Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Freezing

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Freezing

Unread postby Albertg » March 16th, 2014, 9:44 pm

Instructions were good. When I ran the mbam exe there was no "C:\System Volume Information folder. I cannot find the mbam-log-date. I cannot find the documents and settings path under C:\. Should I try to run it again.

There are no changes in computer performance.

Thank you.

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Use Chrome's Settings page to remove the default_search_provider items.
File C:\Users\Al\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 not found.
File C:\Users\Al\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0 not found.
========== FILES ==========
File move failed. c:\windows\system32\msxml3.dll scheduled to be moved on reboot.
File move failed. C:\Windows\SysWow64\msxml3r.dll scheduled to be moved on reboot.
File move failed. C:\Windows\System32\msxml3r.dll scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\msxml3r.dll scheduled to be moved on reboot.
File\Folder C:\Users\Al\AppData\Local\mysearchdial-speeddial.crx not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Al
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 160116375 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 9550651 bytes
->Flash cache emptied: 1047 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10211489 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 172.00 mb


[EMPTYFLASH]

User: Al
->Flash cache emptied: 0 bytes

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: Al
->Java cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: Guest

User: Public

Total Java Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 03152014_155509

Files\Folders moved on Reboot...
File move failed. c:\windows\system32\msxml3.dll scheduled to be moved on reboot.
File move failed. C:\Windows\SysWow64\msxml3r.dll scheduled to be moved on reboot.
File move failed. C:\Windows\System32\msxml3r.dll scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\msxml3r.dll scheduled to be moved on reboot.
C:\Users\Al\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

C:\Qoobox\Quarantine\C\Program Files (x86)\MyScrapNook_12EI\Installr\1.bin\12EIPlug.dll.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files (x86)\MyScrapNook_12EI\Installr\1.bin\NP12EISb.dll.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Users\Al\Documents\APNSetup.exe Win32/Bundled.Toolbar.Ask.E potentially unsafe application
C:\Users\Al\Downloads\gimp-setup.exe Win32/DownloadAdmin.A.Gen potentially unwanted application
J:\AL-PC\Backup Set 2013-12-24 215252\Backup Files 2013-12-24 215252\Backup files 1.zip Win32/Bundled.Toolbar.Ask.E potentially unsafe application
J:\AL-PC\Backup Set 2013-12-24 215252\Backup Files 2013-12-24 215252\Backup files 13.zip Win32/DownloadAdmin.A.Gen potentially unwanted application
J:\AL-PC\Backup Set 2013-12-24 215252\Backup Files 2013-12-24 215252\Backup files 14.zip Win32/OpenCandy potentially unsafe application
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\Conduit\Community Alerts\Alert.dll Win32/Toolbar.Conduit.Y potentially unwanted application
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\ReactivateIE.exe Win32/Toolbar.Zugo potentially unwanted application
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\StartNowToolbarUninstall.exe Win32/Toolbar.Zugo.E potentially unwanted application
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\Toolbar32.dll Win32/Toolbar.Zugo potentially unwanted application
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\ToolbarBroker.exe Win32/Toolbar.Zugo potentially unwanted application
Albertg
Regular Member
 
Posts: 15
Joined: October 28th, 2013, 8:58 pm
Advertisement
Register to Remove

Re: Freezing

Unread postby pgmigg » March 17th, 2014, 9:30 pm

Hello Albertg,
When I ran the mbam exe there was no "C:\System Volume Information folder.
An items (files) started from C:\System Volume Information\ folder in the list of MBAM results are optional and should be unchecked if exist only - otherwise please do nothing.
There are two possibilities:
  • MBAM scan found nothing - the log was not created and the Show Results button is not available;
  • MBAM scan found malicious entries - the Show Results button is available as well as available the Remove Selected button if you pressed the Show Results.

I cannot find the mbam-log-date. I cannot find the documents and settings path under C:\. Should I try to run it again.

Then there are two ways to find and see a recent log:
    • Double-click Malwarebytes' Anti-Malware icon on your Desktop.
    • In the top menu, click Logs, choose C:\Users\Username\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2014-mm-dd(hour-min-sec).txt
    • Click on Open button and Notepad will be opened with log.
  1. Show Hidden and System files
    1. Close all programs so that you are at your desktop.
    2. Press Image.
    3. Click the Start Search box on the Start Menu
    4. Copy and paste the following value, in the open text entry box:
      control folders
    5. Click on the View tab, then under the "Hidden files and folders" section
      • SELECT "Show hidden files and folders"
      • Remove check mark from check box "Hide extensions for known file types"
      • Remove check mark from check box "Hide protected operating system files"
    6. Press the Apply, then the OK buttons.
    7. Then please go to C:\Users\Username\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs directory, select there most recent MBAM log file, and open it with Notepad

If you can not find this file by any of the proposed ways, then - yes, you have to run a full scan again.

Also I hope to receive a log after ESET scan too...

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Contents of the most recent MBAM Log file.
  2. Contents of the ESETScan.txt log file
  3. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3183
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Freezing

Unread postby Albertg » March 17th, 2014, 10:08 pm

Below are the mbam log file and the ESETScan.txt file. There is no change in computer performance.

Thank you for your assistance.

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.15.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Al :: AL-PC [administrator]

Protection: Disabled

3/15/2014 8:12:44 PM
mbam-log-2014-03-15 (20-12-44).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 577460
Time elapsed: 1 hour(s), 25 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 6
HKCR\AppID\{685F23D9-FCFD-475C-B56A-362645945C5A} (PUP.Optional.iVIDI.A) -> Quarantined and deleted successfully.
HKCR\MyScrapNook_12Installer.Start (PUP.Optional.MyScrapNook.A) -> Quarantined and deleted successfully.
HKCR\MyScrapNook_12Installer.Start.1 (PUP.Optional.MyScrapNook.A) -> Quarantined and deleted successfully.
HKCU\Software\iVIDI Plugin (PUP.Optional.Ividi.A) -> Quarantined and deleted successfully.
HKCU\Software\iVIDI.org (PUP.Optional.Ividi.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\HOSTS\INSTALLER (PUP.Optional.Hosts.A) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SOFTWARE\hosts\Installer|BundledIe (PUP.Optional.Hosts.A) -> Data: 1 -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 12
C:\AdwCleaner\Quarantine\C\Users\Al\AppData\LocAl\Temp\OpenCandy\OCSetupHlp.dll.vir (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Al\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.2.11.windows.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Al\Downloads\7zip_installer_d162802.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Users\Al\Downloads\Flash Player 12.exe (PUP.Optional.AirInstaller) -> Quarantined and deleted successfully.
C:\Users\Al\Downloads\frostwire-4.21.1.windows.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Al\Downloads\mp3rocket (1).exe (PUP.Optional.Spigot.A) -> Quarantined and deleted successfully.
C:\Users\Al\Downloads\Setup (1).exe (PUP.Optional.Rapiddown) -> Quarantined and deleted successfully.
C:\Users\Al\Downloads\Setup (2).exe (PUP.Optional.Rapiddown) -> Quarantined and deleted successfully.
C:\Users\Al\Downloads\setup.exe (PUP.Optional.OutBrowse) -> Quarantined and deleted successfully.
J:\Seagate Backup\WINDOWS-6E4015F\C\Documents and Settings\Administrator\My Documents\Downloads\greetingcardcreator.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
J:\Seagate Backup\WINDOWS-6E4015F\History\Level2\C\Documents and Settings\Administrator\Desktop\kf141.zip (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

(end)

C:\Qoobox\Quarantine\C\Program Files (x86)\MyScrapNook_12EI\Installr\1.bin\12EIPlug.dll.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files (x86)\MyScrapNook_12EI\Installr\1.bin\NP12EISb.dll.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Users\Al\Documents\APNSetup.exe Win32/Bundled.Toolbar.Ask.E potentially unsafe application
C:\Users\Al\Downloads\gimp-setup.exe Win32/DownloadAdmin.A.Gen potentially unwanted application
J:\AL-PC\Backup Set 2013-12-24 215252\Backup Files 2013-12-24 215252\Backup files 1.zip Win32/Bundled.Toolbar.Ask.E potentially unsafe application
J:\AL-PC\Backup Set 2013-12-24 215252\Backup Files 2013-12-24 215252\Backup files 13.zip Win32/DownloadAdmin.A.Gen potentially unwanted application
J:\AL-PC\Backup Set 2013-12-24 215252\Backup Files 2013-12-24 215252\Backup files 14.zip Win32/OpenCandy potentially unsafe application
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\Conduit\Community Alerts\Alert.dll Win32/Toolbar.Conduit.Y potentially unwanted application
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\ReactivateIE.exe Win32/Toolbar.Zugo potentially unwanted application
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\StartNowToolbarUninstall.exe Win32/Toolbar.Zugo.E potentially unwanted application
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\Toolbar32.dll Win32/Toolbar.Zugo potentially unwanted application
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\ToolbarBroker.exe Win32/Toolbar.Zugo potentially unwanted application
Albertg
Regular Member
 
Posts: 15
Joined: October 28th, 2013, 8:58 pm

Re: Freezing

Unread postby pgmigg » March 17th, 2014, 10:56 pm

Hello Albertg,

Very good job! :D Let continue...

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [createrestorepoint]
    
    :Files
    C:\Users\Al\Documents\APNSetup.exe
    C:\Users\Al\Downloads\gimp-setup.exe
    J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\Conduit\Community Alerts\Alert.dll
    J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\ReactivateIE.exe
    J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\StartNowToolbarUninstall.exe
    J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\Toolbar32.dll
    J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\ToolbarBroker.exe
    
    :Commands
    [emptytemp]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Copy the contents of that file and post it in your next reply. The log can also be found, based on the date/time it was created, as C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log

Step 2.
J:\AL-PC\Backup Set 2013-12-24 215252\Backup Files 2013-12-24 215252\Backup files 1.zip Win32/Bundled.Toolbar.Ask.E potentially unsafe application
J:\AL-PC\Backup Set 2013-12-24 215252\Backup Files 2013-12-24 215252\Backup files 13.zip Win32/DownloadAdmin.A.Gen potentially unwanted application
J:\AL-PC\Backup Set 2013-12-24 215252\Backup Files 2013-12-24 215252\Backup files 14.zip Win32/OpenCandy potentially unsafe application

This 3 files marked by ESET scanner are elements of your incremental backup system and probably contain a real infections.
My opinion is that potentially infected files, especially inside of backup must be removed, but the final decision is yours.
I could recommend to delete the whole backup and start the new fresh one after I will report that your computer is clean - it will be a good starting point for new backup.
Please let me know your decision.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
  3. Your decision about infected backup files.
  4. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3183
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Freezing

Unread postby Albertg » March 19th, 2014, 7:10 pm

Below is OTL file. I would like to delete 3 backup files that you mentioned. Internet provided changed out my modem and computer is running better. Please let me know how to delete backup files mentioned.

Thank you again for all your help!!

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
C:\Users\Al\Documents\APNSetup.exe moved successfully.
C:\Users\Al\Downloads\gimp-setup.exe moved successfully.
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\Conduit\Community Alerts\Alert.dll moved successfully.
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\ReactivateIE.exe moved successfully.
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\StartNowToolbarUninstall.exe moved successfully.
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\Toolbar32.dll moved successfully.
J:\Seagate Backup\WINDOWS-6E4015F\C\Program Files\StartNow Toolbar\ToolbarBroker.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Al
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 37905878 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 60885407 bytes
->Flash cache emptied: 598 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 66261 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 94.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 03192014_185552

Files\Folders moved on Reboot...
C:\Users\Al\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Albertg
Regular Member
 
Posts: 15
Joined: October 28th, 2013, 8:58 pm

Re: Freezing

Unread postby pgmigg » March 20th, 2014, 5:09 pm

Hello Albertg,

Internet provided changed out my modem and computer is running better.
I am glad to read it! ;)

Your latest set of logs appear to be clean! :cheers:
This is my general post for when your logs show no more signs of malware.

I would like to delete 3 backup files that you mentioned. Please let me know how to delete backup files mentioned.
It is easy... :D
Before I give you instructions how to keep your computer clean and secure, you need to make a few additional steps.

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [CREATERESTOREPOINT]
    
    :Files
    J:\AL-PC\Backup Set 2013-12-24 215252\Backup Files 2013-12-24 215252\Backup files 1.zip
    J:\AL-PC\Backup Set 2013-12-24 215252\Backup Files 2013-12-24 215252\Backup files 13.zip
    J:\AL-PC\Backup Set 2013-12-24 215252\Backup Files 2013-12-24 215252\Backup files 14.zip
    
    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Copy the contents of that file and post it in your next reply. The log can also be found, based on the date/time it was created, as C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log

Step 2.
OTL-Cleanup
You should still have OTL on your desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Press the CleanUp button.
  3. When done, you will be prompted to reboot your system to finish file removal, please select OK to reboot your computer.

Step 3.
Hide Hidden and System files
  1. Close all programs so that you are at your desktop.
  2. Press Image.
  3. Click the Start Search box on the Start Menu
  4. Copy and paste the following value, in the open text entry box:
    control folders
  5. Click on the View tab, then under the "Hidden files and folders" section
    • UNSELECT "Show hidden files and folders"
    • Place check mark in check box "Hide extensions for known file types"
    • Place check mark in check box "Hide protected operating system files"
  6. Press the Apply, then the OK buttons.

Step 4.
Update Adobe Reader
Your version of Adobe Reader X is out-of-date. There are serious security issues with older versions of Adobe Reader.
I'm not asking you to update any Adobe Acrobat installation... this can be quite costly. I am going to insist that you update your Adobe Reader software.
Then use the Reader for viewing PDF files - you can use the Acrobat software for your other needs.

Please download the current version of Adobe Reader...Copyright © Adobe Systems Inc.
Please UNCHECK the box for the: Free McAfee® Security Scan Plus.
  1. Click the yellow Download now button. If you don't already have Adobe DLM... you may receive a prompt.
    Adobe DLM software removal instructions available here, if wanted.
  2. The Adobe installer will check your system and begin the installation process. Use the default installation parameters.
  3. When the installation is complete, please Close and re-open your Internet browser.

Adobe Reader XI - recommended (safety) program settings
When the program is open, click on Edit and select Preferences. In the categories below, use these settings:
  • Javascript - Uncheck Enable Acrobat Javascript.
  • Security (Enhanced) - Uncheck Automatically trust sites from my Win OS security zones.
  • Secure Trust Manager- Uncheck Allow opening of non-PDF file attachments with external applications.

Step 5.
Remove all used tools and their log files not removed by OTL if they remain on your desktop.
  • DDS
  • JRT
  • AdwCleaner

Then:
Please don't forget to enable and update all your defense software!

Finally:
Please click HERE to find a short guide to staying safer online.

Please don't hesitate to ask any additional questions.

Stay Safe! ;)
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3183
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Freezing

Unread postby Albertg » March 20th, 2014, 6:56 pm

I apologize but I cannot find the OTL file that was created. Also I could not perform step 3. Did you want me to paste "control panel" in the search box. I did but nothing happened. Also the OTL icon has disappeared.

Thank you for your help.
Albertg
Regular Member
 
Posts: 15
Joined: October 28th, 2013, 8:58 pm

Re: Freezing

Unread postby pgmigg » March 20th, 2014, 9:47 pm

Hello Albertg,

Also I could not perform step 3. Did you want me to paste "control panel" in the search box. I did but nothing happened.
You are absolutely right - the Step 3 is my mistake :oops: and I apologize for it!
The right variant is:

Step 3.
Hide Hidden and System files
  1. Close all programs so that you are at your desktop.
  2. Press Image.
  3. Click the Start Search box on the Start Menu
  4. Copy and paste the following value, in the open text entry box:
    change search options for files and folders
    then press Enter button
  5. Click on the View tab, then under the "Hidden files and folders" section please
    • UNSELECT "Show hidden files and folders"
  6. Find below and
    • place check mark in check box "Hide extensions for known file types"
    • place check mark in check box "Hide protected operating system files"
  7. Press the Apply, then the OK buttons.

I apologize but I cannot find the OTL file that was created. Also the OTL icon has disappeared.
It is OK! I did not need to get OTL report last time and the report as well as OTL icon were deleted from the Desktop by running of Step 2.

Thank you for your help.
You are very welcome, Albertg!

Please don't hesitate to ask any additional questions.

Stay Safe! ;)
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3183
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Freezing

Unread postby Cypher » March 24th, 2014, 5:59 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 28 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware