Need help on finishing cleaning

Eee PC 701SD
Windows XP Home Edition Service Pack 3 (build 2600)
900 megahertz Intel Celeron M
8.04 Gigabytes Usable Hard Drive Capacity (ASUS-JM S41 SSD [Hard drive] (8.06 GB) – drive 0, s/n 00OS1Q8A0124,)
504 Megabytes Usable Installed Memory

Superantispyware
Avast Anti-virus
Online Armour
Win Patrol

Hello all, I am working on a neighbor’s computer. I think that the unit is pretty clean but I’m troubled by the fact that there is a Bit torrent program on it. He received the computer recently from a trade–work (house painting) for the computer. This is the first unit that I have worked on with a SSD drive. I also have seen a few toolbars on the unit as well and although they look to be legitamate that tells me that the former owner was not as careful as he could have been.

Here are the other scans:

:slight_smile:

Thanks

Looks quite clean actually, are you experiencing any problems ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:Commands
[CREATERESTOREPOINT]

:OTL
O33 - MountPoints2\{20126d86-ee52-11e2-9da9-dd37a4f49ed7}\Shell\play\command - "" = C:\Program Files\Real\RealPlayer\RealPlay.exe -- [2010/12/16 13:14:59 | 000,491,168 | ---- | M] (RealNetworks, Inc.)
O33 - MountPoints2\{740325c4-ceef-11de-9ce9-002243197b40}\Shell - "" = AutoRun
O33 - MountPoints2\{740325c4-ceef-11de-9ce9-002243197b40}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{740325c4-ceef-11de-9ce9-002243197b40}\Shell\AutoRun\command - "" = D:\WIN\setup.exe
O33 - MountPoints2\{91763fc6-2a4f-11e0-9d93-002243197b40}\Shell\Auto\command - "" = D:\regdrv.exe
O33 - MountPoints2\{91763fc6-2a4f-11e0-9d93-002243197b40}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{91763fc6-2a4f-11e0-9d93-002243197b40}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL regdrv.exe
O33 - MountPoints2\{b69fb96a-af9b-11de-9cd2-002243197b40}\Shell\Auto\command - "" = D:\regdrv.exe
O33 - MountPoints2\{b69fb96a-af9b-11de-9cd2-002243197b40}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b69fb96a-af9b-11de-9cd2-002243197b40}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL regdrv.exe
O33 - MountPoints2\{ff82647a-274f-11e0-9d91-002243197b40}\Shell - "" = AutoRun
O33 - MountPoints2\{ff82647a-274f-11e0-9d91-002243197b40}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ff82647a-274f-11e0-9d91-002243197b40}\Shell\AutoRun\command - "" = D:\HPLauncher.exe

:Commands
[resethosts]
[emptytemp]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

My humble apologies.

There is a first time for everything and obviously I have too much on my mind. I added Avast to his system and the first scan picked up three instances of viruses. These scans were run on July 16. One was during a regular scan and the others during a boot level scan, which Avast itself strongly recommended: A0060540.EXE, unp11082972.tmp & regdrv.exe The threats were all “Win32:Malware-gen.” I deleted all three and have not had any alerts regarding viruses since: I forgot that I shouldn’t run any scans and ran a quick Avast scan this morning.

I take seriously the service that your team provides. Therefore, again, please accept my apologies for the oversight.

Would you like me to complete your latest directions or would this information change the course that you would like me to follow?

:slight_smile:

No problem at all, this run will remove some suspect mount points and empty all the temp folders

Here you go

Unless you have any problems I reckon you can call it clean

Nope, no other issues. Your help is/was greatly appreciated. BTW, “reckon,” I thought you were from England. I’m a Southerner in the States. I use the term all the time. Is the term used in England by the Brits or are you a Southern transplant?

Best regards,

David

:slight_smile:

Nah Brit through and through :slight_smile:

Run OTL and press cleanup, this will remove it and the associated folders
Run AdwCleaner and press uninstall

Done.

Much appreciated.

:slight_smile: