[isasooner]

Can you send the specific roguekiller instructions again so I know exactly what to do as I got confused with the last bit of instructions you sent earlier.

[Satchfan]

Run RogueKiller

• when the prescan is finished, click on Scan
• after it has completed, click on the “Registry” tab
  uncheck the following false positives

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

• make sure the other entries there are checked, then click on Delete

Re-start RogueKillerm run a scan and send a new log.

[isasooner]

After running the scan, no new log is available to send..

[Satchfan]

As RogueKiller found infections on the first run, they must still be there as we didn't "fix" them. It is not the report I want at this stage, just to fix the bad files.

Please run the scan again. When the scan is finished, click on the Registry button and make sure there is a check mark next to these entries:

[TASK][ROGUEST] 0 : c:\program files (x86)\internet explorer\iexplore.exe -> FOUND
[TASK][ROGUE ST] 4688 : wscript.exeC:\Users\Idris\AppData\Local\Temp\launchie.vbs //B -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND

Remove the check mark from these entries:

[HJDESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1)-> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1)-> FOUND



When you have done that, click on Delete.

Now run a new scan and when the scan is finished, click on Report and post that in your reply.

[isasooner]

RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files...3-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Idris [Admin rights]
Mode : Scan -- Date : 10/30/2012 10:46:34

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[FILEASSO] HKLM\[...]\command : ("C:\Program Files (x86)\Internet Explorer\iexplore.exe") -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS543232A7A384 ATA Device +++++
--- User ---
[MBR] bb8815480b4049995f78ce33c908329c
[BSP] dcfc4537725933b1ce39cacdd24e39f1 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 288645 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 594219008 | Size: 15099 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

[Satchfan]

Good job.

There is one more to fix.

Run a scan again and this time make sure that this one has a check mark next to it:

[FILEASSO] HKLM\[...]\command : ("C:\Program Files (x86)\Internet Explorer\iexplore.exe") -> FOUND

Press Delete

Send a new scan and tell me what problems remain.

[isasooner]

RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files...3-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Idris [Admin rights]
Mode : Remove -- Date : 10/30/2012 11:31:14

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NOT SELECTED
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NOT SELECTED
[FILEASSO] HKLM\[...]\command : ("C:\Program Files (x86)\Internet Explorer\iexplore.exe") -> REPLACED ("C:\Program Files (x86)\Internet Explorer\iexplore.exe")

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS543232A7A384 ATA Device +++++
--- User ---
[MBR] bb8815480b4049995f78ce33c908329c
[BSP] dcfc4537725933b1ce39cacdd24e39f1 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 288645 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 594219008 | Size: 15099 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt

[Satchfan]

How are things running now?

[isasooner]

I am at work right now, I will let .you know latet

[Satchfan]

[isasooner]

My DVD drive is still missing. do you have any idea how to relocate it?

[Satchfan]

Have you tried troubleshooting the problem?

• open the Hardware and Devices troubleshooter by clicking Start, Control Panel.
• click Troubleshooting. Under Hardware and Sound, click Configure a device.
• if you're prompted for an administrator password or confirmation, type the password or provide confirmation.

Let me know if that works

[isasooner]

Thanks that was a quick fix but, I still have lavasoft search engine on my laptop.everytime I open google chrome when signed in to my account 4 tabs open. My home page, 2 lavasoft search engine tabs and a bing search engine tab. How can we fix this?

[Satchfan]

One big problem with Chrome is that we cannot remove addons like we can with other browsers and uninstalling, re-installing Chrome is usually the only solution.

When you uninstall, if asked about user data or settings, removethose also.

[isasooner]

I unistalled google chrome then reinstalled it and when logged into my google chrome account, every time I open my web browser still the same 4 tabs open. My home page, 2 lavasoft search engine tabs and a bing search engine tab. So do I just log out of my google chrome account or create another? I don't know how to get lavasoft off my laptop.Also I never use internet explorer web browser because I find it very slow compared to the others so I tried to delete it in my computer but could not find it to delete it. How do I delete internet explorer?