1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Anomalous activity on computer

Discussion in 'Virus & Other Malware Removal' started by qwelps, Jun 28, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. qwelps

    qwelps Thread Starter

    Joined:
    Jun 28, 2012
    Messages:
    23
    Hi,

    First I'd like to apologize for not attaching any logs. I'm not sure if my problem is a legitimate concern, and I was hoping to get an initial opinion before downloading any programs or posting any logs (I'm a bit paranoid about posting these logs online, is there any information in them that would compromise my computer's security?).

    Lately I've been noticing some unusual behaviour from my computer, the strangest of which happened a few days ago. I found that whenever I would leave my computer idle, when I returned it would ask me for a username and password, something it had never done previously. The username was already provided but the password field was blank. I tried a few routine passwords I use but was eventually able to get passed the screen by just leaving the password field blank and pressing okay. In addition to this, my computer now immediately logs into my profile when I start up my computer, rather than asking me to select it (there's only one profile). The day before these two changes happened I downloaded two video editing related programs (fraps and handbrake) that seemed legitimate, and I think during the installation of handbrake I was forced to download .net framework 4 (I think I previously had 2.5?). I also ran a disk error checking which I hadn't done for a while.

    Another anomalous behaviour I've noticed over the past little while is that my virus scan, avg, always reports that my last scan was "not yet scanned", despite that I scan pretty regularly.

    Is any of this cause for concern?

    I'm running windows xp.
     
  2. qwelps

    qwelps Thread Starter

    Joined:
    Jun 28, 2012
    Messages:
    23
    Has anyone had a chance to look at this?
     
  3. qwelps

    qwelps Thread Starter

    Joined:
    Jun 28, 2012
    Messages:
    23
    I hate to keep bumping this, but I really could use some help. There are a number of things I want to do on my computer but am choosing not to for fear of my information getting out. Have I not received a reply because I haven't posted the logs? If so, please let me know (ideally along with a reassurance that there's no danger associated with posting them). Thanks.
     
  4. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Hi Qwelps, and welcome to TSG, my name is Mark and I will be helping you.

    Sorry for the delay but there simply are not enough volunteer helpers to cope with the demand.

    First I must assure you that none of the logs we ask for will contain anything that can be used to compromise your systems security.

    Please follow these instructions and post both the logs.

    STEP 1

    Please download Malwarebytes Anti-Malware [​IMG] and save it to your desktop.
    • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
    • Double-click on the renamed file to install, then follow these instructions for doing a Quick Scan in normal mode.
    • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
    • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
    Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
    • Double click on the Malwarebytes icon on your desktop to launch the program
    • Under the Scanner tab, make sure the Perform Quick Scan option is selected.
    • Click on the Scan button.
    • When finished, a message box will say "The scan completed successfully. Click Show Results to display all objects found".
    • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
    • Make sure that everything is checked and then click Remove Selected.
    • When removal is completed, a log report will open in Notepad.
    • The log is automatically saved and can be viewed by clicking the Logs tab.
    • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
    • Exit Malwarebytes when done.
    If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

    Note: A 14-day trial of Malwarebytes Anti-Malware PRO is available as an option when first installing the free version so all users can test the real-time protection component for a period of two weeks. When the limited time period expires those features will be deactivated and locked. Enabling the Protection Module feature again requires registration and purchase of a license key that includes free lifetime upgrades and support. If you continue to use the free version, there is no requirement to buy a license...you can just use it as a stand-alone scanner.
    NOTE: Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

    STEP 2
    We need to see some additional information about what is happening in your machine.
    Please download DDS by sUBs from one of the following links and save it to your desktop.`

    DDS is a specialized tool that produces a Psuedo HijackThis Report (a scaled down and simplified version of 'HJT lines') that provides the same + more information in a condensed format.
    NOTE If your Anti Virus attempts to block the download please disable it following the instructions at the end of this guide.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explanation about the tool.
    • When done, DDS will open two (2) logs.
      1. DDS.txt
      2. Attach.txt
    • Save both reports to your desktop.
    • The instruction here asks you to attach the Attach.txt.
      [​IMG]
    • Instead of attaching, please copy & paste both logs into your next reply.
    • Close the program window, and delete the program from your desktop.
    Please note: You may have to disable any script protection running if the scan fails to run.
    After downloading the tool, disconnect from the internet and disable all antivirus protection.
    Run the scan, enable your A/V and reconnect to the internet.
    Information on A/V control HERE
     
  5. qwelps

    qwelps Thread Starter

    Joined:
    Jun 28, 2012
    Messages:
    23
    Hi Mark, thanks for the assistance.

    A couple comments about the Malwarebytes process. First, I did not follow the bleepingcomputer.com instructions exactly, as they conflicted with the ones you provided. I did a quick scan as you instructed rather than the full scan instructed on bleepingcomputer.

    Second, I did not understand this part of your instructions: "Don't forget to check for database definition updates through the program's interface (preferable method) before scanning".

    Third, when updating malwarebytes, I buttoned through the update complete message a bit quickly. I'm fairly certain it said the update was successful, but is there any way to check if I have the most current version?

    Here is the malwarebytes log:

    Malwarebytes Anti-Malware 1.61.0.1400
    www.malwarebytes.org

    Database version: v2012.07.07.05

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 6.0.2900.5512
    User :: N-0A44DCE9BF284 [administrator]

    7/7/2012 11:30:59 AM
    mbam-log-2012-07-07 (11-30-59).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 207100
    Time elapsed: 8 minute(s), 18 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)






    And here is the DDS log

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_31
    Run by User at 11:44:41 on 2012-07-07
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2339 [GMT -4:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\idt\intelxpv_v103\wdm\STacSV.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Citrix\ICA Client\concentr.exe
    C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    svchost.exe
    C:\Program Files\Citrix\ICA Client\wfcrun32.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\Program Files\AVG\AVG2012\avgemcx.exe
    C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\notepad.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    .
    ============== Pseudo HJT Report ===============
    .
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
    BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    mRun: [ehTray] c:\windows\ehome\ehtray.exe
    mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
    mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
    mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
    mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start
    mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1283207975484
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1283208673890
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{AC0BA0AC-EF91-4E31-B148-8AF8BEA9FF9A} : DhcpNameServer = 192.168.0.1
    Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
    Notify: AtiExtEvent - Ati2evxx.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\fkkrrxqw.default\
    FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
    FF - plugin: c:\progra~1\mi1933~1\office14\NPSPWRAP.DLL
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 31952]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 235216]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 41040]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 301248]
    R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2010-4-16 65584]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-4-30 5106744]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
    R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2012-1-4 822624]
    R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2011-10-1 508776]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
    R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfsxp.sys [2009-12-2 584680]
    R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplayxp.sys [2009-12-2 209512]
    R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [2009-12-2 20584]
    R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvolxp.sys [2009-12-2 18280]
    R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2011-10-1 219496]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-1 250056]
    S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-25 113120]
    S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2012-07-07 15:28:26 -------- d-----w- c:\documents and settings\user\application data\Malwarebytes
    2012-07-07 15:28:02 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-07-07 15:28:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-07-07 15:28:02 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2012-06-26 07:46:53 -------- d-----w- c:\documents and settings\user\application data\HandBrake
    2012-06-26 07:38:20 -------- d-----w- c:\program files\Handbrake
    2012-06-26 00:38:37 -------- d-----w- c:\documents and settings\user\local settings\application data\WMTools Downloaded Files
    2012-06-25 00:46:03 -------- d-----w- c:\documents and settings\user\.stencylworks
    2012-06-23 07:14:04 9815752 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
    2012-06-16 18:54:01 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
    2012-06-16 18:54:00 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
    2012-06-11 18:17:42 65536 ----a-w- c:\windows\system32\frapsvid.dll
    .
    ==================== Find3M ====================
    .
    2012-06-23 07:14:06 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-06-23 07:14:06 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
    2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
    2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
    2012-06-02 19:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
    2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
    2012-06-02 19:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
    2012-06-02 19:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
    2012-06-02 19:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
    2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
    2012-05-16 07:58:35 667136 ----a-w- c:\windows\system32\wininet.dll
    2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys
    2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-04-20 19:29:52 81920 ----a-w- c:\windows\system32\ieencode.dll
    2012-04-20 19:29:52 61952 ----a-w- c:\windows\system32\tdc.ocx
    2012-04-19 12:44:57 369664 ----a-w- c:\windows\system32\html.iec
    2012-04-19 08:50:26 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys
    2012-04-19 00:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2012-04-19 00:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
    .
    ============= FINISH: 11:45:15.76 ===============







    And here's the attach file

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 8/28/2010 6:17:50 PM
    System Uptime: 7/7/2012 10:20:46 AM (1 hours ago)
    .
    Motherboard: Intel Corporation | | D945GTP
    Processor: Intel(R) Pentium(R) D CPU 3.40GHz | | 3399/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 233 GiB total, 152.637 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description:
    Device ID: ROOT\LEGACY_EHSCHED\SYSTEM
    Manufacturer:
    Name:
    PNP Device ID: ROOT\LEGACY_EHSCHED\SYSTEM
    Service:
    .
    ==== System Restore Points ===================
    .
    RP612: 4/7/2012 5:28:03 PM - System Checkpoint
    RP613: 4/8/2012 6:11:55 PM - System Checkpoint
    RP614: 4/10/2012 2:11:11 PM - System Checkpoint
    RP615: 4/11/2012 3:00:14 AM - Software Distribution Service 3.0
    RP616: 4/12/2012 6:26:43 PM - System Checkpoint
    RP617: 4/13/2012 10:04:21 PM - System Checkpoint
    RP618: 4/14/2012 10:35:07 PM - System Checkpoint
    RP619: 4/16/2012 12:19:38 AM - System Checkpoint
    RP620: 4/17/2012 2:21:47 AM - System Checkpoint
    RP621: 4/18/2012 6:24:20 AM - System Checkpoint
    RP622: 4/19/2012 1:15:16 PM - System Checkpoint
    RP623: 4/20/2012 6:48:50 PM - System Checkpoint
    RP624: 4/22/2012 12:46:02 AM - System Checkpoint
    RP625: 4/23/2012 8:21:46 AM - System Checkpoint
    RP626: 4/24/2012 9:17:20 AM - System Checkpoint
    RP627: 4/25/2012 4:13:10 PM - System Checkpoint
    RP628: 4/27/2012 4:20:37 AM - System Checkpoint
    RP629: 4/28/2012 8:47:25 AM - System Checkpoint
    RP630: 4/29/2012 11:49:05 AM - System Checkpoint
    RP631: 4/30/2012 2:22:52 PM - System Checkpoint
    RP632: 5/1/2012 2:47:26 PM - System Checkpoint
    RP633: 5/2/2012 3:43:49 PM - System Checkpoint
    RP634: 5/3/2012 4:21:00 PM - System Checkpoint
    RP635: 5/4/2012 5:00:28 PM - System Checkpoint
    RP636: 5/5/2012 5:05:12 PM - System Checkpoint
    RP637: 5/6/2012 5:07:58 PM - System Checkpoint
    RP638: 5/7/2012 5:12:41 PM - System Checkpoint
    RP639: 5/8/2012 5:56:15 PM - System Checkpoint
    RP640: 5/9/2012 6:50:45 PM - System Checkpoint
    RP641: 5/10/2012 7:53:54 PM - System Checkpoint
    RP642: 5/11/2012 3:00:18 AM - Software Distribution Service 3.0
    RP643: 5/12/2012 1:09:10 PM - System Checkpoint
    RP644: 5/14/2012 3:32:27 AM - System Checkpoint
    RP645: 5/15/2012 5:44:30 AM - System Checkpoint
    RP646: 5/16/2012 3:24:02 PM - System Checkpoint
    RP647: 5/17/2012 3:37:50 PM - System Checkpoint
    RP648: 5/18/2012 3:42:13 PM - System Checkpoint
    RP649: 5/19/2012 4:36:23 PM - System Checkpoint
    RP650: 5/20/2012 5:15:05 PM - System Checkpoint
    RP651: 5/21/2012 5:15:48 PM - System Checkpoint
    RP652: 5/22/2012 4:35:52 AM - Software Distribution Service 3.0
    RP653: 5/22/2012 4:56:01 AM - Software Distribution Service 3.0
    RP654: 5/22/2012 5:43:10 AM - Software Distribution Service 3.0
    RP655: 5/22/2012 7:40:14 AM - Software Distribution Service 3.0
    RP656: 5/23/2012 9:49:08 AM - System Checkpoint
    RP657: 5/24/2012 10:13:52 AM - System Checkpoint
    RP658: 5/25/2012 3:29:40 PM - System Checkpoint
    RP659: 5/26/2012 3:57:10 PM - System Checkpoint
    RP660: 5/27/2012 4:46:00 PM - System Checkpoint
    RP661: 5/28/2012 7:40:12 PM - System Checkpoint
    RP662: 5/29/2012 7:58:12 PM - System Checkpoint
    RP663: 5/30/2012 9:05:04 PM - System Checkpoint
    RP664: 6/1/2012 5:02:55 AM - System Checkpoint
    RP665: 6/2/2012 5:23:04 AM - System Checkpoint
    RP666: 6/3/2012 3:45:49 PM - System Checkpoint
    RP667: 6/4/2012 5:47:07 PM - System Checkpoint
    RP668: 6/4/2012 11:51:48 PM - Software Distribution Service 3.0
    RP669: 6/6/2012 5:08:13 AM - System Checkpoint
    RP670: 6/7/2012 5:42:09 AM - System Checkpoint
    RP671: 6/8/2012 5:44:21 AM - System Checkpoint
    RP672: 6/9/2012 9:17:28 AM - System Checkpoint
    RP673: 6/10/2012 6:28:48 PM - System Checkpoint
    RP674: 6/12/2012 8:00:36 AM - System Checkpoint
    RP675: 6/13/2012 3:00:14 AM - Software Distribution Service 3.0
    RP676: 6/14/2012 3:04:44 AM - System Checkpoint
    RP677: 6/15/2012 3:58:16 AM - System Checkpoint
    RP678: 6/16/2012 4:18:28 AM - System Checkpoint
    RP679: 6/17/2012 6:48:56 PM - System Checkpoint
    RP680: 6/19/2012 1:09:52 AM - System Checkpoint
    RP681: 6/20/2012 10:49:31 AM - System Checkpoint
    RP682: 6/21/2012 11:12:40 AM - System Checkpoint
    RP683: 6/22/2012 1:00:37 PM - System Checkpoint
    RP684: 6/23/2012 1:48:05 PM - System Checkpoint
    RP685: 6/24/2012 2:46:52 PM - System Checkpoint
    RP686: 6/25/2012 3:11:40 PM - System Checkpoint
    RP687: 6/26/2012 4:06:07 PM - System Checkpoint
    RP688: 6/26/2012 5:23:58 PM - Software Distribution Service 3.0
    RP689: 6/27/2012 7:10:15 PM - System Checkpoint
    RP690: 6/29/2012 5:10:20 AM - System Checkpoint
    RP691: 6/30/2012 1:08:21 PM - System Checkpoint
    RP692: 7/1/2012 1:08:48 PM - System Checkpoint
    RP693: 7/2/2012 6:44:23 PM - System Checkpoint
    RP694: 7/3/2012 6:51:16 PM - System Checkpoint
    RP695: 7/4/2012 7:00:02 PM - System Checkpoint
    RP696: 7/5/2012 7:05:16 PM - System Checkpoint
    RP697: 7/7/2012 12:12:44 AM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader 9.5.1
    AIM 7
    Another World 15th Anniversary Edition
    Apple Application Support
    Apple Software Update
    ATI - Software Uninstall Utility
    ATI Catalyst Control Center
    ATI Display Driver
    Audacity 1.2.6
    AVG 2012
    AVG PC Tuneup 2011
    CamStudio
    CamStudio Lossless Codec v1.4
    Canon MP150
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center HydraVision Full
    Catalyst Control Center Localization All
    ccc-core-preinstall
    ccc-core-static
    ccc-utility
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Citrix online plug-in - web
    Citrix online plug-in (DV)
    Citrix online plug-in (HDX)
    Citrix online plug-in (USB)
    Citrix online plug-in (Web)
    Commander Keen Complete Pack
    Compatibility Pack for the 2007 Office system
    Construct 2 r69
    Crusader No Remorse
    Descent and Descent 2
    DivX Setup
    Download Updater (AOL LLC)
    Final DOOM
    Fraps
    G*Power 3.1.2
    GameMaker 8.1
    Giants – Citizen Kabuto
    Half-Life
    HandBrake 0.9.6
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    IBM SPSS Statistics 19
    IDT Audio
    Intel(R) Network Connections 15.3.68.0
    Java Auto Updater
    Java(TM) 6 Update 31
    LAME v3.98.3 for Audacity
    Little Big Adventure
    Magic Carpet
    Malwarebytes Anti-Malware version 1.61.0.1400
    Master Levels for DOOM II
    MDK
    Megarace
    Microsoft .NET Framework 1.0 Hotfix (KB2572066)
    Microsoft .NET Framework 1.0 Hotfix (KB2604042)
    Microsoft .NET Framework 1.0 Hotfix (KB2656378)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft .NET Framework 1.1 Security Update (KB2656370)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Office Click-to-Run 2010
    Microsoft Office Home and Student 2010 - English
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Word 2002
    Microsoft Works
    Microsoft Works Suite 2006 Setup Launcher
    Microsoft Works Suite Add-in for Microsoft Word
    Mozilla Firefox 13.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6.0 Parser (KB933579)
    MTX
    OpenAL
    Osmos
    Planescape Torment
    QuickTime
    Rayman 2
    Rayman 2: The Great Escape GOG Edition
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2416400)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2482017)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2497640)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2530548)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544521)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2559049)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2586448)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618444)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647516)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2675157)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2699988)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB923789)
    Segoe UI
    Serious Sam The First Encounter
    Serious Sam The Second Encounter
    Skins
    Steam
    Stencyl
    Syndicate
    The Ultimate DOOM
    The You Testament
    Treasure Adventure Game
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB971029)
    VC80CRTRedist - 8.0.50727.4053
    VLC media player 1.1.5
    VVVVVV Demo
    WebFldrs XP
    Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
    Windows Imaging Component
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Live Upload Tool
    Windows XP Service Pack 3
    WinRAR archiver
    Works Upgrade
    .
    ==== End Of File ===========================
     
  6. qwelps

    qwelps Thread Starter

    Joined:
    Jun 28, 2012
    Messages:
    23
    Oh, also for malwarebytes, the last steps were different. I don't remember seeing any results, though I don't think I looked since I believe a message popped up saying nothing was found. Should I scan again and look for the "show results" button?

    I also had a few programs open while dds was running (just things relating to this), so I hope that's not a problem.
     
  7. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Nothing of any significance is showing up in the logs. Please follow the instructions below and post the log from Security Check, Eset will only produce a log if it finds anything, be aware the Eset scan can take several hours to complete.

    The instructions for Malwarebytes need updating, thanks for pointing that out. It automatically checks for updates when you launch it, older versions didn't. The database I just checked is on 12.07.07.06 so you may have just missed a new update. Not to worry though, Eset is likely to find anything that Malwarebytes may have missed.

    Download Security Check by screen317 from Here or Here.
    Save it to your Desktop.
    Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
    A Notepad document should open automatically called checkup.txt; please post the contents of that document.



    Eset online scan instructions.
    IMPORTANT ---> Please make sure you follow the instruction to uncheck the box next to Remove found threats. Eset will detect anything that looks even remotely suspicious, this can include legitimate program files. If you do not uncheck the box, as instructed, Eset will automatically remove all suspect files which could leave some of your software inoperative. If you make a mistake these files can be restored from quarantine, but it would be preferable not to add any extra work to the clean up of your system.
    • Disable your existing Anti Virus following these instructions.
    • Please go here to use the Eset Online Scanner.
    • When the web page opens click on this button [​IMG]
    • If you are not using Internet Explorer you will see a message box open asking you to to download the ESET Smart Installer, click on the link and allow it to download and then run it. Accept the Terms of use and click on Start. The required components will download.
    • If using Internet Explorer the Terms of use box will open immediately, accept it and click on Start.
    • After the download is complete the Computer scan settings window will open, IMPORTANT ----> uncheck the box next to Remove found threats and click on Start. The virus signature database will then download which may take some time depending on the speed of your internet connection. The scan will automatically start when the download is complete.
    • This is a very thorough scan and may take several hours to complete depending on how much data you have on your hard drive. Do not interrupt it, be patient and let it finish.
    • A Scan Results window will appear at the end of the scan. If it lists any number of Infected Files click on List of found threats. Click on Copy to clipboard, come back to this thread and right click on the message box. Select Paste and the report will appear, add any comments you have and post the reply.
    • Back on the Eset window, click the Back button and then click on Finish.
     
  8. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Please always make a new post if you wish to add further information as I only get notified when a new post is added and may miss something of importance that you may have added.

    As the scan came up clean there is nothing to worry about. Usually you would need to click on the Show Results button to display the log for copying into your posts here. As for DDS, no problem there either.
     
  9. qwelps

    qwelps Thread Starter

    Joined:
    Jun 28, 2012
    Messages:
    23
    Here is the security check file. I had some trouble downloading it, the first time I tried to save it to my desktop it said there was an error. The second time it downloaded correctly. I will now start the eset scan.


    Results of screen317's Security Check version 0.99.42
    Windows XP Service Pack 3 x86
    Internet Explorer 6 Out of date!
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    AVG Anti-Virus Free Edition 2012
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Malwarebytes Anti-Malware version 1.61.0.1400
    AVG PC Tuneup 2011
    Java(TM) 6 Update 31
    Java version out of Date!
    Adobe Flash Player 11.3.300.262
    Adobe Reader 9 Adobe Reader out of Date!
    Mozilla Firefox (13.0.1)
    ````````Process Check: objlist.exe by Laurent````````
    AVG avgwdsvc.exe
    AVG avgtray.exe
    AVG avgrsx.exe
    AVG avgnsx.exe
    AVG avgemc.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:: 7%
    ````````````````````End of Log``````````````````````
     
  10. qwelps

    qwelps Thread Starter

    Joined:
    Jun 28, 2012
    Messages:
    23
    I am running AVG 2012, there are no instructions on the link provided on how to disable that specific version.

    I can right click on the AVG icon at the bottom right of my screen and check an option "Temporarily disable AVG protection". Should I just do that, or is there a particular thing that needs to be done?
     
  11. qwelps

    qwelps Thread Starter

    Joined:
    Jun 28, 2012
    Messages:
    23
    Also, is the virus scan the only thing that needs to be disabled?
     
  12. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    That will do the job.
    Yes.
     
  13. qwelps

    qwelps Thread Starter

    Joined:
    Jun 28, 2012
    Messages:
    23
    Did the Eset scan. A couple of comments. First, at the start (along with the option to remove found threats) I think there was an option to scan archives or something. I left this unchecked. Was this the correct thing to do? Second, when the scan was going it jumped from 49% completion directly to 99%.

    Here are the results

    C:\Documents and Settings\User\Desktop\Unused\MsgPlusLive-485.exe a variant of Win32/MessengerPlus application
     
  14. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    It's looking like your system is clean of any infections. The jump on the Eset scan completion monitor is normal. The setting to check Archives was not required.

    Just to be sure we had better check the file that was detected.

    Go to one of the following online services that analyzes suspicious files:
    In the "File to Scan" (Upload or Submit) box, click the "browse" button and locate the following file:

    C:\Documents and Settings\User\Desktop\Unused\MsgPlusLive-485.exe <- this file

    Click "Open", then click the "Submit" button. If you get a message saying "File has already been analyzed", click Reanalyze or Scan again.
    -- Post back with the results of the file analysis in your next reply.

    ___________________________________________________________________

    Internet Explorer
    Your Internet Explorer is out of date, the latest version for XP has a better level of security which helps to stop malicious software from reaching your PC.
    Internet Explorer 8 for Windows XP

    ____________________________________________________________________

    Adobe
    Close any programs you may have running - especially your web browser.
    Click on Start [​IMG] > Control Panel, double-click on Programs and Features and uninstall the following Adobe entries:

    Adobe Reader

    NOTE: For XP click on [​IMG] > Control Panel, double-click on Add or Remove Programs and continue as above.
    Then go to this link Adobe Downloads and select the latest version to download and install. You will see this page below, click on the appropriate button for Adobe Reader as indicated.
    [​IMG]
    You will now see a page similar to this one:
    [​IMG]
    All four Adobe products, Reader, Flash Player, Air and Shockwave Player are set by default to download the version for Windows Operating Systems and for Internet Explorer in English. If you are using a Macintosh, or you want to use the Adobe product with a different Browser or language you must click on the line (as indicated in the above image) to make further selections to meet your requirements.
    As you will see in the above image the Adobe Reader is set for Windows 7, please click (as indicated) if you are using a different version of Windows to make further selections. All the other Adobe products are universal and you will only need to change the selection for different Browsers, Languages or for Macintosh.
    NOTE: In all the downloads look out for the Google Toolbar and uncheck the box if you do not need it.
    Some additional instructions may appear for XP installations. In all cases save the download to your desktop, then close your browser and double click on the Adobe icon on your desktop to install it. If you have any problems installing, disconnect from the internet and disable your Anti Virus and any other security software, instructions for most AV's, etc. can be found here: How to disable security software.

    __________________________________________________________________

    Java
    Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
    Please follow these steps to remove older version Java components and update:
    • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
    • Look for Java Platform, Standard Edition.
    • Click the Download JRE button to the right.
    • Read the License Agreement, and then check the box that says: "Accept License Agreement".
    • From the list, select the Windows(x86) Offline version.
    • NOTE: A 64bit version is available for use with 64bit browsers running on a 64bit version of Window's, but it is recommended that you use only 32bit browsers and versions of Java. Please read this for further information: Which Java download should I choose for my 64bit operating system?
    • Close any programs you may have running - especially your web browser.
    Click on [​IMG] or [​IMG] > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
    • Check (highlight) any item with Java, JRE or J2SE in the name.
    • Click the Uninstall, Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
    • Repeat as many times as necessary to remove each Java versions.
    • Reboot your computer once all Java components are removed.
    • Then from your desktop double-click on jre-7u5-windows-i586.exe (or jre-7u5-windows-x64.exe for 64-bit) to install the newest version.
    • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
    • When the Java Setup - Welcome window opens, click the Install > button.
    • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
    • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
    -- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version. When an update is installed always make sure the previous version is uninstalled.
    Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
    To disable the JQS service if you don't want to use it:
    • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
    • Click Ok and reboot your computer.
     
  15. qwelps

    qwelps Thread Starter

    Joined:
    Jun 28, 2012
    Messages:
    23
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1058868