Components for Building Computers From Scratch/Crome

Advertisement


Question
QUESTION: I have win7 64Bit and FireFox and every time I go online and then I go off line I see a Crome Shortcut on my Desktop.

I can Dellete it but the next time I go online then come back to my Desktop Google Crome Shortcut is there.

I scan with MailwareBytes and found 3 Things I Dellete them and all is ok.

But this keeps coming back on Desktop.

What is it I know it must be an Ad for them but if I Dabble click it nothing happens.

Can you help?

ANSWER: Have you tried going into programs and uninstalling chrome? Did yoir computer come with chrome already installed?

---------- FOLLOW-UP ----------

QUESTION: My computer did notcome with Crome.

And yes I did uninstall it.

And everytime I go offline and back to Desktop Crome Shortcut is there.

I try to Click on it and nothing happens.

ANSWER: Ive never heard where Google was up to any kind of questionable activity. Maybe some kind of malware is using tbeir name and logo? You can try combofix. If something is questionable it will find it. You can get it from http://www.bleepingcomputer.com/ . It is an executable so you will just download it, save it to your desktop, doubleclick it and let it run. If it finds nothing I would then research this on Google.

---------- FOLLOW-UP ----------

QUESTION: I ran CoboFix and this is the Report it gave

ComboFix 15-11-09.01 - Robert 11/14/2015  13:22:53.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6014.4715 [GMT -6:00]
Running from: c:\users\Robert\Desktop\Programs\System Tools\Anti Virus And\Comofix\32 Bit 64 Bit\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Family PC\AppData\Roaming\893686b8
c:\users\Robert\AppData\Local\Slick Savings
c:\users\Robert\AppData\Local\Slick Savings\coupons.crx
c:\users\Robert\GoToAssistDownloadHelper.exe
c:\windows\DellClick2Fix+_DownloadManager-0.bin
c:\windows\security\Database\tmp.edb
.
.
(((((((((((((((((((((((((   Files Created from 2015-10-14 to 2015-11-14  )))))))))))))))))))))))))))))))
.
.
2015-11-14 19:29 . 2015-11-14 19:29   75888   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{0EAAAABF-F275-466C-B083-416839E0C32C}\offreg.dll
2015-11-14 19:29 . 2015-11-14 19:29   --------   d-----w-   c:\users\Family PC\AppData\Local\temp
2015-11-14 19:29 . 2015-11-14 19:29   --------   d-----w-   c:\users\DefaultAppPool\AppData\Local\temp
2015-11-14 19:29 . 2015-11-14 19:29   --------   d-----w-   c:\users\Default\AppData\Local\temp
2015-11-14 19:29 . 2015-11-14 19:29   --------   d-----w-   c:\users\Administrator\AppData\Local\temp
2015-11-12 12:42 . 2015-11-03 17:55   3211264   ----a-w-   c:\windows\system32\win32k.sys
2015-11-11 18:48 . 2015-10-20 01:12   5570496   ----a-w-   c:\windows\system32\ntoskrnl.exe
2015-11-09 22:23 . 2015-11-09 22:23   --------   d-----w-   c:\program files (x86)\Mozilla Thunderbird
2015-10-26 01:18 . 2015-11-14 19:18   --------   d-----w-   c:\program files (x86)\Mozilla Maintenance Service
2015-10-25 04:53 . 2015-10-25 23:21   --------   d-----w-   c:\users\Robert\AppData\Local\Opera Software
2015-10-25 04:53 . 2015-10-25 23:21   --------   d-----w-   c:\users\Robert\AppData\Roaming\Opera Software
2015-10-25 04:53 . 2015-10-25 23:21   --------   d-----w-   c:\program files (x86)\Opera
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-12 09:08 . 2015-07-27 17:54   145617392   ----a-w-   c:\windows\system32\MRT.exe
2015-11-11 18:29 . 2014-09-26 16:37   780488   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2015-11-11 18:29 . 2014-09-26 16:37   142536   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-11-06 22:50 . 2014-12-12 19:49   129752   ----a-w-   c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-29 17:50 . 2015-11-11 18:48   350208   ----a-w-   c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-11 18:48   309248   ----a-w-   c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-11 18:48   135168   ----a-w-   c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-11 18:48   103424   ----a-w-   c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49 . 2015-11-11 18:48   562176   ----a-w-   c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-11 18:48   470528   ----a-w-   c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-11 18:48   2178560   ----a-w-   c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-11 18:48   211968   ----a-w-   c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2015-11-11 18:48   2560   ----a-w-   c:\windows\apppatch\AcRes.dll
2015-10-20 00:45 . 2015-11-11 18:48   44032   ----a-w-   c:\windows\apppatch\acwow64.dll
2015-10-13 07:29 . 2015-10-13 07:29   875720   ----a-w-   c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 07:22 . 2015-10-13 07:22   869568   ----a-w-   c:\windows\system32\msvcr120_clr0400.dll
2015-10-01 18:06 . 2015-10-14 16:50   692672   ----a-w-   c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-14 16:50   616360   ----a-w-   c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-14 16:50   63488   ----a-w-   c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-14 16:50   59392   ----a-w-   c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-14 16:50   32768   ----a-w-   c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-14 16:50   17920   ----a-w-   c:\windows\system32\appidcertstorecheck.exe
2015-10-01 18:00 . 2015-10-14 16:50   147456   ----a-w-   c:\windows\system32\appidpolicyconverter.exe
2015-10-01 17:50 . 2015-10-14 16:50   50688   ----a-w-   c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-14 16:50   61440   ----a-w-   c:\windows\system32\drivers\appid.sys
2015-09-18 19:22 . 2015-10-15 11:25   25432   ----a-w-   c:\windows\system32\CompatTelRunner.exe
2015-09-18 19:19 . 2015-10-15 11:25   700416   ----a-w-   c:\windows\system32\invagent.dll
2015-09-18 19:19 . 2015-10-15 11:25   766464   ----a-w-   c:\windows\system32\generaltel.dll
2015-09-18 19:19 . 2015-10-15 11:25   503808   ----a-w-   c:\windows\system32\devinv.dll
2015-09-18 19:19 . 2015-10-15 11:25   73216   ----a-w-   c:\windows\system32\acmigration.dll
2015-09-18 19:19 . 2015-10-15 11:25   1291264   ----a-w-   c:\windows\system32\appraiser.dll
2015-09-18 19:09 . 2015-10-15 11:25   1163776   ----a-w-   c:\windows\system32\aeinv.dll
2015-09-02 03:04 . 2015-09-09 14:43   41984   ----a-w-   c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 14:43   100864   ----a-w-   c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 14:43   14336   ----a-w-   c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 14:43   46080   ----a-w-   c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 14:43   70656   ----a-w-   c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 14:43   10240   ----a-w-   c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 14:43   34304   ----a-w-   c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 14:43   25600   ----a-w-   c:\windows\SysWow64\lpk.dll
2015-09-02 01:47 . 2015-09-09 14:43   372736   ----a-w-   c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 14:43   299520   ----a-w-   c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-09 14:43   2004480   ----a-w-   c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-09 14:43   1887232   ----a-w-   c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-09 14:43   2048   ----a-w-   c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-09 14:43   2048   ----a-w-   c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-09 14:43   1391104   ----a-w-   c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-09 14:43   1241088   ----a-w-   c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-09 14:43   2048   ----a-w-   c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 14:43   2048   ----a-w-   c:\windows\SysWow64\msxml3r.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-26 291608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableUIPI"= 1 (0x1)
.
R1 Ai2sXP;Ai2sXP;c:\windows\System32\drivers\Ai2sXP.sys;c:\windows\SYSNATIVE\drivers\Ai2sXP.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R4 ZoomText Helper Service;ZoomText Helper Service;c:\program files (x86)\ZoomText 9.1\ZoomTextHelperService.exe;c:\program files (x86)\ZoomText 9.1\ZoomTextHelperService.exe [x]
S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys;c:\windows\SYSNATIVE\drivers\eubakup.sys [x]
S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys;c:\windows\SYSNATIVE\drivers\EUBKMON.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 Ai2Chroniker;Ai2Chroniker;c:\windows\system32\DRIVERS\Ai2Chroniker.sys;c:\windows\SYSNATIVE\DRIVERS\Ai2Chroniker.sys [x]
S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys;c:\windows\SYSNATIVE\drivers\eudskacs.sys [x]
S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys;c:\windows\SYSNATIVE\drivers\EuFdDisk.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 EaseUS Agent;EaseUS Agent Service;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [x]
S2 ftpsvc;Microsoft FTP Service;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe [x]
S3 Ai2Mmpd;Ai2Mmpd;c:\windows\system32\DRIVERS\Ai2Mmpd.sys;c:\windows\SYSNATIVE\DRIVERS\Ai2Mmpd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs   REG_MULTI_SZ      w3svc was
apphost   REG_MULTI_SZ      apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2015-11-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-26 18:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-10-08 03:11   2471744   ----a-w-   c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-06-02 183216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-06-02 411056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-06-02 453552]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.dell.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath - c:\users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\j7oy940s.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/?gws_rd=ssl
FF - user.js: extensions.astrmndasr.hmpg - true
FF - user.js: extensions.astrmndasr.hmpgUrl - hxxp://astromenda.com/?f=1&a=ast_ggbc_14_41_ff&cd=2XzuyEtN2Y1L1Qzu0AyEtC0FyBtByC0Czz0Dzz0D0F0ByD0CtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtD0CtA0FtCyC0AtGyCyByDyDtGyByEzytCtG0FtCzytDtGyC0C0EtCyC0B0CtDtDzytB0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyCyBtCyEyByCtAtGzyzztBtDtGyEyByCyEtG0ByCyBtCtG0D0E0D0AyB0Czy0BtDzytB0B2Q&cr=1169858520&ir=
FF - user.js: extensions.astrmndasr.dfltSrch - true
FF - user.js: extensions.astrmndasr.srchPrvdr - Astromenda
FF - user.js: extensions.astrmndasr.dnsErr - true
FF - user.js: extensions.astrmndasr_i.newTab - true
FF - user.js: extensions.astrmndasr.newTabUrl - hxxp://astromenda.com/?f=2&a=ast_ggbc_14_41_ff&cd=2XzuyEtN2Y1L1Qzu0AyEtC0FyBtByC0Czz0Dzz0D0F0ByD0CtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtD0CtA0FtCyC0AtGyCyByDyDtGyByEzytCtG0FtCzytDtGyC0C0EtCyC0B0CtDtDzytB0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyCyBtCyEyByCtAtGzyzztBtDtGyEyByCyEtG0ByCyBtCtG0D0E0D0AyB0Czy0BtDzytB0B2Q&cr=1169858520&ir=
FF - user.js: extensions.astrmndasr.tlbrSrchUrl - hxxp://astromenda.com/?f=3&a=ast_ggbc_14_41_ff&cd=2XzuyEtN2Y1L1Qzu0AyEtC0FyBtByC0Czz0Dzz0D0F0ByD0CtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtD0CtA0FtCyC0AtGyCyByDyDtGyByEzytCtG0FtCzytDtGyC0C0EtCyC0B0CtDtDzytB0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyCyBtCyEyByCtAtGzyzztBtDtGyEyByCyEtG0ByCyBtCtG0D0E0D0AyB0Czy0BtDzytB0B2Q&cr=1169858520&ir=&q=
FF - user.js: extensions.astrmndasr.id - A41F726C8D8DFB5C
FF - user.js: extensions.astrmndasr.instlDay - 16352
FF - user.js: extensions.astrmndasr.vrsn -
FF - user.js: extensions.astrmndasr.vrsni -
FF - user.js: extensions.astrmndasr_i.vrsnTs - 1:11
FF - user.js: extensions.astrmndasr.prtnrId - WSE_Astromenda
FF - user.js: extensions.astrmndasr.prdct - astrmndasr
FF - user.js: extensions.astrmndasr.aflt - ast_ggbc_14_41_ff
FF - user.js: extensions.astrmndasr_i.smplGrp - none
FF - user.js: extensions.astrmndasr.tlbrId -
FF - user.js: extensions.astrmndasr.instlRef - 142905_a
FF - user.js: extensions.astrmndasr.dfltLng -
FF - user.js: extensions.astrmndasr.appId - {9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
FF - user.js: extensions.astrmndasr.excTlbr - false
FF - user.js: extensions.astrmndasr.cr - 1169858520
FF - user.js: extensions.astrmndasr.cd - 2XzuyEtN2Y1L1Qzu0AyEtC0FyBtByC0Czz0Dzz0D0F0ByD0CtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtD0CtA0FtCyC0AtGyCyByDyDtGyByEzytCtG0FtCzytDtGyC0C0EtCyC0B0CtDtDzytB0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyCyBtCyEyByCtAtGzyzztBtDtGyEyByCyEtG0ByCyBtCtG0D0E0D0AyB0Czy0BtDzytB0B2Q
FF - user.js: extensions.astrmndasr.AL - 4
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_245_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_245_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_245_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_245_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-11-14  13:31:37
ComboFix-quarantined-files.txt  2015-11-14 19:31
.
Pre-Run: 903,246,675,968 bytes free
Post-Run: 903,091,314,688 bytes free
.
- - End Of File - - AC99341BAFA48F9A616A345110E95103


What does this tell you?  ps after the scan Google Crome is back on my Desktop.

Answer
It looks as if there were no problems detected so the only thing I can think is someway the chrome shortcut is embedded in the system files. There could be a registry fix for this sbortcut that goes to nowhere. Right click the shortcut and post the properties for me.

Components for Building Computers From Scratch

All Answers


Answers by Expert:


Ask Experts

Volunteer


Keith Davis

Expertise

I can answer most any question in this category for the home desktop builder and for most gaming PC builders. This includes what kind of case, cooling products, overclocking, all hardware, software, and safety issues. I can also advise on where the best sources for purchasing hardware are on the net.

Experience

100's of system builds from Win 2k through Win7 for customers as a self-employed PC technician with 100% customer satisfaction. Most experienced with XP and Vista.

Education/Credentials
4 classes short of my Networking degree.

©2016 About.com. All rights reserved.