MrDerp Posted March 17, 2012 ID:535568 Share Posted March 17, 2012 A few days ago i noticed that my internet browser could not open it gave me a message about the site being temporarily offline or moved to a different address but the problem got "fixed" whenever i restart my computer. Upon further investigation they said it could be the effect of a virus so i ran Malwarebytes Anti-malware and it found 4 pieces of malware called "Worm.Autorun" one was a folder, one was a registery key and the other 2 are files. It said they removed them successfully but i am still concerned as they are still in quarentine along with 2 pieces of "Broken.Opencommand" so i am asking if there is any way to remove these files permanently from my computer, if they are still there of course. Also i am concerned because it said that the worm is transferred by USB and i have been using my phone as a usb so if it did transfer to my phone is there a way that i can delete it? thank you in advance Attach.txtDDS.txt Link to post Share on other sites More sharing options...
Elise Posted March 18, 2012 ID:535810 Share Posted March 18, 2012 Hello and It is indeed important to clean any usb device (preferably by reformatting).COMBOFIX---------------Please download ComboFix from one of these locations:BleepingcomputerForoSpywareDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)Double click on Combofix.exe and follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:Click on Yes, to continue scanning for malware.When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply. Link to post Share on other sites More sharing options...
MrDerp Posted March 18, 2012 Author ID:535838 Share Posted March 18, 2012 Thank you for your response and time elise025, but i seemed to have encountered a problem, when i run the combofix it basically freezes a point and nothing can be done but a hard restart tot he computer i believe i have disabled the antivirus that was on your list but the problem still occurs. Also about the usb, i use my phone as a usb device but don't particularly wish to format it is there any other alternative to get the malware off my phone, if it is on my phone to begin with? Link to post Share on other sites More sharing options...
Elise Posted March 18, 2012 ID:535843 Share Posted March 18, 2012 Sorry, I meant USB mass storage devices (flashdrives and such). Please press Windows key + R, type combofix /nombr and press enter. See if it runs like that. Link to post Share on other sites More sharing options...
MrDerp Posted March 18, 2012 Author ID:535876 Share Posted March 18, 2012 thank you again for your reply but unfortunately that method did not work either it said to ensure that it was spelt correctly for windows could not locate it i tried downloading it from the other location but alas the same thing happened. Also i am just confirming so i dont need to scan my phone or delete anything from it? is it not possible for the malware to be on my phone?, thanks again Link to post Share on other sites More sharing options...
Elise Posted March 18, 2012 ID:535877 Share Posted March 18, 2012 Technically malware could jump to a phone but as of yet there isn't cross-platform malware (yet). Change the command to <path to combofix.exe> /nombr (for example: "%userprofile%\desktop\combofix.exe" /nombr if it is located on the desktop). Link to post Share on other sites More sharing options...
MrDerp Posted March 18, 2012 Author ID:535885 Share Posted March 18, 2012 the same thing happened it froze again :'( if it helps it stops at "Output folder C:32788R22FWJFW/N_ Output folder C:32788R22FWJFW" Link to post Share on other sites More sharing options...
Elise Posted March 19, 2012 ID:535968 Share Posted March 19, 2012 In that case, delete combofix, download a new copy, rename it to random.exe and try to run it from Safe Mode. Link to post Share on other sites More sharing options...
MrDerp Posted March 20, 2012 Author ID:536250 Share Posted March 20, 2012 yay i got farther this time however it is saying that it is being interrupted by NOD32 even though i deleted it :| and cannot find any traces of it right now. I apologize for all these road bumps Link to post Share on other sites More sharing options...
Elise Posted March 20, 2012 ID:536279 Share Posted March 20, 2012 Can you just ignore the warning about NOD32 running and continue scanning? Link to post Share on other sites More sharing options...
MrDerp Posted March 23, 2012 Author ID:536946 Share Posted March 23, 2012 alrighty sorry i took so long but it worked Link to post Share on other sites More sharing options...
MrDerp Posted March 23, 2012 Author ID:536947 Share Posted March 23, 2012 and i siddenly forgot how to attach things... eventhough i did it earlier >.< Link to post Share on other sites More sharing options...
Elise Posted March 23, 2012 ID:536964 Share Posted March 23, 2012 Just copy/paste the log into the reply box. Link to post Share on other sites More sharing options...
MrDerp Posted March 24, 2012 Author ID:537157 Share Posted March 24, 2012 Here ya go :ComboFix 12-03-18.04 - Administrator 03/23/2012 6:50.1.2 - x86 NETWORKMicrosoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3327.2980 [GMT -8:00]Running from: c:\documents and settings\User\My Documents\Downloads\lollol.exeAV: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\documents and settings\All Users\Application Data\TEMPc:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfapx.exec:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfarx.dllc:\documents and settings\All Users\Application Data\TEMP\AVG\avgntdumpx.exec:\documents and settings\All Users\Application Data\TEMP\AVG\avgrunasx.exec:\documents and settings\All Users\Application Data\TEMP\AVG\compat.inic:\documents and settings\All Users\Application Data\TEMP\AVG\htmlayout.dllc:\documents and settings\All Users\Application Data\TEMP\AVG\incavi.avmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_cz.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_da.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_es.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_fr.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_ge.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_hu.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_id.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_in.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_it.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_jp.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_ko.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_ms.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_nl.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_pb.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_pl.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_pt.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_ru.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_sc.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_sk.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_sp.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_tr.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_us.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_zh.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\license_zt.htmc:\documents and settings\All Users\Application Data\TEMP\AVG\mfaconf.txtc:\documents and settings\All Users\Application Data\TEMP\AVG\mfacz.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfada.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfaes.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfafr.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfage.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfahu.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfaid.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfain.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfait.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfajp.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfako.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfams.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfanl.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfapb.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfapl.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfapt.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfaru.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfasc.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfask.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfasp.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfatr.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfaus.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfavera.txtc:\documents and settings\All Users\Application Data\TEMP\AVG\mfaverx.txtc:\documents and settings\All Users\Application Data\TEMP\AVG\mfazh.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\mfazt.lnsc:\documents and settings\All Users\Application Data\TEMP\AVG\setup.exec:\documents and settings\All Users\Application Data\TEMP\AVG\setup.inic:\documents and settings\User\WINDOWSC:\servicesOOC:\test.txtD:\install.exe..((((((((((((((((((((((((( Files Created from 2012-02-23 to 2012-03-23 )))))))))))))))))))))))))))))))..2012-03-20 14:31 . 2012-03-20 14:31 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google2012-03-20 14:25 . 2012-03-20 14:25 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe2012-03-18 20:59 . 2012-03-18 20:59 -------- d-----w- c:\program files\ITRWoW-LK2012-03-18 00:44 . 2012-03-18 00:44 -------- d-----w- c:\program files\WinAVI2012-03-09 19:31 . 2012-03-09 19:31 -------- d-----w- c:\program files\Common Files\Java2012-03-09 19:31 . 2012-03-09 19:30 73728 ----a-w- c:\windows\system32\javacpl.cpl2012-02-24 02:40 . 2012-02-24 02:40 -------- d-----w- c:\program files\Citrix...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-03-09 19:30 . 2010-06-12 17:12 472808 ----a-w- c:\windows\system32\deployJava1.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]2008-10-30 04:55 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-30 333192].[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}][HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2007-11-09 409600]"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-06 54832]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]"Malwarebytes' Anti-Malware"="c:\documents and settings\All Users\Desktop\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]"LexPPS.exe"="c:\windows\system32\lexpps.exe" [2004-02-26 174592].c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904].[HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]"NoAutoUpdate"= 1 (0x1).[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-27 304128].[HKLM\~\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]path=c:\documents and settings\User\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnkbackup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]2009-09-21 23:36 305440 ----a-w- c:\program files\iTunes\iTunesHelper.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]2009-05-27 04:06 4351216 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]2006-01-12 22:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]2009-03-05 23:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]2012-02-02 04:31 1242448 ----a-w- c:\program files\Steam\Steam.exe.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0).[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\Program Files\\iTunes\\iTunes.exe"="c:\\Program Files\\Ventrilo\\Ventrilo.exe"="c:\\Documents and Settings\\User\\Desktop\\Retail folder\\Launcher.exe"="c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="c:\\WINDOWS\\system32\\LEXPPS.EXE"="c:\\Documents and Settings\\User\\Desktop\\Retail folder\\BackgroundDownloader.exe"="c:\\CherryDeGames\\Dragon Nest\\DragonNest.exe"="c:\\Program Files\\Skype\\Phone\\Skype.exe"="c:\\Program Files\\Steam\\Steam.exe"="c:\\Documents and Settings\\User\\Local Settings\\Apps\\2.0\\0A3QZMPK.Y5N\\XENM4R08.WV9\\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\\CurseClient.exe"=.R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [3/8/2010 1:16 AM 64288]S1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [5/14/2009 2:47 PM 107256]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]S2 ekrn;ESET Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/18/2009 7:49 PM 133104]S2 MBAMService;MBAMService;c:\documents and settings\All Users\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe [6/11/2010 5:45 PM 652360]S3 1394hub;1394 Enabled Hub;c:\windows\system32\svchost.exe -k netsvcs [8/4/2004 4:00 AM 14336]S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [12/18/2009 9:58 AM 11336]S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/18/2009 7:49 PM 133104]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6/11/2010 5:45 PM 20464]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504].Contents of the 'Scheduled Tasks' folder.2012-03-20 c:\windows\Tasks\AppleSoftwareUpdate.job- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34].2012-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-19 03:49].2012-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-19 03:49]..------- Supplementary Scan -------.mStart Page = hxxp://www.yahoo.com/mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.htmlIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000TCP: DhcpNameServer = 65.183.0.76 65.183.0.86FF - ProfilePath - .- - - - ORPHANS REMOVED - - - -.Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2012-03-23 06:54Windows 5.1.2600 Service Pack 2 NTFS.scanning hidden processes ... .scanning hidden autostart entries ... .scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'winlogon.exe'(604)c:\windows\system32\Ati2evxx.dllc:\windows\system32\atiadlxx.dll.Completion time: 2012-03-23 06:55:17ComboFix-quarantined-files.txt 2012-03-23 14:55.Pre-Run: 14,854,701,056 bytes freePost-Run: 18,812,010,496 bytes free.WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsUnsupportedDebug="do not select this" /debugmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect.- - End Of File - - DCF63B39F1EA2C6383091E78761291F9I think that's all of it Link to post Share on other sites More sharing options...
Elise Posted March 24, 2012 ID:537206 Share Posted March 24, 2012 Hi again, that is looking good. How are things running at this point?UPDATE XP--------------Your Microsoft Windows installation is out of date. Using unpatched Windows systems on the Internet is a security risk to everyone. When there are insecure computers connected to the Internet, malware spreads faster and more extensively, distributed denial-of-service attacks are easier to launch, and spammers have more platforms from which to send e-mail. Whenever a security problem in its software is found, Microsoft will usually create a patch for it. After the patch is installed, attackers can't use the vulnerability to install malicious software on your computer. Keeping up-to-date with all these security patches will help prevent malware from reinfecting your machine. If you are not sure how to do this, see How to use Microsoft Update.For additional information, be sure to read "Windows Xp Service Pack 3 (sp3) Information".Then go here to check for & install updates to Microsoft applications.Note: The update process uses ActiveX, so you will need to use Internet Explorer for it, and allow the ActiveX control that it wants to install.Please reboot and repeat the update process until there are no more updates to install.Your version of Adobe Reader is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Adobe components and update:Download the latest version of Adobe Reader Version X. and save it to your desktop.Uncheck the "Free McAfee Security plan Plus" option or any other Toolbar you are offeredClick the download button at the bottom. If you use Internet Explorer and do not wish to install the ActiveX element, simply click on the click here to download link on the next page.Remove all older version of Adobe Reader: Go to Add/remove and uninstall all versions of Adobe Reader, Acrobat Reader and Adobe Acrobat. If you are unsure of how to use Add or Remove Programs, the please see this tutorial:How To Remove An Installed Program From Your ComputerThen from your desktop double-click on Adobe Reader to install the newest version. If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.When the "Adobe Setup - Welcome" window opens, click the Install > button.If offered to install a Toolbar, just uncheck the box before continuing unless you want it.Your Adobe Reader is now up to date!Finally, please launch MBAM, update it and run a full scan. Post me the resulting log. Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 22, 2012 ID:553746 Share Posted May 22, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts