Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't get rid of securityhelper.dll


  • This topic is locked This topic is locked
5 replies to this topic

#1 Kristi94

Kristi94

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 13 April 2015 - 08:48 AM

My ESET antiviruss keeps deleting it. Can you help me with the issue? Attached are the scan logs. Hope you guys will help as this is really giving me a hard time

Attached Files


Edited by computerxpds, 13 April 2015 - 08:54 AM.
Moved to MRL from Windows 7


BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:12 PM

Posted 14 April 2015 - 10:25 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Delete this process using the Add/Remove programs.
VentureChart (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fdfcd97f}) (Version: - VentureChart) <==== ATTENTION
===



Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.


start

CreateRestorePoint:
CloseProcesses:

() C:\Windows\SysWOW64\C2MP\TrayMenu.exe
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk
ShortcutTarget: TrayMenu.lnk -> C:\Windows\SysWOW64\C2MP\TrayMenu.exe ()
Startup: C:\Users\Kristi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download ESET NOD32 Antivirus 8 Lifetime Crack Torrent - KickassTorrents.lnk
ShortcutTarget: Download ESET NOD32 Antivirus 8 Lifetime Crack Torrent - KickassTorrents.lnk -> C:\ProgramData\{35799557-dd4c-7221-3579-99557dd4555f}\Download ESET NOD32 Antivirus 8 Lifetime Crack Torrent - KickassTorrents.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [0WinSecurityProvider] -> {F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637} => C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.coolsearches.info/?pid=21095&r=2015/04/01&hid=12752463348413835237&lg=EN&cc=BG&unqvl=85
HKU\S-1-5-21-1431912985-1709420351-465274532-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.coolsearches.info/?pid=21095&r=2015/04/01&hid=12752463348413835237&lg=EN&cc=BG&unqvl=85
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=21095&r=2015/04/01&hid=12752463348413835237&lg=EN&cc=BG&unqvl=85
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=21095&r=2015/04/01&hid=12752463348413835237&lg=EN&cc=BG&unqvl=85
SearchScopes: HKU\S-1-5-21-1431912985-1709420351-465274532-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=21095&r=2015/04/01&hid=12752463348413835237&lg=EN&cc=BG&unqvl=85
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR StartupUrls: Default -> "", "hxxp://google.com/", "hxxp://websearch.coolsearches.info/?pid=21095&r=2015/04/01&hid=12752463348413835237&lg=EN&cc=BG&unqvl=85"
S2 fdfcd97f; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\UpgradeLeader\UpgradeLeader.dll",serv
S1 fycnkapr; \??\C:\Windows\system32\drivers\fycnkapr.sys [X]
S1 qaalfkzp; \??\C:\Windows\system32\drivers\qaalfkzp.sys [X]
S1 swdvnhst; \??\C:\Windows\system32\drivers\swdvnhst.sys [X]
C:\Windows\SysWOW64\C2MP
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk
C:\Users\Kristi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download ESET NOD32 Antivirus 8 Lifetime Crack Torrent - KickassTorrents.lnk
C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll
c:\Program Files (x86)\UpgradeLeader

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

How is the computer running now.

#3 Kristi94

Kristi94
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 14 April 2015 - 12:09 PM

First of all I couldnt remove the program that you told me. It appears an error window saying that there is some files missing and program cant be uninstalled. Here is the post from the adw cleaner:

 

# AdwCleaner v4.201 - Logfile created 14/04/2015 at 20:01:08
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Kristi - KRISTI-PC
# Running from : C:\Users\Kristi\Downloads\adwcleaner_4.201.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Trusted Publisher
Folder Deleted : C:\ProgramData\6a0403eeba9e7403
Folder Deleted : C:\Program Files (x86)\PC Drivers HeadQuarters
Folder Deleted : C:\Program Files (x86)\SallePlues
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\Kristi\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Kristi\AppData\Local\torch
Folder Deleted : C:\Users\Kristi\AppData\Local\DriverToolkit
Folder Deleted : C:\Users\Kristi\AppData\Local\Innovative Solutions
Folder Deleted : C:\Users\Kristi\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\Kristi\AppData\Roaming\RHEng
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpfigclnlobfmnioigfjhelngojohpbh
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpfigclnlobfmnioigfjhelngojohpbh
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\haonhjmlppilkfipfgpolbinlfkfoafe
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\haonhjmlppilkfipfgpolbinlfkfoafe
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\khlhmmnlppokbooaofplmppfhifjjkbc
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\khlhmmnlppokbooaofplmppfhifjjkbc
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bpfigclnlobfmnioigfjhelngojohpbh
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bpfigclnlobfmnioigfjhelngojohpbh
Folder Deleted : C:\Users\Kristi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bpfigclnlobfmnioigfjhelngojohpbh
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\haonhjmlppilkfipfgpolbinlfkfoafe
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\haonhjmlppilkfipfgpolbinlfkfoafe
Folder Deleted : C:\Users\Kristi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\haonhjmlppilkfipfgpolbinlfkfoafe
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\khlhmmnlppokbooaofplmppfhifjjkbc
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\khlhmmnlppokbooaofplmppfhifjjkbc
Folder Deleted : C:\Users\Kristi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\khlhmmnlppokbooaofplmppfhifjjkbc
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bpfigclnlobfmnioigfjhelngojohpbh
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bpfigclnlobfmnioigfjhelngojohpbh
Folder Deleted : C:\Users\Kristi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bpfigclnlobfmnioigfjhelngojohpbh
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\haonhjmlppilkfipfgpolbinlfkfoafe
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\haonhjmlppilkfipfgpolbinlfkfoafe
Folder Deleted : C:\Users\Kristi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\haonhjmlppilkfipfgpolbinlfkfoafe
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\khlhmmnlppokbooaofplmppfhifjjkbc
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\khlhmmnlppokbooaofplmppfhifjjkbc
Folder Deleted : C:\Users\Kristi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\khlhmmnlppokbooaofplmppfhifjjkbc
File Deleted : C:\Users\Kristi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
File Deleted : C:\Users\Kristi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal
File Deleted : C:\Users\Kristi\AppData\Local\Temp\Uninstall.exe
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\Users\Kristi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\57aa2a6f-3c40-00db-8de7-e6e95986fef5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-1074751495
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-792098896
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fdfcd97f}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FD5787DF-EF9A-4DCC-8EA3-43279F7BC560}
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\DriverToolkit
Key Deleted : HKLM\SOFTWARE\Veloxum
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D238A788-39B6-B97D-A5BA-13FE8E34E03C}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17689
 
 
-\\ Google Chrome v41.0.2272.118
 
[C:\Users\Kristi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Kristi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Kristi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Kristi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=21095&r=2015/04/01&hid=12752463348413835237&lg=EN&cc=BG&unqvl=85
 
-\\ Comodo Dragon v
 
 
-\\ Chrome Canary v
 
 
*************************
 
AdwCleaner[R0].txt - [6906 bytes] - [14/04/2015 19:59:44]
AdwCleaner[S0].txt - [6843 bytes] - [14/04/2015 20:01:08]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6902  bytes] ##########


#4 Kristi94

Kristi94
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 14 April 2015 - 12:15 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-04-2015
Ran by Kristi at 2015-04-14 19:44:18 Run:1
Running from C:\Users\Kristi\Downloads
Loaded Profiles: Kristi (Available profiles: Kristi)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
CreateRestorePoint:
CloseProcesses:
 
() C:\Windows\SysWOW64\C2MP\TrayMenu.exe
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk
ShortcutTarget: TrayMenu.lnk -> C:\Windows\SysWOW64\C2MP\TrayMenu.exe ()
Startup: C:\Users\Kristi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download ESET NOD32 Antivirus 8 Lifetime Crack Torrent - KickassTorrents.lnk
ShortcutTarget: Download ESET NOD32 Antivirus 8 Lifetime Crack Torrent - KickassTorrents.lnk -> C:\ProgramData\{35799557-dd4c-7221-3579-99557dd4555f}\Download ESET NOD32 Antivirus 8 Lifetime Crack Torrent - KickassTorrents.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [0WinSecurityProvider] -> {F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637} => C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.coolsearches.info/?pid=21095&r=2015/04/01&hid=12752463348413835237&lg=EN&cc=BG&unqvl=85
HKU\S-1-5-21-1431912985-1709420351-465274532-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.coolsearches.info/?pid=21095&r=2015/04/01&hid=12752463348413835237&lg=EN&cc=BG&unqvl=85
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=21095&r=2015/04/01&hid=12752463348413835237&lg=EN&cc=BG&unqvl=85
SearchScopes: HKU\S-1-5-21-1431912985-1709420351-465274532-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=21095&r=2015/04/01&hid=12752463348413835237&lg=EN&cc=BG&unqvl=85
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR StartupUrls: Default -> "", "hxxp://google.com/", "hxxp://websearch.coolsearches.info/?pid=21095&r=2015/04/01&hid=12752463348413835237&lg=EN&cc=BG&unqvl=85"
S2 fdfcd97f; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\UpgradeLeader\UpgradeLeader.dll",serv
S1 fycnkapr; \??\C:\Windows\system32\drivers\fycnkapr.sys [X]
S1 qaalfkzp; \??\C:\Windows\system32\drivers\qaalfkzp.sys [X]
S1 swdvnhst; \??\C:\Windows\system32\drivers\swdvnhst.sys [X]
C:\Windows\SysWOW64\C2MP
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk
C:\Users\Kristi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download ESET NOD32 Antivirus 8 Lifetime Crack Torrent - KickassTorrents.lnk
C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll
c:\Program Files (x86)\UpgradeLeader
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\Windows\SysWOW64\C2MP\TrayMenu.exe => No running process found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => Key deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk => Moved successfully.
C:\Windows\SysWOW64\C2MP\TrayMenu.exe => Moved successfully.
C:\Users\Kristi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download ESET NOD32 Antivirus 8 Lifetime Crack Torrent - KickassTorrents.lnk => Moved successfully.
C:\ProgramData\{35799557-dd4c-7221-3579-99557dd4555f}\Download ESET NOD32 Antivirus 8 Lifetime Crack Torrent - KickassTorrents.exe not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\0WinSecurityProvider" => Key deleted successfully.
"HKCR\CLSID\{F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637}" => Key deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1431912985-1709420351-465274532-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found. 
"HKU\S-1-5-21-1431912985-1709420351-465274532-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}" => Key deleted successfully.
HKCR\CLSID\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found. 
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
Chrome StartupUrls deleted successfully.
fdfcd97f => Service deleted successfully.
fycnkapr => Service deleted successfully.
qaalfkzp => Service deleted successfully.
swdvnhst => Service deleted successfully.
C:\Windows\SysWOW64\C2MP => Moved successfully.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk" => File/Directory not found.
"C:\Users\Kristi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download ESET NOD32 Antivirus 8 Lifetime Crack Torrent - KickassTorrents.lnk" => File/Directory not found.
"C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll" => File/Directory not found.
c:\Program Files (x86)\UpgradeLeader => Moved successfully.
 
 
The system needed a reboot. 
 
==== End of Fixlog 19:44:40 ====
 
 
 
Here is the post from FRST. So far I havent had problems with my computer performance. Sometimes it would take too long too boot, but I havent had the problem in a while. So far the antivirus hasnt notified anymore about the securityhelper.dll so it should be good. Thanks a lot for helping and replying in such a short matter of time. you guys are awesome


#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:12 PM

Posted 14 April 2015 - 01:16 PM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:12 PM

Posted 19 April 2015 - 07:36 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users