Solved Is my computer infected by malware?
- Thread starter NCISabbyfan
- Start date
NCISabbyfan
Posts: 95 +0
How strange.
When I click on the Adobe link you gave me, it changed to http://get.adobe.com/uk/reader/, which is fine, but the Adobe Reader version listed states
No sign of 11.0.03. Instead, it links to 10.1.4. Not sure why it doesn't link to the current version.
I've had to Google to find this version, but...
http://blogs.adobe.com/adobereader/...nd-acrobat-xi-11-0-03-x-10-1-7-and-9-5-5.html
Due to the above person's encounter, I am exercising caution in case the same happens to me.
When I click on the Adobe link you gave me, it changed to http://get.adobe.com/uk/reader/, which is fine, but the Adobe Reader version listed states
No sign of 11.0.03. Instead, it links to 10.1.4. Not sure why it doesn't link to the current version.
I've had to Google to find this version, but...
http://blogs.adobe.com/adobereader/...nd-acrobat-xi-11-0-03-x-10-1-7-and-9-5-5.html
Due to the above person's encounter, I am exercising caution in case the same happens to me.
NCISabbyfan
Posts: 95 +0
Update: On reflection, I decided to install 11.0.03 after all, but for some reason this comes up:
http://www.adobe.com/support/downloads/thankyou.jsp?ftpID=5585&fileID=5596
I have since uninstalled this link, as it doesn't work and retained the previous version.
How do I locate tools and logs left over on my computer to delete them?
Qualys.com said that one of my Adobe downloads was out of date. Despite clicking on "Fix It", I get a message saying I have already installed 10.1.7.
However, as I go through your instructions, onto step 7 in a moment, here are the results of the OTL survey:
All processes killed
========== OTL ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: David
->Temp folder emptied: 99422 bytes
->Temporary Internet Files folder emptied: 499484 bytes
->Flash cache emptied: 4875 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 18702336 bytes
Total Files Cleaned = 18.00 mb
[EMPTYFLASH]
User: All Users
User: David
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0.00 mb
[EMPTYJAVA]
User: All Users
User: David
User: Default
User: Default User
User: Public
Total Java Files Cleaned = 0.00 mb
Unable to stop System Restore Service. Error code 5. Restore points not cleared.
Unable to start System Restore Service. Error code 5. Restore point not created.
OTL by OldTimer - Version 3.2.69.0 log created on 08272013_154109
Files\Folders moved on Reboot...
C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{25B0E595-0FEB-45CB-8BAF-68FF1B52D921}.tmp moved successfully.
C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{53281B7C-A564-42FB-B629-673B8C623813}.tmp moved successfully.
File\Folder C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{8FE9582C-AEE0-451A-9D86-D9FE0779E9C2}.tmp not found!
C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{9F8AE9A9-3845-41F2-B919-FBAFAE2DC10C}.tmp moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
http://www.adobe.com/support/downloads/thankyou.jsp?ftpID=5585&fileID=5596
I have since uninstalled this link, as it doesn't work and retained the previous version.
How do I locate tools and logs left over on my computer to delete them?
Qualys.com said that one of my Adobe downloads was out of date. Despite clicking on "Fix It", I get a message saying I have already installed 10.1.7.
However, as I go through your instructions, onto step 7 in a moment, here are the results of the OTL survey:
All processes killed
========== OTL ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: David
->Temp folder emptied: 99422 bytes
->Temporary Internet Files folder emptied: 499484 bytes
->Flash cache emptied: 4875 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 18702336 bytes
Total Files Cleaned = 18.00 mb
[EMPTYFLASH]
User: All Users
User: David
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0.00 mb
[EMPTYJAVA]
User: All Users
User: David
User: Default
User: Default User
User: Public
Total Java Files Cleaned = 0.00 mb
Unable to stop System Restore Service. Error code 5. Restore points not cleared.
Unable to start System Restore Service. Error code 5. Restore point not created.
OTL by OldTimer - Version 3.2.69.0 log created on 08272013_154109
Files\Folders moved on Reboot...
C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{25B0E595-0FEB-45CB-8BAF-68FF1B52D921}.tmp moved successfully.
C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{53281B7C-A564-42FB-B629-673B8C623813}.tmp moved successfully.
File\Folder C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{8FE9582C-AEE0-451A-9D86-D9FE0779E9C2}.tmp not found!
C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{9F8AE9A9-3845-41F2-B919-FBAFAE2DC10C}.tmp moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
NCISabbyfan
Posts: 95 +0
I did, but I can't find any OTL logs, only Mbam (Malwarebytes) and JRT.
New Update: I've reached step 9 and installed Secunia, which asked me to upgrade 3 programs (one automatically updated), but as I wasn't familiar with Microsoft XML Core Services (MSXML) 4.x, the only remaining program to not yet be updated I looked it up on Google.
One web site says users should be at version 6.
I use Windows Vista with Service Pack 2, so is it safe for me to upgrade Microsoft XML?
Secunia is asking me to install it (the "Customize" install option is greyed out):
http://windowssecrets.com/forums/showthread.php/148699-Microsoft-XML-Core-Service
http://www.microsoft.com/en-gb/download/details.aspx?id=19662
http://answers.microsoft.com/en-us/...xml4x-is/c81928bf-c67d-4b1f-acb2-47b69f268563
http://en.wikipedia.org/wiki/MSXML
Other than that, I've followed all your instructions, as far I can.
Secunia's update for Adobe Reader X won't go any higher than 10.1.7 for some reason, probably as the most current version won't install on my computer.
NCISabbyfan
Posts: 95 +0
Glad Secunia's false positives are minimal and that I didn't install the XML update.
It sounds like it must be Windows 7 and Windows 8 users who can use the 11.0.03 version of Adobe. I'll look forward to the more recent update when I eventually upgrade from Vista.
No other issues that I can think of, thanks.
It sounds like it must be Windows 7 and Windows 8 users who can use the 11.0.03 version of Adobe. I'll look forward to the more recent update when I eventually upgrade from Vista.
No other issues that I can think of, thanks.
NCISabbyfan
Posts: 95 +0
Thank you very much and I like the fun Tiger emoticon that you've pasted above your reply. 
Other than what appear to be two false positives from Secunia - asking me to update Windows Media Player 11 and Windows Vista, which would be for and relate to Windows 7, which I declined as I'm currently using Windows Vista, everything is going fine.
In addition, the WOT add-on warned me about what looked like an innocent web site in the Google search, but WOT popped up to say "This site has a poor reputation", so I avoided the dodgy site. While this was happening, the web site address was completely different from how it appeared in Google. Not necessarily always bogus when this happens, as there are several genuine redirection sites, eg they've changed server or address, but this one clearly was bogus, which I may have accessed, if it hadn't have been for WOT's intervention, due to how sophisticated such web sites are in tricking people into believing their web sites are genuine.
Other than what appear to be two false positives from Secunia - asking me to update Windows Media Player 11 and Windows Vista, which would be for and relate to Windows 7, which I declined as I'm currently using Windows Vista, everything is going fine.
In addition, the WOT add-on warned me about what looked like an innocent web site in the Google search, but WOT popped up to say "This site has a poor reputation", so I avoided the dodgy site. While this was happening, the web site address was completely different from how it appeared in Google. Not necessarily always bogus when this happens, as there are several genuine redirection sites, eg they've changed server or address, but this one clearly was bogus, which I may have accessed, if it hadn't have been for WOT's intervention, due to how sophisticated such web sites are in tricking people into believing their web sites are genuine.
NCISabbyfan
Posts: 95 +0
Moved to new thread
Similar threads
Latest posts
-
TechSpot is hiring: We're looking for tech enthusiasts with sharp writing skills- Julio Franco replied
-
Viewing a color E-ink display under a 230x digital microscope
- Tinderbox replied
