Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

One last try!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

One last try!

Unread postby thebhound8 » November 19th, 2010, 7:44 pm

About a month ago I found out that I had Malware that would take information every time I rebooted the computer. I removed that program while under safe mode and the downloaded PC Tools internet security and all of the protection items they offered. I am now suspecting there is more that PC tools is not finding. The computer is moving at about half the speed it was before the original Malware. Explore is frozen just about every time I use it (not sure if that is just IE it's self). When the computer freezes I try to run task manager and it gives me an error box with no code or message except error. If you can help that would be great!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:29:17 PM, on 11/19/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\PC Tools Security\pctsGui.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\dcmsvc\dcmsvc.exe
C:\Program Files\HP\Button Manager\Button Manager.exe
C:\Program Files\PC Tools Security\BDT\FGuard.exe
C:\Program Files\Common Files\PC Tools\Outlook Express API\launcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\PC Tools Security\SpamMonitor\PCTools Email Toolbars\WLMailApiAgent.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\NETGEAR\WPN111\wpn111.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Highjack This\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsig ... &id=254014
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [SPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"
O4 - HKLM\..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe
O4 - HKLM\..\Run: [Button Manager.exe] C:\Program Files\HP\Button Manager\Button Manager.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\PC Tools Security\pctsGui.exe" /hideGUI
O4 - HKLM\..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe
O4 - HKLM\..\Run: [Nektra OEAPI] C:\Program Files\Common Files\PC Tools\Outlook Express API\Launcher.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WLMailPlugin] C:\Program Files\PC Tools Security\SpamMonitor\PCTools Email Toolbars\WLMailApiAgent.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} (Domino Web Access 8 Control) - https://usbportal.usbank.com/,DanaInfo= ... +dwa8W.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MgiSvr - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\PC Tools Security\TFEngine\TFService.exe

--
End of file - 11715 bytes
thebhound8
Regular Member
 
Posts: 22
Joined: November 12th, 2010, 8:58 pm
Advertisement
Register to Remove

Re: One last try!

Unread postby askey127 » November 22nd, 2010, 3:10 pm

Hi thebhound8
Please post the Installed Programs list.
Do you use the Warner Bros Digital Copy manager?
-----------------------------------------------------------
Retrieve the List of Installed programs Using HJT
Open HijackThis (right click and choose "Run as administrator"), click Open The Misc Tools Section. Then scroll down the list if you need to, click Open Uninstall Manager and Save List...
The List of installed programs will automatically be saved as uninstall_list.txt in your HiJackThis folder.
In addition, the list opens in Notepad so you can also save as another name in another location if you wish.
Please paste the contents into your next reply.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: One last try!

Unread postby thebhound8 » November 22nd, 2010, 6:04 pm

I have digital copies that are in the Warner Bros Digital Copy manager if it is suspect I have no problem getting rid of it.

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.2
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Magic-i 3
ArcSoft VideoImpression 2
ArcSoft WebCam Companion 2
Bonjour
Browser Defender 3.0
Button Manager
Chuzzle
Coupon Printer for Windows
Creative MediaSource 5
dcmsvc 1.0
DeductionPro 2007
DoubleMySpeed Registry Scanner
Google Chrome
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
H&R Block California 2009
H&R Block Deluxe + Efile 2009
H&R Block Nebraska 2009
Hardware Diagnostic Tools
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Experience Enhancements
HP Customer Feedback
HP Driver Diagnostics
HP Easy Setup - Frontend
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.0
HP Product Detection
HP Update
HP Webcam User’s Guide
Intel(R) Matrix Storage Manager
iTunes
Java(TM) 6 Update 2
Java(TM) 6 Update 22
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Junk Mail filter update
LeapFrog Connect
LeapFrog Connect
LeapFrog My Pals Plugin
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
MobileMe Control Panel
Mozilla Firefox (3.6.11)
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.0
My HP Games
Netflix Movie Viewer
NETGEAR RangeMax(TM) Wireless USB 2.0 Adapter WPN111
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA Stereoscopic 3D Driver
OGA Notifier 2.0.0048.0
OpenOffice.org Installer 1.0
PC Tools Anti-Spam Toolbar
PC Tools Internet Security 8.0
Pdf995 (installed by TaxCut)
PdfEdit995 (installed by TaxCut)
Python 2.4.3
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Rhapsody
Rhapsody Player Engine
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Creator v9
Roxio Express Labeler 3
Roxio MyDVD Basic v9
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Sierra 3D Deck
Sierra Electrical Wiring
Sierra Home Architect
Sound Blaster X-Fi
System Requirements Lab
TaxCut California 2007
TaxCut Premium + State 2007
The Weather Channel Desktop 6
TurboTax 2008
TurboTax 2008 wcaiper
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Walmart MP3 Music Downloads
Warner Bros. Digital Copy Manager
Warner Bros. Digital Copy Manager
WeatherBug
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Yahoo! Toolbar for Internet Explorer
thebhound8
Regular Member
 
Posts: 22
Joined: November 12th, 2010, 8:58 pm

Re: One last try!

Unread postby askey127 » November 22nd, 2010, 6:26 pm

thebhound8,
Thanks for the Warner info. That's no problem.
Quite a lot to do here.
Just take one step at a time.
-----------------------------------------------------------
Remove Registry items with HighjackThis. Start HijackThis. (Right-click and "Run as administrator" in Vista/Win7)
Click Do System Scan Only. When the Scan is complete, Check the following entries:
(Some of these lines may be missing)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe

Make sure Every other window except HJT is closed (No other tabs showing in the bottom tray), and Click Fix Checked
Click the "X" in the upper right corner of the HiJackThis window to close it.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Uninstall a program under the Programs heading.
NOTE: DO NOT REMOVE Java(TM) 6 Update 22
Right click each Entry, as follows, one by one, if it exists, choose Uninstall/Change, and give permission to Continue:

Adobe Reader 8.1.2
Browser Defender 3.0
Coupon Printer for Windows
DoubleMySpeed Registry Scanner
Google Update Helper
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
WeatherBug

Take extra care in answering questions posed by any Uninstaller.
--------------------------------------------------------
Download and Install the newest version of Adobe Reader for reading pdf files, due to the vulnerabilities in earlier versions.
All versions numbered lower than 9.4 are vulnerable.
Go HERE and click on AdbeRdr940_en_US.exe to download the latest version of Adobe Acrobat Reader.
Save this file to your desktop and run it to install the latest version of Adobe Reader.
----------------------------------------------
Download and Run Temp File Cleaner (TFC.exe)
Download Temp File Cleaner and save it to your desktop.
Right click and choose Run as Administrator to run it.
If you have a lot of junk files to remove, it could take a while, so please be patient and let it finish.
When it's done, if it asks to Reboot, choose to do so. This will remove files that could not be removed while Windows was running.
After Restart, log back in to your usual account.
----------------------------------------------------------------------------------
Download and Run MalwareBytes' Anti-Malware It is free for non-business use.
Please go here to the Download Location, click on Download.
  • After clicking on the download and choosing Save, the "Save to location" dialog will come up.
  • Click the browse folders button, then click on Desktop on the left as the location for the installer and click Save again. Close the dialog when the download is complete.
  • You should now have a desktop icon named mbam-setup.exe.
  • Right click it, choose Run as administrator and Continue
  • Let it install where it wants to, with the default settings, and click Finish.
  • If an update is found, it will download and install the latest version. A shield symbol will show on the desktop icon while it is updating, and will disappear when it's done.
  • If necessary, start Malwarebytes Anti-Malware again.
  • Once the program has started up, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • If it found any malware items, check all items except items in the C:\System Volume Information folder... and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location, and post the contents in your reply.
  • The log can also be found using the "Logs" tab in the program. You can click any "Scan" log listed to open its contents. The logs are listed and named by time/date stamp.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: One last try!

Unread postby thebhound8 » November 22nd, 2010, 9:15 pm

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5173

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18975

11/22/2010 7:14:34 PM
mbam-log-2010-11-22 (19-14-34).txt

Scan type: Quick scan
Objects scanned: 152353
Time elapsed: 7 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
thebhound8
Regular Member
 
Posts: 22
Joined: November 12th, 2010, 8:58 pm

Re: One last try!

Unread postby askey127 » November 22nd, 2010, 9:26 pm

thebhound8,
I think we are making some progress.

Let's check whether you have any other leftover infected files or settings.
This scan can take a long time (hours), but it is very thorough. Please start it when you can let it finish.
It doesn't remove anything. The report, however, is very valuable.
-----------------------------------------------------
Run an Online Kaspersky WebScan
  • Please go to Kaspersky website and perform an online antivirus scan.
  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the Program and Database downloads have finished, (may take a while), Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post the contents of this log in your next reply.

Let me know how it goes.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: One last try!

Unread postby thebhound8 » November 23rd, 2010, 6:54 pm

So each time I try to start the Kaspersky online scanner it gives me an error and says the Licenses has expired. (It gets to were it checks for updates then gives the error) It then tells me to go to Kaspersky Labs to download from the site but even when I try to download a free trial it froze the computer up and sat for three hours on a black screen saying installing and never completed. Any advice from here?
thebhound8
Regular Member
 
Posts: 22
Joined: November 12th, 2010, 8:58 pm

Re: One last try!

Unread postby askey127 » November 23rd, 2010, 9:43 pm

OK. Let's do this one.
------------------------------------------
Scan with ESET online scanner:
  • Open Internet Explorer by right-clicking the IE icon (on the Start menu or quick launch) and selecting Run as administrator
  • NOTE: Internet Explorer will temporarily have administrator privileges, this is required for the scan but dangerous for normal surfing so do NOT open any other websites in IE until after the scan has finished and this window has been closed.
  • Open the ESET Online Scanner in Internet Explorer
  • Tick the box next to YES, I accept the Terms of Use. and click Start
  • Allow the ActiveX control to be installed by Internet Explorer
  • Once the ActiveX has finished loading click Start to initialize and update the scanner
  • When the Computer scan screen appears, leave Remove found threats UN-checked, but check the box next to Scan unwanted applications. Then click Scan to begin the scan.
  • Once complete and the summary page appears, press Start, copy/paste the following command into the search box and press Enter:
    notepad "C:\Program Files\EsetOnlineScanner\log.txt"
  • The log file should now appear in Notepad, copy and paste the contents in your next response.
  • Please be sure to close this Internet Explorer window before continuing.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: One last try!

Unread postby thebhound8 » November 24th, 2010, 8:46 am

C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\286463dc-2c7bcac4 multiple threats
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\29d45da8-4d3fbc87 multiple threats
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\388d1971-74049b2c multiple threats
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\578cd3b3-6cbc70fc a variant of Java/TrojanDownloader.OpenStream.NAU trojan
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\2371d6c6-77c7359a multiple threats
thebhound8
Regular Member
 
Posts: 22
Joined: November 12th, 2010, 8:58 pm

Re: One last try!

Unread postby askey127 » November 24th, 2010, 11:37 am

thebhound8,
We are going to remove your Java, delete some folders, and reload a fresh Java version.
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Uninstall a program under the Programs heading.
Right click each Entry, as follows, one by one, if it exists, choose Uninstall/Change, and give permission to Continue:

Java(TM) 6 Update 22

Take extra care in answering questions posed by any Uninstaller.
------------------------------------------------------------
Please download OTM and save to your Desktop.
  • Please double-click OTM.exe to run it. (Note: If you are running on Vista or Win7, right-click on the file and choose Run As Administrator).
  • Copy the lines from the codebox to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy). Do NOT copy the word "Code" :
Code: Select all
:processes
explorer.exe

:files
C:\Users\Bassett\AppData\LocalLow\Sun
C:\Program Files\Java

:commands
[start explorer]
[emptytemp]
  • Return to OTM, right-click in the "Paste instructions for items to be moved" window (under the yellow bar) and choose Paste
  • Then click the red MoveIt! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of it and pressing CTRL + C (or, after highlighting, right-click and choose Copy), and paste it into your next Reply.
  • If OTM asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot. Please copy and paste the contents in your reply.
  • Close OTM.
Note: the logs are saved in C:\_OTM\MovedFiles\ if you need to retrieve one.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: One last try!

Unread postby thebhound8 » November 24th, 2010, 9:58 pm

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Users\Bassett\AppData\LocalLow\Sun\Java\jre1.6.0_22 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\9 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\8 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\7 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\63 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\62 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\61 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\60 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\6 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\59 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\58 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\57 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\56 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\55 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\53 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\52 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\51 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\5 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\49 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\48 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\47 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\45 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\44 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\43 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-2e3156fa-n folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\41 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\40 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-34a66d7d-n folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\39 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\38 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\37 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\36 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\35 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\34 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\33 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\31 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\30 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\3 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\29 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\28 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\27 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\25 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\24 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\22 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\21 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\20 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\2 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\19 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\18 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\16 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\15 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\14 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\13 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\12 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\11 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\10 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\1 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\0 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\SystemCache folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\security folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\log folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\ext folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\6baea4fe-3678d908-n folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\1a209876-79c2f55c-n folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\1a209876-1334f011-n folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\5535ab32-5d6f19a2-n folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\f84c6ae-21a2fcab-n folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\759e98ee-2dd6afc6-n folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\4f710eed-68234bac-n folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\6d0ad391-6b4e5bc1-n folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\6d0ad391-1b155f1f-n folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\Deployment folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java\AU folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun\Java folder moved successfully.
C:\Users\Bassett\AppData\LocalLow\Sun folder moved successfully.
File/Folder C:\Program Files\Java not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users
->Temp folder emptied: 0 bytes
-> No Temporary Internet Files cache folder defined!

User: Bassett
-> No Temporary Internet Files cache folder defined!

User: Default
-> No Temporary Internet Files cache folder defined!

User: Default User
-> No Temporary Internet Files cache folder defined!

User: Public
-> No Temporary Internet Files cache folder defined!

User: TEMP
-> No Temporary Internet Files cache folder defined!

User: TEMP.Bassett-PC
-> No Temporary Internet Files cache folder defined!

User: TEMP.Bassett-PC.000
-> No Temporary Internet Files cache folder defined!

User: TEMP.Bassett-PC.001
-> No Temporary Internet Files cache folder defined!

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10278 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 34254 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 741 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 0.00 mb


OTM by OldTimer - Version 3.1.17.2 log created on 11242010_193940

Files moved on Reboot...

Registry entries deleted on Reboot...
thebhound8
Regular Member
 
Posts: 22
Joined: November 12th, 2010, 8:58 pm

Re: One last try!

Unread postby askey127 » November 25th, 2010, 7:37 am

That looks good. tell me how the machine is running.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: One last try!

Unread postby thebhound8 » November 25th, 2010, 1:18 pm

Its running great so far. So is it safe to download Java? I guess what ever games she plays on facebook use Java. Hope you have a great Thanksgiving and thank you for your help!
thebhound8
Regular Member
 
Posts: 22
Joined: November 12th, 2010, 8:58 pm

Re: One last try!

Unread postby askey127 » November 25th, 2010, 8:19 pm

Sure. Do it this way.
------------------------------------------------------------
Download and Install the latest version of Java Runtime Environment from here : http://java.sun.com/javase/downloads/index.jsp, and install it to your computer.
In the first section on the page, labeled JDK 6 Update 22 (JDK or JRE), click on the button labeled Download JRE. Do NOT choose the button labeled "Download JDK".
Select the Platform Windows and check the box to agree to the license.
Choose the Windows Offline installation version and click on the link.
Download it, choose Save, and save it to your desktop.
Then doubleclick it on your desktop, (or right click and choose "Run as administrator") and it will install the newest version of Java for you to use.
You can then remove the Installer from your desktop.

Whenever you do a Java update, check the Control panel, Add/Remove Programs to be sure the old one was uninstalled.
Old Java versions are a prime vulnerability for infections.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: One last try!

Unread postby thebhound8 » November 25th, 2010, 9:41 pm

Thank You for all your help.
thebhound8
Regular Member
 
Posts: 22
Joined: November 12th, 2010, 8:58 pm
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 49 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware