ore262

Members
  • Content Count

    44
  • Joined

  • Last visited

About ore262

  • Rank
    Full Member
  • Birthday 04/04/1946

Profile Information

  • Gender
    Male

Previous Fields

  • Operating System
    windows 7
  1. Here's the log Chuck, All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9bb2c1cc-4a7d-4cd5-bce9-0ca5f9ff8391}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9bb2c1cc-4a7d-4cd5-bce9-0ca5f9ff8391}\ not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchSco
  2. Have not seen a new problem, here's report: OTL logfile created on: 3/3/2014 11:11:57 AM - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Oscar\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16518) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.86 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 50.97% Memory free 7.71 Gb Paging File | 4.91 Gb Available in Paging File | 63.63% Paging File free Paging file location(s): ?:\pagefile.sys [bin
  3. Removed these 2, Google talk plugin video renderer 5.15.17733, Google update 1.3.22.5. Problem seemed to start when Google update 1.3.22.5 was updated or installed Everything else is disabled except adobe acrobat.
  4. OK Chuck, will see what happens and update you. Oscar
  5. plugins in FF, I did my best to copy accurately, wish there was an easier way Adobe acrobat 11.0.6.70 Google earth plugin 7.1.2.2041 Google talk plugin 5.15.17733 Google talk plugin video accelerator 0.1.44.29 Google talk plugin video renderer 5.15.17733 Google update 1.3.22.5 Java deployment toolkit 7.0.510.13 10.51.2.13 NPRuntime script plug-in library for Java Deploy (says vunerable use with caution) Java platform SE 7 U51 10.51.2.13 Next generation Java plug-in 10.51.2 for mozilla browsers Nokia suite enabler plugin 1.0.0.1 nokia suite enabler plugin Shockwave Flash 12.0.0.70 sh
  6. Wow search changes FF search, Utop.it keeps trying to change home page in IE. Logs from suggested scans follow: # AdwCleaner v3.020 - Report created 02/03/2014 at 09:25:34 # Updated 27/02/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Oscar - OSCAR-HP # Running from : C:\Users\Oscar\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16518 -\\ Mozilla Firefox v27.0.1 (en-US) [ F
  7. Thanks for all the help Chuck. Ran Eset again and it came up clean. Thank you, be safe, Oscar
  8. Chuck, I have never made a mistake, ha ha, ran Eset again and came up with this: C:\Users\Oscar\AppData\Local\Downloaded Installations\{4175787A-9EE1-4D7D-9D00-F80F59573684}\The Weather Channel App.msi a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined C:\Users\Oscar\Desktop\chrome downloads\driverbooster-cnet-setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined C:\Users\Oscar\Desktop\chrome downloads\rcsetup150.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
  9. Got this from your post when you told me to run Eset: 7. Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked. 8. Now click on Advanced Settings and select the following: Will run Eset again with the box to remove threats checked
  10. Second scan found this: C:\Users\Oscar\AppData\Local\Downloaded Installations\{4175787A-9EE1-4D7D-9D00-F80F59573684}\The Weather Channel App.msi a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000a6b HTML/ScrInject.B.Gen virus C:\Users\Oscar\Desktop\chrome downloads\driverbooster-cnet-setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application C:\Users\Oscar\Desktop\chrome downloads\rcsetup150.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Osc
  11. I made a copy of the infection found by Eset, don't know that you need it............... C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000a6b HTML/ScrInject.B.Gen virus Chuck, I ran a second scan with Eset and found more stuff. Presently it has found 11 infections
  12. Chuck, I have used Eset online scanner quite a few times just to back up other scans. I ran it prior to posting here and don't remember that it came up with anything other than an Eicar file I had saved for test purposes, anyway here is the report from today... Oscar ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=9c3acbe7b6b9c34ca3c6476a0b51c1ed # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc
  13. I picked it up while installing a program from internet to watch free movies. I don't understand what this means, especially about firefox, I don't playWorld of WarCraft: Sometimes this will happen with 2 things. 1. Something wrong with Firefox so they will reset it ! 2. From playing World of WarCraft, they delete it ! I have not seen utop.it or wow search in IE or firefox since I started this post but I had removed it from IE homepage using superantispyware and removed the wow search from FF by managing search engines Will uninstall combofix per your directions. Question: Am I STILL