Techmonkeys.co.uk / Security / Virus & Spyware Support / pdf's don't open and computer slow

Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
pdf's don't open and computer slow
17-11-2011, 04:50 AM
Post: #1
Prayok Offline
Baboon
 		Posts: 14
Joined: Nov 2011
Reputation: 0
pdf's don't open and computer slow
Internet Explorer and Google Chrome wouldn't let me open any videos - I got an error message that said I needed to download Adobe Flash Player first. I already had it on my computer, but I downloaded it again and the download was successful and it said I am now running Flash Player. But still it didn't seem to be working. I can see it's on my Control Panel. So today I downloaded Mozilla Firefox and I was able to open one video but haven't watched the whole thing yet. Hopefully that's a good sign that it's fixed. I did uninstall Google Chrome and something called Dealrunner that seemed to be taking over my web browsers.
But here's a biggie - I can't open up PDF files. No error message - it just doesn't work!
And most of the time my computer is agonizingly slow and sometimes freezes (twice). That's when I reboot. Help!

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Patricia Ray at 16:13:10 on 2011-11-16
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://msn.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: Radio 1.1 Toolbar: {2d7432c9-a3fd-4ed1-aea9-fbdb12dba4a7} - c:\program files\radio_1.1\prxtbRad2.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: mefeediaTest: {154d932f-dc51-4a4f-9d52-b78b1419d3b4} - c:\program files\mefeediatest\w3itemplateX.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Radio 1.1 Toolbar: {2d7432c9-a3fd-4ed1-aea9-fbdb12dba4a7} - c:\program files\radio_1.1\prxtbRad2.dll
BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - c:\program files\startnow toolbar\Toolbar32.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: NetAssistant: {e38fa08e-f56a-4169-abf5-5c71e3c153a1} - c:\program files\freeze.com\netassistant\NetAssistant.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo layers runtime\YontooIEClient.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: @c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
TB: Radio 1.1 Toolbar: {2d7432c9-a3fd-4ed1-aea9-fbdb12dba4a7} - c:\program files\radio_1.1\prxtbRad2.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: mefeediaTest: {154d932f-dc51-4a4f-9d52-b78b1419d3b4} - c:\program files\mefeediatest\w3itemplateX.dll
TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - c:\program files\startnow toolbar\Toolbar32.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [PC Cleaners] "c:\program files\pc cleaners\PCCleaners.exe" /minimize
mRun: [StartNowToolbarHelper] "c:\program files\startnow toolbar\ToolbarHelper.exe"
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Bing Bar] "c:\program files\msn toolbar\platform\5.0.1449.0\mswinext.exe"
mRun: [HydarVisionDesktopManager]
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1302284360593
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{D19474D9-03CE-48E0-82CF-5E5BB602B886} : DhcpNameServer = 192.168.0.1
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\patricia ray\application data\mozilla\firefox\profiles\qma5p700.default\
FF - plugin: c:\program files\common files\oberon media\ncadapter\1.0.0.7\npapicomadapter.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
.
============= SERVICES / DRIVERS ===============
.
R? AC2003;AC2003
S? aswFsBlk;aswFsBlk
S? aswSnx;aswSnx
S? aswSP;aswSP
S? avast! Antivirus;avast! Antivirus
S? GETNDIS;VIA Networking Velocity Family Giga-bit Ethernet Adapter Driver
S? pavboot;pavboot
S? Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar
.
=============== Created Last 30 ================
.
2011-11-16 23:57:57 388096 ----a-r- c:\documents and settings\patricia ray\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-11-16 23:57:56 -------- d-----w- c:\program files\Trend Micro
2011-11-16 23:19:33 -------- d-----w- c:\documents and settings\patricia ray\local settings\application data\Mozilla
2011-11-16 22:56:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-15 04:01:11 -------- d-----w- c:\documents and settings\all users\application data\Oberon Media
2011-11-15 04:00:31 -------- d-----w- c:\program files\common files\Oberon Media
2011-11-15 03:36:06 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-11-15 03:36:06 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-11-15 03:36:05 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-11-15 03:36:05 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-11-15 03:36:05 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-11-15 03:36:05 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-11-15 03:36:05 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-11-15 03:25:08 -------- d-----w- c:\program files\iPod
2011-11-15 03:10:29 -------- d-----w- c:\program files\Bonjour
2011-11-01 15:37:21 -------- d-----w- c:\documents and settings\patricia ray\local settings\application data\PCHealth
2011-11-01 01:05:01 -------- d-----w- c:\windows\system32\KB905474
2011-10-31 22:38:46 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2011-10-31 20:31:07 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-10-31 20:10:38 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-10-31 19:53:38 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-10-31 19:48:20 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-10-31 19:42:49 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-10-31 19:30:48 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-10-31 19:25:01 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-10-31 17:34:20 -------- d-sh--w- c:\documents and settings\patricia ray\IECompatCache
2011-10-31 17:29:13 221184 ----a-w- c:\windows\system32\wmpns.dll
2011-10-31 16:59:43 -------- d-----w- c:\windows\system32\scripting
2011-10-31 16:59:39 -------- d-----w- c:\windows\system32\en
2011-10-31 16:59:39 -------- d-----w- c:\windows\l2schemas
2011-10-31 16:55:52 -------- d-----w- c:\windows\network diagnostic
2011-10-31 16:35:47 -------- d-----w- c:\program files\Panda Security
2011-10-29 06:26:27 -------- d-----w- c:\windows\system32\XPSViewer
2011-10-29 06:24:07 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-10-29 06:23:08 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-10-29 06:23:08 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-10-29 06:23:08 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-10-29 06:23:08 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-10-29 06:23:08 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-10-29 06:23:08 117760 ------w- c:\windows\system32\prntvpt.dll
2011-10-29 06:22:59 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-10-29 06:22:59 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-10-29 06:22:49 -------- d-----w- C:\4f55f62cf34e9571bf704759471abdca
2011-10-29 06:04:14 -------- d-----w- c:\program files\MSXML 6.0
2011-10-27 05:59:22 -------- d-----w- c:\documents and settings\patricia ray\application data\OpenOffice.org
2011-10-27 03:41:32 -------- d-----w- c:\program files\OpenOffice.org 3
2011-10-27 03:39:46 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-10-24 22:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 22:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-24 16:44:44 -------- d-----w- c:\documents and settings\patricia ray\application data\PC Cleaners
2011-10-24 16:43:56 -------- d-----w- c:\program files\PC Cleaners
2011-10-24 16:43:56 -------- d-----w- c:\documents and settings\all users\application data\PC1Data
2011-10-22 19:10:31 98304 ----a-w- c:\windows\system32\redmonnt.dll
2011-10-22 19:10:18 -------- d-----w- c:\program files\FoxTabPDFConverter
2011-10-22 19:10:10 -------- d-----w- c:\program files\StartNow Toolbar
2011-10-18 03:36:21 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2011-10-18 03:36:07 -------- d-----w- c:\program files\W3i
2011-10-18 03:36:07 -------- d-----w- c:\documents and settings\all users\application data\W3i
2011-10-18 03:35:00 -------- d-----w- c:\documents and settings\patricia ray\application data\w3itemplate
2011-10-18 03:34:28 -------- d-----w- c:\program files\Freeze.com
2011-10-18 03:34:22 -------- d-----w- c:\documents and settings\patricia ray\application data\mefeediatest
2011-10-18 03:33:46 -------- d-----w- c:\program files\mefeediatest
2011-10-18 03:32:50 -------- d-----w- c:\program files\Free Offers from Freeze.com
2011-10-18 03:32:43 -------- d-----w- c:\program files\Yontoo Layers Runtime
2011-10-18 03:32:10 -------- d-----w- c:\documents and settings\all users\application data\Tarma Installer
2011-10-18 03:31:26 -------- d-----w- c:\program files\Yahoo!
.
==================== Find3M ====================
.
2011-11-16 22:04:46 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-24 16:43:11 5359888 ----a-w- c:\windows\uninst.exe
2011-10-17 22:50:21 398760 ----a-r- c:\windows\system32\cpnprt2.cid
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 18:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-06 20:45:29 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:38:05 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 07:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 07:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 07:05:04 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-31 07:05:04 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec
.
============= FINISH: 16:22:50.70 ===============

.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
6500_E709_eDocs
6500_E709_Help
6500_E709a
Adobe Acrobat 4.0
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ares 3.1.7.3042
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
ATI Multimedia Center
avast! Free Antivirus
Bing Bar
Bing Bar Platform
Bonjour
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Coupon Printer for Windows
CrystalVision Software Services - #9803
Destinations
DeviceDiscovery
DocMgr
DocProc
Fax
FoxTab PDF Converter
Freeze.com NetAssistant
GPBaseService2
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 14.0
HP Document Manager 2.0
HP Imaging Device Functions 14.0
HP Officejet 6500 E709 Series
HP Officejet 6500 E710n-z Basic Device Software
HP Officejet 6500 E710n-z Help
HP Officejet 6500 E710n-z Product Improvement Study
HP Photosmart Essential 3.5
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPDiagnosticAlert
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HydraVision
I.R.I.S. OCR
InstallIQ Updater
iTunes
Java Auto Updater
Java™ 6 Update 29
MarketResearch
Marketsplash Shortcuts
MeFeedia
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Default Manager
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Web Publishing Wizard 1.52
Mozilla Firefox 8.0 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
NetAssistant
Network
NVIDIA Drivers
OCR Software by I.R.I.S. 14.0
Panda ActiveScan 2.0
PC Cleaners
Personal Ancestral File 5
Picasa 3
PrintMaster 16
PrintMaster® Premier 8.0
ProductContext
QuickTime
Radio 1.1 Toolbar
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Serif DrawPlus 3.0
Shockwave
SmartWebPrinting
SolutionCenter
StartNow Toolbar
Status
Toolbox
TrayApp
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VoiceOver Kit
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Software Update
Yahoo! Toolbar
Yontoo Layers Runtime 1.10.01
.
==== End Of File ===========================
Find all posts by this user
Quote this message in a reply
17-11-2011, 09:26 AM
Post: #2
Maniac Offline
Malware Fighter
*****
 		Posts: 1,339
Joined: Dec 2009
Reputation: 7
RE: pdf's don't open and computer slow
Hello Prayok! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/paste in your next reply.

Dealrunner may collet personal information that you should not give away, but there is no connections between Dealrunner and your problem. It's good decision to uninstall it!


Step 1

Now it's time to clean the cache of Java, because of malware. Malware that could be found in this cache directory are not associated with the Java that was downloaded and installed on the system. A cache directory is aa temporary storage location. When the browser runs an applet or application, Java stores files into its cache directory for better performance.

Click Start => Control Panel.
Double-click the Java icon in the control panel. The Java Control Panel appears.
[Image: plugin_cache1.jpg]

Click Settings under Temporary Internet Files. The Temporary Files Settings dialog box appears.

[Image: plugin_cache2.jpg]

Click Delete Files. The Delete Temporary Files dialog box appears.

[Image: plugin_cache3.jpg]

Click OK on Delete Temporary Files window. Note: This deletes all the Downloaded Applications and Applets from the cache.

Click OK on Temporary Files Settings window. Note: If you want to delete a specific application and applet from the cache, click on View Application and View Applet options respectively.


