Conhost.exe or some other virus?

[david1234]

Hi,

In the last 24 hours Google Chrome has stopped working and I've noticed a drop-off in general system performance, including hanging/freezing of explorer.exe a couple of times.

I've re-installed Chrome and the problem fixes for a short time and them returns. I've tried several virus scans (Avast!, MBAM, Norton, AVG) and nothing has been detected, I've also looked in the registry and appdata and temp folders for signs of the regular conhost.exe virus and can't find anything...but I can't think why else my computer would be acting so strangely!

I've attached the logs from MBAM, OTL and aswMBR.

Please let me know what you think!

Thanks for your help,

Dave

[Pondus]

I've noticed a drop-off in general system performance

installing multiple AV does not make system performance better.     

[essexboy]

No apparent malware but with 3 antivirus programmes you must expect some weird results

[david1234]

Hi,

Thanks to you both. I understand that having more than one antivirus is a problem and I don't usually run any except Security Essentials, I just had them on there to see if they could pick anything up. The problem started before I had them installed.

Just a couple of points on the issues I'm having with Chrome to see if this is familiar to anyone:
- When I reinstall it seems to work ok for a while, then it starts giving me issues, even if I don't sign in and sync bookmarks, etc;
- When I restart my comp and don't have it synced it seems to work;
- When I'm having problems I can't type in the Chrome address box on the first tab. If I open a new tab I can type in it but then if I try and shift between tabs the tab I want to shift to will shut when I click on it;
- I can't open the settings tab unless I've done a restart, once it starts doing weird things, settings are unavailable to me.

Any ideas??

[Pondus]

removal tools for AV.    http://singularlabs.com/uninstallers/security-software/

[essexboy]

The problem is probably within the synch..  Disable and then delete it

[david1234]

Thanks for the removal tools. I've already deleted them though.

I've already tried deleting the sync and reinstalling Chrome without syncing. The problem goes away for a while after a reintall but then comes back, even if I don't sign in/sync Chrome 

[essexboy]

Is it only chrome that has this problem

[david1234]

I'm still getting random instances of the computer hanging, even with chrome shut. I've opened task manager a few times when this has happened and this hangs for a few seconds before being selectable in the ctrl+alt+delete menu also.

It could just be that this is a result of having chrome open at some earlier time, but I don't think so. Pretty sure this happens all by itself, with or without chrome.

Does it make sense that I aways have at least two versions of conhost.exe running? One has a description in task manger and one doesn't.

[essexboy]

Once you have uninstalled the additional antivirus programmes could you run a fresh OTL scan to look at

[david1234]

No worries, attached. There is only the 'OTL' log this time though. I've run it twice and there's no 'extras'?

I've also rolled back my NVidia drivers from RL331 to 327 as I did that a couple of days ago and am wondering if that's got anything to do with it.

[Pondus]

I've run it twice and there's no 'extras'?

only created first time you run OTL ... just extra tech info   

[essexboy]

What he said

OK lets now clear the caches, once done play with chrome and then see how it is working
 

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  

Code: [Select]

:Commands
[CREATERESTOREPOINT]

:OTL
IE - HKU\S-1-5-21-1617613398-1408851301-3495787380-1001\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSSNAV&chn=retail&geo=AU&ver=2014&locale=en_AU&gct=kwd&qsrc=2869
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1617613398-1408851301-3495787380-1001\..\Toolbar\WebBrowser: (no name) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - No CLSID value found.

:Commands
[resethosts]
[emptytemp]
[Reboot]

• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done

[david1234]

Ok, will do. It can take a while for the problem to come back after I've opened Google, so I'll do some Googling and let you know how it goes 

[david1234]

I've been using IE for the last couple of hours and so far I haven't noticed any problems. So maybe it is just Chrome causing things to hang...