FRST Scanned

Windows Repair.

Install (use the direct download) the Tweaking.com - Windows all in one repair tool. Then boot Windows into Safe Mode, (Make Certain To Run This Program As Administrator) then run through the Prescan on step 2 tab. Then skip to step 5 and create a system restore point. Then go to the repair tab…

Notice create a registry backup is ticked by default, so no need to do so in step 5… https://pchelpforum.net/attachments/...7-26-png.1290/

Now run the program, with the boxes ticked in the picture below.

Click Image Below For Better Resolution.



May want to save picture or write down what boxes need ticked, since you will run this in Safe Mode.

Important: Make certain to reboot twice after running this tool!!

@mnisia I deleted your other thread concerning this same machine. Please follow up here.

Getting the same thing after running tool and rebooting twice
[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell 32.dll,-21787

Fire fox is still saying "Well this is embarrassing…

FRST Fix.

Click Here To Download Fixlist.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It’s important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

[HEADING=1]Fix result of Farbar Recovery Scan Tool (x64) Version: 08-08-2017
Ran by Steve (08-08-2017 17:35:42) Run:2
Running from C:\Users\Steve\Desktop
Loaded Profiles: Steve (Available Profiles: Steve & DefaultAppPool)
Boot Mode: Normal[/HEADING]
fixlist content:

---

startbatch:
del /f /q “%allusersprofile%\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini”
del /f /q “%appdata%\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini”
del /f /q “%appdata%\Microsoft\Windows\Start Menu\desktop.ini”
endbatch:
reboot:

---

========= Batch: =========
Could Not Find C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
Could Not Find C:\Users\Steve\AppData\Roaming\Microsoft\Windows\S tart Menu\desktop.ini

========= End of Batch: =========

The system needed a reboot.

==== End of Fixlog 17:35:43 ====

question about this while using firefox
Secure Connection Failed

An error occurred during a connection to www.searchencrypt.com. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG Has this browser been hijacked?

https://i.imgur.com/vwUeyaZ.png

[ul]
[li]Download ResetBrowser To your desktop.[/li][li]Now close all open browsers.[/li][li]Right click and run as administrator.[/li][li]Click on Reset FireFox – Allow completion.[/li][/ul]
9-Lab Scan.

[ul]
[li]Download 9-Lab Removal Tool. [/li][li]CLICK HERE to determine whether you’re running 32-bit or 64-bit for Windows.[/li][li]Disable your antivirus prior to this scan.[/li]
[li]Install the program onto your computer, then right click the icon run as administrator.[/li][li]Update the program and then run a Quick scan![/li][li]Make sure the program updates, might be better to install it update reboot and check for updates again.[/li][li]You need to make sure the database updates!!![/li][li]Upon Scan Completion Click on Show Results.[/li][li]Then Click On Clean[/li][li]Then Click on Save Log.[/li][li]Save it to your desktop, copy and paste the contents of the log here in your next reply.[/li][/ul]

Auto logger scan!

[ul]
[li]Disable your Antivirus & Anti spyware applications!![/li][li]Download Autologger to your desktop.[/li][li]Unzip it there. – If you are unsure how to unzip a program, then use ---- http://www.7-zip.org/ ----[/li][li]Right click Autologger and run as admin. (Xp user double click)[/li][li]AVZ4 will open and scan your machine, allow this to complete.[/li][li]Upload Collectionlog.zip to your next reply.[/li][li]https://i.imgur.com/KA81Q57.png[/li][/ul]

9-lab Removal Tool 1.0.0.39 BETA

[URL unfurl="true"]https://9-lab.com/[/URL]

Database version: 176.51479

Windows 8 (Version 6.2, Build 0, 64-bit Edition)
Internet Explorer 9.11.15063.0
Steve :: STEVE-PC

8/9/2017 10:54:24 PM
9lab-log-2017-08-09 (22-54-24).txt

Scan type: Quick
Objects scanned: 45944
Time Elapsed: 23 m 41 s

Registry Keys detected: 5
PUP.RPL.SystemOptimizer.as [HKEY_CLASSES_ROOT\TypeLib{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}]
PUP.RMPL.Toolbar.vl [HKEY_CLASSES_ROOT\YBrowserToolbar.YBrowserToolbar]
PUP.RMPL.Toolbar.vl [HKEY_CLASSES_ROOT\YBrowserToolbar.YBrowserToolbar. 1]
Adware.RPL.Gen.vl [HKEY_CLASSES_ROOT\Interface{BD51A48E-EB5F-4454-8774-EF962DF64546}]
Adware.RPL.Gen.vl [HKEY_CLASSES_ROOT\Interface{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}]

Registry Values detected: 1
Risk.NoFolderOptions [HKEY_USERS\S-1-5-21-3518905376-1918425772-3662548586-1001\Software\Microsoft\Windows\CurrentVersion\Pol icies\Explorer NoFolderOptions]

Files detected: 3
[E6897E8CF8453750DEB91B2D62096425] Malware.MPL.Heur.vl [c:\users\steve\GoToAssistDownloadHelper.exe]
[C644064EC7A695D945E86CFBA53B9F44] Adware.MPL.ELEX.vl [c:\windows\system32\tasks\GoogleUpdateTaskMachineC ore]
[CC7AA7B42CF418FC3D926913490048F8] Malware.Win32.Gen.cld [c:\windows\zoek-delete.exe]

Autologer won’t run because it says my date and time are wrong but its not wrong. Please, check your system date and time its set to 8/9/2017. well thats todays date.

script ver. 2017.03.08
DefaultLanguage = 0409
Autologger’s localization was made in English.
Log collection started at 2017.08.09-23:33:05
C:\Users\Steve\Desktop\AutoLogger
C:\Users\Steve\AppData\Local\Temp
AutoLogger has been run with local Administrator rights.
Elevation of privileges of rights is successful.
This is not a Server System.
Last update was on = 2017.08.10
Current date is = 2017.08.09
Please, check your system date. It’s set to 2017.08.09

Got it

Thanks guys/gals for all this work you have been doing

Not a problem, and sorry for the delayed response times. I usually put in 70 or more hours a week at work. I have a bit of time today, and will be looking things over closely tonight.

Sorry, can you tell me what issues remain.

Actually I think everything is fine now. You have been so helpful. Donating again. Thank you so much!