[snowysdad43]

Volume in drive C is PRESARIO
Volume Serial Number is BC7D-A2C2

Directory of C:\program files

11/16/2011 02:44 AM <DIR> .
11/16/2011 02:44 AM <DIR> ..
07/27/2009 09:16 AM <DIR> Adobe
12/04/2008 06:04 PM <DIR> Adobe Media Player
07/10/2011 03:47 PM <DIR> Akamai
04/16/2010 08:37 PM <DIR> Alwil Software
06/27/2009 05:37 PM <DIR> AOL
01/04/2010 08:54 PM <DIR> AOL 9.5
04/23/2011 01:54 PM <DIR> AOL Deskbar
01/11/2010 01:24 AM <DIR> AOL Toolbar
11/10/2008 11:27 AM <DIR> Apple Software Update
08/31/2010 10:48 PM <DIR> Application Updater
09/05/2010 09:45 AM <DIR> Avira
11/10/2008 11:31 AM <DIR> Bonjour
12/06/2008 07:17 PM <DIR> Canon
09/21/2011 09:50 AM <DIR> CCleaner
11/10/2011 08:14 PM <DIR> Common Files
06/17/2006 12:40 AM <DIR> Compaq Connections
12/05/2005 02:33 PM <DIR> ComPlus Applications
06/17/2006 12:18 AM <DIR> CONEXANT
06/11/2010 03:05 PM <DIR> Coupons
03/01/2009 08:06 PM <DIR> DIFX
03/19/2009 11:00 PM <DIR> directx
11/15/2011 05:54 PM <DIR> DNA
11/15/2011 06:49 PM <DIR> ESET
03/21/2011 06:36 PM <DIR> f.y.e. downloads unlimited
03/01/2009 08:06 PM <DIR> Garmin
07/08/2011 02:54 PM <DIR> Garmin GPS Plugin
11/11/2011 11:39 PM <DIR> Google
11/09/2011 08:20 AM <DIR> Hewlett-Packard
06/17/2006 12:31 AM <DIR> HP
04/08/2011 10:06 PM <DIR> HP Games
06/17/2006 12:26 AM <DIR> HP Rhapsody
11/10/2011 03:07 AM <DIR> Internet Explorer
11/10/2008 11:31 AM <DIR> iPod
11/10/2008 11:31 AM <DIR> iTunes
09/03/2010 09:20 PM <DIR> Java
07/09/2009 02:51 PM <DIR> Legacy Interactive
04/23/2010 01:59 PM <DIR> Linksys
11/14/2011 05:54 PM <DIR> Malwarebytes' Anti-Malware
12/24/2008 10:15 AM <DIR> Messenger
06/17/2006 12:35 AM <DIR> Microsoft ActiveSync
08/10/2010 05:08 PM <DIR> Microsoft Application Virtualization Client
12/24/2008 11:07 AM <DIR> Microsoft CAPICOM 2.1.0.2
12/06/2005 12:19 PM <DIR> microsoft frontpage
04/23/2010 08:34 AM <DIR> Microsoft Money 2006
08/06/2010 08:35 PM <DIR> Microsoft Office
11/10/2011 03:18 AM <DIR> Microsoft Silverlight
06/17/2006 12:35 AM <DIR> Microsoft Visual Studio
11/17/2009 02:27 AM <DIR> Microsoft Works
03/01/2011 07:09 PM <DIR> Microsoft.NET
08/10/2010 07:31 PM <DIR> Movie Maker
11/09/2011 08:19 AM <DIR> Mozilla Firefox
08/22/2009 01:58 AM <DIR> MSBuild
12/06/2005 12:19 PM <DIR> MSN
06/17/2006 12:24 AM <DIR> MSN Encarta Standard
12/06/2005 12:19 PM <DIR> MSN Gaming Zone
11/07/2008 03:02 PM <DIR> MSXML 4.0
12/23/2008 07:26 PM <DIR> music_now
08/15/2010 09:57 PM <DIR> Nancy Drew
12/24/2008 10:00 AM <DIR> NetMeeting
06/17/2006 12:25 AM <DIR> Netscape
10/13/2011 08:20 PM <DIR> Notepad++
06/17/2006 12:49 AM <DIR> Online Services
12/16/2010 10:28 PM <DIR> Outlook Express
11/08/2009 01:28 PM <DIR> Outspark
11/09/2011 09:48 PM <DIR> Pando Networks
08/24/2010 09:45 PM <DIR> PC-Doctor 5 for Windows
06/17/2006 12:45 AM <DIR> PC-Doctor for DOS
04/23/2010 01:41 PM <DIR> Pure Networks
06/17/2006 12:37 AM <DIR> Quicken
11/10/2008 11:30 AM <DIR> QuickTime
06/17/2006 12:25 AM <DIR> Real
08/22/2009 01:57 AM <DIR> Reference Assemblies
06/17/2006 12:27 AM <DIR> Sonic
12/25/2009 10:04 AM <DIR> Sony
11/23/2010 05:34 PM <DIR> Spybot - Search & Destroy
11/12/2011 08:49 AM <DIR> SUPERAntiSpyware
12/23/2008 05:50 PM <DIR> Trend Micro
02/26/2009 08:57 AM <DIR> Unwell Mel
07/03/2011 08:39 PM <DIR> VideoLAN
11/14/2011 10:59 PM <DIR> VirusTotalUploader2
07/03/2011 08:23 PM 20,533,281 VLC.exe
04/23/2010 01:37 PM <DIR> WebEx
11/09/2011 08:26 AM <DIR> WildGames
06/17/2006 12:30 AM <DIR> WildTangent
03/21/2011 08:40 PM <DIR> WildTangent Games
04/03/2009 03:00 PM <DIR> Windows Media Connect 2
04/03/2009 05:14 PM <DIR> Windows Media Player
12/24/2008 10:00 AM <DIR> Windows NT
11/09/2011 08:19 AM <DIR> Windows Resource Kits
11/09/2011 08:19 AM <DIR> Windows Resource Kits(2)
03/27/2007 04:13 PM 15,052,856 Word12_UpToSpeed_final_ZA10205099.wmv
12/06/2005 12:20 PM <DIR> xerox
11/08/2009 01:30 PM <DIR> Yahoo!
2 File(s) 35,586,137 bytes
93 Dir(s) 101,729,628,160 bytes free

[Advertisements]

No sign of Search Settings 1.2.3. in the Program Files so it is just a registry entry.

Get RegSeeker.
http://www.hoverdesk.net/freeware.htm
The download is where it says:
DOWNLOAD RegSeeker 1.55 (>20 languages included !)
It's a zip file so you have to save it then right click on it and Extract All then run regseeker.exe.

Select Find in Registry then have it look for Search Settings v1.2.3. You can then select all and then right click and delete selected. It puts a copy of the stuff it removes in the backups folder which it creates below the folder it is in so if it doesn't work you can go back and replace it.

RegSeeker also has a registry cleaner but I don't really trust registry cleaners so I'd rather you didn't use it.

[RKinner]

No sign of Search Settings 1.2.3. in the Program Files so it is just a registry entry.

Get RegSeeker.
http://www.hoverdesk.net/freeware.htm
The download is where it says:
DOWNLOAD RegSeeker 1.55 (>20 languages included !)
It's a zip file so you have to save it then right click on it and Extract All then run regseeker.exe.

Select Find in Registry then have it look for Search Settings v1.2.3. You can then select all and then right click and delete selected. It puts a copy of the stuff it removes in the backups folder which it creates below the folder it is in so if it doesn't work you can go back and replace it.

RegSeeker also has a registry cleaner but I don't really trust registry cleaners so I'd rather you didn't use it.

[snowysdad43]

hi ron that worked thank you search 1.2.3 is gone
ok if" you" think i am ready for the clean up speech
well lets have at it
thank you so much for all your help ron
and thank you geeks to go for providing this much needed service
god bless

[RKinner]

We need to clean up System Restore. Follow Jim's procedure here:
http://aumha.net/vie...581099691bf108f


You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, Run, cmd, OK then right click, Paste, then hit Enter.

OTL has a cleanup tab so if you run it again and select cleanup it will remove itself and its backup files.

To hide hidden files again (If you do not run OTL cleanup):

XP

# Close all programs so that you are at your desktop.
# Double-click on the My Computer icon.
# Select the Tools menu and click Folder Options.
# After the new window appears select the View tab.
# Uncheck the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and shutdown My Computer.

You probably do not have the latest Java (Java™ 6 Update 27 or 7 update 0). Get the latest at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Note on Java and Firefox. For some reason Java does not remove old consoles from Firefox. Any time you update Java you should do Firefox, Add-ons, Extensions and disable any old Java Consoles

They will look like: Java Console 6.xx. The xx corresponds to the update number. When they switch to 7 update 0 then it will be Java Console 7.

Multiple Java Consoles will slow down the Firefox boot. After any change to Firefox or its extension you should run Speedyfox. (Mentioned later.)



Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. You can right click on the updatechecker icon (looks like a downward green arrowhead) and select Settings and tell it no betas. If you don't use MSN Messenger I would not upgdate it. MS installs a bunch of stuff when you do. You can tell the program to not show you that update.)
If you use Firefox or Chome then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: Adhttp://simple-adblock.com/

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . Click on Speedup my Firefox. When it finishes click on Exit.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Ron

[snowysdad43]

hi ron i have performed all the steps suggested
thanks
i did download file hippo and when i open it it tries to acces web via i e but does nnot connect ? i restarted and the icon says i have 14 updates but when i click see results it does the same thing ie tries to access for hipo but does not connect
any ideas should it be downloading updates automatically or am i supposed to install each one manualy i did what you said and chose which updates to show when i set it up but am not sure how the program is supposed to behave now

[RKinner]

You have to download and install the updates from the browser page that it is trying to open. Don't know why it doesn't want to connect. I think you can tell it to use Firefox or change your default browser. Perhaps that will work.

[snowysdad43]

OK CHANGED BROWSER TO CHROME THEN I GET A 404 FOR FILE HIPPO BUT THAT MAKES NO SENSE BECAUSE THERE IS A LINK TO RETURN TO F/H/ HOMEPAGE IN THE 404 PAGE AND THAT WORKS ? I RESTORE F/H FROM SYSTEM TRYA AND THE SAME 404 POPS UP
RON I DONT KNOW IF THIS IS JUST MY IGNORANCE OR NOT NUT I DO HAVE SOME COMMON SENSE AND MY GUT SAYS SOMETHING IS BLOCKING THIS APPLICATION AS WELL AS OTL
p.s. sorry didnt see caps

Edited by snowysdad43, 18 November 2011 - 08:51 AM.

[RKinner]

Perhaps the same thing that is keeping OTL from running?

Looking back on your logs I see AOL. Do you really need it? If not uninstall it. If you see Adobe Download Manager or getPlus you can uninstall it too.

You might try Secunia instead:

http://download.cnet...4-10717855.html

It supposedly does the same thing.

Ron

[snowysdad43]

hi ron
sorry f/h is working now i reset to chrome but i was using it when i did (to veiw hippo) so when i closed and restarted browser it started working properly
i am installing updates now i wil let you know how it goes
p.s did i say i had common sense

p.s.s i have multiple media players on the system ie windows media player .shockwave player, quick time player
i dont know why i guess as certain programs are downloaded they recomende them , should i eliminate these extra players or is this harmless

Edited by snowysdad43, 18 November 2011 - 08:56 AM.

[RKinner]

Harmless. Personally I like VLC. http://www.videolan....ad-windows.html As it seems to play just about anything without complaining that it doesn't have a codec.

[snowysdad43]

ron i havent removed aol yet
but i restarted after updating some of the programs and avira says it found and quarentined a trojan
here is the report
Virus or unwanted program 'TR/Crypt.EPACK.Gen2 [trojan]'
detected in file 'C:\Program Files\Common Files\AOL\1230249116\EE\services\osInfo\ver2_1_1_1\osInfo.dll.
Action performed: Deny access
it seems it is hiding in aol files ?
so i did not want to uninstall yet before seeking your advice j

Edited by snowysdad43, 18 November 2011 - 06:19 PM.

[RKinner]

Feel free to uninstall AOL.

[snowysdad43]

ok ron i uninstalled aol
ron should i be running adobe acrobat and adobe x 10.1.1 ? are they for the same thing? i disabled java script in x 10.1 as advised
and am wondering if i need to do this for all adobe products ? or do i even need all of them
> adobe reader x 10.1.1(new)
>acrobat.com (last used in 09) wont uninstall ?permisions issue ?
>adobe -air
>adobe flash player
>adobe shock wave player ?
do i need all this crap ?

[RKinner]

Pretty sure Adobe Reader and Acrobat both do the same thing so get rid of Acrobat.

You get acrobat.com and air when you download Adobe Reader. I usually uninstall them (and Adobe Download Manager - getPlus ) as I have no use for them and consider them foist ware.

I don't think the other adobe products have the javascript option. Some website require adobe flash and shockwave but not many. Mostly they are used by ads. You can actually live without Adobe reader most of the time too. Fox-it will read PDF files but I have found that it won't work for some on-line banking sites and they are now foisting the ask toolbar on you. Adobe has stopped foisting their download manager on you.

The two most critical to keep up to date are Java and Adobe Reader. (It is very important that you have no older copies of Java on your system as they can be used by infected website to compromise your PC.)

[snowysdad43]

ok ron thank you for all your help you are awesum
it is greatly appreciated all you techs here are the best again !
god bless ron and thank you
take care
snowysdad

Edited by snowysdad43, 21 November 2011 - 06:07 PM.