Hi truder
A little more cleaning to do:
Step 1
OTL Fix
Please right click on Run as Administrator, accept UAC prompts.
Under
in the textbox at the bottom, please paste in the following text:
:Commands
[CreateRestorePoint]
:OTL
CHR - default_search_provider: 8B66D686059564F146B0645E1FC1BDA4B4A5885A23184382E7A452A2CF281485 ()
CHR - default_search_provider: search_url = BB937C70812130175C92F0B592617DE54052D91DEF84ACC59765052C256E0C8F
CHR - default_search_provider: suggest_url =
CHR - homepage: B6E7DC4BBFFF7D32B7B296A562CA60E40CE2B2AA99DED6E91D1DA41327356946
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [pcreg] C:\Program Files\pcreg\service.exe File not found
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} Reg Error: Key error. (Reg Error: Key error.)
:Files
netsh advfirewall reset /c
netsh advfirewall set allprofiles state on /c
ipconfig /flushdns /c
:Commands
[EMPTYTEMP]
• Push the button.
• OTL may ask to reboot the machine. Please do so if asked.
• A massage box will pop-up.
• Click the OK button and a report will open.
• If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).
• Copy and Paste that report in your next reply, please
Try these instructions to change your Chrome Search provider as well as your Chrome homepage.
Let me know how it goes:
Step 2
Reset Chrome Search Provider:
1. Click the Chrome menu icon on the browser toolbar
2. Select Settings. The Settings page will open.
3. In the "Search" section, click Manage search engines.
Mouse over them and click the X to remove the bad entries.
Make the search engine of your choice, Google the (Default) search engine by mousing over it and clicking Make default.
Step 3
Change the Chrome HomePage:
1. Click on the Chrome menu icon on the browser toolbar
2. When the drop-down menu appears, select the choice labeled Settings.
3. Chrome's Options should now be displayed in a new tab or window, depending on your settings:
4. Click on Settings in the left menu pane, if it is not already selected.
5. Next, locate the Appearance section.
By default, the Home button is not visible on Chrome's main toolbar and the Show Home button option is disabled.
First, activate this option by clicking on the empty check box next to Show Home button.
When the Show Home button checkbox is selected, a web address appears below it or a small pop up window opens to let you choose if you want the New Tab page as your home page or a specific page such as http://www.google.com or Bing.
You need to change your Homepage from the malicious one it is now.
To start out at a different/cleaner webpage, click Change and enter the new address, like http://www.google.com.
Or type or copy it in the Open this page choice.
Step 4
ESET Online Scanner
Please run a free online scan with the ESET
Note: You will need to disable your current installed Anti-Virus for the duration of the online scan, how to do so can be read here.
Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.
Note: This scan works with Internet Explorer or Mozilla FireFox.
If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
- Click the green ESET Online Scanner box
- Tick the box next to YES, I accept the Terms of Use
then click on: Start - You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
- Make sure that the option Scan archives is checked.
- Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
- Click on Start
- The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
- When completed the Online Scan will begin automatically. The scan may take several hours.
- Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
- When completed select Uninstall application on close, make sure you copy the logfile first!
- Then click on: Finish
- Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
- Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
Step 5
Post!
When you return, please post:
1. OTL fix log
2. ESET log
3. Let me know how the Chrome repairs went
4. How is the computer running now?
Thank you