Step 2

Please uninstall the following applications:

Quote:Radio 1.1 Toolbar
StartNow Toolbar
PC Cleaners


Step 3

Please follow the instructions here to run ComboFix:
http://www.bleepingcomputer.com/combofix...mbofix#use

Post the log.txt when you are ready.
[Image: 5f2kg5.gif]

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here [Image: paypal.gif]
Send this user an email Visit this user's website Find all posts by this user
Quote this message in a reply
17-11-2011, 09:38 PM
Post: #3
Prayok Offline
Baboon
 		Posts: 14
Joined: Nov 2011
Reputation: 0
RE: pdf's don't open and computer slow
ComboFix 11-11-17.03 - Patricia Ray 11/17/2011 11:03:42.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.971 [GMT -8:00]
Running from: c:\documents and settings\Patricia Ray\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: PC Cleaners *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\Tarma Installer
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
c:\documents and settings\All Users\Application Data\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\_Setup.dll
c:\documents and settings\All Users\Application Data\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\_Setupx.dll
c:\documents and settings\All Users\Application Data\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\Setup.dat
c:\documents and settings\All Users\Application Data\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\Setup.exe
c:\documents and settings\All Users\Application Data\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\Setup.ico
c:\documents and settings\Patricia Ray\Application Data\PriceGong
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\1.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\10.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\1141.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\1707.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\2077.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\2228.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\2229.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\2458.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\2476.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\2501.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\2620.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\2626.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\2866.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\2867.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\2880.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\3704.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\371.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\4266.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\4369.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\4379.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\4427.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\4438.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\4462.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\4489.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\450.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\4575.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\4873.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\5000.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\5729.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\6405.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\6613.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\6783.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\6784.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\7038.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\7131.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\83.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\a.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\b.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\c.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\d.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\e.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\f.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\g.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\h.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\i.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\j.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\k.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\l.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\m.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\n.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\o.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\p.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\q.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\r.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\s.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\t.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\u.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\v.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\w.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\wlu.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\x.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\y.txt
c:\documents and settings\Patricia Ray\Application Data\PriceGong\Data\z.txt
c:\documents and settings\Patricia Ray\WINDOWS
c:\program files\DailyBibleGuideEI
c:\windows\system32\images
c:\windows\system32\images\accessinghvnoprop.jpg
c:\windows\system32\images\accessingmdesk.jpg
c:\windows\system32\images\ati_logo.jpg
c:\windows\system32\images\hvdm.jpg
c:\windows\system32\images\hvhotkeys.jpg
c:\windows\system32\images\hvsystray.jpg
c:\windows\system32\images\hvsystray2.jpg
.
.
((((((((((((((((((((((((( Files Created from 2011-10-17 to 2011-11-17 )))))))))))))))))))))))))))))))
.
.
2011-11-16 23:57 . 2011-11-16 23:57 388096 ----a-r- c:\documents and settings\Patricia Ray\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-16 23:57 . 2011-11-16 23:57 -------- d-----w- c:\program files\Trend Micro
2011-11-16 23:19 . 2011-11-16 23:19 -------- d-----w- c:\documents and settings\Patricia Ray\Local Settings\Application Data\Mozilla
2011-11-16 22:57 . 2011-11-16 22:57 -------- d-----w- c:\windows\Sun
2011-11-16 22:56 . 2011-11-16 22:56 -------- d-----w- c:\program files\Common Files\Java
2011-11-16 22:56 . 2011-10-03 13:06 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-15 04:01 . 2011-11-15 04:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Oberon Media
2011-11-15 04:00 . 2011-11-15 04:00 -------- d-----w- c:\program files\Common Files\Oberon Media
2011-11-15 03:36 . 2011-11-15 03:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll
2011-11-15 03:36 . 2011-11-15 03:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll
2011-11-15 03:36 . 2011-11-15 03:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2011-11-15 03:36 . 2011-11-15 03:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2011-11-15 03:36 . 2011-11-15 03:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2011-11-15 03:36 . 2011-11-15 03:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2011-11-15 03:36 . 2011-11-15 03:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2011-11-15 03:34 . 2011-11-15 03:36 -------- d-----w- c:\program files\QuickTime
2011-11-15 03:25 . 2011-11-15 03:25 -------- d-----w- c:\program files\iPod
2011-11-15 03:16 . 2011-11-15 03:16 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer
2011-11-15 03:10 . 2011-11-15 03:10 -------- d-----w- c:\program files\Bonjour
2011-11-08 02:43 . 2008-04-14 00:12 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-11-01 15:37 . 2011-11-01 15:37 -------- d-----w- c:\documents and settings\Patricia Ray\Local Settings\Application Data\PCHealth
2011-11-01 01:05 . 2011-11-01 01:05 -------- d-----w- c:\windows\system32\KB905474
2011-10-31 22:38 . 2009-06-30 16:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2011-10-31 20:31 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-10-31 20:10 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-10-31 19:53 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-10-31 19:48 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-10-31 19:42 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-10-31 19:30 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-10-31 19:25 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-10-31 17:34 . 2011-10-31 17:34 -------- d-sh--w- c:\documents and settings\Patricia Ray\IECompatCache
2011-10-31 17:29 . 2004-08-04 07:56 221184 ----a-w- c:\windows\system32\wmpns.dll
2011-10-31 16:59 . 2011-10-31 16:59 -------- d-----w- c:\windows\system32\scripting
2011-10-31 16:59 . 2011-10-31 16:59 -------- d-----w- c:\windows\l2schemas
2011-10-31 16:59 . 2011-10-31 16:59 -------- d-----w- c:\windows\system32\en
2011-10-31 16:35 . 2011-10-31 16:35 -------- d-----w- c:\program files\Panda Security
2011-10-29 06:26 . 2011-10-29 06:26 -------- d-----w- c:\windows\system32\XPSViewer
2011-10-29 06:25 . 2011-10-29 06:25 -------- d-----w- c:\program files\MSBuild
2011-10-29 06:25 . 2011-10-29 06:25 -------- d-----w- c:\program files\Reference Assemblies
2011-10-29 06:24 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-10-29 06:23 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-10-29 06:23 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-10-29 06:23 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-10-29 06:23 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2011-10-29 06:23 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-10-29 06:23 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-10-29 06:22 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-10-29 06:22 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-10-29 06:22 . 2011-10-29 06:24 -------- d-----w- C:\4f55f62cf34e9571bf704759471abdca
2011-10-29 06:04 . 2011-10-29 06:04 -------- d-----w- c:\program files\MSXML 6.0
2011-10-27 05:59 . 2011-10-27 05:59 -------- d-----w- c:\documents and settings\Patricia Ray\Application Data\OpenOffice.org
2011-10-27 03:41 . 2011-10-28 18:17 -------- d-----w- c:\program files\OpenOffice.org 3
2011-10-27 03:39 . 2011-10-03 10:37 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-10-27 03:38 . 2011-11-16 22:56 -------- d-----w- c:\program files\Java
2011-10-24 22:29 . 2011-10-24 22:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 22:29 . 2011-10-24 22:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-24 16:44 . 2011-10-24 16:44 -------- d-----w- c:\documents and settings\Patricia Ray\Application Data\PC Cleaners
2011-10-24 16:43 . 2011-10-24 16:44 -------- d-----w- c:\documents and settings\All Users\Application Data\PC1Data
2011-10-22 19:10 . 2007-08-21 20:32 98304 ----a-w- c:\windows\system32\redmonnt.dll
2011-10-22 19:10 . 2011-10-22 19:10 -------- d-----w- c:\program files\FoxTabPDFConverter
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-16 22:04 . 2011-06-08 20:04 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-24 16:43 . 2011-10-07 19:21 5359888 ----a-w- c:\windows\uninst.exe
2011-10-17 22:50 . 2011-10-17 22:50 398760 ----a-r- c:\windows\system32\cpnprt2.cid
2011-10-10 14:22 . 2011-04-08 16:58 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2003-03-31 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 18:41 . 2008-07-30 02:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41 . 2003-03-31 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41 . 2003-03-31 12:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-06 20:45 . 2011-04-08 19:51 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-04-08 19:51 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-04-08 19:51 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2011-04-08 19:51 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-04-08 19:51 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-04-08 19:51 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-04-08 19:51 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-09-06 20:36 . 2011-04-08 19:51 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-09-06 20:36 . 2011-04-08 19:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-06 20:33 . 2011-04-08 19:51 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-09-06 13:20 . 2003-03-31 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 07:05 . 2011-08-31 07:05 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 07:05 . 2011-08-31 07:05 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 07:05 . 2011-08-31 07:05 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-31 07:05 . 2011-08-31 07:05 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-22 23:48 . 2003-03-31 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48 . 2003-03-31 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48 . 2003-03-31 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2004-08-04 05:59 385024 ----a-w- c:\windows\system32\html.iec
2011-11-05 06:53 . 2011-11-16 23:15 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{154d932f-dc51-4a4f-9d52-b78b1419d3b4}]
2011-05-04 16:04 81920 ----a-w- c:\program files\mefeediatest\w3itemplateX.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}]
2011-06-22 19:30 1718472 ----a-w- c:\program files\Freeze.com\NetAssistant\NetAssistant.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2011-08-19 16:45 790304 ----a-w- c:\program files\Yontoo Layers Runtime\YontooIEClient.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{154d932f-dc51-4a4f-9d52-b78b1419d3b4}"= "c:\program files\mefeediatest\w3itemplateX.dll" [2011-05-04 81920]
.
[HKEY_CLASSES_ROOT\clsid\{154d932f-dc51-4a4f-9d52-b78b1419d3b4}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicono​verlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-11-13 421736]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 45056]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-23 150528]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-12 288088]
"Bing Bar"="c:\program files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe" [2010-04-27 243544]
"HydarVisionDesktopManager"="" [BU]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Event Reminder.lnk - c:\program files\Broderbund\PrintMaster\PMREMIND.EXE [2011-10-7 327680]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2010-5-28 276328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKLM\~\startupfolder\C:^Documents and Settings^Patricia Ray^Start Menu^Programs^Startup^NexDef Plug-in.lnk]
path=c:\documents and settings\Patricia Ray\Start Menu\Programs\Startup\NexDef Plug-in.lnk
backup=c:\windows\pss\NexDef Plug-in.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiPTA]
2002-02-14 17:42 315392 ----a-w- c:\windows\system32\atiptaxx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SacReminderHDDV2]
2010-12-21 13:15 522064 ----a-r- c:\documents and settings\All Users\Application Data\OfficeGuardianV2\reminder\SacReminder.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Authorize​dApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R3 AC2003;AC2003;c:\windows\system32\Drivers\AC2003.sys [2004-07-12 4224]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-06-30 28552]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S3 GETNDIS;VIA Networking Velocity Family Giga-bit Ethernet Adapter Driver;c:\windows\system32\DRIVERS\getnd5b.sys [2003-09-02 44032]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - HTTPFILTER
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 00:57]
.
2011-11-17 c:\windows\Tasks\At1.job
- c:\program files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2010-11-17 04:12]
.
2011-11-17 c:\windows\Tasks\At2.job
- c:\program files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2010-11-17 04:12]
.
2011-11-16 c:\windows\Tasks\At3.job
- c:\program files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2010-11-17 04:12]
.
2011-11-16 c:\windows\Tasks\At4.job
- c:\program files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2010-11-17 04:12]
.
2011-11-17 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2011-11-01 05:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://msn.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\Patricia Ray\Application Data\Mozilla\Firefox\Profiles\qma5p700.default\
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-Adobe ARM - c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MSConfigStartUp-DealRunner - c:\program files\DealRunner\DealRunner.exe
AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - c:\docume~1\ALLUSE~1\APPLIC~1\TARMAI~1\{889DF~1\Setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-17 11:23
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(736)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2011-11-17 11:29:45
ComboFix-quarantined-files.txt 2011-11-17 19:29
ComboFix2.txt 2009-10-20 18:32
.
Pre-Run: 48,017,309,696 bytes free
Post-Run: 54,507,835,392 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 483B23D801B9C8695D706CDAC9A3233D

MY FINGERS ARE CROSSED! Thanks so much!
Find all posts by this user
Quote this message in a reply
17-11-2011, 10:01 PM
Post: #4
Maniac Offline
Malware Fighter
*****
 		Posts: 1,339
Joined: Dec 2009
Reputation: 7
RE: pdf's don't open and computer slow
Okay, we have a work here too, but first let me check something.

Please visit http://www.virustotal.com and upload the following file:
c:\documents and settings\All Users\Application Data\OfficeGuardianV2\reminder\SacReminder.exe

Wait until the scan finished and then copy/paste the link.
[Image: 5f2kg5.gif]

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here [Image: paypal.gif]
Send this user an email Visit this user's website Find all posts by this user
Quote this message in a reply
17-11-2011, 11:19 PM
Post: #5
Prayok Offline
Baboon
 		Posts: 14
Joined: Nov 2011
Reputation: 0
RE: pdf's don't open and computer slow
Well...I don't seem to have that file on my computer. I can follow the path on C: through documents and setting and All Users, but Application Data doesn't show up there. A search yields no results for Application Data or SacReminder.exe. I know it was in the log I posted but...Now what?
Find all posts by this user
Quote this message in a reply
17-11-2011, 11:37 PM
Post: #6
Maniac Offline
Malware Fighter
*****
 		Posts: 1,339
Joined: Dec 2009
Reputation: 7
RE: pdf's don't open and computer slow
Activate this option to see it:
http://www.bleepingcomputer.com/tutorial...ows/#winxp
[Image: 5f2kg5.gif]

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here [Image: paypal.gif]
Send this user an email Visit this user's website Find all posts by this user
Quote this message in a reply
18-11-2011, 12:00 AM
Post: #7
Prayok Offline
Baboon
 		Posts: 14
Joined: Nov 2011
Reputation: 0
RE: pdf's don't open and computer slow
http://www.virustotal.com/file-scan/rean...1321566877
Find all posts by this user
Quote this message in a reply
18-11-2011, 12:29 AM
Post: #8
Maniac Offline
Malware Fighter
*****
 		Posts: 1,339
Joined: Dec 2009
Reputation: 7
RE: pdf's don't open and computer slow
Please uninstall the following applications:

Quote:Freeze.com NetAssistant
Yontoo Layers Runtime 1.10.01
MeFeedia

Let me know if there is any progress?
[Image: 5f2kg5.gif]

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here [Image: paypal.gif]
Send this user an email Visit this user's website Find all posts by this user
Quote this message in a reply
18-11-2011, 01:26 AM
Post: #9
Prayok Offline
Baboon
 		Posts: 14
Joined: Nov 2011
Reputation: 0
RE: pdf's don't open and computer slow
done - done - and done!
Yes, I'm jumping from place to place like a monkey! Everything is faster - I'm opening videos with ease and..oh, I'm still having trouble with pdf's! Is there anything else left to do?
Find all posts by this user
Quote this message in a reply
18-11-2011, 09:15 AM
Post: #10
Maniac Offline
Malware Fighter
*****
 		Posts: 1,339
Joined: Dec 2009
Reputation: 7
RE: pdf's don't open and computer slow
Before that I just want to make sure, so let's do same additional scans:

Folow the instructions here to download, install and scan with Malwarebytes' Anti-Malware:
http://www.techmonkeys.co.uk/Thread-malw...#pid124451

Next:

  1. Please run a free online scan with the ESET Online Scanner

    Note: You will need to use Internet Explorer for this scan
  2. Tick the box next to YES, I accept the Terms of Use
  3. Click Start
  4. When asked, allow the ActiveX control to install
  5. Click Start
  6. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  7. Click Scan (This scan can take several hours, so please be patient)
  8. Once the scan is completed, you may close the window
  9. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  10. Copy and paste that log as a reply to this topic



Post the log files in your next reply.
[Image: 5f2kg5.gif]

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here [Image: paypal.gif]
Send this user an email Visit this user's website Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


Contact Us | Techmonkeys.co.uk | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication