ore262

Members
  • Content Count

    44
  • Joined

  • Last visited

Everything posted by ore262

  1. Here's the log Chuck, All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9bb2c1cc-4a7d-4cd5-bce9-0ca5f9ff8391}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9bb2c1cc-4a7d-4cd5-bce9-0ca5f9ff8391}\ not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchSco
  2. Have not seen a new problem, here's report: OTL logfile created on: 3/3/2014 11:11:57 AM - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Oscar\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16518) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.86 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 50.97% Memory free 7.71 Gb Paging File | 4.91 Gb Available in Paging File | 63.63% Paging File free Paging file location(s): ?:\pagefile.sys [bin
  3. Removed these 2, Google talk plugin video renderer 5.15.17733, Google update 1.3.22.5. Problem seemed to start when Google update 1.3.22.5 was updated or installed Everything else is disabled except adobe acrobat.
  4. OK Chuck, will see what happens and update you. Oscar
  5. plugins in FF, I did my best to copy accurately, wish there was an easier way Adobe acrobat 11.0.6.70 Google earth plugin 7.1.2.2041 Google talk plugin 5.15.17733 Google talk plugin video accelerator 0.1.44.29 Google talk plugin video renderer 5.15.17733 Google update 1.3.22.5 Java deployment toolkit 7.0.510.13 10.51.2.13 NPRuntime script plug-in library for Java Deploy (says vunerable use with caution) Java platform SE 7 U51 10.51.2.13 Next generation Java plug-in 10.51.2 for mozilla browsers Nokia suite enabler plugin 1.0.0.1 nokia suite enabler plugin Shockwave Flash 12.0.0.70 sh
  6. Wow search changes FF search, Utop.it keeps trying to change home page in IE. Logs from suggested scans follow: # AdwCleaner v3.020 - Report created 02/03/2014 at 09:25:34 # Updated 27/02/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Oscar - OSCAR-HP # Running from : C:\Users\Oscar\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16518 -\\ Mozilla Firefox v27.0.1 (en-US) [ F
  7. Thanks for all the help Chuck. Ran Eset again and it came up clean. Thank you, be safe, Oscar
  8. Chuck, I have never made a mistake, ha ha, ran Eset again and came up with this: C:\Users\Oscar\AppData\Local\Downloaded Installations\{4175787A-9EE1-4D7D-9D00-F80F59573684}\The Weather Channel App.msi a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined C:\Users\Oscar\Desktop\chrome downloads\driverbooster-cnet-setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined C:\Users\Oscar\Desktop\chrome downloads\rcsetup150.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
  9. Got this from your post when you told me to run Eset: 7. Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked. 8. Now click on Advanced Settings and select the following: Will run Eset again with the box to remove threats checked
  10. Second scan found this: C:\Users\Oscar\AppData\Local\Downloaded Installations\{4175787A-9EE1-4D7D-9D00-F80F59573684}\The Weather Channel App.msi a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000a6b HTML/ScrInject.B.Gen virus C:\Users\Oscar\Desktop\chrome downloads\driverbooster-cnet-setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application C:\Users\Oscar\Desktop\chrome downloads\rcsetup150.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Osc
  11. I made a copy of the infection found by Eset, don't know that you need it............... C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000a6b HTML/ScrInject.B.Gen virus Chuck, I ran a second scan with Eset and found more stuff. Presently it has found 11 infections
  12. Chuck, I have used Eset online scanner quite a few times just to back up other scans. I ran it prior to posting here and don't remember that it came up with anything other than an Eicar file I had saved for test purposes, anyway here is the report from today... Oscar ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=9c3acbe7b6b9c34ca3c6476a0b51c1ed # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc
  13. I picked it up while installing a program from internet to watch free movies. I don't understand what this means, especially about firefox, I don't playWorld of WarCraft: Sometimes this will happen with 2 things. 1. Something wrong with Firefox so they will reset it ! 2. From playing World of WarCraft, they delete it ! I have not seen utop.it or wow search in IE or firefox since I started this post but I had removed it from IE homepage using superantispyware and removed the wow search from FF by managing search engines Will uninstall combofix per your directions. Question: Am I STILL
  14. Good morning Chuck, I did not download Utop.it or Wow search, they were bundled in something I installed before my original post, I thought I had declined other stuff in the installation, but I guess I was fooled. Logs you requested follow: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.51.2 Run by Oscar at 10:48:36 on 2014-02-17 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3948.1554 [GMT -5:00] . AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-
  15. UTOP.IT HAS ALSO TAKEN OVER IE HOMEPAGE BUT I CHANGED IT BACK USING SUPERANTISPYWARE
  16. Chuck, Wow search reappeared in Firefox and IE, some of this stuff is persistent Oscar
  17. Thank you Chuck, I really appreciate the help.You are the best. Thank you, Oscar
  18. Sorry Chuck, I didn't realize there was a second page to this post. Here is the log Oscar All processes killed ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\
  19. Hopefully the lst scan Chuck................ OTL logfile created on: 2/15/2014 6:00:32 AM - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Oscar\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16518) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.86 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 50.91% Memory free 7.71 Gb Paging File | 5.39 Gb Available in Paging File | 69.90% Paging File free Paging file location(s): ?:\pagefile.sys [bi
  20. Thank you Chuck, it seems to be running well and no signs of the problem.You are amazing Oscar Will post a log after running OTL
  21. Time for bed here Chuck, we are the same age and I run out of gas this time of day (9:00eastern) I will check here first thing tomorrow. Thanks so much for your help, Oscar
  22. All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9bb2c1cc-4a7d-4cd5-bce9-0ca5f9ff8391}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9bb2c1cc-4a7d-4cd5-bce9-0ca5f9ff8391}\ not found. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchS
  23. Hey Chuck, you have a life besides these forums and need to take care of it. I am grateful for your help , will look at this later. thank you, Oscar