Jump to content

Lhyrre

Members
  • Posts

    9
  • Joined

  • Last visited

Everything posted by Lhyrre

  1. Alright! Thank you SO much! Everything seems to be working smoothly... well, as smoothly as an old patched-together computer my uncle built can work. I'll definately come here if I need tech help again! Many thanks, Lhyrre
  2. All processes killed ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Bryan ->Temp folder emptied: 22819834 bytes ->Temporary Internet Files folder emptied: 128098440 bytes ->Google Chrome cache emptied: 38504151 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Joe ->Temp folder emptied: 274080015 bytes ->Temporary Internet Files folder emptied: 1082401122 bytes ->Java cache emptied: 32932385 bytes ->Google Chrome cache emptied: 5837168 bytes User: Katie ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 474310646 bytes ->Google Chrome cache emptied: 11656438 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 18604954 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1138887 bytes %systemroot%\System32 .tmp files removed: 2577 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 5784099 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 84842 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 1,999.00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.1.28.0 log created on 02152010_175022 Files\Folders moved on Reboot... Registry entries deleted on Reboot... Files\Folders moved on Reboot... Registry entries deleted on Reboot... * That's it. I tried the google search from the bar, and it still redirected me to gala search. However, when run from google, when I type in the adress, the searches are no longer redirecting. (That's a relief...)
  3. Error: Unable to interpret <[resethosts]> in the current context! OTL by OldTimer - Version 3.1.28.0 log created on 02152010_174049 * It didn't seem to work...
  4. HA! I just got the Error again, when I tried to access my email, and I will copy it for you here. "There is a problem with this website's security certificate. The security certificate presented by this website was not issued by a trusted certificate authority. The security certificate presented by this website has expired or is not yet valid. The security certificate presented by this website was issued for a different website's address. Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server. We recommend that you close this webpage and do not continue to this website. Click here to close this webpage. Continue to this website (not recommended). More information " At first, I thought it was my TrendMicro firewall, (Which has worked remarkably well for the past few years I've had it,) but at second glance this looks like the Windows blocker.
  5. Whoot. Here it goes... OTL OTL logfile created on: 2/15/2010 4:15:25 PM - Run 1 OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\Joe\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 53.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free Paging file location(s): C:\pagefile.sys 1104 2208 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14.65 Gb Total Space | 0.30 Gb Free Space | 2.05% Space Free | Partition Type: NTFS Drive D: | 22.62 Gb Total Space | 5.23 Gb Free Space | 23.10% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 3.78 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS I: Drive not present or media not loaded Computer Name: MJ1 Current User Name: Joe Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Joe\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.) PRC - C:\Program Files\LogMeIn\x86\LMIGuardian.exe (LogMeIn, Inc.) PRC - C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe () PRC - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe () PRC - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe () PRC - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe () PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Program Files\Trend Micro\BM\TMBMSRV.exe () PRC - C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.) PRC - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation) PRC - C:\WINDOWS\system32\Keyhook.exe (Silicon Integrated Systems Corporation) PRC - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe (Symantec Corporation) PRC - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe (Symantec Corporation) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Joe\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\AppPatch\aclayers.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\shimeng.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.) SRV - (SfCtlCom) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe () SRV - (TmPfw) -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe () SRV - (TmProxy) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe () SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (TMBMServer) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe () SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.) SRV - (hpqcxs08) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZIPM12.DLL (Hewlett-Packard) SRV - (Net Driver HPZ12) -- C:\WINDOWS\system32\HPZINW12.DLL (Hewlett-Packard) SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (GhostStartService) -- C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe (Symantec Corporation) ========== Driver Services (SafeList) ========== DRV - (LMIRfsClientNP) -- C:\WINDOWS\system32\LMIRfsClientNP.dll (LogMeIn, Inc.) DRV - (tmxpflt) -- C:\WINDOWS\system32\drivers\tmxpflt.sys (Trend Micro Inc.) DRV - (tmpreflt) -- C:\WINDOWS\system32\drivers\tmpreflt.sys (Trend Micro Inc.) DRV - (vsapint) -- C:\WINDOWS\system32\drivers\vsapint.sys (Trend Micro Inc.) DRV - (tmactmon) -- C:\WINDOWS\system32\drivers\tmactmon.sys () DRV - (tmevtmgr) -- C:\WINDOWS\system32\drivers\tmevtmgr.sys () DRV - (tmcomm) -- C:\WINDOWS\system32\drivers\tmcomm.sys () DRV - (tmtdi) -- C:\WINDOWS\system32\drivers\tmtdi.sys (Trend Micro Inc.) DRV - (tmcfw) -- C:\WINDOWS\system32\drivers\TM_CFW.sys (Trend Micro Inc.) DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.) DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.) DRV - (lmimirr) -- C:\WINDOWS\system32\drivers\lmimirr.sys (LogMeIn, Inc.) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (sisagp) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (SiSkp) -- C:\WINDOWS\system32\drivers\srvkp.sys (Silicon Integrated Systems Corporation) DRV - (SiS315) -- C:\WINDOWS\system32\drivers\sisgrp.sys (Silicon Integrated Systems Corporation) DRV - (GhPciScan) -- C:\Program Files\Symantec\Norton Ghost 2003\GhPciScan.sys (Symantec Corporation) DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec) DRV - (smwdm) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.) DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation) DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.) DRV - (SiSide) -- C:\WINDOWS\System32\DRIVERS\siside.sys (Silicon Integrated Systems Corp.) DRV - (sisidex) -- C:\WINDOWS\system32\drivers\sisidex.sys (Windows ® 2000 DDK provider) DRV - (sisperf) -- C:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.) DRV - (aeaudio) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation) DRV - (StillCam) -- C:\WINDOWS\system32\drivers\serscan.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-329068152-1284227242-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ IE - HKU\S-1-5-21-329068152-1284227242-1801674531-1004\S-1-5-21-329068152-1284227242-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2010/02/15 13:56:11 | 000,002,065 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 74.125.45.100 4-open-davinci.com O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com O1 - Hosts: 74.125.45.100 privatesecuredpayments.com O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com O1 - Hosts: 74.125.45.100 getantivirusplusnow.com O1 - Hosts: 74.125.45.100 secure-plus-payments.com O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com O1 - Hosts: 74.125.45.100 www.getavplusnow.com O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com O1 - Hosts: 74.125.45.100 urs.microsoft.com O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com O1 - Hosts: 74.125.45.100 paysoftbillsolution.com O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com O1 - Hosts: 94.228.209.236 www.google.com O1 - Hosts: 94.228.209.236 google.com O1 - Hosts: 94.228.209.236 google.com.au O1 - Hosts: 94.228.209.236 www.google.com.au O1 - Hosts: 94.228.209.236 google.be O1 - Hosts: 94.228.209.236 www.google.be O1 - Hosts: 94.228.209.236 google.com.br O1 - Hosts: 94.228.209.236 www.google.com.br O1 - Hosts: 94.228.209.236 google.ca O1 - Hosts: 94.228.209.236 www.google.ca O1 - Hosts: 37 more lines... O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.) O4 - HKLM..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe (Symantec Corporation) O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.) O4 - HKLM..\Run: [siS Windows KeyHook] C:\WINDOWS\system32\Keyhook.exe (Silicon Integrated Systems Corporation) O4 - HKLM..\Run: [ufSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe () O4 - HKLM..\Run: [userFaultCheck] File not found O4 - HKU\.DEFAULT..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.) O4 - HKU\S-1-5-18..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.) O4 - HKU\S-1-5-19..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.) O4 - HKU\S-1-5-20..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.) O4 - HKU\S-1-5-21-329068152-1284227242-1801674531-1004..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.) O4 - HKU\S-1-5-21-329068152-1284227242-1801674531-1004..\Run: [skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-329068152-1284227242-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupd...b?1230168500243 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1230168550618 (MUWebControl Class) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/in...r_installer.exe (Virtools WebPlayer Class) O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll (PCPitstop Exam) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\Joe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Joe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/12/24 20:18:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2005/09/26 23:42:46 | 000,000,026 | R--- | M] () - H:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{dc2646d6-d2ec-11dd-a0b6-000ea6349306}\Shell - "" = AutoRun O33 - MountPoints2\{dc2646d6-d2ec-11dd-a0b6-000ea6349306}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{dc2646d6-d2ec-11dd-a0b6-000ea6349306}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/02/15 16:14:24 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Joe\Desktop\OTL.exe [2010/02/15 15:14:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Joe\IECompatCache [2010/02/15 15:12:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Joe\PrivacIE [2010/02/15 15:10:22 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Joe\IETldCache [2010/02/15 15:07:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010/02/15 15:04:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010/02/15 12:50:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Application Data\Malwarebytes [2010/02/15 12:50:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/02/15 12:50:26 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/02/15 12:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/02/15 12:50:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/02/14 16:16:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\MSEVSW [2010/02/14 16:14:37 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\13a6568 [2010/01/31 15:40:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google [2010/01/31 14:49:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2010/01/31 14:44:54 | 000,000,000 | RH-D | C] -- C:\MSOCache [2010/01/31 14:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Local Settings\Application Data\Microsoft Help [2010/01/31 14:22:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help [2010/01/30 19:48:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Local Settings\Application Data\3DVIA [2010/01/30 19:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Virtools [2010/01/30 18:36:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Application Data\GetRightToGo [2010/01/30 18:36:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Desktop\Downloads [2009/12/03 09:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ICS [2009/12/03 08:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp [2009/10/03 01:21:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp [2009/05/06 15:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2009/04/21 20:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2008/12/24 21:10:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2008/12/24 20:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2008/12/24 20:17:45 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2008/12/24 20:17:45 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 D:\Joes Documents\*.tmp files -> D:\Joes Documents\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/02/15 16:14:32 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Joe\Desktop\OTL.exe [2010/02/15 15:45:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1284227242-1801674531-1006UA.job [2010/02/15 15:10:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/02/15 15:10:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/02/15 15:09:21 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\Joe\NTUSER.DAT [2010/02/15 15:09:18 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Joe\ntuser.ini [2010/02/15 15:08:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/02/15 14:45:25 | 000,020,992 | ---- | M] () -- D:\Joes Documents\Step 2.doc [2010/02/15 13:56:11 | 000,002,065 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak [2010/02/15 13:56:11 | 000,002,065 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010/02/15 12:50:33 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/02/14 17:45:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1284227242-1801674531-1006Core.job [2010/02/14 15:45:28 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/02/12 11:01:20 | 000,038,912 | ---- | M] () -- D:\Joes Documents\Adrianna charrie sheet.doc [2010/02/11 21:27:20 | 000,026,112 | ---- | M] () -- D:\Joes Documents\Character Sheet Form.doc [2010/02/10 14:16:43 | 000,759,808 | ---- | M] () -- D:\Joes Documents\DRoP1.doc [2010/02/09 22:12:17 | 000,020,480 | ---- | M] () -- D:\Joes Documents\Pei Wei Restaurant Review.doc [2010/02/08 22:34:18 | 001,283,072 | ---- | M] () -- D:\Joes Documents\College_Bound_-_January_2010.doc [2010/02/06 14:53:28 | 000,290,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/02/05 23:31:57 | 000,000,000 | -HS- | M] () -- C:\Documents and Settings\Joe\Local Settings\Application Data\66a50jD3Vpls [2010/02/03 23:05:44 | 000,324,608 | ---- | M] () -- D:\Joes Documents\Newspaper.pub [2010/02/03 23:05:32 | 001,158,656 | ---- | M] () -- D:\Joes Documents\February Issue.pub [2010/02/03 22:14:51 | 000,017,788 | ---- | M] () -- D:\Joes Documents\graph.emf [2010/02/03 13:49:46 | 000,020,992 | ---- | M] () -- D:\Joes Documents\NEWSPAPER MEETING PLAN 2.doc [2010/02/02 20:54:38 | 000,081,776 | ---- | M] () -- C:\Documents and Settings\Joe\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2010/02/01 00:14:50 | 000,024,064 | ---- | M] () -- D:\Joes Documents\newspaper shtuff.doc [2010/02/01 00:14:39 | 000,047,104 | ---- | M] () -- D:\Joes Documents\articles_4_paper.doc [2010/01/31 22:52:44 | 000,249,005 | ---- | M] () -- D:\Joes Documents\Newspaper_pub.zip [2010/01/31 20:07:16 | 000,013,381 | ---- | M] () -- D:\Joes Documents\Celiac%20Follow%20Up%20wordpad[1].rtf [2010/01/31 18:06:04 | 000,025,088 | ---- | M] () -- D:\Joes Documents\Doc2.doc [2010/01/31 17:24:19 | 000,030,720 | ---- | M] () -- D:\Joes Documents\Da Interviews FOO.doc [2010/01/30 09:40:20 | 000,053,760 | ---- | M] () -- D:\Joes Documents\High School Transcript.doc [2010/01/25 11:58:48 | 000,022,016 | ---- | M] () -- D:\Joes Documents\mike his.doc [2010/01/21 20:34:16 | 000,019,968 | ---- | M] () -- D:\Joes Documents\a stupid woman.doc [2010/01/21 20:26:20 | 000,020,480 | ---- | M] () -- D:\Joes Documents\MEETING PLAN.doc [2010/01/21 20:18:30 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Office Word 2003.lnk [2010/01/19 19:29:46 | 000,022,016 | ---- | M] () -- D:\Joes Documents\Mike.doc [2010/01/19 19:21:01 | 000,000,030 | ---- | M] () -- C:\WINDOWS\Iedit.INI [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 D:\Joes Documents\*.tmp files -> D:\Joes Documents\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/02/15 14:45:24 | 000,020,992 | ---- | C] () -- D:\Joes Documents\Step 2.doc [2010/02/15 12:50:33 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/02/11 22:24:17 | 000,038,912 | ---- | C] () -- D:\Joes Documents\Adrianna charrie sheet.doc [2010/02/11 21:27:20 | 000,026,112 | ---- | C] () -- D:\Joes Documents\Character Sheet Form.doc [2010/02/09 21:34:12 | 000,020,480 | ---- | C] () -- D:\Joes Documents\Pei Wei Restaurant Review.doc [2010/02/08 22:34:14 | 001,283,072 | ---- | C] () -- D:\Joes Documents\College_Bound_-_January_2010.doc [2010/02/08 21:36:57 | 000,759,808 | ---- | C] () -- D:\Joes Documents\DRoP1.doc [2010/02/05 23:31:57 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\Joe\Local Settings\Application Data\66a50jD3Vpls [2010/02/03 22:14:50 | 000,017,788 | ---- | C] () -- D:\Joes Documents\graph.emf [2010/02/03 13:49:46 | 000,020,992 | ---- | C] () -- D:\Joes Documents\NEWSPAPER MEETING PLAN 2.doc [2010/02/01 00:14:49 | 000,024,064 | ---- | C] () -- D:\Joes Documents\newspaper shtuff.doc [2010/02/01 00:08:37 | 000,324,608 | ---- | C] () -- D:\Joes Documents\Newspaper.pub [2010/02/01 00:01:45 | 001,158,656 | ---- | C] () -- D:\Joes Documents\February Issue.pub [2010/01/31 22:52:42 | 000,249,005 | ---- | C] () -- D:\Joes Documents\Newspaper_pub.zip [2010/01/31 20:06:49 | 000,013,381 | ---- | C] () -- D:\Joes Documents\Celiac%20Follow%20Up%20wordpad[1].rtf [2010/01/31 18:06:04 | 000,025,088 | ---- | C] () -- D:\Joes Documents\Doc2.doc [2010/01/31 17:24:19 | 000,030,720 | ---- | C] () -- D:\Joes Documents\Da Interviews FOO.doc [2010/01/31 14:50:24 | 000,047,104 | ---- | C] () -- D:\Joes Documents\articles_4_paper.doc [2010/01/30 09:40:20 | 000,053,760 | ---- | C] () -- D:\Joes Documents\High School Transcript.doc [2010/01/23 15:00:51 | 000,022,016 | ---- | C] () -- D:\Joes Documents\mike his.doc [2010/01/21 20:34:16 | 000,019,968 | ---- | C] () -- D:\Joes Documents\a stupid woman.doc [2010/01/21 20:26:19 | 000,020,480 | ---- | C] () -- D:\Joes Documents\MEETING PLAN.doc [2010/01/19 19:29:45 | 000,022,016 | ---- | C] () -- D:\Joes Documents\Mike.doc [2008/12/29 13:57:05 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Iedit.INI [2008/12/26 11:32:39 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008/12/25 21:37:47 | 000,153,104 | ---- | C] () -- C:\WINDOWS\System32\drivers\tmcomm.sys [2008/12/25 21:37:47 | 000,050,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\tmevtmgr.sys [2008/12/25 21:37:47 | 000,050,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\tmactmon.sys [2008/12/25 18:00:49 | 000,007,362 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log [2008/12/24 21:24:16 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Joe\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/12/24 21:06:02 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll [2008/12/24 21:06:02 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll [2008/12/24 21:06:02 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll [2008/12/24 21:06:02 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll [2008/12/24 21:06:02 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll [2008/12/24 20:31:41 | 000,139,264 | R--- | C] () -- C:\WINDOWS\System32\IDEproperty.dll [2008/12/24 20:26:43 | 000,121,948 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini [2008/12/24 20:26:28 | 000,108,562 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini [2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL [2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI < End of report > Extras: OTL Extras logfile created on: 2/15/2010 4:15:26 PM - Run 1 OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\Joe\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 53.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free Paging file location(s): C:\pagefile.sys 1104 2208 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14.65 Gb Total Space | 0.30 Gb Free Space | 2.05% Space Free | Partition Type: NTFS Drive D: | 22.62 Gb Total Space | 5.23 Gb Free Space | 23.10% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 3.78 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS I: Drive not present or media not loaded Computer Name: MJ1 Current User Name: Joe Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "H:\setup\HPZNUI01.EXE" = H:\setup\HPZNUI01.EXE:*:Enabled:hpznui01.exe -- File not found "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- File not found "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- File not found "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- File not found "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- File not found "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- File not found "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- File not found "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- File not found "C:\Program Files\TRACKSTERS\update.exe" = C:\Program Files\TRACKSTERS\update.exe:*:Enabled:TrueUpdate Client -- () "C:\Program Files\TRACKSTERS\Tracksters.exe" = C:\Program Files\TRACKSTERS\Tracksters.exe:*:Enabled:Tracksters -- () "C:\Documents and Settings\All Users\Application Data\13a6568\MS13a6.exe" = C:\Documents and Settings\All Users\Application Data\13a6568\MS13a6.exe:*:Enabled:My Security Wall -- () "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype
  6. Of course! Where would you like to start?
  7. Also, (wow, what occurs to me when I'm thinking,) I get redirects when i click on google links. It always directs me to another site that TrendMicro says is a bad site and blocks, and I have to hit the "back" button to get to whatever site I wanted to. I'm sure that's an issue - it's never happened before this.
  8. Also, when I registered for your site, my antivirus didn't like me using my email. It's not giving me the error message now, but occasionally when I pull up google, it gives me error notes that my HOSTS file has been changed. (And I did have to go in and change it. Again.) It seems to be working now, but I'm trying to give you all the details I can remember. I'm not great with computers - I'm just the only one in the house who knows more than just how to use email and facebook. Please use plain english? There's only so much techno jargon I understand... I'll try, though.
  9. Hello! While I was out errand-ing on Valentine's Day, my brother called me, panicked, because something had popped up on our computer - something that said we had an innumerable number of viruses and trojans and whatnot. I smelled virus, so I told him to run a virus scan with our antivirus, PC Cillin, until I got home and could look at it myself. Well, little did I know, but we had gotten this insidious trojan-thing, My Security wall. I ran a few searches, and learned that the thing that was most likely to take it out was Malwarebytes, so I downloaded it and removed it. So I thought. As this computer has always been a bit... sketchy, it wouldn't let me enter the password after I removed the My Security Wall, so I restarted it again. Surprise of surprises, the insidious thing had popped up again when I tried to delete one last icon that I courteously thought the program had missed. However, knowing the mood swings of this computer, I ran the Malwarebytes again, and it seemed to do the job. However, one last vestige of the virus is ticking around - gala search engine. Whenever I entered anything into the search bar at the top, it redirected me to Gala Search. I tried everything, including upgrading to IE 8, trying to get rid of the thing. However, nothing's working. Please help? I would just tell my family to not use the toolbar, but they'd forget and use it anyway, releasing goodness knows what viruses into our computer, forcing me to spend another five hours on the computer attempting to delete and remove them. What should I do?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.