Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

pc very slow - malware? [Solved]


  • This topic is locked This topic is locked

#1
HaraMo

HaraMo

    Member

  • Member
  • PipPipPip
  • 329 posts

Hope someone can help me with the mentioned problem. I don't know if malware is the cause (I let MBAM run a quick scan but nothing found).

 

See logs of OTL attached


  • 0

Advertisements


#2
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

If you would remove the scans from the Attached Zip file and cut/paste them into a response I'll have a look. :)  (Look at other topics and notice how those are pasted and not attached.)


  • 0

#3
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

OK, see attached.


  • 0

#4
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
These are still attached. Please copy and paste them. The issue with attachments is that they may contain malware. Pasted text won't'
  • 0

#5
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts
OTL logfile created on: 25-6-2014 20:58:44 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Frank\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Pays-Bas | Language: NLD | Date Format: d-M-yyyy
 
1,75 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 58,10% Memory free
3,74 Gb Paging File | 2,56 Gb Available in Paging File | 68,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 67,17 Gb Total Space | 10,56 Gb Free Space | 15,71% Space Free | Partition Type: NTFS
Drive D: | 67,22 Gb Total Space | 38,78 Gb Free Space | 57,69% Space Free | Partition Type: NTFS
 
Computer Name: PC-SCAN | User Name: Frank | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Frank\Desktop\OTL.exe (OldTimer Tools)
PRC - c:\program files\teamviewer\version9\TeamViewer_Desktop.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
PRC - C:\Program Files\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.)
PRC - C:\Program Files\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.)
PRC - C:\Program Files\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe (EgisTec Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\Program Files\WinRAR\rarext.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (TeamViewer9) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (gzserv) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe (Bitdefender)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BrYNSvc) -- C:\Program Files\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (cleanhlp) -- C:\EEK\Run\cleanhlp32.sys File not found
DRV - (catchme) -- C:\Users\FRANKN~1\AppData\Local\Temp\catchme.sys File not found
DRV - (bdselfpr) -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys (BitDefender LLC)
DRV - (trufos) -- C:\Windows\System32\drivers\trufos.sys (BitDefender S.R.L.)
DRV - (gzflt) -- C:\Windows\System32\drivers\gzflt.sys (BitDefender LLC)
DRV - (bdftdif) -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys (Bitdefender SRL)
DRV - (avc3) -- C:\Windows\System32\drivers\avc3.sys (BitDefender)
DRV - (avckf) -- C:\Windows\System32\drivers\avckf.sys (BitDefender)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (BrUsbSIb) -- C:\Windows\System32\drivers\BrUsbSib.sys (Brother Industries Ltd.)
DRV - (BrSerIb) -- C:\Windows\System32\drivers\BrSerIb.sys (Brother Industries Ltd.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.)
DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.)
DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (nvamacpi) -- C:\Windows\System32\drivers\nvamacpi.sys (NVIDIA Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (P0630VID) -- C:\Windows\System32\drivers\P0630Vid.sys (Creative Technology Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://translate.goo...en|aanleiding
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes\{1129A88D-0AC2-496A-8138-A6D710437C48}: "URL" = http://www.google.nl...q={searchTerms}
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...age={startPage}
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes\{7E783AB3-31F5-45B3-B6FC-BB035DD0E723}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes\{AE09A471-FF1C-4B07-8CA5-D5ADC63B12F5}: "URL" = https://duckduckgo.c...q={searchTerms}
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Frank\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2009-07-02 14:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\Extensions
[2014-03-11 08:16:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\Firefox\Profiles\zpvyftpl.default\extensions
[2010-07-12 16:57:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Frank\AppData\Roaming\mozilla\Firefox\Profiles\zpvyftpl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\Frank\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZPVYFTPL.DEFAULT\EXTENSIONS\[email protected]
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Frank\AppData\Local\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Frank\AppData\Local\Google\Chrome\Application\33.0.1750.146\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Frank\AppData\Local\Google\Chrome\Application\33.0.1750.146\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Frank\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Frank\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Live® Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Frank\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: YouTube = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Zoeken = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Google Zoeken = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.0.14735.1561_0\
CHR - Extension: Google Wallet = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gmail = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014-03-14 02:00:11 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47E0ABE0-B695-45F4-B8A0-00EDDA53F580}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA14366B-D923-40F6-BA3D-45D75AF5792F}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Frank\Desktop\11winter-wonderland.jpg
O24 - Desktop BackupWallPaper: C:\Users\Frank\Desktop\11winter-wonderland.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-06-25 20:47:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Frank\Desktop\OTL.exe
[2014-06-23 14:21:06 | 000,000,000 | ---D | C] -- C:\Users\Frank\Desktop\pc technieker 23-06-2014
[2014-06-23 14:20:58 | 000,000,000 | ---D | C] -- C:\Users\Frank\Documents\Nouveau dossier
[2014-06-23 01:05:18 | 000,000,000 | ---D | C] -- C:\PRES
 
========== Files - Modified Within 30 Days ==========
 
[2014-06-25 20:50:14 | 000,248,960 | ---- | M] () -- C:\ProgramData\nvModes.001
[2014-06-25 20:47:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Frank\Desktop\OTL.exe
[2014-06-25 20:35:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-06-25 20:16:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3786720445-66438094-3900189724-1000UA.job
[2014-06-25 19:14:07 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014-06-25 19:14:07 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014-06-25 04:16:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3786720445-66438094-3900189724-1000Core.job
[2014-06-23 07:10:45 | 000,729,482 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014-06-23 07:10:45 | 000,651,634 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-06-23 07:10:45 | 000,149,002 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014-06-23 07:10:45 | 000,123,206 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-06-23 05:56:52 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014-06-23 05:13:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-06-23 04:35:46 | 000,000,880 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2014-06-23 04:35:46 | 000,000,034 | ---- | M] () -- C:\Windows\System32\BD5270DN.DAT
 
========== Files Created - No Company Name ==========
 
[2014-03-17 15:53:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\avchv.sys
[2014-03-17 15:45:49 | 000,213,037 | ---- | C] () -- C:\ProgramData\1395063671.bdinstall.bin
[2014-03-11 08:27:04 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2013-01-22 12:15:06 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD5270DN.DAT
[2011-11-23 10:03:54 | 000,008,484 | ---- | C] () -- C:\Users\Frank\AppData\Local\d3d9caps.dat
[2011-05-27 11:10:51 | 000,004,096 | -H-- | C] () -- C:\Users\Frank\AppData\Local\keyfile3.drm
[2010-04-28 09:21:21 | 000,022,016 | ---- | C] () -- C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-07-22 16:29:16 | 000,003,220 | ---- | C] () -- C:\Users\Frank\.ganttproject
[2009-07-17 12:26:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009-07-02 11:17:47 | 000,000,130 | ---- | C] () -- C:\Users\Frank\intlname.ols
[2009-06-16 17:00:28 | 000,248,960 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009-06-16 17:00:20 | 000,248,960 | ---- | C] () -- C:\ProgramData\nvModes.dat
 
========== ZeroAccess Check ==========
 
[2006-11-02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2009-06-16 17:14:15 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\Acer GameZone Console
[2012-03-12 16:32:47 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\ControlCenter4
[2014-03-13 10:34:09 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\CrystalIdea Software
[2014-04-11 12:26:58 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\Dropbox
[2009-07-03 14:06:34 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\HomeMedia Connect
[2010-07-14 10:54:01 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\OpenOffice.org
[2011-09-08 17:13:09 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\Opera
[2012-06-28 10:04:53 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\PC-FAX TX
[2014-03-17 15:42:25 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\QuickScan
[2009-07-03 14:06:20 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\SoftDMA
[2010-10-06 10:59:47 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\Softland
[2014-03-07 11:46:19 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\TeamViewer
[2010-12-14 12:48:52 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\VoipBuster
 
========== Purity Check ==========
 
 
 
< End of report >
 
 

OTL Extras logfile created on: 25-6-2014 20:58:44 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Frank\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Pays-Bas | Language: NLD | Date Format: d-M-yyyy
 
1,75 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 58,10% Memory free
3,74 Gb Paging File | 2,56 Gb Available in Paging File | 68,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 67,17 Gb Total Space | 10,56 Gb Free Space | 15,71% Space Free | Partition Type: NTFS
Drive D: | 67,22 Gb Total Space | 38,78 Gb Free Space | 57,69% Space Free | Partition Type: NTFS
 
Computer Name: PC-SCAN | User Name: Frank | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
 
[HKEY_USERS\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4471B312-8C07-4311-A1A4-CB21637AED63}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 
"{64769417-69ED-4410-91A6-16E7D7952E27}" = lport=139 | protocol=6 | dir=in | app=system | 
"{80C83124-B1D6-450F-A15B-44FF9E1F2A29}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{9DA73658-B985-4BD7-AB67-513B9E6C6EF2}" = rport=139 | protocol=6 | dir=out | app=system | 
"{BB66D68B-52D0-476D-8AA4-6621F2A8F35D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{BF57FC7F-26EF-4343-AB1A-9C7B5016A6CA}" = lport=137 | protocol=17 | dir=in | app=system | 
"{CE421B9B-4F9C-4181-AD1C-418411F8077D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{D961ED43-E506-421F-A66B-0E93764BF3C7}" = rport=137 | protocol=17 | dir=out | app=system | 
"{DC219FB6-596A-44DA-B525-8FDC716DF2AA}" = rport=138 | protocol=17 | dir=out | app=system | 
"{EE6C0731-F497-410D-ABA3-EA26C08ECECF}" = rport=445 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{011E1326-7C38-4A2D-B5B3-6C285FFAEF4A}" = protocol=58 | dir=in | [email protected],-28545 | 
"{06B9AA42-206C-49C1-B27F-D520D6877461}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{277F07FA-D8C9-497F-880E-A8D309481B79}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version9\teamviewer_service.exe | 
"{2C28B255-838F-4F68-845B-36620A99B567}" = protocol=58 | dir=out | [email protected],-28546 | 
"{43233023-75C7-4F37-85DF-0A508158222D}" = protocol=1 | dir=out | [email protected],-28544 | 
"{A8F33691-2B33-4AA3-AFAE-31FCF35D6454}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version9\teamviewer_service.exe | 
"{ADF9B079-3A42-475A-BD12-D7F12E549CFE}" = protocol=1 | dir=in | [email protected],-28543 | 
"{D384281C-C93D-435D-9BD8-21573BCD4255}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version9\teamviewer.exe | 
"{D82E802E-BA14-417F-9116-D26962C5EF2B}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version9\teamviewer.exe | 
"{E83C97EE-3EFE-4DA6-BDC6-B25271CDB656}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"TCP Query User{404D69B2-9E40-4F5E-B7F9-03E0CC4E7D0E}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{7AE35D44-1FCE-4E9F-AB6F-F502E0202C7D}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"UDP Query User{32ECC42F-8AC9-44F2-A62C-D7109589540A}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"UDP Query User{DEEA8536-2B82-46D4-A5F7-CDD44750322E}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01523985-2098-43AF-9C97-12B07BE02A9B}" = Windows Live Call
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2231CE39-B963-4B9D-823A-F412ECA637B1}" = Windows Live Writer
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{3CCB732A-E472-4CF9-B1EE-F18365341FE0}" = Installation Windows Live
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{43563ACB-371B-4C58-8979-B192B390424C}" = Galerie de photos Windows Live
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail
"{67D0313C-4F15-437D-9A2D-C1564088A26A}" = Windows Live Sync
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2007
"{90120000-0044-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_ENTERPRISE_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007
"{90120000-00A1-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2007
"{90120000-00BA-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036" = Microsoft .NET Framework 4.5.1 (Français)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}" = Brother MFL-Pro Suite MFC-J625DW
"{AC76BA86-7AD7-1043-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Nederlands
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C507986C-A83D-3F09-9099-5E1AF20BE648}" = Microsoft .NET Framework 4.5.1 (FRA)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"BitDefender Gonzales" = Bitdefender Antivirus Free Edition
"CCleaner" = CCleaner
"Creative PD0630" = Creative WebCam Live! Driver (1.01.01.0730)
"CutePDF Writer Installation" = CutePDF Writer 2.7
"doPDF 7 printer_is1" = doPDF 7.2 printer
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.75.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 12.17.1863" = Opera 12.17
"TeamViewer 9" = TeamViewer 9
"VoipBuster_is1" = VoipBuster
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = WinRAR
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"GPEC deconvoluter" = GPEC deconvoluter
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 9-5-2014 8:57:36 | Computer Name = PC-SCAN | Source = WinMgmt | ID = 10
Description = 
 
Error - 9-5-2014 9:10:44 | Computer Name = PC-SCAN | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 9-5-2014 9:10:44 | Computer Name = PC-SCAN | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 15-5-2014 14:12:08 | Computer Name = PC-SCAN | Source = Application Error | ID = 1000
Description = Application défaillante svchost.exe, version 6.0.6001.18000, horodatage
 0x47918b89, module défaillant ntdll.dll, version 6.0.6002.18881, horodatage 0x51da3e27,
 code d’exception 0xc0000374, décalage d’erreur 0x000b06fc,  ID du processus 0xdbc,
 heure de début de l’application 0x01cf6b8608d553e3.
 
Error - 23-5-2014 13:04:27 | Computer Name = PC-SCAN | Source = Application Hang | ID = 1002
Description = Le programme iexplore.exe version 9.0.8112.16540 a cessé d’interagir
 avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
 sont disponibles, consultez l’historique du problème dans l’application Rapports
 et solutions aux problèmes du Panneau de configuration.  ID de processus : 19e4  Heure
 de début : 01cf75b81ee12ea0  Heure de fin : 4897
 
Error - 26-5-2014 10:08:06 | Computer Name = PC-SCAN | Source = Application Hang | ID = 1002
Description = Le programme iexplore.exe version 9.0.8112.16540 a cessé d’interagir
 avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
 sont disponibles, consultez l’historique du problème dans l’application Rapports
 et solutions aux problèmes du Panneau de configuration.  ID de processus : 1280  Heure
 de début : 01cf78eae9b0c430  Heure de fin : 797
 
Error - 26-5-2014 18:02:41 | Computer Name = PC-SCAN | Source = Desktop Window Manager | ID = 9020
Description = Le Gestionnaire de fenêtrage a rencontré une erreur irrécupérable 
(0x8007000e).
 
Error - 5-6-2014 17:05:14 | Computer Name = PC-SCAN | Source = Application Hang | ID = 1002
Description = Le programme iexplore.exe version 9.0.8112.16540 a cessé d’interagir
 avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
 sont disponibles, consultez l’historique du problème dans l’application Rapports
 et solutions aux problèmes du Panneau de configuration.  ID de processus : 3084  Heure
 de début : 01cf80f18b05a3b0  Heure de fin : 1164
 
Error - 22-6-2014 23:14:13 | Computer Name = PC-SCAN | Source = WinMgmt | ID = 10
Description = 
 
Error - 23-6-2014 8:18:10 | Computer Name = PC-SCAN | Source = SideBySide | ID = 16842785
Description = La création du contexte d’activation a échoué pour « C:\Users\Frank
 \Desktop\install\driver\gdi\64\DPInst.exe ».  Assembly dépendant Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
 introuvable.  Utilisez sxstrace.exe pour un diagnostic détaillé.
 
[ OSession Events ]
Error - 5-3-2014 8:32:43 | Computer Name = PC-SCAN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 60
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 5-3-2014 8:37:14 | Computer Name = PC-SCAN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session 
lasted 101 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 5-3-2014 8:58:27 | Computer Name = PC-SCAN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session 
lasted 131 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 5-3-2014 9:13:45 | Computer Name = PC-SCAN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 75
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 5-3-2014 9:16:11 | Computer Name = PC-SCAN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 59
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 5-3-2014 9:36:51 | Computer Name = PC-SCAN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 82
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 5-3-2014 9:41:11 | Computer Name = PC-SCAN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 59
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 5-3-2014 9:47:01 | Computer Name = PC-SCAN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 66
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 5-3-2014 9:58:04 | Computer Name = PC-SCAN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 411
 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 5-3-2014 12:09:22 | Computer Name = PC-SCAN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 90
 seconds with 60 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 20-6-2014 14:12:06 | Computer Name = PC-SCAN | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.8 pour la carte réseau dont l'adresse
 réseau est 00242C739720 a été refusé par le serveur DHCP 0.0.0.0 (celui-ci a envoyé
 un message DHCPNACK).
 
Error - 20-6-2014 18:42:10 | Computer Name = PC-SCAN | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.8 pour la carte réseau dont l'adresse
 réseau est 00242C739720 a été refusé par le serveur DHCP 0.0.0.0 (celui-ci a envoyé
 un message DHCPNACK).
 
Error - 21-6-2014 11:12:17 | Computer Name = PC-SCAN | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.8 pour la carte réseau dont l'adresse
 réseau est 00242C739720 a été refusé par le serveur DHCP 0.0.0.0 (celui-ci a envoyé
 un message DHCPNACK).
 
Error - 22-6-2014 23:13:45 | Computer Name = PC-SCAN | Source = EventLog | ID = 6008
Description = L'arrêt système précédant à 5:10:36 AM le 6/23/2014 n'était pas prévu.
 
Error - 22-6-2014 23:14:17 | Computer Name = PC-SCAN | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 22-6-2014 23:15:04 | Computer Name = PC-SCAN | Source = DCOM | ID = 10016
Description = 
 
Error - 23-6-2014 17:14:14 | Computer Name = PC-SCAN | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.8 pour la carte réseau dont l'adresse
 réseau est 00242C739720 a été refusé par le serveur DHCP 0.0.0.0 (celui-ci a envoyé
 un message DHCPNACK).
 
Error - 24-6-2014 9:06:11 | Computer Name = PC-SCAN | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.8 pour la carte réseau dont l'adresse
 réseau est 00242C739720 a été refusé par le serveur DHCP 192.168.20.2 (celui-ci
 a envoyé un message DHCPNACK).
 
Error - 24-6-2014 16:36:18 | Computer Name = PC-SCAN | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.8 pour la carte réseau dont l'adresse
 réseau est 00242C739720 a été refusé par le serveur DHCP 0.0.0.0 (celui-ci a envoyé
 un message DHCPNACK).
 
Error - 25-6-2014 4:36:23 | Computer Name = PC-SCAN | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.8 pour la carte réseau dont l'adresse
 réseau est 00242C739720 a été refusé par le serveur DHCP 0.0.0.0 (celui-ci a envoyé
 un message DHCPNACK).
 
 
< End of report >
 

Edited by HaraMo, 26 June 2014 - 05:01 PM.

  • 0

#6
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Hi HaraMo

 

Actually your OTL log looks pretty good. There are some minor issues that I'll help you clean up.

 

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF
:commands 

[CreateRestorePoint] 



:OTL

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found

DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found

DRV - (cleanhlp) -- C:\EEK\Run\cleanhlp32.sys File not found

DRV - (catchme) -- C:\Users\FRANKN~1\AppData\Local\Temp\catchme.sys File not found

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC

IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes\{1129A88D-0AC2-496A-8138-A6D710437C48}: "URL" = http://www.google.nl...q={searchTerms}

IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...age={startPage}

IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes\{7E783AB3-31F5-45B3-B6FC-BB035DD0E723}: "URL" = http://www.google.co...utputEncoding?}

IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes\{AE09A471-FF1C-4B07-8CA5-D5ADC63B12F5}: "URL" = https://duckduckgo.c...q={searchTerms}

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Frank\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll File not found

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\[email protected]

File not found (No name found) -- C:\USERS\Frank\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZPVYFTPL.DEFAULT\EXTENSIONS\[email protected]

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found



:Commands 

[EMPTYTEMP] 

[REBOOT] 
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

THEN

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Next, download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Please download zoek.exe and save it to your desktop (Firefox users right click and Save Link As...).

  • Close any open browsers.
  • Temporarily disable your AntiVirus program. (If necessary)
  • Double click on zoek.exe to run.
  • Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up
  • Click Options button below the large panel and check the box:

    Auto Clean
  • Click on Run script button
  • Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
  • Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

Note: It will also create a log in the C:\ directory named "zoek-results.log"

 

Security Check

Download Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Last, rerun OTL as you did previously, but this time just press the Quick Scan button. When OTL completes you will find one log, OTL.TXT. Please post that with the adwCleaner log, the Junkware log, the ZOEK log and the Security Log.


  • 0

#7
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

RERUN OTL: OTL.TXT:

OTL logfile created on: 1-7-2014 3:20:43 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Frank\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Pays-Bas | Language: NLD | Date Format: d-M-yyyy
 
1,75 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 48,51% Memory free
3,74 Gb Paging File | 2,96 Gb Available in Paging File | 79,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 67,17 Gb Total Space | 10,78 Gb Free Space | 16,04% Space Free | Partition Type: NTFS
Drive D: | 67,22 Gb Total Space | 38,78 Gb Free Space | 57,69% Space Free | Partition Type: NTFS
 
Computer Name: PC-SCAN | User Name: Frank | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Frank\Desktop\OTL.exe (OldTimer Tools)
PRC - c:\program files\teamviewer\version9\TeamViewer_Desktop.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
PRC - C:\Program Files\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.)
PRC - C:\Program Files\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.)
PRC - C:\Program Files\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe (EgisTec Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Brother\BrUtilities\BrLogAPI.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (TeamViewer9) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (gzserv) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe (Bitdefender)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BrYNSvc) -- C:\Program Files\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (bdselfpr) -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys (BitDefender LLC)
DRV - (trufos) -- C:\Windows\System32\drivers\trufos.sys (BitDefender S.R.L.)
DRV - (gzflt) -- C:\Windows\System32\drivers\gzflt.sys (BitDefender LLC)
DRV - (bdftdif) -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys (Bitdefender SRL)
DRV - (avc3) -- C:\Windows\System32\drivers\avc3.sys (BitDefender)
DRV - (avckf) -- C:\Windows\System32\drivers\avckf.sys (BitDefender)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (BrUsbSIb) -- C:\Windows\System32\drivers\BrUsbSib.sys (Brother Industries Ltd.)
DRV - (BrSerIb) -- C:\Windows\System32\drivers\BrSerIb.sys (Brother Industries Ltd.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.)
DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.)
DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (nvamacpi) -- C:\Windows\System32\drivers\nvamacpi.sys (NVIDIA Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (P0630VID) -- C:\Windows\System32\drivers\P0630Vid.sys (Creative Technology Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://translate.goo...en|aanleiding
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...age={startPage}
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2009-07-02 14:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\Extensions
[2014-03-11 08:16:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\Firefox\Profiles\zpvyftpl.default\extensions
[2010-07-12 16:57:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Frank\AppData\Roaming\mozilla\Firefox\Profiles\zpvyftpl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\Frank\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZPVYFTPL.DEFAULT\EXTENSIONS\[email protected]
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Eerste gebruiker (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Error reading preferences file
CHR - Extension: YouTube = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: YouTube = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Zoeken = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Google Zoeken = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.0.14735.1561_0\
CHR - Extension: Google Wallet = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gmail = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014-03-14 02:00:11 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47E0ABE0-B695-45F4-B8A0-00EDDA53F580}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA14366B-D923-40F6-BA3D-45D75AF5792F}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Frank\Desktop\11winter-wonderland.jpg
O24 - Desktop BackupWallPaper: C:\Users\Frank\Desktop\11winter-wonderland.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-07-01 03:00:25 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014-07-01 01:21:30 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2014-07-01 01:21:30 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Local\Temp
[2014-07-01 00:25:02 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Frank\Desktop\JRT.exe
[2014-07-01 00:17:42 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014-07-01 00:16:20 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-06-27 22:42:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2014-06-27 22:21:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Frank\Desktop\OTL.exe
[2014-06-23 14:21:06 | 000,000,000 | ---D | C] -- C:\Users\Frank\Desktop\pc technieker 23-06-2014
[2014-06-23 14:20:58 | 000,000,000 | ---D | C] -- C:\Users\Frank\Documents\Nouveau dossier
[2014-06-23 01:05:18 | 000,000,000 | ---D | C] -- C:\PRES
 
========== Files - Modified Within 30 Days ==========
 
[2014-07-01 03:16:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3786720445-66438094-3900189724-1000UA.job
[2014-07-01 03:06:38 | 000,729,482 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014-07-01 03:06:38 | 000,651,634 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-07-01 03:06:38 | 000,149,002 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014-07-01 03:06:38 | 000,123,206 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-07-01 03:02:36 | 000,248,960 | ---- | M] () -- C:\ProgramData\nvModes.001
[2014-07-01 03:00:05 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014-07-01 03:00:05 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014-07-01 02:59:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-07-01 02:35:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-07-01 00:48:41 | 000,854,390 | ---- | M] () -- C:\Users\Frank\Desktop\SecurityCheck.exe
[2014-07-01 00:48:05 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014-07-01 00:35:45 | 001,285,120 | ---- | M] () -- C:\Users\Frank\Desktop\zoek.exe
[2014-07-01 00:25:04 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Frank\Desktop\JRT.exe
[2014-07-01 00:12:37 | 001,346,519 | ---- | M] () -- C:\Users\Frank\Desktop\AdwCleaner.exe
[2014-06-30 10:53:18 | 000,000,880 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2014-06-30 10:53:18 | 000,000,034 | ---- | M] () -- C:\Windows\System32\BD5270DN.DAT
[2014-06-30 04:16:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3786720445-66438094-3900189724-1000Core.job
[2014-06-25 20:47:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Frank\Desktop\OTL.exe
[2014-06-23 05:56:52 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
 
========== Files Created - No Company Name ==========
 
[2014-07-01 01:21:32 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014-07-01 00:48:38 | 000,854,390 | ---- | C] () -- C:\Users\Frank\Desktop\SecurityCheck.exe
[2014-07-01 00:35:41 | 001,285,120 | ---- | C] () -- C:\Users\Frank\Desktop\zoek.exe
[2014-07-01 00:12:32 | 001,346,519 | ---- | C] () -- C:\Users\Frank\Desktop\AdwCleaner.exe
[2014-03-17 15:53:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\avchv.sys
[2014-03-17 15:45:49 | 000,213,037 | ---- | C] () -- C:\ProgramData\1395063671.bdinstall.bin
[2013-01-22 12:15:06 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD5270DN.DAT
[2011-11-23 10:03:54 | 000,008,484 | ---- | C] () -- C:\Users\Frank\AppData\Local\d3d9caps.dat
[2011-05-27 11:10:51 | 000,004,096 | -H-- | C] () -- C:\Users\Frank\AppData\Local\keyfile3.drm
[2010-04-28 09:21:21 | 000,022,016 | ---- | C] () -- C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-07-22 16:29:16 | 000,003,220 | ---- | C] () -- C:\Users\Frank\.ganttproject
[2009-07-17 12:26:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009-07-02 11:17:47 | 000,000,130 | ---- | C] () -- C:\Users\Frank\intlname.ols
[2009-06-16 17:00:28 | 000,248,960 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009-06-16 17:00:20 | 000,248,960 | ---- | C] () -- C:\ProgramData\nvModes.dat
 
========== ZeroAccess Check ==========
 
[2006-11-02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2009-06-16 17:14:15 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\Acer GameZone Console
[2012-03-12 16:32:47 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\ControlCenter4
[2014-03-13 10:34:09 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\CrystalIdea Software
[2014-04-11 12:26:58 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\Dropbox
[2009-07-03 14:06:34 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\HomeMedia Connect
[2010-07-14 10:54:01 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\OpenOffice.org
[2011-09-08 17:13:09 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\Opera
[2012-06-28 10:04:53 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\PC-FAX TX
[2014-03-17 15:42:25 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\QuickScan
[2009-07-03 14:06:20 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\SoftDMA
[2010-10-06 10:59:47 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\Softland
[2014-03-07 11:46:19 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\TeamViewer
[2010-12-14 12:48:52 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\VoipBuster
 
========== Purity Check ==========
 
 
 
< End of report >
 
adwCleaner log
 
# AdwCleaner v3.214 - Rapport créé le 01/07/2014 à 00:19:31
# Mis à jour le 29/06/2014 par Xplode
# Système d'exploitation : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : Frank - PC-SCAN
# Exécuté depuis : C:\Users\Frank\Desktop\AdwCleaner.exe
# Option : Nettoyer
 
***** [ Services ] *****
 
 
***** [ Fichiers / Dossiers ] *****
 
 
***** [ Raccourcis ] *****
 
 
***** [ Registre ] *****
 
 
***** [ Navigateurs ] *****
 
-\\ Internet Explorer v9.0.8112.16540
 
 
-\\ Mozilla Firefox v3.6.13 (nl)
 
[ Fichier : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\zpvyftpl.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ Fichier : C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Supprimée [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Supprimée [Extension] : jbpkiefagocgkmemidfngdkamloieekf
 
*************************
 
AdwCleaner[R0].txt - [1086 octets] - [01/07/2014 00:16:23]
AdwCleaner[S0].txt - [1012 octets] - [01/07/2014 00:19:31]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1072 octets] ##########
 
the Junkware log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista ™ Home Premium x86
Ran by Frank on di 01-07-2014 at  0:29:09,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on di 01-07-2014 at  0:43:30,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
ZOEK log
 
 
Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by Frank on di 01-07-2014 at  0:48:18,23.
Microsoft® Windows Vista™ Édition Familiale Premium  6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Frank\Desktop\zoek.exe [Scan all users]  [Checkboxes used]
 
==== System Restore Info ======================
 
1-7-2014 0:50:21 Zoek.exe System Restore Point Created Succesfully.
 
==== Deleting CLSID Registry Keys ======================
 
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
 
==== Deleting Files \ Folders ======================
 
C:\Users\Frank\Searches deleted
C:\Windows\system32\config\systemprofile\Searches deleted
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [04-09-2009 03:02]
 
==== Firefox Extensions ======================
 
ProfilePath: C:\Users\FRANK\AppData\Roaming\Mozilla\Firefox\Profiles\zpvyftpl.default
- Microsoft .NET Framework Assistant - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\zpvyftpl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\[email protected]
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Undetermined - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\zpvyftpl.default\extensions\[email protected]
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\zpvyftpl.default
AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
AAA414455FE1AA87E424BDFCAE249B50 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery
 
 
==== Chrome Look ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17-01-2012 11:45]
 
Skype Click to Call - Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.co...ge={startPage}"
 
==== Empty IE Cache ======================
 
C:\Users\Frank\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Frank\AppData\Local\temp\Fichiers Internet temporaires\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Frank\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
 
==== Empty FireFox Cache ======================
 
No FireFox Cache found
 
==== Empty Chrome Cache ======================
 
C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
Java Cache cleared successfully
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=639 folders=218 56643960 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Frank\AppData\Local\temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\FRANK\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== Deleting Files / Folders ======================
 
"C:\Users\Frank\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
 
==== EOF on di 01-07-2014 at  3:00:18,57 ======================
 
the Security Log (checkup.txt)

 Results of screen317's Security Check version 0.99.85  
 Windows Vista Service Pack 2 x86   
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
Bitdefender Antivirus Free Edition   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 CCleaner     
 Java 7 Update 51  
 Java version out of Date! 
  Adobe Flash Player 13.0.0.214 Flash Player out of Date!  
 Adobe Reader 9 Adobe Reader out of Date! 
 Google Chrome 33.0.1750.117  
 Google Chrome 33.0.1750.146  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 

  • 0

#8
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Your logs look good. There are few things that need updating and we can do that in the next posts, but I'm wondering if you are you still experiencing issues? If so, can you describe them?


  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#10
admin

admin

    Founder Geek

  • Administrator
  • 24,540 posts
Topic re-opened at starters request.
  • 0

Advertisements


#11
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Hi there :)

 

Glad you are back!  When last we spoke I had these questions.

 

Your logs look good. There are few things that need updating and we can do that in the next posts, but I'm wondering if you are you still experiencing issues? If so, can you describe them?

 

Can you post answers for me please?  :)


  • 0

#12
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

The reason why I didn't answer is because it's very buzzy at work (accounting). So haven't made time to check te pc. It will be so for until end of this month (normally 20july , if everything goes great).

 

So bear patience with me, I will answer you questions.

 

I was just worried that my topic was closed, so I asked to reopen it.


  • 0

#13
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

No problem :)   I'll wait for you :thumbsup:


  • 0

#14
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

Hi

 

Sorry took so long, still buzy but the end is near.

 

The pc is ok, no problems, only if a link is opened in an email in outlook, sometime a message is displayed : something about 'do you reall want to continu?'

 

But I don't think that's a problem.

 

What needs to be updated? as You said in one of your last posts.


  • 0

#15
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Sorry took so long, still buzy but the end is near.

 

Glad that you are back xsmile.png.pagespeed.ic.CwSpBGGvqN.png

 

The pc is ok, no problems, only if a link is opened in an email in outlook, sometime a message is displayed : something about 'do you reall want to continu?'

 

Sounds like something that is warning you about external links, etc. Not a bad thing. Just click ok. If it's bothersome, give me a screen shot and I can tell you how to disable the warning. Just remember, it's often not a bad idea to have these warnings xwink.png.pagespeed.ic.HJgPQ3U3SA.png

 

What needs to be updated? as You said in one of your last posts.

 

You need to update Java, Flash and Adobe. It is very important to keep these updated as a high percentage of exploits arrive via the three products.

 

Work through the following instructions please.

 

Upgrading Java :
Please download JavaRa to your desktop and unzip it to its own folder

  • Run JavaRa.exe, then click on Remove Java Runtime.
  • Select the Java version you have from the drop down list, and then click on Run Uninstaller
  • Press Yes if it asks to uninstall the product.
  • Allow the uninstaller to remove the installed version.
  • When its finished, go back to JavaRa, and click Back
  • Click on Update Java Runtime and then select Download and install latest version.
  • Press Next
  • Press Java Manual Download.
  • A browser window will open with the Java download page.
  • Click the Windows offline link to download Java.
  • Run the installer.
  • Close JavaRa

Update Adobe Flash Player

NOTE: Depending on your settings, you may have to temporarily disable your antivirus software and firewall.

You will need to download and install both the IE and non-IE versions of Adobe Flashplayer. Click here to go to the download page.

  • In the Adobe Flash Player column, under Step 1, click the down arrow and choose your operating system.
  • Under Step 2, click the down arrow and select the browser you want to install FlashPlayer for.

    You will need to download and install each version of FlashPlayer (Flash Player for Internet Explorer AND Flash Player for Other Browsers) seperately

  • In the Optional offer: cloumn, make sure to uncheck the box beside Yes, install free McAfee Security Scan Plus before downloading.
  • Click the Download now button. The File Download window will open.
  • Click Save File and save the install_flashplayerXXxXX_xxxx_xxx_xxx.exeset up file to the desktop.
  • Repeat the above for the other version of Flash Player.
  • Close the browse and all open windows.
  • Back on the desktop, double click on one of the Flash Player setup files to start the installation.
  • If you get a Security Warning box, click Run

    xw7_ff4_stp3_v2.jpg.pagespeed.ic.LNs9ehf
  • If you gat a UAC warning click Continue or Yes

    465x262xw7_ff4_stp4_v2_flash.jpg.pagespe
  • Once the installation has completed, double click the other Flash Player setup file and repeat the above to install it.

 

Update Adobe Reader

 

• Once ALL versions of Adobe Reader have been uninstalled, download the latest version of Adobe Reader from here for your version of Windows.

 

• Remove the check mark next to Yes, install McAfee Security Scan Plus-optional box.

 

• There may be another box to uncheck for the installation of Chrome as your default browser. That is up to you. Uncheck the box if you do not want it!

 

• Click the Download Now button to download Adobe Reader and follow the directions.

 

Last, re-scan with Security Check (follow the instructions in Post #6) and then perform another OTL Quick Scan ,

 

Please post the results of Security Check and the OTL.txt file.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP