Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

pc very slow - malware? [Solved]


  • This topic is locked This topic is locked

#16
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

I updated java, (a windows showed the following error: getdefaultbrowsererror:2, but I think it's ok.

 

then downloaded both flash players, runned them , in the beginning an error about  a just in time debugging, I click no, then again, no, then again, no, then the download start and the installation finished. so OK I think.

 

then adobe reader, I uninstalled them, then downloaded adobe reader (not from you link, was not working but typed the url adobe.com in the webbrowsero) same script error in the beginning, but it finishedinstallation .

 

But i can't find the adobe reader. not in start programms, not in desktop (icon). if I go to programfiles folder -> adobe I see adobe 9 (empyt folder, I unistalled it, but folder is not deleted?) and adobe 10. I open this folder then click on the adobe file, but receive an error:  c program files/adobe/reader10.0/reader is not accessible (translated).

 

I restarted the pc, maybe this will help, but no thefile in adobe10 folder isgone... . hmm

reinstall it again? ok.


  • 0

Advertisements


#17
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Let's see what's going on.

 

Re-scan with Security Check (follow the instructions in Post #6) and then perform another OTL Quick Scan ,

 

Please post the results of Security Check and the OTL.txt file.


  • 0

#18
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts
second try did install adobe reader, and pdf files can be opened again.
 
here the logs: 
 
Results of screen317's Security Check version 0.99.86  
 Windows Vista Service Pack 2 x86   
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
Bitdefender Antivirus Free Edition   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 CCleaner     
 Java 7 Update 65  
 Adobe Flash Player 14.0.0.145  
 Adobe Reader 10.1.0 Adobe Reader out of Date!  
 Google Chrome 33.0.1750.117  
 Google Chrome 33.0.1750.146  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
 

OTL logfile created on: 26-7-2014 4:35:05 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Frank\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Pays-Bas | Language: NLD | Date Format: d-M-yyyy
 
1,75 Gb Total Physical Memory | 0,73 Gb Available Physical Memory | 41,60% Memory free
3,74 Gb Paging File | 2,54 Gb Available in Paging File | 67,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 67,17 Gb Total Space | 10,05 Gb Free Space | 14,96% Space Free | Partition Type: NTFS
Drive D: | 67,22 Gb Total Space | 38,78 Gb Free Space | 57,69% Space Free | Partition Type: NTFS
 
Computer Name: PC-SCAN | User Name: Frank | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Frank\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe (Adobe Systems Incorporated)
PRC - c:\program files\teamviewer\version9\TeamViewer_Desktop.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
PRC - C:\Program Files\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.)
PRC - C:\Program Files\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.)
PRC - C:\Program Files\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe (EgisTec Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\Program Files\WinRAR\rarext.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TeamViewer9) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (gzserv) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe (Bitdefender)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BrYNSvc) -- C:\Program Files\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (bdselfpr) -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys (BitDefender LLC)
DRV - (trufos) -- C:\Windows\System32\drivers\trufos.sys (BitDefender S.R.L.)
DRV - (gzflt) -- C:\Windows\System32\drivers\gzflt.sys (BitDefender LLC)
DRV - (bdftdif) -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys (Bitdefender SRL)
DRV - (avc3) -- C:\Windows\System32\drivers\avc3.sys (BitDefender)
DRV - (avckf) -- C:\Windows\System32\drivers\avckf.sys (BitDefender)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (BrUsbSIb) -- C:\Windows\System32\drivers\BrUsbSib.sys (Brother Industries Ltd.)
DRV - (BrSerIb) -- C:\Windows\System32\drivers\BrSerIb.sys (Brother Industries Ltd.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.)
DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.)
DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (nvamacpi) -- C:\Windows\System32\drivers\nvamacpi.sys (NVIDIA Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (P0630VID) -- C:\Windows\System32\drivers\P0630Vid.sys (Creative Technology Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://translate.goo...en|aanleiding
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...age={startPage}
IE - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2009-07-02 14:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\Extensions
[2014-03-11 08:16:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\Firefox\Profiles\zpvyftpl.default\extensions
[2010-07-12 16:57:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Frank\AppData\Roaming\mozilla\Firefox\Profiles\zpvyftpl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\Frank\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZPVYFTPL.DEFAULT\EXTENSIONS\[email protected]
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Eerste gebruiker (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Error reading preferences file
CHR - Extension: YouTube = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: YouTube = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Zoeken = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Google Zoeken = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.0.14735.1561_0\
CHR - Extension: Google Wallet = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gmail = C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014-03-14 02:00:11 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3786720445-66438094-3900189724-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47E0ABE0-B695-45F4-B8A0-00EDDA53F580}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA14366B-D923-40F6-BA3D-45D75AF5792F}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Frank\Desktop\11winter-wonderland.jpg
O24 - Desktop BackupWallPaper: C:\Users\Frank\Desktop\11winter-wonderland.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-07-26 04:33:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Frank\Desktop\OTL.exe
[2014-07-24 20:25:10 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Local\Adobe
[2014-07-24 19:32:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014-07-24 19:31:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014-07-24 19:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014-07-24 19:17:54 | 000,000,000 | ---D | C] -- C:\Users\Frank\Desktop\JavaRa-2.6
[2014-07-21 23:14:50 | 000,000,000 | R--D | C] -- C:\Users\Frank\Searches
[2014-07-01 03:00:25 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014-07-01 01:21:30 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2014-07-01 01:21:30 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Local\Temp
[2014-07-01 00:25:02 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Frank\Desktop\JRT.exe
[2014-07-01 00:17:42 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014-07-01 00:16:20 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-06-27 22:42:45 | 000,000,000 | ---D | C] -- C:\_OTL
 
========== Files - Modified Within 30 Days ==========
 
[2014-07-26 04:35:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-07-26 04:33:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Frank\Desktop\OTL.exe
[2014-07-26 04:17:56 | 000,248,960 | ---- | M] () -- C:\ProgramData\nvModes.001
[2014-07-26 04:17:38 | 000,854,390 | ---- | M] () -- C:\Users\Frank\Desktop\SecurityCheck.exe
[2014-07-26 04:16:01 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3786720445-66438094-3900189724-1000Core.job
[2014-07-26 04:16:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3786720445-66438094-3900189724-1000UA.job
[2014-07-26 04:14:46 | 000,087,040 | ---- | M] () -- C:\Users\Frank\Desktop\3 July Meeting - Partner Meeting.pub
[2014-07-26 03:43:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014-07-26 03:43:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014-07-25 01:47:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-07-24 20:33:34 | 000,729,482 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014-07-24 20:33:34 | 000,651,634 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-07-24 20:33:34 | 000,149,002 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014-07-24 20:33:34 | 000,123,206 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-07-24 20:09:18 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X .lnk
[2014-07-23 13:32:17 | 000,000,880 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2014-07-23 13:32:17 | 000,000,034 | ---- | M] () -- C:\Windows\System32\BD5270DN.DAT
[2014-07-21 23:34:12 | 008,366,981 | ---- | M] () -- C:\Users\Frank\Documents\June 10-11 INES Meeting DRAFT.pdf
[2014-07-06 22:29:21 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014-07-01 23:36:37 | 000,155,086 | ---- | M] () -- C:\Users\Frank\Desktop\paint foto.jpg
[2014-07-01 00:48:05 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014-07-01 00:35:45 | 001,285,120 | ---- | M] () -- C:\Users\Frank\Desktop\zoek.exe
[2014-07-01 00:25:04 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Frank\Desktop\JRT.exe
[2014-07-01 00:12:37 | 001,346,519 | ---- | M] () -- C:\Users\Frank\Desktop\AdwCleaner.exe
 
========== Files Created - No Company Name ==========
 
[2014-07-26 04:14:44 | 000,087,040 | ---- | C] () -- C:\Users\Frank\Desktop\3 July Meeting - Partner Meeting.pub
[2014-07-24 20:09:17 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X .lnk
[2014-07-24 20:09:17 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk
[2014-07-21 23:34:11 | 008,366,981 | ---- | C] () -- C:\Users\Frank\Documents\June 10-11 INES Meeting DRAFT.pdf
[2014-07-01 23:36:36 | 000,155,086 | ---- | C] () -- C:\Users\Frank\Desktop\paint foto.jpg
[2014-07-01 01:21:32 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014-07-01 00:48:38 | 000,854,390 | ---- | C] () -- C:\Users\Frank\Desktop\SecurityCheck.exe
[2014-07-01 00:35:41 | 001,285,120 | ---- | C] () -- C:\Users\Frank\Desktop\zoek.exe
[2014-07-01 00:12:32 | 001,346,519 | ---- | C] () -- C:\Users\Frank\Desktop\AdwCleaner.exe
[2014-03-17 15:53:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\avchv.sys
[2014-03-17 15:45:49 | 000,213,037 | ---- | C] () -- C:\ProgramData\1395063671.bdinstall.bin
[2013-01-22 12:15:06 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD5270DN.DAT
[2011-11-23 10:03:54 | 000,008,484 | ---- | C] () -- C:\Users\Frank\AppData\Local\d3d9caps.dat
[2011-05-27 11:10:51 | 000,004,096 | -H-- | C] () -- C:\Users\Frank\AppData\Local\keyfile3.drm
[2010-04-28 09:21:21 | 000,022,016 | ---- | C] () -- C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-07-22 16:29:16 | 000,003,220 | ---- | C] () -- C:\Users\Frank\.ganttproject
[2009-07-17 12:26:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009-07-02 11:17:47 | 000,000,130 | ---- | C] () -- C:\Users\Frank\intlname.ols
[2009-06-16 17:00:28 | 000,248,960 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009-06-16 17:00:20 | 000,248,960 | ---- | C] () -- C:\ProgramData\nvModes.dat
 
========== ZeroAccess Check ==========
 
[2006-11-02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2009-06-16 17:14:15 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\Acer GameZone Console
[2012-03-12 16:32:47 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\ControlCenter4
[2014-03-13 10:34:09 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\CrystalIdea Software
[2014-04-11 12:26:58 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\Dropbox
[2009-07-03 14:06:34 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\HomeMedia Connect
[2010-07-14 10:54:01 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\OpenOffice.org
[2011-09-08 17:13:09 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\Opera
[2012-06-28 10:04:53 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\PC-FAX TX
[2014-03-17 15:42:25 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\QuickScan
[2009-07-03 14:06:20 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\SoftDMA
[2010-10-06 10:59:47 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\Softland
[2014-03-07 11:46:19 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\TeamViewer
[2010-12-14 12:48:52 | 000,000,000 | ---D | M] -- C:\Users\Frank\AppData\Roaming\VoipBuster
 
========== Purity Check ==========
 
 
 
< End of report >
 

  • 0

#19
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Unfortunately, the Adobe Reader that is on your System is on old one Try these instructions. They will work properly

 

You could also remove Adobe Reader and replace it with Sumatra http://blog.kowalczy...pdf-reader.html I works the same and does not have the history of vulnerabilities. If you do this, make sure you remove all instances of Adobe.

 

Update Adobe Reader

Earlier versions of Adobe Reader have known security flaws so it is recommended that you update your copy.

  • Click the Start Orb and click Control Panel. Under the Programs heading click Uninstall a program
  • Remove ALL instances of Adobe Reader. The version(s) I see on the computer are:
    • Adobe Reader 9
  • Right click each program and cilck Uninstall
  • Re-boot your computer as required.
  • Once ALL versions of Adobe Reader have been uninstalled, download the latest version of Adobe Reader from Here.
  • Remove the check mark next to Yes, install McAfee Security Scan Plus-optional box.
  • Click the Download Now button to download Adobe Reader and follow the directions.

Alternative Option: After uninstalling Adobe Reader, you could try installing Foxit Reader from HERE. Foxit Reader is a much smaller program. It has fewer add-ons therefore loads more quickly.
NOTE:  When installing FoxitReader, be careful not to install anything to do with AskBar or any other 3rd party software.

 

Re-scan with Security Check (follow the instructions in Post #6) and then perform another OTL Quick Scan ,


  • 0

#20
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

I have adobe X ( version 10.1.0) installed, I don't see adobe reader in 9.0 in 'uninstall a program'. the only version I see is 10.1.0.

If I open the link to update adobe reader, it show the same version (10.1.0).


  • 0

#21
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

If I open the link to update adobe reader, it show the same version (10.1.0)

Try it again as the current version of Adobe Reader for your version of Windows 10.1.4 and that is what is offered when I try it.

 

It's important to have the current version as many security holes were patched in the latest version of the program.

 

Additionally, how is the computer working?


  • 0

#22
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

I opened the link again, it shows the same version as I have (10.1.0) and not 10.1.4.

 

The windows is vista on the pc.

 

and I I try to reinstal adoe reader again, it says: remark: this version is alreaday installed.

 

 

The computer works ok. only the bitdefender is not active, as it gave some errors in the past. I think these errors occurs because of nog registering on time (one month time to register).


  • 0

#23
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

The current version of Adobe is 11. I'm not sure why the Adobe loader is recommending 10 for you. I suggest that you try this.

 

Go to Add/Remmove Programs within the Control Pannel and remove all versions of Adobe Reader.

 

Reboot your computer.

 

Once ALL versions of Adobe Reader have been uninstalled, download the latest version of Adobe Reader from Here.

 

Also, you do want to have Bit Defender active as you have no Anti-Virus without it. There is actually no time limit on registering, so please re-activate Bit Defender.

 

If you still have MBAM on your computer, then don't bother to download a new copy. However, if you've deleted it, then download Malwarebytes' Anti-Malware

 

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Threat Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

 

ESET Online Scanner:

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

 

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install.
  • Make sure that the option Remove found threats is unticked
  • If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first! located at C:\Program Files (x86)/ESET/ESET Online Scanner\log.txt
  • Then paste the Logfile in the thread
  • Then click on: Finish

To summarize, please post back the ESET log and the MBAM log.


  • 0

#24
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

If I manually choose OS in adobe site, and select win 7,then I can see the version 11 of adobe reader. If I go back to vista, then it's version 10 I can download.

 

I will do these steps you asked after me and my familly are back from a long weekend holiday. 


  • 0

#25
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

I've not heard back from you. Have you completed the above steps or do you have questions?


  • 0

Advertisements


#26
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

Im sorry. I was mondayevening back and had to start workkng the following day. The taxes has to be finished thiso month and still other tasks to follow. I wi start this evening and see how far I get.

i'm now on my way to work, as the office is open from 17h till 19h30.

 

Update about why I only see 10.1 and not10.1.4 or 11.0.07.

 

When I select the language 'Dutch', It only shows 10.1 for vista (10.1 and 11.0.00 for windows 7). However, if I choose english language, I see 10.1.4 as latest verson for vista (11.0.07 and 10.1.4 for windows 7).

 

Strange no?

 

I will start the scan ... .


Edited by HaraMo, 06 August 2014 - 12:08 PM.

  • 0

#27
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

I'm trying to start  eset online scan, wit IE 9.0. IE after I click start (agreement ), IE asks me if I want to run the add on , so I click authorize . Then I see a empty window and IE gives the error: (translated from French) : running an add-on on this e Website has failed.

 

mbam has finished, no malware found. i also folowed the steps to reinstall adobe reader (uninstall, reboot, make sure adobe reader is not anmore in the system, then downloaded from the link you mentioned),but stil the same version ( if I choose dutch language);See my previous message what i said about the differences in version if you choose another language.

 

i could also not right click IE to run as admnistrator I receive an error: google trasnlated: impossible to create the entry of basic data it duu endpoint mapper.


Edited by HaraMo, 07 August 2014 - 03:31 AM.

  • 0

#28
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

I assume that you're picking French and Dutch because those languages you selected? I don't know versioning in languages other than English.

 

It looks like the computer is clear of infections based on the scans we've performed. Is the computer working to your satisfaction?


  • 0

#29
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

I haven't heard back from you. Where are you with this and do you still need help?


  • 0

#30
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts
Well last thing I did is described in my last post.

So its not anymore needed to let eset online scan the system
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP