mjcatt

Thanks for your comments Pedro. I think the problem is solved. Just a note: I did try disabling all extensions and plugins as well as changing profiles before doing my original post - none of that had an effect. However, suddenly this morning all browsers, including Chrome, are starting normally (about 1-2 seconds). Unfortunately, I didn't do anything at all. Realizing that this is a new fresh install of Windows 10, I think what may have happened is that it took some time for all software and driver updates to occur. I am guessing that a driver problem or other software problem got fixed by an automatic windows update (although I haven't discovered any log records of that yet). I am completely new to Windows 10 and I find Microsoft has gone even further to shelter users from knowing what the operating system is doing so right now I don't feel I know as much about what windows is doing in terms of updates as I did using Windows 7. I'll eventually learn my way around Windows 10, but my impression is that Windows 10 is designed to be windows for dummies and it now takes more effort for power users to understand what's going on behind the scenes.

I am near the end of upgrading from 64-bit Win 7 to Win 10 Home followed by a Win 10 clean install. I am seeing something similar to previously-reported problems of browsers being slow to start. Previous threads from about MBAE version 1.05 were solved by installing the latest version of MBAE. Here is what I'm seeing new: 1. I am using the latest version of MBAE: 1.08.1045. 2. I have 3 browsers: Edge, FireFox and Chrome 64. Only Chrome 64 starts slowly, about 8-10 seconds whereas the other two browsers start within about a second. 3. So far I am only using Windows 10 firewall and antivirus facilities, no third-party ones installed yet (may soon install free COMODO and AVAST) 4. I have SpywareBlaster installed, but as a test I disabled it and I also disabled all Chrome extensions and plugins with no effect on the slow startup. 5. If I stop all protection in MBAE then Chrome starts in about 1-2 seconds. 6. My issue does NOT involve browser crashes as described in past threads. For what it is worth, I installed MBAE after all browsers had been installed. I have attached a zip of the MBAE user data directory. I also included a FRST scan log in the zip. Any comments/suggestions are appreciated. MBAE and FRST logs.zip

Here are the contents of SecurityCheck checkup.txt: Results of screen317's Security Check version 0.99.87 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Ad-Aware Java 7 Update 55 Java version out of Date! Adobe Flash Player 14.0.0.179 Adobe Reader 10.1.11 Adobe Reader out of Date! Mozilla Firefox (Firefox,. Firefox out of Date! Google Chrome 37.0.2062.102 Google Chrome 37.0.2062.103 Google Chrome plugins... ````````Process Check: objlist.exe by Laurent```````` Ad-Aware AAWService.exe is disabled! Ad-Aware AAWTray.exe is disabled! Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Comodo Firewall cmdagent.exe Malwarebytes Anti-Exploit mbae-svc.exe Malwarebytes Anti-Malware mbamscheduler.exe Malwarebytes Anti-Exploit mbae.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast avastui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````

Unless you suspect anything, I think everything is taken care of. Any other comments you might have would be appreciated.

Attached are the logs from ADWCleaner, JunkRemovalTool and Threat Scan. Note that the ADWCleaner log version is (S3) rather than (S0) since, as I initially mentioned, I ran ADWCleaner before we began working together. AdwCleanerS3.txt JRT.txt Threat Scan.txt

OK, everything went well with ComboFix. I've attached the log. I'm back in normal windows mode with networking and all firewall, anti-virus and anti-malware software reenabled. ComboFix.txt

A new dialog says Avast real time scanners are still active and I can continue at my own risk. Waiting to hear from you at this point...

I just noticed Avast service was set at "automatic" but not running. I "disabled" it in services and will now continue (will re-enable afterwards)...

I'm in safe mode (no networking). When combofix runs from your run command it displays a dialog box saying it detects Avast real time scanners active. Task manager shows no running processes or services for Avast. Dialog still open and asks me to disable them before continuing. How should I proceed? (sent from my smartphone).

ComboFix just won't run. After the registry backup error messages the unpacking facility continues and then the application completely disappears for about 45 seconds and finally a dialog pops up as shown in the attached file. I had disabled all anti-malware, anti-virus and even firewall software when running ComboFix. I had reviewed the ComboFix instructions you suggested and did not see any of the expected screens past the initial file unpacking screen. I verified that the ComboFix directory exists and I have attached a screen capture of its contents

I am part way through your last set of instructions but I have encountered error messages running ComboFix and have stopped with an open dialog box for the moment. The errors related to not being able create/write to a directory for registry backup. I have attached two screen captures of the error dialogs. Presumably there will be 9 more error dialogs like the second, one for eah registry section being backed up. I will await your comments before continuing execution of ComboFix. To be clear, I have not stopped combo fix, I have just left the last error dialog open. Also, attached are the logs from the steps previous to ComboFix: Fixlog.txt and two logs created by TDSKiller. Fixlog.txt TDSSKiller.3.0.0.40_07.09.2014_07.29.04_log.txt TDSSKiller.3.0.0.40_07.09.2014_07.35.24_log.txt

Thank you for your really prompt reply MrCharlie. Although I tend to follow directions well, I need to mention that before I received your instructionsI had attemped several things as mentioned in my original post. These included use of ADW Cleaner and a failed attempt at using Junk Removal Tool. I also used IExplore.exe (rkill) and Hitman Pro. I have attached the rkill and HitmanPro logs for completeness but I will not use these tools again unless instructed to do so. I completed the steps you outlined. Again, I appreciate your quick response and attention. Regards, Mark ******************************************************************************* MalwareBytes Anti-Malware Scan Log is as follows: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 9/6/2014 Scan Time: 7:27:27 PM Logfile: Malwarebytes Anti-Malware Log.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.09.06.08 Rootkit Database: v2014.08.21.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Mark Scan Type: Threat Scan Result: Completed Objects Scanned: 382666 Time Elapsed: 39 min, 55 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) FRST.txt and Addition.txt logs are attached since they are a bit long RogueKiller log is as follows: RogueKiller V9.2.9.0 (x64) [Jul 11 2014] by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : https://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Mark [Admin rights] Mode : Scan -- Date : 09/06/2014 20:42:18 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 15 ¤¤¤ [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C5B148BD-B345-4F68-B797-80237F2FD410} | DhcpNameServer : 172.23.20.2 172.23.10.2 172.23.30.3 -> FOUND [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{C5B148BD-B345-4F68-B797-80237F2FD410} | DhcpNameServer : 172.23.20.2 172.23.10.2 172.23.30.3 -> FOUND [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{C5B148BD-B345-4F68-B797-80237F2FD410} | DhcpNameServer : 172.23.20.2 172.23.10.2 172.23.30.3 -> FOUND [PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2511379649-2607547481-241953837-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND [PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2511379649-2607547481-241953837-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND [PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2511379649-2607547481-241953837-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND [PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2511379649-2607547481-241953837-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2511379649-2607547481-241953837-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> FOUND [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2511379649-2607547481-241953837-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> FOUND [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2511379649-2607547481-241953837-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.bing.com/ -> FOUND [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2511379649-2607547481-241953837-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.bing.com/ -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ HOSTS File : 0 ¤¤¤ ¤¤¤ Antirootkit : 1 (Driver: LOADED) ¤¤¤ [Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom0 (\SystemRoot\System32\DRIVERS\cmderd.sys) ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: IOMEGA ZIP 250 ATA Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! NOT VALID! +++++ PhysicalDrive1: SAMSUNG HD204UI ATA Device +++++ --- User --- [MBR] f25dc0a5735296e31d075878e86699c2 [bSP] 9ba5a3bc75cfaf713dde30888dac6684 : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive2: HDS725050KLA360 ATA Device +++++ --- User --- [MBR] ee18c83718f2572142e036ff3e0120e6 [bSP] f9e904a925f85704017abf8dd91cd864 : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476938 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive3: ST332062 0A SCSI Disk Device +++++ --- User --- [MBR] 7053611da79d50ca69122ce9b5b0564e [bSP] e3aa2a32a2907c8a814c9b94a3e8c542 : Legit.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 305242 MB User = LL1 ... OK Error reading LL2 MBR! ([1] Incorrect function. ) +++++ PhysicalDrive4: ST332062 0A SCSI Disk Device +++++ --- User --- [MBR] 1bb7a24c3cd14962d6cd51365b31646a [bSP] 9fea0f9fd4a8ab10457c1351129192e2 : Legit.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 305242 MB User = LL1 ... OK Error reading LL2 MBR! ([1] Incorrect function. ) Rkill.txt HitmanPro_20140906_1912.log FRST.txt Addition.txt

I have a recurring problem with tabs opening (at least once a day) in Chrome suggesting my "video player may be outdated". I have pursued this via internet searches and have tried various means to eliminate it, including use of Junk Removal Tool (which never completes, but hangs when "checking registry") and ADW Cleaner. I also use Avast Antivirus and Comodo Firewall. I have Malwarebytes Anti-Malware and Anti-Exploit installed and running with all their default settings. Nothing I have tried detects or treats this problem. I have attached a screen capture of the tab in Chrome. Can anyone suggest a procedure to correct this problem? Thank you in advance for any comments/advice. A malware scan only reveals optional.superfish.a (a concern to me, but not central to this post, or is it?). Below are the scan results (user id replaced with ****) Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 9/6/2014Scan Time: 12:46:02 PMLogfile: Administrator: Yes Version: 2.00.2.1012Malware Database: v2014.09.06.07Rootkit Database: v2014.08.21.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: **** Scan Type: Threat ScanResult: CompletedObjects Scanned: 375583Time Elapsed: 24 min, 53 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 2PUP.Optional.Superfish.A, C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [056a10da80fbbf77feb1cd41758e956b], PUP.Optional.Superfish.A, C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [76f91ecc5a211620278831ddbc471be5], Physical Sectors: 0(No malicious items detected) (end)