QAT2014\MSSQL\Binn\fdlauncher.exe
C:\Program Files\Microsoft SQL Server\MSSQL12.QAT2014\MSSQL\Binn\fdhost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DeviceDisplayObjectProvider.exe
C:\Users\Ultra\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\AUDIODG.EXE
C:\Program Files (x86)\Yahoo!\yset\{7425F5AA-A423-4D4E-9DE2-BF351DF032D0}\YSearchUtilSvc.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\IrfanView\i_view32.exe
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://ca.yahoo.com/?fr=yset_ie_syc_or ... orcl_hpset
mStart Page = hxxp://websearch.hotsearches.info/?pid= ... A&unqvl=90
mWinlogon: Userinit = userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: dell.com
TCP: NameServer = 10.0.1.1
TCP: Interfaces\{1F68A749-122C-4187-B0B6-6516510282C4} : DHCPNameServer = 192.168.1.254 75.153.176.1
TCP: Interfaces\{631E81F5-FE5E-4961-BAC8-C50294528C41} : DHCPNameServer = 10.0.1.1
TCP: Interfaces\{631E81F5-FE5E-4961-BAC8-C50294528C41}\4554C4553503835363 : DHCPNameServer = 192.168.1.254 75.153.176.9
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs=
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Ultra\AppData\Roaming\Mozilla\Firefox\Profiles\okvuf2uq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.hotsearches.info/?pid= ... =90&l=1&q=
FF - prefs.js: browser.search.selectedEngine - WebSearch
FF - prefs.js: browser.startup.homepage - hxxp://websearch.hotsearches.info/?pid= ... A&unqvl=90
FF - prefs.js: keyword.URL - hxxp://websearch.hotsearches.info/?pid= ... =90&l=1&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\thinkorswim\npthinkorswim.dll
FF - plugin: C:\Program Files\thinkorswim\nptossc.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2015-8-19 297904]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2015-5-7 378336]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2015-8-4 250800]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2015-3-20 40928]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2015-3-11 162784]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2015-8-19 313264]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2015-6-16 259040]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2015-8-4 300464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2014-9-16 283064]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-9-15 317440]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-9-13 95744]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-9-13 212992]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-3-15 198144]
S3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator;C:\Windows\System32\drivers\bpenum.sys [2010-10-25 75264]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-7-19 282624]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2015-5-16 18528]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2015-5-16 10848]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-7-19 59904]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-9-18 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-9-18 59392]
S4 RsFx0300;RsFx0300 Driver;C:\Windows\System32\drivers\RsFx0300.sys [2014-2-21 247488]
.
=============== Created Last 30 ================
.
2015-09-30 04:53:44 -------- d-----w- C:\Users\Ultra\AppData\Local\YSearchUtil
2015-09-30 04:53:43 -------- d-----w- C:\Program Files (x86)\Yahoo!
2015-09-30 04:51:21 -------- d-----w- C:\Users\Ultra\.oracle_jre_usage
2015-09-10 05:32:42 -------- d-----w- C:\Users\Ultra\AppData\Local\FaceBookPro
.
==================== Find3M ====================
.
2015-09-30 04:50:54 97888 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2015-08-19 18:53:56 297904 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2015-08-19 18:52:30 313264 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2015-08-04 18:32:36 300464 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2015-08-04 18:32:32 250800 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
.
============= FINISH: 22:34:58.82 ===============
mustfirstregister
Active Member
 
Posts: 4
Joined: August 5th, 2011, 2:10 am
Advertisement
Register to Remove

Re: Chrome is not letting me close the pop up windows

Unread postby Firefly » October 3rd, 2015, 8:17 am

Hi mustfirstregister

My name is Firefly and I will help you with your computer. I ask you to follow a few ground rules while we are taking care of your computer:

I'm an Undergraduate trainee at MalwareRemovalUniversity (MRU), and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Before we begin...please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT make any changes to your system, or run any tools other than those I provided. Do not delete, fix, uninstall, or install anything unless I tell you to.
  4. Only- post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  5. Print each set of instructions...if possible...your Internet connection will not be available during some fix processes.
  6. Only- reply to this thread, do not start another ... Please, continue responding, until I give you the "All Clean". If you are in progress at another forum, please simply let me know so I can dedicate my time to others who need help.
  7. Failure to respond for 3 days, will result in your topic being closed.

Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.

Warning!
The steps presented in these posts are for this person and machine ONLY. Do not apply these steps to your own system, without the guidance of a trained malware removal helper. Doing so, may possibly damage your system, preventing it from starting.


Malware removal:
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


File Backup

For your safety and protection, I would advise backing up all your important documents, personal data files and photos as some infections may render your computer unbootable during or before the disinfection process. The safest practice is not to backup any files with the following file extensions:
exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.

All of the Windows systems we support have backup capabilities. These existing programs will allow you to back up your files to an external hard drive, USB drive or CD drive.

Do not back up your files to the hard drive of the computer we will be fixing. If the computer becomes unusable, your files will still be gone forever. Every photo, every document… gone. Seriously. Do this now.

Here are links to using the backup program in Windows 7: Windows 7

Since you have made a system restore point, please let me know once you have backed up your data, and we can proceed. I will review your logs in the meantime, and I am confident we will be able to resovle your issues.

Please post back to confirm receipt of this post.
User avatar
Firefly
Regular Member
 
Posts: 949
Joined: March 5th, 2014, 4:33 pm

Re: Chrome is not letting me close the pop up windows

Unread postby mustfirstregister » October 3rd, 2015, 1:47 pm

I followed the link and did a backup to an external drive.
mustfirstregister
Active Member
 
Posts: 4
Joined: August 5th, 2011, 2:10 am

Re: Chrome is not letting me close the pop up windows

Unread postby Firefly » October 6th, 2015, 2:22 pm

Great job Must. Apologies for the delayed response. I am now back and available. Given the delay, if you have chosen to get help elsewhere, please let me know. Otherwise, lets get started:


Unwanted Programs & Peer to Peer

IMPORTANT There are signs of one or more P2P (Peer to Peer) File Sharing Programs installed on your computer.
uTorrent

As long as you have the P2P program(s) installed, per Forum Policy, I can offer you no further assitance.
If you choose NOT to remove the program(s)...indicate that in your next reply and this topic will be closed.


Otherwise, please perform the following steps to remove the P2P program as well as some other unneeded or unwanted programs:

Remove P2P and other Program(s)
1. Close all open programs
2. Click on Start > Control Panel and double click on Programs and Features.
3. Locate the following programs: uTorrent and CutThePrice
4. Click on the Uninstall button located above the list to uninstall each program.
5. When the program(s) have been uninstalled... Close Programs and Features. Close Control Panel.

By using any form of P2P networking to download files you can anticipate infestations of malware to occur. The P2P program itself, may be safe but the files may not... use P2P at your own risk! Keep in mind that this practice may be the source of your current malware infestation.

Reference... siting risk factors, using P2P programs: How to Prevent the Online Invasion of Spyware and Adware


MGA Diagnostic Tool

Download MGA Diagnostic Tool to your Desktop. If you cannot access the internet, please download it on another computer, and copy to the desktop of the infected computer. It cannot be run from the USB!

  • Double click MGADiag.exe to launch the program.
  • Click Continue and let the scan run.
  • When finished it will have created a log.
  • Click Copy.
  • Next open Notepad.
    • Click Start > Run type Notepad click OK.
    • This will open an empty Notepad file.
    • Right click in the empty file and choose Paste to copy the log from MGA Diagnostics into it.
    • Save the file to your Desktop.
    • Close MGA Diagnostic Tool.
  • Copy/Paste the log in your next reply please.


Next Steps

1. Please confirm the removal of uTorrent and CutThePrice
2. Please post the MGA log
User avatar
Firefly
Regular Member
 
Posts: 949
Joined: March 5th, 2014, 4:33 pm

Re: Chrome is not letting me close the pop up windows

Unread postby mustfirstregister » October 6th, 2015, 11:23 pm

I removed uTorrent and CutThePrice




Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-YG69F-9M66D-PMJBM
Windows Product Key Hash: /kehptF9HHVxM5d8dUnqgcfndXw=
Windows Product ID: 00426-OEM-8992662-00497
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {F0CFC8E6-EFF3-4594-9919-B00815B909A5}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.140303-2144
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->
File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{F0CFC8E6-EFF3-4594-9919-B00815B909A5}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-PMJBM</PKey><PID>00426-OEM-8992662-00497</PID><PIDType>2</PIDType><SID>S-1-5-21-1044661406-3314412181-829845863</SID><SYSTEM><Manufacturer>Dell Inc. </Manufacturer><Model>Dell System Inspiron N7110</Model></SYSTEM><BIOS><Manufacturer>Dell Inc. </Manufacturer><Version>A13</Version><SMBIOSVersion major="2" minor="6"/><Date>20120905000000.000000+000</Date></BIOS><HWID>BBBA3907018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>QA09 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Input Error: Can not find script file "C:\Windows\system32\slmgr.vbs".

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Not Registered - 0x80070005
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: NAAAAAIAAgABAAEAAAABAAAABAABAAEAonaCSncWiuwAXyitxpyom/A7rSNiJ7pvYGcucw==

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC DELL QA09
FACP DELL QA09
HPET DELL QA09
BOOT
MCFG DELL QA09
SLIC DELL QA09
SSDT DELL PtidDevc
ASF! DELL QA09
SSDT DELL PtidDevc
SSDT DELL PtidDevc
UEFI DELL QA09
UEFI DELL QA09
UEFI DELL QA09
mustfirstregister
Active Member
 
Posts: 4
Joined: August 5th, 2011, 2:10 am

Re: Chrome is not letting me close the pop up windows

Unread postby Cypher » October 7th, 2015, 10:19 am

Cracked - Illegal Software

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.
The section here explains why we bring this to your attention.

If you wish to receive help from us, you must remove any and all of the following from your computer:
  • Illegal software
  • Cracked software
  • illegal software key generators

Once the software and/or keygens have been removed, if you still need help, please start a new thread... include a link to your closed topic and include NEW DDS logs :
  • DDS.txt.
  • Attach.txt.
  • Details of the problems you're experiencing.
Wait for a new helper. Do not reply to your topic before a helper has replied.

This topic is now closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 309 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware