• Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About reviewboyer

  • Rank
  1. Mr Peters, somehow, I didn't know that. Thanks.
  2. a2wizard.exe doesn't give me the freeware option, either.
  3. Fabian, thanks. I'll have Anti-Malware remove those registry keys.
  4. Fabian, thanks for the reply. Here's my scan report: Emsisoft Anti-Malware - Version 8.1 Last update: 2/8/2014 10:05:03 AM User account: a-pc\ralph Scan settings: Scan type: Deep Scan Objects: Rootkits, Memory, Traces, C:\, D:\, G:\ Detect PUPs: Off Scan archives: On ADS Scan: On File extension filter: Off Advanced caching: On Direct disk access: Off Scan start: 2/8/2014 10:12:16 AM Key: HKEY_USERS\S-1-5-21-4196889071-1047444172-37349609-1001\SOFTWARE\SOFTONIC detected: Application.InstallAd (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\FREE YOUTUBE DOWNLOADER detected: Application.InstallAd (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\OBJECT detected: Application.InstallAd (A) Scanned 464648 Found 3 Scan end: 2/8/2014 6:05:29 PM Scan time: 7:53:13
  5. There is a saying in English, "Misery loves company". What I meant is that there is some comfort in knowing that someone else is in the same situation.
  6. Anti-Malware found a few instances of: "Application.InstallAD(A).....registry keys - no risk". How I can I educate myself as to what 'Application.InstallAD(A)' is? Thanks.
  7. Thanks for the reply. I think I activated the free trial, although maybe I didn't because I don't see a 'Change License' button. I've attached a screen shot.
  8. How can I prevent Anti-Malware (free) from launching at startup? I don't want real-time protection. I don't see an entry in Task Manager's Startup tab. Thanks.
  9. ShadowPuterDude - This feedback probably won't be useful to you because I didn't take notes. Running Combo-Fix resulted in a pop-up message after several minutes about an error in editing the registry. Subsequently, I could not successfully bring up windows because a system file was missing. I ended up doing a system restore to factory default, which was probably a good thing to do anyway, given all of the warnings about not being able to trust a PC after being infected. Anyhow, thanks for your help, guys!
  10. Obviously, I had not had enough coffee when I posted earlier. Let me try again....
  11. Lynx - Thanks for the reply. I've attached the Win32kdiag log. Hopefully, I'm compliant now.
  12. Here's what happened. 1. I ran Anti-Malware and it reported "Trojan.Crypt!IK....cannot be deleted...Please consult the experts..." 2. I followed the instructions here: 3. After installing and running CCleaner, I noticed that Google Chrome was installed and Firefox was no longer my default browser. 4. After re-running Anti-Malware Quick Scan, it reported 'Trace.Registry.Orvell Monitoring!A2'. I have not attempted to delete or quarantine it yet. Quick Scan results: Emsisoft Anti-Malware - Version 5.0 Last update: 12/4/2010 12:49:29 AM Scan settings: Scan type: Quick Scan Objects: Memory, Traces, Cookies Scan archives: Off Heuristics: Off ADS Scan: On Scan start: 12/4/2010 8:14:00 AM Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run --> svchost detected: Trace.Registry.Orvell Monitoring!A2 Scanned Files: 432 Traces: 623281 Cookies: 21 Processes: 47 Found Files: 0 Traces: 1 Cookies: 0 Processes: 0 Registry keys: 0 Scan end: 12/4/2010 8:15:51 AM Scan time: 0:01:51 5. Ran Wind32kdiag.exe. Here's the log: Running from: E:\Temp\stuff\Win32kDiag.exe Log file at : C:\Users\<comptuer name>\Desktop\Win32kDiag.txt WARNING: Could not get backup privileges! Searching 'C:\Windows'... Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl [1] 2010-12-04 00:45:26 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl () Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl [1] 2010-12-04 00:45:11 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl () Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl [1] 2010-12-04 00:45:11 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl () Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl [1] 2010-12-04 00:45:11 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl () Cannot access: C:\Windows\System32\wbem\Logs\WMITracing.log [1] 2010-12-04 00:45:33 16777216 C:\Windows\System32\wbem\Logs\WMITracing.log () Finished! ==================================== Suggestions for next steps? Thanks!