Got the ThinkPoint virus out BUT!

View previous topic View next topic Go down

Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 26th October 2010, 5:25 pm

Im not sure how to really work myself around this site but i just got rid of ThinkPoint off my computer thank you SO much btw!
But! now my icons on my desktop and even when i click the start button wont let me click on anything! There are things that i need for school on my desktop to get to for some of my classes tomorrow. Its really stressing me out all of my icons EVERYWHERE look like a little papers with the top right corner bent with a little picture in the middle of a little window with three icons on them and everytime i try to click on one it says,

"C\Users\{MYNAME}\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.Ink is not valid Win32 application."

So i press OK.
And it tells me,
"Can't open this item;"
"It might have been moved, renamed, or deleted. Do you want to remove this item?"
and of course i press no because i dont want to remove it, it's obviously important lol.
But how can i/you/we fix it i need help!

This was all sunday night.
Someone suggested that i download a few things but my computer wont let me click on ANY icons on my computer at all theres a few things that ive worked around to be able to get to but there are other things that i cant get to like microsoft word or power point or the internet for that matter so if i was able to download it i wouldnt be able to retrieve it afterwards to actually use it.
:/ help pleeeease?
Im not sure what to do.


-Christina

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 26th October 2010, 11:45 pm

Hello.

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 27th October 2010, 1:23 am

OTL logfile created on: 10/26/2010 8:09:53 PM - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\TinaMarie\Music\My Music
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 59.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 220.20 Gb Total Space | 175.47 Gb Free Space | 79.69% Space Free | Partition Type: NTFS
Drive D: | 12.49 Gb Total Space | 2.09 Gb Free Space | 16.71% Space Free | Partition Type: NTFS

Computer Name: TINAMARIE-PC | User Name: TinaMarie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/26 20:09:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\TinaMarie\Music\My Music\OTL.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/11 14:17:50 | 018,707,640 | ---- | M] (ooVoo LLC) -- C:\Program Files (x86)\ooVoo\ooVoo.exe
PRC - [2010/06/26 22:28:29 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
PRC - [2010/05/11 16:43:48 | 006,061,400 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Vid\Vid.exe
PRC - [2010/05/07 18:47:32 | 000,114,008 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2010/05/07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2010/05/07 18:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010/05/07 18:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (SafeList) ==========

MOD - [2010/10/26 20:09:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\TinaMarie\Music\My Music\OTL.exe
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/07 07:57:56 | 000,836,504 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV:64bit: - [2010/05/07 18:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2010/03/25 23:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/09/24 16:53:24 | 000,570,632 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV:64bit: - [2009/09/24 16:53:22 | 000,917,768 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/08/13 09:12:02 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/07/28 16:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/29 14:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV:64bit: - [2010/07/30 12:30:26 | 000,309,840 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmxpflt.sys -- (tmxpflt)
DRV:64bit: - [2010/07/30 12:30:20 | 000,042,576 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmpreflt.sys -- (tmpreflt)
DRV:64bit: - [2010/07/30 12:24:14 | 001,988,176 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vsapint.sys -- (vsapint)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010/05/07 13:44:50 | 006,465,760 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech HD Webcam C510(UVC)
DRV:64bit: - [2010/05/07 13:43:02 | 000,329,952 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2010/05/07 13:40:26 | 000,024,032 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvbflt64.sys -- (CompFilter64)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/02/26 21:05:32 | 000,699,960 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009/10/05 09:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/24 16:54:10 | 000,107,536 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2009/08/13 17:53:50 | 007,370,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/06/18 23:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 15:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 19:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/05/23 01:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/29 14:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009/04/29 11:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009/02/13 01:24:56 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2009/02/13 01:20:56 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2009/02/13 01:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2006/06/18 09:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/13 01:45:10 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Updater For ooVoo Toolbar) - {442AE524-EBA5-4b17-82F3-888D68BC999A} - C:\Program Files (x86)\oovootb\auxi\oovooAu.dll (Visicom Media)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {99E00A4C-D35E-11DD-BA95-9B6A56D89593} - No CLSID value found.
O2 - BHO: (ooVoo Toolbar) - {A1FB2F9A-D35E-11DD-8935-E46A56D89593} - C:\Program Files (x86)\oovootb\oovoodx.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ooVoo Toolbar) - {A1FB2F9A-D35E-11DD-8935-E46A56D89593} - C:\Program Files (x86)\oovootb\oovoodx.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Logitech Vid HD] C:\Program Files (x86)\Logitech\Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} [You must be registered and logged in to see this link.] (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} [You must be registered and logged in to see this link.] (MSN Games - Installer)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} [You must be registered and logged in to see this link.] (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/25 22:20:23 | 000,000,000 | ---D | C] -- C:\Users\TinaMarie\Documents\Recycle Bin
[2010/10/25 00:20:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2010/10/24 20:24:34 | 000,000,000 | ---D | C] -- C:\Users\TinaMarie\AppData\Roaming\Malwarebytes
[2010/10/24 20:23:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/10/24 20:23:39 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/10/24 20:23:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/24 20:23:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/10/24 19:12:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010/10/24 19:11:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/10/13 20:35:06 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/10/13 20:35:06 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/10/13 20:35:06 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010/10/13 20:35:05 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010/10/13 20:35:05 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/10/13 20:35:05 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/10/13 20:35:05 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/10/13 20:35:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/10/13 20:35:05 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010/10/13 20:35:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010/10/13 20:35:05 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010/10/13 20:35:05 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/10/13 20:35:04 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010/10/13 20:35:04 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/10/13 20:34:39 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010/10/13 20:33:49 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010/10/13 20:33:49 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010/10/13 20:33:47 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010/10/13 20:33:44 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010/10/13 20:33:34 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010/10/13 20:33:34 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010/10/13 20:33:33 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010/10/13 20:33:33 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010/10/13 20:32:09 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010/10/13 20:32:08 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010/10/13 20:32:07 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010/10/13 20:32:06 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010/10/13 20:31:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010/09/28 16:34:24 | 001,988,176 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\vsapint.sys
[2010/09/28 16:34:24 | 000,309,840 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmxpflt.sys
[2010/09/28 16:34:24 | 000,042,576 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmpreflt.sys
[1 C:\Users\TinaMarie\Documents\*.tmp files -> C:\Users\TinaMarie\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/26 20:11:52 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2010/10/26 20:10:14 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
[2010/10/26 19:57:50 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/26 19:57:50 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/26 19:52:11 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/26 19:51:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/26 14:02:48 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/26 14:01:51 | 1556,500,480 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/25 14:24:25 | 000,330,240 | ---- | M] () -- C:\Users\TinaMarie\Documents\Chapter 6 Schacter- Learning.ppt
[2010/10/24 20:23:47 | 000,001,005 | ---- | M] () -- C:\Users\TinaMarie\Documents\Malwarebytes' Anti-Malware.lnk
[2010/10/24 20:23:47 | 000,001,005 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/24 19:11:56 | 000,001,031 | ---- | M] () -- C:\Users\TinaMarie\Documents\Microsoft Security Essentials.lnk
[2010/10/24 19:11:56 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/10/22 19:38:57 | 000,024,042 | ---- | M] () -- C:\Users\TinaMarie\Documents\Final Destination; Paris.docx
[2010/10/18 14:45:31 | 000,270,848 | ---- | M] () -- C:\Users\TinaMarie\Documents\Chapter 5 Schacter - Memory.ppt
[2010/10/14 11:27:06 | 000,347,808 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/10/14 01:18:22 | 000,740,374 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/10/14 01:18:22 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/10/14 01:18:22 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/10/13 00:14:15 | 000,231,424 | ---- | M] () -- C:\Users\TinaMarie\Documents\Chapter 8 -Consciousness- shortened.ppt
[2010/10/12 22:45:05 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTinaMarie.job
[2010/10/07 20:52:53 | 000,010,215 | ---- | M] () -- C:\Users\TinaMarie\Documents\Two Weeks Notice.docx
[2010/10/06 14:47:36 | 000,364,544 | ---- | M] () -- C:\Users\TinaMarie\Documents\Chapter 4 Schacter - Sensation & Perception.ppt
[2010/09/29 18:55:37 | 001,838,766 | ---- | M] () -- C:\Users\TinaMarie\Documents\mathsolutions.pdf
[2010/09/28 16:34:11 | 000,465,920 | ---- | M] () -- C:\Users\TinaMarie\Documents\Chapter 3 Schacter - Brain & Behavior.ppt
[1 C:\Users\TinaMarie\Documents\*.tmp files -> C:\Users\TinaMarie\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/25 22:20:25 | 000,002,515 | ---- | C] () -- C:\Users\TinaMarie\Documents\Skype.lnk
[2010/10/25 22:20:25 | 000,002,429 | ---- | C] () -- C:\Users\TinaMarie\Documents\iTunes.lnk
[2010/10/25 22:20:25 | 000,002,406 | ---- | C] () -- C:\Users\TinaMarie\Documents\Play Double Play - Jojos Fashion Show 1 and 2.lnk
[2010/10/25 22:20:25 | 000,002,374 | ---- | C] () -- C:\Users\TinaMarie\Documents\Play Where's Waldo The Fantastic Journey.lnk
[2010/10/25 22:20:25 | 000,002,268 | ---- | C] () -- C:\Users\TinaMarie\Documents\eBay.lnk
[2010/10/25 22:20:25 | 000,002,212 | ---- | C] () -- C:\Users\TinaMarie\Documents\Play HP Games.lnk
[2010/10/25 22:20:25 | 000,002,004 | ---- | C] () -- C:\Users\TinaMarie\Documents\Trend Micro AntiVirus plus AntiSpyware.lnk
[2010/10/25 22:20:25 | 000,001,857 | ---- | C] () -- C:\Users\TinaMarie\Documents\ooVoo.lnk
[2010/10/25 22:20:25 | 000,001,845 | ---- | C] () -- C:\Users\TinaMarie\Documents\QuickTime Player.lnk
[2010/10/25 22:20:25 | 000,001,624 | ---- | C] () -- C:\Users\TinaMarie\Documents\Logitech Webcam Software .lnk
[2010/10/25 22:20:25 | 000,001,321 | ---- | C] () -- C:\Users\TinaMarie\Documents\Microsoft Office - 60 Day Trial.lnk
[2010/10/25 22:20:25 | 000,001,133 | ---- | C] () -- C:\Users\TinaMarie\Documents\Yahoo! Messenger.lnk
[2010/10/25 22:20:25 | 000,001,097 | ---- | C] () -- C:\Users\TinaMarie\Documents\HP Support Assistant.lnk
[2010/10/25 22:20:25 | 000,001,031 | ---- | C] () -- C:\Users\TinaMarie\Documents\Microsoft Security Essentials.lnk
[2010/10/25 22:20:25 | 000,000,996 | ---- | C] () -- C:\Users\TinaMarie\Documents\Logitech Vid.lnk
[2010/10/25 22:20:23 | 000,001,005 | ---- | C] () -- C:\Users\TinaMarie\Documents\Malwarebytes' Anti-Malware.lnk
[2010/10/24 20:23:47 | 000,001,005 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/24 19:11:56 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/10/21 00:19:41 | 000,024,042 | ---- | C] () -- C:\Users\TinaMarie\Documents\Final Destination; Paris.docx
[2010/10/20 13:57:44 | 000,330,240 | ---- | C] () -- C:\Users\TinaMarie\Documents\Chapter 6 Schacter- Learning.ppt
[2010/10/18 13:21:28 | 000,270,848 | ---- | C] () -- C:\Users\TinaMarie\Documents\Chapter 5 Schacter - Memory.ppt
[2010/10/08 13:57:30 | 000,231,424 | ---- | C] () -- C:\Users\TinaMarie\Documents\Chapter 8 -Consciousness- shortened.ppt
[2010/10/07 20:52:52 | 000,010,215 | ---- | C] () -- C:\Users\TinaMarie\Documents\Two Weeks Notice.docx
[2010/09/29 18:55:37 | 001,838,766 | ---- | C] () -- C:\Users\TinaMarie\Documents\mathsolutions.pdf
[2010/09/29 14:00:38 | 000,364,544 | ---- | C] () -- C:\Users\TinaMarie\Documents\Chapter 4 Schacter - Sensation & Perception.ppt
[2010/07/18 00:42:29 | 000,004,608 | ---- | C] () -- C:\Users\TinaMarie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/29 11:21:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/06/26 21:20:34 | 000,000,000 | ---- | C] () -- C:\Users\TinaMarie\AppData\Local\QSwitch.txt
[2010/06/26 21:20:34 | 000,000,000 | ---- | C] () -- C:\Users\TinaMarie\AppData\Local\DSwitch.txt
[2010/06/26 21:20:34 | 000,000,000 | ---- | C] () -- C:\Users\TinaMarie\AppData\Local\AtStart.txt
[2010/06/26 21:20:31 | 000,000,410 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2010/05/07 13:44:36 | 000,290,648 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010/05/07 13:44:16 | 005,496,152 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010/03/20 22:31:14 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2010/03/20 22:31:10 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/03/20 22:30:58 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/03/20 22:30:42 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/03/20 22:30:07 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/03/20 22:18:21 | 000,000,333 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/03/20 22:18:21 | 000,000,274 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/03/13 01:34:01 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2010/03/13 01:30:00 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2010/03/13 01:28:54 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/03/13 01:28:23 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2009/09/29 18:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/04/27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll

< End of report >







Am i doing this right so far?

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 28th October 2010, 12:29 am

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 28th October 2010, 1:30 am

I'm not sure if you needed this one too, but here ya go anyways.
And thanks for the help so far too Smile

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4968

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

10/27/2010 8:28:15 PM
mbam-log-2010-10-27 (20-28-15).txt

Scan type: Quick scan
Objects scanned: 140820
Time elapsed: 7 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Windows\Temp\TMP00000001343D9257E0C852AC (Trojan.Dropper) -> Quarantined and deleted successfully.

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 29th October 2010, 1:21 am

Hello.

Run ESET Online Scan
Please do an online scan with [You must be registered and logged in to see this link.]. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 1st November 2010, 4:33 am

C:\Users\TinaMarie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MHOYR6Q2\XvidSetup[1].exe
a variant of Win32/Adware.HotBar.H application
cleaned by deleting - quarantined

C:\Users\TinaMarie\AppData\Local\Temp\nsz798B.tmp\Install.dll
a variant of Win32/Adware.HotBar.E application
cleaned by deleting - quarantined

C:\Users\TinaMarie\Documents\ClickPotatoInstaller.exe
a variant of Win32/Adware.HotBar.H application
cleaned by deleting - quarantined

C:\Users\TinaMarie\Documents\VLCSetup.exe
a variant of Win32/Adware.HotBar.H application
cleaned by deleting - quarantined

C:\Users\TinaMarie\Documents\XvidSetup.exe
a variant of Win32/Adware.HotBar.H application
cleaned by deleting - quarantined

Operating memory
probably a variant of Win32/Adware.180Solutions application
contained infected files


I've been doing this scan since the day you replied but once the log is saved my computer wont let me retrieve it, i cant even access any word doctumets of ANY kind, I'm no sure if this is the Log you need but it's all i can give you from this scan.

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 2nd November 2010, 12:43 am

Hello.

Download [You must be registered and logged in to see this link.] to your desktop.

  • Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
  • It will show a black screen with some data on it.
  • A report called MBRcheckxxxx.txt will be on your desktop
  • Open this report and post its content in your next reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 3rd November 2010, 3:25 am

MBRCheck, version 1.2.3
2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: , 64-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: Compaq Presario CQ60 Notebook PC
Logical Drives Mask: 0x0000001c

\\.C: --> \\.\PhysicalDrive0 at offset 0x00000000'0c800000
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037'19100000

Size Device Name MBR Status
---------------------------------------------------------------------------------
232 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 17DED76FA968BF4760C9E47179B9B43F281EEB90

Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:



I didnt press anything after that and just exited.

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 4th November 2010, 12:50 am

Hello.
Please reboot the the machine, start tapping F8 just as it starts booting.

Is there an option for "Repair Your Computer"?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 4th November 2010, 1:32 am

Yes, what directions should i choose and should i save my important files before i do this.
Will they get deleted?

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 4th November 2010, 10:26 pm

No they wont get deleted, this isn't a format, it's a repair.

Select the repair option, it will ask what OS you want to repair, so select the one we are working one.

Next it will ask how to repair it, one option will be "Command Prompt", select that option.

In the command prompt, type in "bootrec.exe /fixmbr" without the quote marks, notice a space between the e and /

Hit enter, when it says "Operation successful", reboot the machine then re-run MBRCheck and post the new log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 5th November 2010, 2:08 am

MBRCheck, version 1.2.3
2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: , 64-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: Compaq Presario CQ60 Notebook PC
Logical Drives Mask: 0x0000001c

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000'0c800000
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037'19100000

Size Device Name MBR Status
--------------------------------------------------------------------
232 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Dr Jay on 8th November 2010, 4:08 am

Any more issues?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:

  • Slow computer
  • Error messages
  • Fake antivirus alerts or the icon in the system tray
  • svchost.exe running at 100%
  • System crashes or blue screen of death


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Desktop and all other items.

Post by tinamguerrero on 9th November 2010, 2:17 am

This is what ALL my icons look like.

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 9th November 2010, 2:30 am

The picture i need to show you is too large to post on here. Is there somewhere else i can send it? Ive already tried explaining it in my very first post but nothing ive downloaded since has fixed it its just gotten the Other things out. I think the pictures would help alot to be understood.

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 10th November 2010, 12:14 am

Can you upload the screenshot to an image host? [tinypic/photobucket/imageshack, etc]


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 10th November 2010, 1:35 am

Photo Number 3:

[You must be registered and logged in to see this link.]


Photo Number 2:

[You must be registered and logged in to see this link.]

Photo Number 3:

[You must be registered and logged in to see this link.]

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 10th November 2010, 1:38 am

Shizz, Sorry they go in the order thet're posted, not the way they are numbered.
The icon image, The error message and the "Can't open this item."

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 11th November 2010, 12:39 am

Looks like bad shortcuts, can you re-create the shortcut by making a new shortcut of whatever file it is trying to open from the actual file?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 11th November 2010, 3:13 am

I wouldnt know how to do that, Every single thing on my computer is like that, the only way i can get to the Internet is by right clicking and then choosing one of the past sites on my history.
And for example music/picture files or documents i need daily for school. I have to access by clicking on the start menu and then pressing Documents on the right side of the start menu bar. I cant use Microsoft Office Word iTunes Internet Explorer or Windows Media Player at all with out doing this.
And if its something else like ooVoo skype yahoo messenger or any of the security protections i have that are only on my desktop i cant access them. At all.

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 12th November 2010, 12:09 am

Hello.
No problem, to create a new shortcut, try this.

Navigate to this folder: C:\Program Files\Skype\Phone

Inside is Skype.exe, right click > Send to > "Desktop (create shortcut)

A new Skype shortcut should appear on your Desktop, see if you can open it just as a test.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 12th November 2010, 2:31 am


tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 12th November 2010, 10:42 pm

[You must be registered and logged in to see this link.]

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 13th November 2010, 1:02 am

Hmm.

Download Dr.Web CureIt to the desktop:
[You must be registered and logged in to see this link.]

  • Double-click the launch.exe or cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, just let it cure whatever it finds...
    o Now, go to Settings >> Change Settings
    o Go to Actions tab >> under Objects section, change the settings to below
    Infected objects - Cure
    Incurable objects - Report
    Suspicious objects - Report
    o Don't change any other settings
  • Start the scan again. This time, choose Complete Scan
  • Click the green arrow button at the right, and the scan will start.
  • After the scan finished, click Select all
  • Click on Cure and choose Report incurable (means take no actions.. Don't "move", or "rename" or "delete")
  • When the scan has finished, in the menu, click File and choose Save report list
  • Save the report to your Desktop. The report will be called DrWeb.csv
  • Post DrWeb.csv in your next reply (Open it as Notepad).. Do NOT reboot the computer yet..


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 13th November 2010, 1:27 am

Okay and once its done and i post it do i leave my computer on until the next reply i get? Or can i shut it down to save the battery?

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 14th November 2010, 12:17 am

Shut it down, save the battery.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 18th November 2010, 2:10 pm

Ooookay, I've done this thing three times and everytime i do it when it come to doing the complete scan and ive already changed the settings i click on cure it doesnt give me the option to report it incurable.
But both times its found up to a total or about 7/8 things so its obviously wokring. I'm just wondering if im doing something wrong?

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 19th November 2010, 12:57 am

You cured them yet they are still there? can you manual write down where each is?

If any entries show under C:\System Volume Information, don't bother writing those down, they are harmless.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 19th November 2010, 4:58 am

No no ive got them all there once the scan is done but when i click on them to cure what it can and report the rest, the "Cure" button becomes unclickable. :/
But i can re-do the scan and manually report them to you on here, will that help?

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 20th November 2010, 12:27 am

Yes please, do that, I'd like to know what it's detecting.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 24th November 2010, 9:51 pm

1.


One extra object not in picture:
FA9E2D68-8707-44C8-B93D-2FF048183749-extr.exe

2.


One extra path not in picture:
C:\Users\All Users\Wild Tangent

3.


One extra status not in picture:
Container contains infected objects

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 24th November 2010, 11:02 pm

Hello.
Okay doesn't look too bad, WildTangent isn't malicious.

Not too sure what the others are, container sounds like a zip file maybe.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 25th November 2010, 4:08 am

Okay good is that why none of my desktop items are unaccessable?
Because they were fine before i got that ThinkPoint virus... so how do you and i go about getting this fixed? Smile

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 1st December 2010, 5:23 am

So how do i fix it?

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 2nd December 2010, 1:08 am

Not sure, gonna ask the other forum experts on this. Hold tight.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 2nd December 2010, 2:23 am

Alrighty, thank you Belahzur Smile

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 12th December 2010, 4:12 am

Should i take my computer somewhere where they can look at it, or keep waiting to see if you guys can help me fix it?

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 12th December 2010, 10:16 pm

Hello.
Please download this.
[You must be registered and logged in to see this link.]

Extract the .reg file inside, double click it to run it and select yes to the registry merge prompt, then reboot normally.

Are you Desktop icons any better now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 12th December 2010, 11:27 pm

:OO
YOU FIXED ITT! Big Grin

<3 !!!

Thank you soooooooooooooooooooooooooooooooooooooooooooooooooo oooooooooooooooooooooooooooooooooooooooooooooooooo much!!! Your fantastic! Smile))


tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by Belahzur on 12th December 2010, 11:33 pm

Phew, thank god for that. Smile


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Got the ThinkPoint virus out BUT!

Post by tinamguerrero on 12th December 2010, 11:40 pm

Lol yeah sorry about being so impatient i get it from my dad but thank you so much for putting up with me and doing a great job! Smile)

tinamguerrero
Novice
Novice

Posts Posts : 25
Joined Joined : 2010-10-25
Gender Gender : Female
OS OS : Windows7 (?)
Points Points : 22719
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum