desktop.inin

[whonew]

There is something wrong with your site, or my ability to use it. I leave message and they don't appear when I come back , I have to do it again

[kevinf80]

Run the following please...

 

Please download RogueKiller from here:

 

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe'>http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe  <- 32 bit version

http://www.sur-la-toile.com/RogueKiller/RogueKillerX64.exe'>http://www.sur-la-toile.com/RogueKiller/RogueKillerX64.exe  <- 64 bit version

                                   

• Make sure to get the correct version for your system.
  
• Quit all running programs
  
• Please disconnect any USB or external drives from the computer before you run this scan!
  
• For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
  
• Wait until Prescan has finished...
  
• The following EULA will appear, please select accept
   
  
   
  
• Ensure MBR scan, Check faked and AntiRootkit are checked
  
• Select Scan
   
  
   
  
• When the scan completes select Report, copy and paste that to your reply.
   
  
   
  
• The log should be found in RKreport[?].txt on your Desktop
  
• Exit/Close RogueKiller
  
  

[whonew]

I can not get to that rouge cleaner , I am getting all about blank

[kevinf80]

If you are using firefox single left click on the relevant link to RogueKiller, in your case will be 64bit. You should see the following image open, just click on save to get the tool...

 

 

[whonew]

I forgot to remove that  USB plug for the mouse , should I run this again?

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Judith [Admin rights]
Mode : Scan -- Date : 04/05/2014 14:12:45
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 2 ¤¤¤
[V2][sUSP PATH] {6F88532B-D144-4717-AE5F-28A0F751BAAB} : C:\Users\Judith\Desktop\ccsetup404.exe [x] -> FOUND
[V2][sUSP PATH] {D6316FFE-752C-4829-A453-86D7913742E7} : C:\Users\Judith\Desktop\ccsetup404.exe [x] -> FOUND

¤¤¤ Startup Entries : 1 ¤¤¤
[Default][sUSP PATH] Best Buy pc app.lnk : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk @C:\PROGRA~3\BESTBU~1\CLICKO~1.EXE "C:\ProgramData\Best Buy pc app\Best Buy pc app.application" [-][-][-] -> FOUND

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK3263GSX SATA Disk Device +++++
--- User ---
[MBR] 9e8f412a99a73d54b7d3eb5c7517e639
[bSP] dd31abf08a520e07dd4a17189ded9c8f : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 292137 MB
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 601370624 | Size: 11607 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_04052014_141245.txt >>

 

 

[kevinf80]

That log is clean, are the only issues you have Desk.ini showing and the problem with typing? or are there more

[whonew]

I have that desktop ini and I have problems typing .

[kevinf80]

Click on Start, type or copy/paste the following into the search box folder options select enter...

 

The folder options window will open, select the view tab. In the new widow make sure the boxes are checked as per the following image, when done select apply then ok...Is desktop.ini gone/

 

 

 

 

[whonew]

Thank you, and you were very quick and efficient. but miy typing still jumps back and this time I did not go back t fix it so you can see what it is doing. I had given you an example . It is dangerous for when I go to a User ID box and put in my ID, I then go to the Pass word box and begin typing my pass word but it automatically jumps back into the User ID box and makes my Pass word readable, i.e. visible 

[kevinf80]

Is Desktop.ini cleared, also is this a laptop or Tower PC

[whonew]

I did not run clean or fix in  Rouge killer and I ran it again . I looked on lone and EAT @ explorer.exe is called a Rouge

 

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Judith [Admin rights]
Mode : Scan -- Date : 04/05/2014 15:17:45
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 2 ¤¤¤
[V2][sUSP PATH] {6F88532B-D144-4717-AE5F-28A0F751BAAB} : C:\Users\Judith\Desktop\ccsetup404.exe [x] -> FOUND
[V2][sUSP PATH] {D6316FFE-752C-4829-A453-86D7913742E7} : C:\Users\Judith\Desktop\ccsetup404.exe [x] -> FOUND

¤¤¤ Startup Entries : 1 ¤¤¤
[Default][sUSP PATH] Best Buy pc app.lnk : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk @C:\PROGRA~3\BESTBU~1\CLICKO~1.EXE "C:\ProgramData\Best Buy pc app\Best Buy pc app.application" [-][-][-] -> FOUND

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\windows\System32\AltTab.dll @ 0xF61B20D8)
[Address] EAT @explorer.exe (DllGetClassObject) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\windows\System32\AltTab.dll @ 0xF61B20EC)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK3263GSX SATA Disk Device +++++
--- User ---
[MBR] 9e8f412a99a73d54b7d3eb5c7517e639
[bSP] dd31abf08a520e07dd4a17189ded9c8f : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 292137 MB
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 601370624 | Size: 11607 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_04052014_151745.txt >>

 

 

[kevinf80]

That log is clean, there is no malware or infection present. Exactly what do you think is wrong with the log and why?

 

Also you did not answer my last query...

 

 

Is Desktop.ini cleared, also is this a laptop or Tower PC

[whonew]

I no longer see the desk top ini and this is a laptop

[kevinf80]

You mention using a mouse earlier, why do you need a mouse with a laptop. Can you also tell me the make of laptop you have..

[whonew]

The mouse pad will not work, I have a Satellite C655 Toshiba, and I don't use the pad , I am of a older generation hard to learn new tricks.

[kevinf80]

Go to this link: http://forums.computers.toshiba-europe.com/forums/thread.jspa?messageID=108516 to the Toshiba Support Forum, read the answer given by "silas" regarding your current issue. Let me know if that solves the problem..

 

Kevin...

[whonew]

Thank you, can you let me know how to remove all these dowSloads we just did on my desktop?  Many will not appear in add/'remove

[kevinf80]

Download "Delfix by Xplode" and save it to your desktop.

 

"Delfix link mirror"

 

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

 

Make Sure the following items are checked:

 

 

•  

     

• Activate UAC

   

     

• Remove disinfection tools 
• 
  

     

• Purge System Restore

   

     

• Reset system settings

   

   

 

 

Now click on "Run" and wait patiently until the tool has completed.

 

The tool will create a log when it has completed. Any logs left on the Desktop or in the downloads folder can be deleted... Let me know if you have any remaining issues or concerns....

 

Read the following link to fully understand PC security and best practices, you may find it useful....

 

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

 

Thanks,

 

Kevin...

[whonew]

Question first: I had taken the computer (Toshiba Laptop) to a technician to back it up to My Passport , will that make a difference? I did not know how and only seem to mess things up

[kevinf80]

 

Question first: I had taken the computer (Toshiba Laptop) to a technician to back it up to My Passport , will that make a difference? I did not know how and only seem to mess things up

 

I do not understand what you ask, when was the backup done, what was backed up....

[whonew]

I had it backed up on March 23 not that long ago and he was supposed to fix that typing problem also, but my husband wants to find a new tech

[kevinf80]

Did you go to the suggested link in reply #41, that would give advice to turn off the touchpad. As you use a mouse the touch pad can cause issue if left active, even though you say it does not work...

 

I would like you to run Delfix to remove tools and clean up. After that we can look more closely at the writing issue.

 

Thank you,

 

Kevin

[whonew]

Done thank you

# DelFix v10.6 - Logfile created 07/04/2014 at 10:37:57
# Updated 11/11/2013 by Xplode
# Username : Judith - KIRK-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Judith\Desktop\RK_Quarantine
Deleted : C:\TDSSKiller.3.0.0.25_03.03.2014_20.01.41_log.txt
Deleted : C:\TDSSKiller.3.0.0.28_04.04.2014_09.56.52_log.txt
Deleted : C:\TDSSKiller.3.0.0.28_04.04.2014_10.00.01_log.txt
Deleted : C:\Users\Judith\Desktop\Addition.txt
Deleted : C:\Users\Judith\Desktop\AdwCleaner.exe
Deleted : C:\Users\Judith\Desktop\dds.scr
Deleted : C:\Users\Judith\Desktop\dds.txt
Deleted : C:\Users\Judith\Desktop\Fixlog.txt
Deleted : C:\Users\Judith\Desktop\FRST.txt
Deleted : C:\Users\Judith\Desktop\FRST64.exe
Deleted : C:\Users\Judith\Desktop\FSS.exe
Deleted : C:\Users\Judith\Desktop\RKreport[0]_S_04052014_151745.txt
Deleted : C:\Users\Judith\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Judith\Desktop\tdsskiller.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Cleaning system restore ...

Deleted : RP #132 [scheduled Checkpoint | 03/06/2014 20:42:25]
Deleted : RP #133 [Windows Update | 03/11/2014 21:34:41]
Deleted : RP #134 [Windows Update | 03/12/2014 23:15:38]
Deleted : RP #135 [Windows Update | 03/18/2014 23:03:10]
Deleted : RP #136 [Windows Backup | 03/24/2014 20:02:14]
Deleted : RP #137 [Windows Update | 03/25/2014 17:29:42]
Deleted : RP #138 [Windows Update | 03/28/2014 20:33:18]
Deleted : RP #139 [Windows Update | 04/01/2014 18:36:37]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

[kevinf80]

What is the status with cursor jumping about, did you disable the touchpad as per the lnk in reply #41

[whonew]

Yes thank you , did not work from inside program but I think the  FN + F11 was the answer.  The help section of this computer tells me it is not on line , but I know it was originally , I used to try to learn how to use the Windows 7 from there and the book is not so good