November 20th, 2014, 03:42 AM
Hi, Broni,
The computer is doing much better than when I first started.
There still seems to be some "lagging" when using Chrome when first opening the browser. The cache and history files have all been cleared, but still a lag here. Note: if I close and restart Chrome, that seems to correct the lag. Either way, once Chrome does respond, the surfing seems back to normal.
Also, on Chrome, when downloading files, and the files complete, there's another lag before Chrome actually displays the file as being complete.
Note: I saw somewhere in today's scans that Chrome is out of date. I think I'll uninstall it and reinstall a fresh version ... what do you think?
The Family, especially the Mrs., is asking about their computer. I explained to Doug that there was some malicious items found, as I told him Mon. But it's best at this time to complete the cleanup and make sure that nothing's left here that might cause a recurrence. He agreed.
Here are the reports from today's scans ...
---- Security Check ----
Results of screen317's Security Check version 0.99.90
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 71
Java(TM) 6 Update 21
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 37.0.2062.124 Google Chrome out of date!
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
---- FSS ----
Farbar Service Scanner Version: 21-07-2014
Ran by Doug (administrator) on 20-11-2014 at 00:37:32
Running from "C:\Users\Doug\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
Internet Services:
Connection Status:
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
Firewall Disabled Policy:
System Restore:
System Restore Disabled Policy:
Action Center:
Windows Update:
Windows Autoupdate Disabled Policy:
Windows Defender:
Other Services:
File Check:
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
---- ESET Scan ----
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe.vir a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application deleted - quarantined
C:\Users\Doug\AppData\LocalLow\ugrspit.dll a variant of Win32/Kryptik.CPTK trojan cleaned by deleting - quarantined
C:\Users\Doug\Desktop\My Documents\Downloads\ADLSoft_UnCompressor_v2_3.exe a variant of Win32/InstallCore.AG potentially unwanted application deleted - quarantined
C:\Users\Doug\Desktop\My Documents\Downloads\File_Opener.exe a variant of Win32/InstallCore.AF potentially unwanted application deleted - quarantined
C:\Users\Doug\Desktop\My Documents\Downloads\ReimageRepair(1).exe Win32/Toolbar.Babylon.T potentially unwanted application deleted - quarantined
C:\Users\Doug\Desktop\My Documents\Downloads\ReimageRepair(2).exe Win32/Toolbar.Babylon.T potentially unwanted application deleted - quarantined
C:\Users\Doug\Desktop\My Documents\Downloads\ReimageRepair(3).exe Win32/Toolbar.Babylon.T potentially unwanted application deleted - quarantined
C:\Users\Doug\Desktop\My Documents\Downloads\ReimageRepair(4).exe Win32/Toolbar.Babylon.T potentially unwanted application deleted - quarantined
C:\Users\Doug\Desktop\My Documents\Downloads\ReimageRepair.exe Win32/Toolbar.Babylon.T potentially unwanted application deleted - quarantined
C:\Users\Doug\Desktop\My Documents\Downloads\Update.exe Win32/Toolbar.CrossRider.C potentially unwanted application deleted - quarantined
C:\Users\Doug\Desktop\My Documents\My Music\iMeshV11.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
November 20th, 2014, 06:22 PM
Reset Chrome...
Click on "Customize and control Google Chrome":

Click "Settings" then "Show advanced settings" at the bottom of the screen.
Click "Reset browser settings" button.
Restart Chrome.
If the above didn't help....
Reinstall Chrome...
If you want to save your bookmarks...
How to Backup Bookmarks in Google Chrome
- Close all Chrome windows and tabs.
- Go to the Start menu > Control Panel. (Windows 8 users: Learn how to access the Control Panel)
- Click Programs and Features.
- Double-click Google Chrome.
- Click Uninstall from the confirmation dialog. Delete your user profile information, like your browser preferences, bookmarks, and history, by selecting the "Also delete your browsing data" checkbox.
Install fresh copy.
Update Adobe Reader
You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.
Update your Java version here: http://www.java.com/en/download/manual.jsp
Alternate download: http://www.filehippo.com/search?q=java
Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.
Note 3: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.
Your computer is clean 
1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.
Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
- Activate UAC (optional; some users prefer to keep it off)
- Remove disinfection tools
- Create registry backup
- Purge System Restore
- Reset system settings
Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.
2. Make sure Windows Updates are current.
3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!
4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)
5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.
6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.
7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).
8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.
9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.
10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.
11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tuto...r-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/foru.../#entry3187642
12. Please, let me know, how your computer is doing.
November 21st, 2014, 03:34 AM
Hi, Broni,
Chrome is now responding nicely. Thanks.
Adobe Reader & Java are up to date. I didn't know that I needed Java 32-bit as well as 64-bit. Both versions are now installed on the machine.
All of the cleaning tools have been removed. Windows is up to date.
Your reading materials are very handy. It's very useful for teaching a "consumer-level user" (my description for a non-technical person like Doug and Family) the dangers of casual internet usage and what they can do to keep their computer clean. Hopefully they will take some of this to heart and they won't have to bring their machine back ... at least not for awhile, I hope. That'll be $50 please ...
The machine is performing MUCH better than before, including Chrome. System startup times are about half of what it was when they brought it to me. There's no more lag or delay when opening or using programs, or when surfing the web. Opening the browser was well over 5 minutes! before it could be used. Now Chrome is ready in less than 10 seconds after opening the browser.
Thanks for your support! You, and all here at VirtDr, have been a valuable resource.
Have a great weekend!
November 21st, 2014, 06:29 PM
Way to go!! 
Good luck and stay safe
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
Forum Rules