I have these unprotected domains:
IE-32
Software (Domains) -9
Software (Secure Domains) -9

IE 32/64
Default (Domains) -9
Default (Secure Domains) -9

IE 64
Software (Domains) -9
Software (Secure Domains) -9

Global Hosts - 9

Any idea what this is and how to fix the unprotected files?
I have ran in it in admin, I have all other security programs not running. Run and fixed in search and destroy, just had a few cookies I keep having over and over.

I have someone personally who recently hacked my email and phone, so seeing these makes me nervous and want to make sure my computer isn't hacked.
Please let me know what I can do!
Thank you!

:snwelcome:


Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.

Running programs with Vista or Windows 7 , Right Click and select RUN AS ADMINISTATOR

Download DDS from one of the links below to your desktop

Link 1 (http://download.bleepingcomputer.com/sUBs/dds.scr)
Link 2 (http://download.bleepingcomputer.com/sUBs/dds.com)


Double click the tool to run it.
A black Screen will open, just read the contents and do nothing.
When the tool finishes, it will open 2 reports, DDS.txt and attach.txt
Copy/Paste the contents of 'DDS.txt' into your post.
'attach.txt' should be zipped using Windows native zip utility and attached to your post. Compress and uncompress files (zip files) (http://windows.microsoft.com/en-us/windows-vista/Compress-and-uncompress-files-zip-files)


Information on A/V control Here (http://www.bleepingcomputer.com/forums/topic114351.html)






aswMBR Log

Important! Please do not perform any fix options offered in aswMBR

Please download aswMBR (http://public.avast.com/%7Egmerek/aswMBR.exe) to your desktop.



Double click the aswMBR icon to run it.
Click the Scan button to start scan.
If you are asked to update the Avast Virus database please allow it to do so.
When it finishes, press the Save Log button, save the logfile to your desktop and post its contents in your next reply.


http://i1224.photobucket.com/albums/ee380/jeffce74/aswmbrscan.jpg (http://i1224.photobucket.com/albums/ee380/jeffce74/aswmbrscan.jpg)

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Starter
Boot Device: \Device\HarddiskVolume1
Install Date: 2/10/2012 6:59:03 PM
System Uptime: 3/6/2013 3:02:19 PM (3 hours ago)
.
Motherboard: Hewlett-Packard | | 3594
Processor: Intel(R) Atom(TM) CPU N455 @ 1.66GHz | CPU | 999/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 216 GiB total, 16.477 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.394 GiB free.
E: is FIXED (FAT32) - 4 GiB total, 1.102 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP131: 2/26/2013 5:53:24 AM - Windows Update
RP132: 2/27/2013 7:36:54 PM - Windows Update
RP133: 3/5/2013 7:37:48 AM - Windows Update
RP134: 3/5/2013 12:55:59 PM - Installed Java 7 Update 15
RP135: 3/6/2013 6:54:59 AM - Installed Java 7 Update 17
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
10 Days To Save The World
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.6) MUI
Adobe Shockwave Player 11.5
Airport Mania
avast! Free Antivirus
Bejeweled 2 Deluxe
Blasterball 3
Blio
Bounce Symphony
Build in Time
Chuzzle Deluxe
CinemaNow Media Manager
D3DX10
Diner Dash 2 Restaurant Rescue
DirectX 9 Runtime
Dream Chronicles
Dream Mysteries - Case of the Red Fox
DVD Shrink 3.2
Eden's Quest - The Hunt for Akua
Energy Star Digital Logo
Escape from Thunder Island
ESU for Microsoft Windows 7
Evernote v. 4.2.2
FamilySearch Indexing 3.15.1
Farm Frenzy
FATE
FireArc Arcade
Fishdom
Google Chrome
Google Earth Plug-in
Google Update Helper
HP Auto
HP Camera
HP Client Services
HP Connection Manager
HP Customer Experience Enhancements
HP Documentation
HP Games
HP MovieStore
HP On Screen Display
HP Power Manager
HP Quick Launch
HP QuickWeb
HP Setup
HP Setup Manager
HP Software Framework
HP Support Assistant
HPAsset component for HP Active Support Library
IDT Audio
Insaniquarium Deluxe
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Rapid Storage Technology
Interpol 2 - Most Wanted
Java 7 Update 17
Java Auto Updater
JavaFX 2.1.1
Jewel Quest - Heritage
Jewel Quest Solitaire
JoJo's Fashion Show
Junk Mail filter update
Lavender's Botanicals
Leeloo's Talent Agency
Lemonade Tycoon
Mah Jong Medley
Mahjongg Artifacts
Malwarebytes Anti-Malware version 1.70.0.1100
Matchmaker - Joining Hearts
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WSE 3.0 Runtime
Million Dollar Password 2009 Edition
Miriel's Enchanted Double Pack
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystic Emporium
Namco All-Stars PAC-MAN
Pahelika - Secret Legends
Party Down
Penguins!
Picasa 3
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Polar Bowler
Ralink RT5390 802.11b/g/n WiFi Adapter
Realtek Ethernet Controller Driver
Realtek USB 2.0 Card Reader
Recovery Manager
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Burn Manager
Roxio Burn Manager CDB
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2010
Roxio Creator 2010 Content
Roxio File Backup
Roxio PhotoShow
Roxio Venue
Roxio Video Capture USB
RoxioNow Player
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Skip-Bo - Castaway Caper
Skype™ 6.1
Slingo Deluxe
Smart Organizing Monitor for DDST
SmartSound Quicktracks Plugin
Spybot - Search & Destroy
Supermarket Management
Synaptics Pointing Device Driver
The Scruffs - Return of the Duke
The Tiny Bang Story
Times Reader
Tradewinds Legends
TurboTax 2011
TurboTax 2011 widiper
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TurboTax 2011 wutiper
TurboTax 2012
TurboTax 2012 widiper
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wrapper
TurboTax 2012 wutiper
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
Virtual Villagers - The Secret City
VLC media player 2.0.5
Wedding Dash
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Word Power - The Green Revolution
World Riddles - Animals
Zeal
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
3/6/2013 7:47:45 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPClientSvc service.
3/6/2013 5:24:28 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
3/6/2013 5:23:18 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
3/6/2013 4:21:21 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
3/6/2013 2:17:06 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
3/6/2013 11:01:32 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the hpqwmiex service.
3/6/2013 10:18:40 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
3/6/2013 10:17:51 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.
3/5/2013 2:48:37 AM, Error: Service Control Manager [7022] - The Windows Defender service hung on starting.
3/5/2013 2:46:26 AM, Error: Service Control Manager [7022] - The Intuit Update Service v4 service hung on starting.
3/3/2013 6:58:02 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
3/3/2013 4:53:48 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
3/3/2013 12:04:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
3/2/2013 3:07:43 AM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {88366C83-EF39-4763-852A-99A64016E723}. The error: "786" Happened while starting this command: "C:\Program Files\Common Files\PX Storage Engine\VxBlockServer.exe" -Embedding
3/2/2013 2:15:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intuit Update Service v4 service to connect.
3/2/2013 2:15:25 PM, Error: Service Control Manager [7000] - The Intuit Update Service v4 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.17.2
Run by Rachel Adamson at 18:47:13 on 2013-03-06
Microsoft Windows 7 Starter 6.1.7601.1.1252.1.1033.18.1012.270 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\aestsrv.exe
C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Roxio\RoxioNow Player\RNowSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Roxio 2010\5.0\CPMonitor.exe
C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\PX Storage Engine\VxBlockServer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Users\Rachel Adamson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rachel Adamson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rachel Adamson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rachel Adamson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Google Update] "c:\users\rachel adamson\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [HPQuickWebProxy] "c:\program files\hewlett-packard\hp quickweb\hpqwutils.exe"
mRun: [HPConnectionManager] c:\program files\hewlett-packard\hp connection manager\HPCMDelayStart.exe
mRun: [HP Quick Launch] c:\program files\hewlett-packard\hp quick launch\HPMSGSVC.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HPOSD] c:\program files\hewlett-packard\hp on screen display\HPOSD.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\12.0\sharedcom\RoxWatchTray12.exe"
mRun: [CPMonitor] "c:\program files\roxio 2010\5.0\CPMonitor.exe"
mRun: [Desktop Disc Tool] "c:\program files\roxio 2010\roxio burn\RoxioBurnLauncher.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.0.1 205.171.3.25 192.168.0.1
TCP: Interfaces\{95523CC6-BB8B-4CF3-83CC-DE608045DAF2} : DHCPNameServer = 192.168.0.1 205.171.3.25 192.168.0.1
TCP: Interfaces\{95523CC6-BB8B-4CF3-83CC-DE608045DAF2}\14454503132333 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{95523CC6-BB8B-4CF3-83CC-DE608045DAF2}\144616D637F6E6E474 : DHCPNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{95523CC6-BB8B-4CF3-83CC-DE608045DAF2}\D49646761627 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{95523CC6-BB8B-4CF3-83CC-DE608045DAF2}\F427D6372656561577563747 : DHCPNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{CD4A50BE-68E1-42AF-AB2E-82DD9EC75A2F} : DHCPNameServer = 192.168.0.1 205.171.3.25
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-2 49320]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-2 163784]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-2-20 765808]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-2-20 368248]
R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2011-6-26 81920]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-2-20 29880]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-2-20 66408]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-3-2 45248]
R2 CinemaNow Service;CinemaNow Service;c:\program files\cinemanow\cinemanow media manager\CinemaNowSvc.exe [2009-6-23 127352]
R2 HPClientSvc;HP Client Services;c:\program files\hewlett-packard\hp client services\HPClientServices.exe [2010-10-11 246840]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\hewlett-packard\shared\HPDrvMntSvc.exe [2011-3-17 92216]
R2 HPWMISVC;HPWMISVC;c:\program files\hewlett-packard\hp quick launch\HPWMISVC.exe [2010-11-9 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2011-6-26 13336]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2012-8-23 13672]
R3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files\hewlett-packard\hp connection manager\hpCMSrv.exe [2011-2-15 1071160]
R3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\drivers\netr28.sys [2011-6-26 1174080]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-26 327272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2011-6-26 197224]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
.
=============== Created Last 30 ================
.
2013-03-06 13:57:45 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-05 14:40:33 6954968 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{91a134ed-dff8-4ab0-a30c-6ea4755a6695}\mpengine.dll
2013-03-02 14:13:42 49320 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-02 14:13:42 163784 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-02-28 02:38:26 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-02-28 02:38:13 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-02-28 02:38:05 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 02:38:04 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 02:38:04 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-23 11:28:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-02-23 11:28:55 -------- d-----w- c:\program files\Spybot - Search & Destroy
2013-02-22 02:29:19 -------- d-----w- c:\users\rachel adamson\appdata\roaming\Malwarebytes
2013-02-22 02:28:55 -------- d-----w- c:\programdata\Malwarebytes
2013-02-22 02:28:50 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-22 02:28:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-22 02:28:28 -------- d-----w- c:\users\rachel adamson\appdata\local\Programs
2013-02-15 01:01:57 39696 ----a-w- c:\windows\system32\R1EGDws.dll
2013-02-15 01:01:56 17680 ----a-w- c:\windows\system32\R1EGDpi.dll
2013-02-15 01:01:55 13072 ----a-w- c:\windows\system32\R1EGDmt.dll
2013-02-15 01:01:44 -------- d-----w- c:\program files\Smart Organizing Monitor for DDST
2013-02-15 00:53:50 -------- d-----w- C:\temp
2013-02-14 03:19:38 768000 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-02-14 01:56:34 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-14 01:56:31 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-14 01:56:08 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-14 01:56:04 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-14 01:56:04 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 01:55:55 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-13 15:26:47 -------- d-s---w- c:\users\rachel adamson\Google Drive
.
==================== Find3M ====================
.
2013-03-06 13:57:24 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-06 13:57:24 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-28 08:36:37 765808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-28 08:36:36 66408 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-28 08:36:36 60728 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-02-28 08:36:07 41664 ----a-w- c:\windows\avastSS.scr
2013-02-27 18:42:30 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-27 18:42:29 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-17 08:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-13 21:12:46 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 20:30:34 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 20:22:22 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:54:01 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:48:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:37:57 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 18:34:58 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-01-08 22:11:21 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-04 06:11:21 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
.
============= FINISH: 18:49:27.65 ===============

When I tried to run the aswMBR it restarted my laptop after about 30 minutes. So should I try to run it again or does that mean something is wrong and it would do it again if I ran it? Thank you for the help!

Good Morning,

DDS is not showing any signs of malware, try running aswMBR in safemode

To Enter Safemode

Go to Start> Shut off your Computer> Restart
As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
this will bring up a menu.
Use the Up and Down Arrow Keys to scroll up to Safemode with Networking
Then press the Enter Key on your Keyboard

Tutorial if you need it How to boot into Safemode (http://www.bleepingcomputer.com/tutorials/tutorial61.html)

When I went to run the program it has disappeared from my computer, and I definitely didn't unistall it. So I reinstalled it and here is the info:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-07 03:20:37
-----------------------------
03:20:37.844 OS Version: Windows 6.1.7601 Service Pack 1
03:20:37.844 Number of processors: 2 586 0x1C0A
03:20:37.844 ComputerName: RACHELSLAPTOP UserName:
03:21:17.905 Initialize success
03:21:18.451 AVAST engine defs: 13030601
03:21:23.318 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
03:21:23.318 Disk 0 Vendor: TOSHIBA_ GS00 Size: 238475MB BusType: 3
03:21:23.349 Disk 0 MBR read successfully
03:21:23.349 Disk 0 MBR scan
03:21:23.427 Disk 0 Windows 7 default MBR code
03:21:23.458 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
03:21:23.536 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 221595 MB offset 409600
03:21:23.567 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12616 MB offset 454236160
03:21:23.599 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 4063 MB offset 480073728
03:21:23.614 Disk 0 scanning sectors +488395120
03:21:23.770 Disk 0 scanning C:\Windows\system32\drivers
03:21:40.618 Service scanning
03:22:10.180 Modules scanning
03:22:17.029 Disk 0 trace - called modules:
03:22:17.107 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys
03:22:17.138 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84b15440]
03:22:17.153 3 CLASSPNP.SYS[86bab59e] -> nt!IofCallDriver -> [0x84432898]
03:22:17.169 5 ACPI.sys[866b73d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84439028]
03:22:17.684 AVAST engine scan C:\Windows
03:22:19.930 AVAST engine scan C:\Windows\system32
03:26:02.621 AVAST engine scan C:\Windows\system32\drivers
03:26:19.500 AVAST engine scan C:\Users\Rachel Adamson
03:44:17.602 AVAST engine scan C:\ProgramData
03:45:46.866 Scan finished successfully
03:46:09.844 Disk 0 MBR has been saved successfully to "C:\Users\Rachel Adamson\Documents\MBR.dat"
03:46:09.860 The log file has been saved successfully to "C:\Users\Rachel Adamson\Documents\aswMBR.txt"

Thanks,

You have Malwarebytes installed, have you updated and run it lately, if not update it and run the quick scan removing anything it finds, post the log if it found threats.

OTL by OldTimer

Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.






ESET Online Scanner
I'd like us to scan your machine with ESET OnlineScan

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan (http://eset.com/onlinescan)
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png icon on your desktop.

Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetStart.png button.
Accept any security warnings from your browser.
Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png
Make sure that the option "Remove found threats" is Unchecked
Push the Start button.
ESET will then download updates for itself, install itself, and begin
scanning your computer. Please be patient as this can take some time.
When the scan completes, push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png, and save the file to your desktop using a unique name, such as
ESETScan. Include the contents of this report in your next reply.
Push the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetBack.png button.
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetFinish.png
Please make sure you include the following items in your next post:
The log that was produced after running ESET Online Scanner.

Hi, You might be wondering what all these scans are for, just checking to make sure your not infected

As far as Unprotected Domains, you have Spybot installed, do this

Down the left hand side of the Spybot page is Immunize. Click on that.
From the screen that pops up, click on the heading +Immunize. This will bring your protection up-to-date.

If you like, click on the Check again heading for a further check.

These steps bring your protection up-to-date and should resolve that issue

Hi,
I didn't get very far today, but wanted to give you a couple of updates of failures today.
1. I ran malwarebytes, it was clean. I have been running it, spybot, and avast free antivirus every couple of days, all I have gotten is some browser cookies in spybot. Than the unprotected domains are showing up when I run the immunizee is spybot, the same 63 everytime.
2. I tried to run the OTL when I click on run scan it just freezes the program so I can't do anything in it. I tried it 4 different times, and restarted computer and it still won't work. I have to close it in task manager.
3. I am going to have to run the ESET tomorrow, it was taking too long and don't want it up all night.
4. When I turned my laptop back on today it is showing to desktop icons called "desktop.ini" I have no idea where they came from. Are they safe? Should I delete them.
5. My avast free antivirus expires in 2 days, is the protection of it really worth paying for or is a free one like avg good enough?
6. Can posting all these info on the internet about my computer be dangerous and get my hacked?

I will post the results of the ESET tomorrow. Any thoughts on any of these things please let me know.
Thank you!

You can post safely, no personal info is collected.

You can try this free AV from Microsoft, I have it on one of my systems and it runs with no problem

http://www.microsoft.com/en-us/download/details.aspx?id=5201


You can also upgrade Malwarebytes to the Pro Version, its a one time fee of around $24 I believe, no yearly fees. If you decide to sell your computer you can uninstall it, download and install it on the new one, enter the keycode and you will have the Pro Version on your new one. The Pro Version has a protection module that will block access to known malicious sites and also block any outgoing attempts that are questionable , but this of course is your call.


You can try this Temp cleaner in lew of OTL


Download TFC (http://oldtimer.geekstogo.com/TFC.exe) to your desktop

Close any open windows.
Double click the TFC icon to run the program
TFC will close all open programs itself in order to run,
Click the Start button to begin the process.
Allow TFC to run uninterrupted.
The program should not take long to finish it's job
Once its finished it should automatically reboot your machine,
if it doesn't, manually reboot to ensure a complete clean

Ok I did the online scan and it came out clean. All of those unprotected domains are still showing up in spybot immunize, but if nothing showed up in all these scans does that mean that they are nothing bad then and I shouldn't worry about them?

I believe there is nothing to worry about, Spybot is helping protect those domains

Everything else ok ?

Ok if you think everything is clean and safe I can breath a little easier! But still going to be on the high alert. Any advice on signs to watch for hackers, or just run the Spybot and Microsoft security and if nothing shows up I am safe? I think something I ran made all these hidden files show up all over my files, desktop.ini, picasa.ini, recycle bins all over, etc. Any idea how to make those hidden again, or is it good to see them? Or should I delete them?
Thanks a ton for the help!

Hi,

You can follow this to rehide system files
http://www.bleepingcomputer.com/tutorials/show-hidden-files-in-windows-7/


You also have Windows 7 Starter and may be limited on what you can do
http://windows.microsoft.com/en-us/windows7/products/windows-7-starter-top-questions

Just keep your AV up to date and run regular scans

We need to update your Java to keep you more secure

Go to your Control Panel and click on the Java Icon ( looks like a little coffee cup ) click on About and you

should have Version 7 Update 17, if not proceed with the instructions.

Go to the update Tab and update it
Important, during the upgrade UNCHECK ASK TOOL BAR. ( you do not need or want this )

Then go to your Add Remove Programs (WIN XP) or Programs and Features (Vista / Win 7) in the Control Panel and uninstall all previous versions.


You can verify the installation

Here (http://www.java.com/en/download/help/testvm.xml)

Let me know if this helped

Still with me ?