Tech Support banner

Status
Not open for further replies.
1 - 20 of 24 Posts

·
Registered
Joined
·
228 Posts
Discussion Starter #1
This is a Dell laptop running Windows 7 Premium.

The issue is there are lots of tabs opening up to ads, also flash ads appear on pages that block parts of the page (such as 2 ads blocking me from signing in on this website) often with no X to close them. Also the system is slow as (beep). Anything and everything takes forever.

THANKS!!!

The contents of dds.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18124
Run by Dell at 10:01:47 on 2015-12-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4031.2626 [GMT 11:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
C:\Program Files (x86)\Swift Browse\updateSwiftBrowse.exe
C:\Program Files (x86)\Swift Browse\bin\utilSwiftBrowse.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\loggingserver.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.PurBrowse64.exe
C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.BrowserAdapter64.exe
C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.BrowserAdapter.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.expext.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Dell\AppData\Local\Google\Update\GoogleUpdate.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Dell\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\ProgramData\GameXN\GameXNGO.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Verizon\IHA_MessageCenter\bin\VzDetectAgent.exe
C:\Windows\system32\taskhost.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bir-s3__alt__ddc_dsssyc_bd_com
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe
BHO: weDownload Manager: {11111111-1111-1111-1111-110311431144} - C:\Program Files (x86)\weDownload Manager\weDownload Manager-bho.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Swift Browse: {808dc83c-d35b-4fba-a5b5-9a52103204df} - C:\Program Files (x86)\Swift Browse\SwiftBrowseBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.7.0.147\AVG SafeGuard toolbar_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.7.0.147\AVG SafeGuard toolbar_toolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Google Update] "C:\Users\Dell\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [GameXN GO] "C:\ProgramData\GameXN\GameXNGO.exe" /startup
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Yahoo! Search] C:\Users\Dell\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe
uRun: [Viber] C:\Users\Dell\AppData\Local\Viber\Viber.exe StartMinimized
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [FAStartup] <no file>
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
StartupFolder: C:\Users\Dell\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{E445F601-2648-4CF5-A8E5-E44BCF57671C} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{E445F601-2648-4CF5-A8E5-E44BCF57671C}\131364850363130373835363 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E445F601-2648-4CF5-A8E5-E44BCF57671C}\76562716C646 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.7.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli FAPassSync
x64-BHO: weDownload Manager: {11111111-1111-1111-1111-110311431144} - C:\Program Files (x86)\weDownload Manager\weDownload Manager-bho64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bfr-s3__alt__ddc_dsssyc_bd_com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bfr-s3__alt__ddc_dss_bd_com&p=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Dell\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll
FF - plugin: C:\Users\Dell\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-2-22 55856]
R1 {2b4fc5ce-fd26-493c-97d3-e808aab73013}w64;{2b4fc5ce-fd26-493c-97d3-e808aab73013}w64;C:\Windows\System32\drivers\{2b4fc5ce-fd26-493c-97d3-e808aab73013}w64.sys [2014-5-6 61120]
R1 {d3e19bc0-45ce-4126-9b65-b62de4e037e6}w64;{d3e19bc0-45ce-4126-9b65-b62de4e037e6}w64;C:\Windows\System32\drivers\{d3e19bc0-45ce-4126-9b65-b62de4e037e6}w64.sys [2015-4-9 48832]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-2-22 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-2-22 203264]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2010-7-23 296808]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-11-2 2428552]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-2-22 13336]
R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-8-3 363128]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-26 2823000]
R2 ReimageRealTimeProtector;Reimage Real Time Protector;C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-8-19 7743472]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-2-22 689472]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-4-26 2280312]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-3 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-22 2320920]
R2 Update Swift Browse;Update Swift Browse;C:\Program Files (x86)\Swift Browse\updateSwiftBrowse.exe [2013-10-5 660688]
R2 Util Swift Browse;Util Swift Browse;C:\Program Files (x86)\Swift Browse\bin\utilSwiftBrowse.exe [2013-10-21 660688]
R2 vToolbarUpdater18.7.0;vToolbarUpdater18.7.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe [2015-7-16 1842576]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2011-2-22 20984]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2011-2-22 53800]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-2-22 35104]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-2-22 172704]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-2-22 56344]
S2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 124568]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-25 238848]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-12-8 114688]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-4-30 366544]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-2-22 250984]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-2-22 325152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-18 59392]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-3 126352]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-30 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-11 389120]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2015-12-10 22:50:55 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7AD23F86-D734-485D-B54B-C2C8D6167A0A}\offreg.888.dll
2015-12-10 22:28:11 11138400 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7AD23F86-D734-485D-B54B-C2C8D6167A0A}\mpengine.dll
2015-12-09 00:20:34 11138400 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-12-09 00:06:02 -------- d-----w- C:\Users\Dell\AppData\Roaming\ViberPC
2015-12-09 00:05:30 -------- d-----w- C:\Users\Dell\AppData\Local\Viber
2015-12-09 00:05:15 -------- d-----w- C:\Users\Dell\AppData\Local\Package Cache
2015-12-09 00:02:13 -------- d-----w- C:\Users\Dell\AppData\Local\GWX
2015-12-08 10:05:58 93696 ----a-w- C:\Windows\SysWow64\wudriver.dll
2015-12-08 10:04:58 17408 ----a-w- C:\Windows\System32\wshrm.dll
2015-12-08 10:04:58 14848 ----a-w- C:\Windows\SysWow64\wshrm.dll
2015-12-08 10:04:58 146944 ----a-w- C:\Windows\System32\drivers\rmcast.sys
2015-12-08 10:04:52 616360 ----a-w- C:\Windows\System32\winresume.efi
2015-12-08 10:04:52 147456 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2015-12-08 10:04:51 692672 ----a-w- C:\Windows\System32\winload.efi
2015-12-08 10:04:47 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2015-12-08 10:04:47 59392 ----a-w- C:\Windows\System32\appidapi.dll
2015-12-08 10:04:47 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll
2015-12-08 10:04:47 32768 ----a-w- C:\Windows\System32\appidsvc.dll
2015-12-08 10:04:47 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2015-12-08 10:04:46 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
2015-12-08 10:02:53 5570496 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-12-08 10:01:43 497664 ----a-w- C:\Windows\System32\drivers\afd.sys
2015-12-08 09:59:26 1941504 ----a-w- C:\Windows\System32\authui.dll
2015-12-08 09:59:25 70656 ----a-w- C:\Windows\System32\appinfo.dll
2015-12-08 09:59:25 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2015-12-08 09:59:25 115136 ----a-w- C:\Windows\System32\consent.exe
2015-12-08 09:57:13 950720 ----a-w- C:\Windows\System32\drivers\ndis.sys
2015-12-08 09:56:59 41984 ----a-w- C:\Windows\System32\lpk.dll
2015-12-08 09:56:59 299520 ----a-w- C:\Windows\SysWow64\atmfd.dll
2015-12-08 09:56:58 46080 ----a-w- C:\Windows\System32\atmlib.dll
2015-12-08 09:56:58 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2015-12-08 09:56:58 14336 ----a-w- C:\Windows\System32\dciman32.dll
2015-12-08 09:56:57 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2015-12-08 09:56:57 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2015-12-08 09:56:57 100864 ----a-w- C:\Windows\System32\fontsub.dll
2015-12-08 09:56:54 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2015-12-08 09:21:50 1190000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B272D64E-F190-466D-A684-B2B4DA3C3956}\gapaengine.dll
2015-11-11 05:57:58 646880 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\ACEEXCL.DLL
.
==================== Find3M ====================
.
2015-12-09 03:39:31 301728 ------w- C:\Windows\System32\MpSigStub.exe
2015-11-20 18:54:59 98816 ----a-w- C:\Windows\System32\wudriver.dll
2015-11-20 18:54:59 3170304 ----a-w- C:\Windows\System32\wucltux.dll
2015-11-20 18:54:59 192512 ----a-w- C:\Windows\System32\wuwebv.dll
2015-11-20 18:54:28 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2015-11-20 18:54:18 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2015-11-20 18:54:15 37888 ----a-w- C:\Windows\System32\wuapp.exe
2015-11-20 18:34:36 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-11-20 18:33:56 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-11-11 18:53:48 1735680 ----a-w- C:\Windows\System32\comsvcs.dll
2015-11-11 18:53:47 525312 ----a-w- C:\Windows\System32\catsrvut.dll
2015-11-11 18:39:34 1242624 ----a-w- C:\Windows\SysWow64\comsvcs.dll
2015-11-11 18:39:33 487936 ----a-w- C:\Windows\SysWow64\catsrvut.dll
2015-11-10 18:55:29 1648128 ----a-w- C:\Windows\System32\DWrite.dll
2015-11-10 18:55:29 1180160 ----a-w- C:\Windows\System32\FntCache.dll
2015-11-10 18:55:26 1008640 ----a-w- C:\Windows\System32\user32.dll
2015-11-10 18:39:18 1251328 ----a-w- C:\Windows\SysWow64\DWrite.dll
2015-11-10 18:37:39 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2015-11-10 17:47:27 3211264 ----a-w- C:\Windows\System32\win32k.sys
2015-11-10 00:24:59 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-11-10 00:13:04 496640 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-11-10 00:13:03 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-11-10 00:12:29 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-11-10 00:12:19 341504 ----a-w- C:\Windows\SysWow64\html.iec
2015-11-10 00:11:38 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-11-10 00:03:01 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-11-10 00:02:42 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-11-09 23:50:28 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-11-09 23:46:18 4514816 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-11-09 23:36:09 2050560 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-11-09 23:35:17 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-11-09 23:17:36 2011136 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-11-08 22:33:00 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-11-08 22:32:46 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-11-08 22:16:29 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-11-08 22:15:39 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-11-08 22:15:31 417792 ----a-w- C:\Windows\System32\html.iec
2015-11-08 22:15:22 571392 ----a-w- C:\Windows\System32\vbscript.dll
2015-11-08 22:14:50 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-11-08 22:04:46 5923840 ----a-w- C:\Windows\System32\jscript9.dll
2015-11-08 22:01:25 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-11-08 22:01:24 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-11-08 22:01:01 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-11-08 21:52:10 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-11-08 21:40:10 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-11-08 21:14:19 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-11-08 21:13:40 2123264 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-11-08 20:53:08 2487808 ----a-w- C:\Windows\System32\wininet.dll
2015-11-05 19:02:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2015-11-05 19:00:18 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2015-11-03 19:04:51 802304 ----a-w- C:\Windows\System32\usp10.dll
2015-11-03 19:04:37 241664 ----a-w- C:\Windows\System32\els.dll
2015-11-03 18:56:18 627712 ----a-w- C:\Windows\SysWow64\usp10.dll
2015-11-03 18:55:58 179712 ----a-w- C:\Windows\SysWow64\els.dll
2015-10-29 17:50:44 6656 ----a-w- C:\Windows\System32\shimeng.dll
2015-10-29 17:50:30 342016 ----a-w- C:\Windows\System32\apphelp.dll
2015-10-29 17:50:29 72192 ----a-w- C:\Windows\System32\aelupsvc.dll
2015-10-29 17:50:29 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50:29 309248 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50:29 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50:29 103424 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:50:21 5120 ----a-w- C:\Windows\SysWow64\shimeng.dll
2015-10-29 17:50:14 23552 ----a-w- C:\Windows\System32\sdbinst.exe
2015-10-29 17:49:58 295936 ----a-w- C:\Windows\SysWow64\apphelp.dll
2015-10-29 17:49:57 562176 ----a-w- C:\Windows\apppatch\AcLayers.dll
2015-10-29 17:49:57 470528 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2015-10-29 17:49:57 2178560 ----a-w- C:\Windows\apppatch\AcGenral.dll
2015-10-29 17:49:57 211968 ----a-w- C:\Windows\apppatch\AcXtrnal.dll
2015-10-29 17:49:35 20992 ----a-w- C:\Windows\SysWow64\sdbinst.exe
2015-10-29 17:39:57 2560 ----a-w- C:\Windows\apppatch\AcRes.dll
2015-10-20 01:12:10 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-10-20 01:12:10 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-10-20 01:09:05 1730496 ----a-w- C:\Windows\System32\ntdll.dll
2015-10-20 01:06:18 362496 ----a-w- C:\Windows\System32\wow64win.dll
2015-10-20 01:06:18 243712 ----a-w- C:\Windows\System32\wow64.dll
2015-10-20 01:06:18 215040 ----a-w- C:\Windows\System32\winsrv.dll
2015-10-20 01:06:18 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2015-10-20 01:04:53 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-10-20 01:04:40 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-10-20 01:04:35 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-10-20 01:00:20 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-10-20 00:59:20 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-10-20 00:52:02 3991488 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-10-20 00:52:02 3935680 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-10-20 00:48:46 1311768 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-10-20 00:44:35 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-10-20 00:44:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-10-20 00:44:18 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-10-20 00:44:18 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2015-10-20 00:44:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-10-20 00:39:32 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-10-20 00:39:11 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-10-19 23:41:20 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2015-10-19 23:40:43 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2015-10-19 23:40:39 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2015-10-19 23:29:36 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-10-19 23:29:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-10-19 23:27:10 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-10-19 23:27:10 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-19 23:27:10 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
.
============= FINISH: 10:03:07.13 ===============
 

Attachments

·
Registered
Joined
·
1,859 Posts
Hello billermo,

My name is Tolga and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

:arrowr: If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.
:arrowr: First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
:arrowr: Please download to and run all requested tools from your Desktop.
:arrowr: Perform everything in the correct order. Sometimes one step requires the previous one.
:arrowr: If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
:arrowr: Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
:arrowr: Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
:arrowr: If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
:arrowr: Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
:arrowr: My native language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

Now, let's get started, shall we?

Please do the following steps.

STEP 1

Please download AdwCleaner from here and save it to your desktop.

:arrowr: Do NOT click the green 'Download' button(if visible).
:arrowr: Click the blue 'Download now @bleepingcomputer' button.
:arrowr: Run AdwCleaner and select Scan
:arrowr: Once the Scan is done, select Cleaning
:arrowr: Once done it will ask to reboot, please allow the reboot.
:arrowr: On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[C#].txt
:arrowr: Please copy/paste the contents of the log in your next reply.

STEP 2


Please download Farbar Recovery Scan Tool and save it to your desktop.

:arrowr: Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
:arrowr: Make sure the Addition.txt button is ticked.
:arrowr: Press Scan button.
:arrowr: It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
:arrowr: The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply.
 

·
Registered
Joined
·
228 Posts
Discussion Starter #3
# AdwCleaner v5.024 - Logfile created 12/12/2015 at 03:26:58
# Updated 07/12/2015 by Xplode
# Database : 2015-12-07.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Dell - DELL-PC
# Running from : C:\Users\Dell\Downloads\AdwCleaner.exe.exe
# Option : Cleaning
# Support : Forum - ToolsLib

***** [ Services ] *****

[-] Service Deleted : ReimageRealTimeProtector
[-] Service Deleted : vToolbarUpdater18.7.0

***** [ Folders ] *****

[-] Folder Deleted : C:\rei
[-] Folder Deleted : C:\Program Files\Reimage
[-] Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
[-] Folder Deleted : C:\Program Files (x86)\Swift Browse
[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\Reimage Protector
[-] Folder Deleted : C:\ProgramData\Avg_Update_0215tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_0814tb
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
[-] Folder Deleted : C:\Users\Dell\AppData\Local\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Users\Dell\AppData\Local\pay-by-ads
[-] Folder Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgapglgghagmhogfjkdlnnmbdfddeedb
[-] Folder Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Folder Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg
[-] Folder Deleted : C:\Users\Dell\AppData\LocalLow\AVG SafeGuard toolbar

***** [ Files ] *****

[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jgapglgghagmhogfjkdlnnmbdfddeedb_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jgapglgghagmhogfjkdlnnmbdfddeedb_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgapglgghagmhogfjkdlnnmbdfddeedb
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcfenmboojpjinhpgggodefccipikbpd_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oifomnalkciipmgkfgdjkepdocgiipjg_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oifomnalkciipmgkfgdjkepdocgiipjg_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_oifomnalkciipmgkfgdjkepdocgiipjg_0
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oifomnalkciipmgkfgdjkepdocgiipjg
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.kingtopdeals.com_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.kingtopdeals.com_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_filter-adkernel.finditquick.com_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_filter-adkernel.finditquick.com_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\searchplugins\bingp.xml
[-] File Deleted : C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\searchplugins\dsrlte.xml
[-] File Deleted : C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\searchplugins\search-simple.xml
[-] File Deleted : C:\Windows\Reimage.ini
[-] File Deleted : C:\Windows\SysNative\drivers\{2b4fc5ce-fd26-493c-97d3-e808aab73013}w64.sys
[-] File Deleted : C:\Windows\SysNative\drivers\{d3e19bc0-45ce-4126-9b65-b62de4e037e6}w64.sys

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : Reimage Reminder
[-] Task Deleted : ReimageUpdater
[-] Task Deleted : Yahoo! Search Updater
[-] Task Deleted : weDownload Manager-chromeinstaller
[-] Task Deleted : weDownload Manager-codedownloader
[-] Task Deleted : weDownload Manager-firefoxinstaller
[-] Task Deleted : weDownload Manager-updater
[-] Task Deleted : weDownload Manager-chromeinstaller
[-] Task Deleted : weDownload Manager-codedownloader
[-] Task Deleted : weDownload Manager-firefoxinstaller
[-] Task Deleted : weDownload Manager-updater

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Classes\S
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKCU\Software\Classes\keepmysearch
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0034344.BHO
[-] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0034344.BHO.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0034344.Sandbox
[-] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0034344.Sandbox.1
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jgapglgghagmhogfjkdlnnmbdfddeedb
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{808DC83C-D35B-4FBA-A5B5-9A52103204DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{808DC83C-D35B-4FBA-A5B5-9A52103204DF}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{808DC83C-D35B-4FBA-A5B5-9A52103204DF}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{808DC83C-D35B-4FBA-A5B5-9A52103204DF}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\Swift Browse
[-] Key Deleted : HKCU\Software\WEDLMNGR
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\reimagerepair
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Swift Browse
[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Swift Browse
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{11CCCEEB-B837-486E-958A-45D559F10110}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com

***** [ Web browsers ] *****

[-] [C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=pr-bfr-s3__alt__ddc_dsssyctab_bd_com");
[-] [C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\prefs.js] [Preference] Deleted : user_pref("extensions.a0c3e9649324d4df0a61e7ac31aead0422612bb825f8a49b2a299348e707310fccom34344.34344.cookie.CrossriderNotifier_channels.expiration", "Fri Feb 01 2030 00:00:00 GMT+1100 (AUS Eastern St[...]
[-] [C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\prefs.js] [Preference] Deleted : user_pref("extensions.a0c3e9649324d4df0a61e7ac31aead0422612bb825f8a49b2a299348e707310fccom34344.34344.cookie.CrossriderNotifier_channels.value", "%7B%22app0%22%3A%22app0%22%2C%22app34344%22%3A%22app34[...]
[-] [C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\prefs.js] [Preference] Deleted : user_pref("extensions.a0c3e9649324d4df0a61e7ac31aead0422612bb825f8a49b2a299348e707310fccom34344.34344.cookie.CrossriderNotifier_geolocation.expiration", "Sat Dec 19 2015 03:12:45 GMT+1100 (AUS Eastern[...]
[-] [C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\prefs.js] [Preference] Deleted : user_pref("extensions.a0c3e9649324d4df0a61e7ac31aead0422612bb825f8a49b2a299348e707310fccom34344.34344.cookie.CrossriderNotifier_geolocation.value", "%22US%22");
[-] [C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\prefs.js] [Preference] Deleted : user_pref("extensions.a0c3e9649324d4df0a61e7ac31aead0422612bb825f8a49b2a299348e707310fccom34344.34344.cookie.CrossriderNotifier_metadata.expiration", "Sun Dec 13 2015 03:12:46 GMT+1100 (AUS Eastern St[...]
[-] [C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\prefs.js] [Preference] Deleted : user_pref("extensions.a0c3e9649324d4df0a61e7ac31aead0422612bb825f8a49b2a299348e707310fccom34344.34344.cookie.CrossriderNotifier_metadata.value", "%7B%22appId%22%3A34344%2C%22appName%22%3A%22weDownload[...]
[-] [C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\prefs.js] [Preference] Deleted : user_pref("extensions.a0c3e9649324d4df0a61e7ac31aead0422612bb825f8a49b2a299348e707310fccom34344.34344.internaldb.Resources_meta.value", "%7B%22extension.css%22%3A%7B%22id%22%3A335479%2C%22ver%22%3A23%[...]
[-] [C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\prefs.js] [Preference] Deleted : user_pref("extensions.a0c3e9649324d4df0a61e7ac31aead0422612bb825f8a49b2a299348e707310fccom34344.34344.internaldb.Resources_resource_335479.value", "%22.crossrider-nofity-34345-body-theme-white-black%2[...]
[-] [C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\prefs.js] [Preference] Deleted : user_pref("extensions.a0c3e9649324d4df0a61e7ac31aead0422612bb825f8a49b2a299348e707310fccom34344.34344.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[-] [C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\prefs.js] [Preference] Deleted : user_pref("extensions.crossrider.bic", "141ec9518b1b8303a961efb875767273");
[-] [C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jgapglgghagmhogfjkdlnnmbdfddeedb
[-] [C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : oifomnalkciipmgkfgdjkepdocgiipjg
[-] [C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://rts.dsrlte.com?affID=na

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [21831 bytes] ##########
 

·
Registered
Joined
·
228 Posts
Discussion Starter #5
I thought I would quickly mention that there are still an overwhelming number of flash-type ads occuring (they seem to not be flash though since I turned off flash in the browser). Speed has imrpoved significantly though. Also seeing SOME tabs open on their own still when I click a link. These are tabs opening to pages that I did not click a link for.

thanks
 

·
Registered
Joined
·
228 Posts
Discussion Starter #6
I need to also report that I know Ried from years ago and PM'd her when I posted my problem. In PM, she recommended installing and running Malwarebytes free version. This morning (after running the above scans) I went and did that. It did find and delete 100 instances of adware/virus/whatever. MWB is now set to run on startup, and it is reporting one after another after another after another of instances of attempts to go to bad websites. And the problem I reported above about tabs being open or another is the page switching to another bad webpage (my TSF page especially does this, dropbox does not) all on its own, these things still occuring. TSF also is heavy with what must be adware ads, ads on top of ads.

So the key symptoms still exist. The problem has not been solved.

THanks
 

·
Registered
Joined
·
1,859 Posts
Hello again,

Quote from my first post:

:arrowr: Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Attach the MBAM log your next post. Then re-run FRST tool and attach fresh FRST.exe and Addition.txt.

=======================================================

Posting the Malwarebytes log:

:arrowr: Click on the History tab > Application Logs.
:arrowr: Double click on the scan log which shows the Date and time of the scan just performed.
:arrowr: Click Export.
:arrowr: Click Text file (*.txt)
:arrowr: In the Save File dialog box which appears, click on Desktop.
:arrowr: In the File name: box type a name for your scan log.
:arrowr: A message box named File Saved should appear stating "Your file has been successfully exported".
:arrowr: Click Ok
:arrowr: Attach that saved log to your next reply.
 

·
Registered
Joined
·
1,859 Posts
Hello billermo,

You're welcome.

I'll need to gather more information to locate the source of the blocks. This detail of the blocks will be enumerated in the Protection logs. To send me the log, launch Malwarebytes Anti Malware by double clicking the icon on the desktop.

When it opens, look across the top and click 'History'

In the next window that opens, look on the left hand side and click 'Application Logs'

Double click on the PROTECTION log which shows the blocks.

:arrowr: Click 'Export'.
:arrowr: Click 'Text file (*.txt)'
:arrowr: In the Save File dialog box which appears, click on Desktop.
:arrowr: In the file name: box, type a name for your scan log.
:arrowr: A message box indicating 'File Saved' should appear.
:arrowr: Click ok.
:arrowr: Attach that log to your next reply.
 

·
Registered
Joined
·
1,859 Posts
Hello billermo,

It is imperative that you also delete these Chrome folders as they hold the current settings. If you reinstall Chrome without deleting these folders, those same settings will be put right back into Chrome:

To locate one of them, you'll need to be able to see Hidden folders. On your keyboard, press the Windows logo key and the letter E to open Windows Explorer.

In the menu across the top of that window, click Tools>Folder Options>View tab
If you don't see a menu, press the Alt key on your keyboard and the menu will appear.

Place a check in the box next to 'Show hidden files, folders, and drives'

Click Apply, then OK

Now double click the C:\ drive to open it and navigate to the following folders. Right click to Delete it.

C:\Program Files\Google\Chrome
C:\Users\Dell\AppData\Local\Google\Chrome

========================================================

Please do the following.

:arrowr: Open Notepad (Start > All Programs > Accessories > Notepad).
:arrowr: Please copy all the text in the codebox below. (To do this highlight the contents of the box, right-click on it and select Copy. Right-click in the open Notepad and select Paste).
:arrowr: Save it as fixlist.txt next to FRST64.exe

NOTE: Both FRST64.exe and the fixlist.txt must be in the same location or the fix will not work.

Code:
CreateRestorePoint:
HKU\S-1-5-21-2860599910-956416122-4217922200-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=en-US&Src=MSE&Tid=00032955&OHP=https%3A%2F%2Fmysearch.avg.com%3Fcid%3D%7B46C0C8A0%2DD834%2D43BB%2DBB17%2D4A4F78524624%7D%26mid%3D59edc2416eb547d3a07e4ab3a75e702e%2D40bbe5d2ab1cb56a810d2ae602f10f709a8d2913%26lang%3Den%26ds%3Dft013%26coid%3Davgtbdisft%26cmpid%3D0215tb%26pr%3Dsa%26d%3D2013%2D10%2D19%2022%3A11%3A55%26v%3D18.3.0.885%26pid%3Dsafeguard%26sg%3D0%26sap%3Dhp&OSP=
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [FAStartup] => [X]
HKU\S-1-5-21-2860599910-956416122-4217922200-1000\...\MountPoints2: {416f21a6-3e65-11e0-9719-806e6f6e6963} - D:\setup.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-2860599910-956416122-4217922200-1000 -> DefaultScope {D49F54DD-9021-4CBD-96CB-A172B9AC6559} URL = 
SearchScopes: HKU\S-1-5-21-2860599910-956416122-4217922200-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Extension: No Name - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com [not found]
2011-04-28 21:17 - 2011-04-28 21:17 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
FirewallRules: [{57F51F16-56A5-4904-8DD3-A6A91D0181F5}] => (Allow) C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.BRT.Helper.exe
FirewallRules: [{0803EFB5-7A81-4F1D-A918-39B8DC2FAC53}] => (Allow) C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.BRT.Helper.exe
FirewallRules: [{331C0B91-FD46-4539-ACC5-CF58100A21DF}] => (Allow) C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.BRT.Helper.exe
FirewallRules: [{EDFA83B8-A143-4F10-8DBC-E44351355EE4}] => (Allow) C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.BRT.Helper.exe
EmptyTemp:
:arrowr: Double-click FRST64 to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
:arrowr: Click the Fix button just once, and wait.
:arrowr: If you receive a message that a reboot is required, please make sure you allow it to restart normally.
:arrowr: The tool will complete its run after the restart.
:arrowr: When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

·
Registered
Joined
·
228 Posts
Discussion Starter #12
I made a mistake, I went out of sequence with your most recent directions.

I first ran the FRST64 fix along with the fixlist. After that I deleted the Chrome directories in Program Files and AppData.

I am attaching the fixlog here so you can see it. I will wait until your reply before running the FRST64 fix one more time.
 

Attachments

·
Registered
Joined
·
228 Posts
Discussion Starter #13
I went ahead and ran the FRST64 fix again after the Chrome folders were deleted.

Attached is the most recent log file.

Thanks.
 

Attachments

·
Registered
Joined
·
1,859 Posts
Hello billermo,

That due to all the junk that was on the machine, it would be a good idea to run an online scan to check for any remnants that may be lurking about.

Please do the below intructions:

Please go to Start > Control Panel > Programs and Features and remove the above Java program(s) installed.
Next, download the latest Java, version 8 Update 66 from the following link

Download Free Java Software

=======================================================

:arrowr: Please go HERE then click on: Run Eset Online Scanner
:arrowr: Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the icon install.

All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

:arrowr: Select the option YES, I accept the Terms of Use then click on Start buton.
:arrowr: When prompted allow the Add-On/Active X to install.
:arrowr: Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
:arrowr: Now click on Advanced Settings and select the following:


  • Scan for potentially unwanted applications
  • Scan Archives
  • Enable Anti-Stealth Technology
:arrowr: Next to 'Current scan targets: Operating memory, Local drives', click the Change... button.
:arrowr: Tick all the boxes that correspond to your external/inserted drives.
:arrowr: Click Start. The virus signature database will begin to download. This may take some time.
:arrowr: Wait for the scan to finish.
:arrowr: When completed, click on Finish.
:arrowr: When the scan is done, if it shows a screen that says "Threats found!", click "List of found threats", and then click "Export to text file..."
:arrowr: Save that text file to your desktop, and then copy/paste the contents in your next reply.
 

·
Registered
Joined
·
228 Posts
Discussion Starter #15
OK I am running the scan now.

On the Eset online scanner, there was a choice (2 radio buttons, the round kinds) between Enable detection of malicious programs or Disable detection of malicious programs. I chose Enable. I could have chosen that one, or disable, or left them both unticked. (a bit strange because radio buttons usually force you to choose an option).

The scan is running now so I will reply when it is finished.

Thank you
 

·
Registered
Joined
·
228 Posts
Discussion Starter #16
Here is the Eset log:

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\jgapglgghagmhogfjkdlnnmbdfddeedb.crx.vir Win32/BrowseFox.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\SwiftBrowseBHO.dll.vir a variant of Win32/BrowseFox.O potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\SwiftBrowseUn.exe.vir a variant of MSIL/BrowseFox.O potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\SwiftBrowseUninstall.exe.vir Win32/BrowseFox.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\updateSwiftBrowse.exe.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\2b4fc5cefd26493c97d3.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\2b4fc5cefd26493c97d364.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\d3e1.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\d3e164.dll.vir a variant of Win64/BrowseFox.CK potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\d3e19bc045.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\d3e19bc04564.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\d3e19bc045ce41269b6564.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\SwiftBrowse.BrowserAdapter.exe.vir a variant of Win32/BrowseFox.AX potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\SwiftBrowse.BrowserAdapter64.exe.vir a variant of Win64/BrowseFox.CP potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\SwiftBrowse.expext.exe.vir a variant of Win32/BrowseFox.CA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\SwiftBrowse.expextdll.dll.vir a variant of Win64/BrowseFox.CJ potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\SwiftBrowse.PurBrowse64.exe.vir a variant of Win64/BrowseFox.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\tmp4F0B.tmp.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\tmpA398.tmp.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\tmpCCC5.tmp.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\tmpE3CD.tmp.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\utilSwiftBrowse.exe.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\{2b4fc5ce-fd26-493c-97d3-e808aab73013}64.dll.vir Win64/BrowseFox.D potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\plugins\SwiftBrowse.BrowserAdapter.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\plugins\SwiftBrowse.CompatibilityChecker.dll.vir a variant of MSIL/BrowseFox.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\plugins\SwiftBrowse.ExpExt.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\plugins\SwiftBrowse.FFUpdate.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\plugins\SwiftBrowse.FindLib.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\plugins\SwiftBrowse.GCUpdate.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\plugins\SwiftBrowse.PurBrowse.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\plugins\SwiftBrowse.Recheck.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Swift Browse\bin\plugins\SwiftBrowse.Repmon.dll.vir a variant of MSIL/BrowseFox.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgapglgghagmhogfjkdlnnmbdfddeedb\1.0.1_0\background.js.vir Win32/BrowseFox.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgapglgghagmhogfjkdlnnmbdfddeedb\1.0.1_0\content.js.vir Win32/BrowseFox.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgapglgghagmhogfjkdlnnmbdfddeedb\1.0.1_1\background.js.vir Win32/BrowseFox.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgapglgghagmhogfjkdlnnmbdfddeedb\1.0.1_1\content.js.vir Win32/BrowseFox.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\102_dealply_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\103_intext_5_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\104_jollywallet_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\123_intext_adv_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\14_CrossriderUtils.js.vir JS/Toolbar.Crossrider.O potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\155_ibario_pops_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\184_noproblemppc_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\191_ciuvo_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\19_CHAppAPIWrapper.js.vir JS/Toolbar.Crossrider.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\1_base.js.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\217_similar_products_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\21_debug.js.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\223_imonomy_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\226_set_campaign_id_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\230_revizer_ws_dynamic_b2b_2_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\233_revizer_p_dynamic_b2b_2_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\28_initializer.js.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\47_resources_background.js.vir JS/Toolbar.Crossrider.M potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\64_appApiMessage.js.vir JS/Toolbar.Crossrider.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\91_monetizationLoader.js.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\93_superfish_no_coupons_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\extensionData\plugins\97_resourceApiWrapper.js.vir JS/Toolbar.Crossrider.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\js\background.js.vir JS/Toolbar.Crossrider.E potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\js\api\chrome.js.vir JS/Toolbar.Crossrider.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\js\api\cookie.js.vir JS/Toolbar.Crossrider.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\js\api\message.js.vir JS/Toolbar.Crossrider.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\js\api\monitor.js.vir JS/Toolbar.Crossrider.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\js\lib\bg_app_api.js.vir JS/Toolbar.Crossrider.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\js\lib\cookie_store.js.vir JS/Toolbar.Crossrider.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\js\lib\crossriderAPI.js.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\js\lib\events.js.vir JS/Toolbar.Crossrider.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\js\lib\onBGDocumentLoad.js.vir JS/Toolbar.Crossrider.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\js\lib\reports.js.vir JS/Toolbar.Crossrider.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\js\lib\util.js.vir JS/Toolbar.Crossrider.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifomnalkciipmgkfgdjkepdocgiipjg\1.26.187_0\js\lib\xhr.js.vir JS/Toolbar.Crossrider.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.12.4\cnohkal1.dll.vir Win32/Toolbar.Montiera.R potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.12.4\dsrlte.exe.vir a variant of Win32/Toolbar.Montiera.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.12.4\dsrsetup.exe.vir Win32/Toolbar.Montiera.R potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.12.4\pCjaemmk.dll.vir a variant of Win32/Toolbar.Montiera.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.12.4\res.dll.vir Win32/Toolbar.Montiera.R potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.15.4\chromext.dll.vir a variant of Win32/Toolbar.Montiera.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.15.4\dsrlte.exe.vir a variant of Win32/Toolbar.Montiera.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.15.4\dsrsetup.exe.vir a variant of Win32/Toolbar.Montiera.R potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.15.4\firefoxt.dll.vir a variant of Win32/Toolbar.Montiera.R potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.15.4\res.dll.vir a variant of Win32/Toolbar.Montiera.AB potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.25.0\chromext64.dll.vir a variant of Win64/Toolbar.Montiera.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.25.0\dsrlte.exe.vir a variant of Win32/Toolbar.Montiera.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.25.0\dsrsetup.exe.vir a variant of Win32/Toolbar.Montiera.R potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.25.0\geNmfsj3.dll.vir a variant of Win32/Toolbar.Montiera.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.25.0\hlpr64.exe.vir Win64/Toolbar.Montiera.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.25.0\lJjklpoi.dll.vir a variant of Win32/Toolbar.Montiera.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.25.0\res.dll.vir a variant of Win32/Toolbar.Montiera.AB potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.26.12\chromext64.dll.vir a variant of Win64/Toolbar.Montiera.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.26.12\dsrlte.exe.vir a variant of Win32/Toolbar.Montiera.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.26.12\eppeaJcQ.dll.vir a variant of Win32/Toolbar.Montiera.AD potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.26.12\hlpr64.exe.vir a variant of Win64/Toolbar.Montiera.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.26.12\jbhcpgfz.dll.vir a variant of Win32/Toolbar.Montiera.AD potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Dell\AppData\Local\pay-by-ads\Yahoo! Search\1.3.26.12\res.dll.vir a variant of Win32/Toolbar.Montiera.AE potentially unwanted application
C:\AdwCleaner\Quarantine\C\Windows\SysNative\drivers\{2b4fc5ce-fd26-493c-97d3-e808aab73013}w64.sys.vir a variant of Win64/NetFilter.A potentially unsafe application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\chrome\content\core\7585b4fb90efd372cac0e5f82dccd490.js JS/Toolbar.Crossrider.G potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\102.js JS/Toolbar.Crossrider.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\14.js JS/Toolbar.Crossrider.O potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\180.js JS/Toolbar.Crossrider.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\184.js JS/Toolbar.Crossrider.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\195.js JS/Toolbar.Crossrider.K potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\220.js JS/Toolbar.Crossrider.B potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\0c3e9649-3[email protected]com\extensionData\plugins\223.js JS/Toolbar.Crossrider.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\226.js JS/Toolbar.Crossrider.K potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\230.js JS/Toolbar.Crossrider.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\233.js JS/Toolbar.Crossrider.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\244.js JS/Toolbar.Crossrider.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\246.js JS/Toolbar.Crossrider.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\253.js JS/Toolbar.Crossrider.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\260.js JS/Toolbar.Crossrider.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\288.js JS/Toolbar.Crossrider.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\311.js JS/Toolbar.Crossrider.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\376.js JS/Toolbar.Crossrider.L potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\385.js JS/Toolbar.Crossrider.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\390.js JS/Toolbar.Crossrider.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\391.js JS/Toolbar.Crossrider.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\47.js JS/Toolbar.Crossrider.M potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]b82-5f8a-49b2-a299-348e707310fc.com\extensionData\plugins\64.js JS/Toolbar.Crossrider.P potentially unwanted application
C:\FRST\Quarantine\C\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\extensions\[email protected]e707310fc.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Users\Dell\Downloads\RealPlayer_RocketFuelInstaller (1).exe a variant of Win32/Verti.G potentially unwanted application
C:\Users\Dell\Downloads\RealPlayer_RocketFuelInstaller.exe a variant of Win32/Verti.G potentially unwanted application
C:\Users\Dell\Downloads\setup.jse JS/InstallCore.A potentially unwanted application
 

·
Registered
Joined
·
1,859 Posts
Hello billermo,

Sorry for delay.

I'm going to add found files by the ESET to fixlist. They are only .exe files and don't do anything on their own. One has to double click to execute them for the possible unwanted bundled applications to install with it. Also, all the other detections are safely tucked away in AdwCleaner and FRST Quarantine areas.

Please do the following. Then tell me How is the machine behaving now? What problems do you still have?

:arrowr: Open Notepad (Start > All Programs > Accessories > Notepad).
:arrowr: Please copy all the text in the codebox below. (To do this highlight the contents of the box, right-click on it and select Copy. Right-click in the open Notepad and select Paste).
:arrowr: Save it as fixlist.txt next to FRST64.exe

NOTE: Both FRST64.exe and the fixlist.txt must be in the same location or the fix will not work.
Code:
C:\Users\Dell\Downloads\RealPlayer_RocketFuelInstaller (1).exe 
C:\Users\Dell\Downloads\RealPlayer_RocketFuelInstaller.exe 
C:\Users\Dell\Downloads\setup.jse
:arrowr: Double-click FRST64 to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
:arrowr: Click the Fix button just once, and wait.
:arrowr: If you receive a message that a reboot is required, please make sure you allow it to restart normally.
:arrowr: The tool will complete its run after the restart.
:arrowr: When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

·
Registered
Joined
·
228 Posts
Discussion Starter #18
Here is fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version:20-12-2015
Ran by Dell (2015-12-20 19:44:40) Run:3
Running from C:\Users\Dell\Downloads
Loaded Profiles: Dell & (Available Profiles: Dell)
Boot Mode: Normal
==============================================

fixlist content:
*****************
C:\Users\Dell\Downloads\RealPlayer_RocketFuelInstaller (1).exe
C:\Users\Dell\Downloads\RealPlayer_RocketFuelInstaller.exe
C:\Users\Dell\Downloads\setup.jse
*****************

C:\Users\Dell\Downloads\RealPlayer_RocketFuelInstaller (1).exe => moved successfully
C:\Users\Dell\Downloads\RealPlayer_RocketFuelInstaller.exe => moved successfully
C:\Users\Dell\Downloads\setup.jse => moved successfully

==== End of Fixlog 19:44:41 ====
 
1 - 20 of 24 Posts
Status
Not open for further replies.
Top