Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Maybe i have malware


  • Please log in to reply
24 replies to this topic

#1 GeorgeStam89

GeorgeStam89

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:09:11 AM

Posted 15 December 2014 - 01:52 PM

Hello, I scanned with Malwrebytes and found 5 Trojan Siredef C in C:\Recycle.Bin\............... and dropped them into quarantine.
My pc is clean now or i need to do something else?



BC AdBot (Login to Remove)

 


#2 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 15 December 2014 - 02:05 PM

Hello there     :welcome:
 
Welcome to Bleeping Computer, I'm LighthouseParty. Let's run a couple of scans to see what could be causing this.
 
Step One:
Please download MiniToolBox to your desktop

  • Double click MiniToolBox.
  • Select the following and then press go.
  • Post the log in your next reply.

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points
 
Step Two:
Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log.

  • On the dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

Please also provide me with your previous Malwarebytes log, using the above method.

 

Step Three:
Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

Thanks and good luck!



#3 GeorgeStam89

GeorgeStam89
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  

Posted 15 December 2014 - 02:14 PM

How can i post the txts?? Lol i dont know about all these symbols....



#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:11 AM

Posted 15 December 2014 - 03:01 PM

Hello -

Please use Copy and Paste to reply in this area.

 

Highlight the .txt item, press Ctrl + C to copy, come back to this next open reply box and press Ctrl + V to paste your reply



#5 GeorgeStam89

GeorgeStam89
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 15 December 2014 - 05:13 PM

 
Ran by Giorgos (administrator) on 15-12-2014 at 22:20:22
Running from "E:\My Documents\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
�矣��� �����⫨� IP �� Windows
 
�⫬�� � �����ᨠ�� ��� ��㣞� cache ��墬��� DNS.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.356 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) - Greek (HKLM-x32\...\{AC76BA86-7AD7-1032-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BisonCam (HKLM-x32\...\{5BBC4803-C96E-4D3E-9D1D-2E43774C4062}) (Version:  - BisonCam)
Camfrog Video Chat 6.5 (HKLM-x32\...\Camfrog 6.5) (Version: 6.5.300 - Camshare, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
ChiconyCam (HKLM-x32\...\{A2201542-DA80-457F-8BD9-6C9C90196481}) (Version: 1.0.45.1213 - Chicony Electronics Co.,Ltd.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
ETDWare PS/2-X64 10.5.2.0 (HKLM\...\Elantech) (Version: 10.5.2.0 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Glary Utilities 5.3 (HKLM-x32\...\Glary Utilities 5) (Version: 5.3.0.8 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hotkey 6.0050 (HKLM-x32\...\InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}) (Version: 6.0050 - NoteBook)
Hotkey 6.0050 (x32 Version: 6.0050 - NoteBook) Hidden
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
LibreOffice 4.3.2.2 (HKLM-x32\...\{9C13F99C-6E1A-4126-AE91-EAA2DADE08D6}) (Version: 4.3.2.2 - The Document Foundation)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.2 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.2.6444 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Malware έκδοση 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (ELL) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Ελληνικά) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
New Super Mario Forever PC (HKLM-x32\...\New Super Mario Forever PC) (Version:  - )
NVIDIA Install Application (Version: 2.1002.160.1244 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Λογισμικό σύστημα PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Πρόγραμμα οδήγησης γραφικών 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0179 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
THX TruStudio Pro (HKLM-x32\...\{82F99DC9-389A-4528-940C-88248731A620}) (Version: TAMB-CVS1D-1-LB R07 - Creative Technology Limited)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
VIA Διαχειριστής Συσκευών Πλατφόρμας (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebCam Installer (HKLM-x32\...\InstallShield_{2A14D7BC-1876-4B38-830B-18856C27F550}) (Version: 4.041 - WebCam)
WebCam Installer (x32 Version: 4.041 - WebCam) Hidden
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Πακέτο προγραμμάτων οδήγησης των Windows - Realtek Semiconductor Corp. RtkBtFilter Bluetooth  (04/13/2012 1.4.538.1) (HKLM\...\D6ED4082A4E9EB1311D15FC0A0F2945F03738A9C) (Version: 04/13/2012 1.4.538.1 - Realtek Semiconductor Corp.)
Πίνακας Ελέγχου NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
========================= Restore Points ==================================
 
15-09-2014 05:52:24 Windows Update
15-09-2014 13:21:49 Windows Update
20-09-2014 15:25:28 Windows Update
02-10-2014 23:38:23 Windows Update
12-10-2014 23:55:17 Windows Update
25-10-2014 02:03:43 Windows Update
25-10-2014 02:04:54 avast! antivirus system restore point
27-10-2014 23:05:47 Revo Uninstaller's restore point - SpeedFan (remove only)
27-10-2014 23:06:40 Removed Java 8 Update 20
27-10-2014 23:08:00 Revo Uninstaller's restore point - Smart Defrag 3
27-10-2014 23:19:48 Revo Uninstaller's restore point - LibreOffice 4.2.5.2
27-10-2014 23:29:14 Installed LibreOffice 4.3.2.2
27-10-2014 23:32:23 Revo Uninstaller's restore point - Google Chrome
27-10-2014 23:38:52 Revo Uninstaller's restore point - Google Chrome
27-10-2014 23:42:54 Revo Uninstaller's restore point - Google Chrome
27-10-2014 23:52:35 Windows Update
08-11-2014 00:40:07 Windows Update
08-11-2014 01:38:09 avast! antivirus system restore point
12-11-2014 11:56:41 Revo Uninstaller's restore point - SpyHunter 4
12-11-2014 13:59:13 Windows Update
15-11-2014 20:16:33 Windows Update
17-11-2014 05:20:44 Revo Uninstaller's restore point - Malwarebytes Anti-Malware έκδοση 2.0.2.1012
18-11-2014 22:20:39 Windows Update
22-11-2014 06:45:13 Windows Update
26-11-2014 06:31:33 Windows Update
27-11-2014 05:52:38 avast! antivirus system restore point
27-11-2014 08:10:57 Windows Update
10-12-2014 05:56:43 Revo Uninstaller's restore point - Malwarebytes Anti-Malware έκδοση 2.0.3.1025
10-12-2014 06:03:57 Windows Update
12-12-2014 10:06:49 Windows Update
15-12-2014 16:04:31 Revo Uninstaller's restore point - Dropbox
 
**** End of log ****

Previous Malwarebytes txt 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Ημερομηνία Σάρωσης: 15/12/2014
Ώρα Σάρωσης: 5:27:48 μμ
Αρχείο καταγραφής: Trojan.txt
Διαχειριστής: Ναι
 
Έκδοση: 2.00.4.1028
Βάση Δεδομένων Κακόβουλου Λογισμικού: v2014.12.15.03
Βάση Δεδομένων Rootkit: v2014.12.14.01
Άδεια Χρήσης: Δωρεάν
Προστασία από Κακόβουλο Λογισμικό: Απενεργοποιημένο
Προστασία από Κακόβουλο Ιστότοπο: Απενεργοποιημένο
Αυτοπροστασία: Απενεργοποιημένο
 
ΛΣ: Windows 7 Service Pack 1
Επεξεργαστής: x64
Σύστημα Αρχείων: NTFS
Χρήστης: Giorgos
 
Τύπος Σάρωσης: Προσαρμοσμένη Σάρωση
Αποτέλεσμα: Ολοκληρώθηκε
Αντικείμενα που σαρώθηκαν: 511852
Χρόνος που πέρασε: 2 ωρ, 56 λεπ, 38 δευτ
 
Μνήμη: Ενεργοποιημένο
Εκκίνηση: Ενεργοποιημένο
Σύστημα αρχείων: Ενεργοποιημένο
Συμπιεσμένα αρχεία: Ενεργοποιημένο
Rootkits: Ενεργοποιημένο
Heuristics: Ενεργοποιημένο
ΠΑΠ: Ενεργοποιημένο
ΠΑΤ: Ενεργοποιημένο
 
Διεργασίες: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)
 
Μονάδες: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)
 
Κλειδιά Μητρώου: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)
 
Τιμές Μητρώου: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)
 
Δεδομένα Μητρώου: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)
 
Φάκελοι: 1
Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-21-2994107583-408619121-3683065998-1000\$R2X8O7P\l, Απομονώθηκε, [bd6050131468c1751fecce33649ca060], 
 
Αρχεία: 4
Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-21-2994107583-408619121-3683065998-1000\$R2X8O7P\l\54697fb3, Απομονώθηκε, [39e4342f5b21989e00045ba69967f60a], 
Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-21-2994107583-408619121-3683065998-1000\$R2X8O7P\l\54697fcf, Απομονώθηκε, [43da085b512baa8cc83c71906c9450b0], 
Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-21-2994107583-408619121-3683065998-1000\$R2X8O7P\l\548f063f, Απομονώθηκε, [7e9fed76c8b41521ba4ad72aa060ec14], 
Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-21-2994107583-408619121-3683065998-1000\$R2X8O7P\l\548f06d6, Απομονώθηκε, [a578a9ba9be1a1959f654ab7bb45857b], 
 
Φυσικοί Τομείς: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)
 
 
(end)

Current Malwarebytes txt
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Ημερομηνία Σάρωσης: 15/12/2014
Ώρα Σάρωσης: 10:27:05 μμ
Αρχείο καταγραφής: mbam.txt
Διαχειριστής: Ναι
 
Έκδοση: 2.00.4.1028
Βάση Δεδομένων Κακόβουλου Λογισμικού: v2014.12.15.05
Βάση Δεδομένων Rootkit: v2014.12.14.01
Άδεια Χρήσης: Δωρεάν
Προστασία από Κακόβουλο Λογισμικό: Απενεργοποιημένο
Προστασία από Κακόβουλο Ιστότοπο: Απενεργοποιημένο
Αυτοπροστασία: Απενεργοποιημένο
 
ΛΣ: Windows 7 Service Pack 1
Επεξεργαστής: x64
Σύστημα Αρχείων: NTFS
Χρήστης: Giorgos
 
Τύπος Σάρωσης: Προσαρμοσμένη Σάρωση
Αποτέλεσμα: Ολοκληρώθηκε
Αντικείμενα που σαρώθηκαν: 512946
Χρόνος που πέρασε: 1 ωρ, 35 λεπ, 31 δευτ
 
Μνήμη: Ενεργοποιημένο
Εκκίνηση: Ενεργοποιημένο
Σύστημα αρχείων: Ενεργοποιημένο
Συμπιεσμένα αρχεία: Ενεργοποιημένο
Rootkits: Ενεργοποιημένο
Heuristics: Ενεργοποιημένο
ΠΑΠ: Ενεργοποιημένο
ΠΑΤ: Ενεργοποιημένο
 
Διεργασίες: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)
 
Μονάδες: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)
 
Κλειδιά Μητρώου: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)
 
Τιμές Μητρώου: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)
 
Δεδομένα Μητρώου: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)
 
Φάκελοι: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)
 
Αρχεία: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)
 
Φυσικοί Τομείς: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)
 
 
(end)

Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 25  
 Java version 32-bit out of Date! 
  Adobe Flash Player 15.0.0.246 Flash Player out of Date!  
 Adobe Reader 10.1.7 Adobe Reader out of Date!  
 Google Chrome (39.0.2171.71) 
 Google Chrome (39.0.2171.95) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast ng ngservice.exe 
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 


#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:11 AM

Posted 15 December 2014 - 08:24 PM

Hello GeorgeStam89

Just to complete the incorrect items from above - These were left off the first post, and are Very Important >> Just use the program on your desktop if it is still there, and add these 3 Important items.

 

With MiniToolBox  to desktop to run it.
 Checkmark the following boxes only:
 * List content of Hosts

 * List last 10 Event Viewer log
 * List Users, Partitions and Memory size
 Click Go and Copy / Paste the result. (result.txt)

 

 

>>>Also - Please post a snapshot with Speccy for more system details -
How to Publish a snapshot with Speccy <<-- Full Directions Here (only Copy / Paste the link)

 

Note translating from Greek to English may just slow us a bit, but we try and keep up with Translate Programs......

 

Thank You -


Edited by noknojon, 16 December 2014 - 06:50 AM.


#7 GeorgeStam89

GeorgeStam89
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 16 December 2014 - 12:40 AM

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Giorgos (administrator) on 16-12-2014 at 07:35:28
Running from "E:\My Documents\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================
 
 
 
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/15/2014 06:08:51 PM) (Source: SideBySide) (User: )
Description: Η δημιουργία περιβάλλοντος ενεργοποίησης για το "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1" απέτυχε. Παρουσιάστηκε σφάλμα στο αρχείο διακήρυξης ή πολιτικής "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" στη γραμμή C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Η έκδοση ενός στοιχείου που απαιτείται για την εφαρμογή έρχεται σε διένεξη με την έκδοση άλλου στοιχείου το οποίο είναι ήδη ενεργό.
Τα στοιχεία που έρχονται σε διένεξη είναι:.
Στοιχείο 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Στοιχείο 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (12/15/2014 04:59:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/14/2014 10:16:05 PM) (Source: Google Update) (User: Giorgos-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (12/14/2014 07:16:05 PM) (Source: Google Update) (User: Giorgos-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (12/14/2014 06:33:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/13/2014 10:16:06 PM) (Source: Google Update) (User: Giorgos-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (12/13/2014 08:14:07 PM) (Source: Application Hang) (User: )
Description: Το πρόγραμμα Explorer.EXE έκδοση 6.1.7601.17567 σταμάτησε να αλληλεπιδρά με τα Windows και έκλεισε. Για να δείτε αν υπάρχουν διαθέσιμες περισσότερες πληροφορίες για το πρόβλημα, ελέγξτε το ιστορικό του προβλήματος στον πίνακα ελέγχου του Κέντρου ενεργειών.
 
Αναγνωριστικό διεργασίας: fd4
 
Ώρα έναρξης: 01d016d9dd0b38b5
 
Ώρα τερματισμού: 15
 
Διαδρομή εφαρμογής: C:\Windows\Explorer.EXE
 
Αναγνωριστικό αναφοράς: c5e6eb3b-82f3-11e4-9cf4-0090f5d175fb
 
Error: (12/13/2014 05:30:49 PM) (Source: SideBySide) (User: )
Description: Η δημιουργία περιβάλλοντος ενεργοποίησης για το "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1" απέτυχε. Παρουσιάστηκε σφάλμα στο αρχείο διακήρυξης ή πολιτικής "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" στη γραμμή C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Η έκδοση ενός στοιχείου που απαιτείται για την εφαρμογή έρχεται σε διένεξη με την έκδοση άλλου στοιχείου το οποίο είναι ήδη ενεργό.
Τα στοιχεία που έρχονται σε διένεξη είναι:.
Στοιχείο 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Στοιχείο 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (12/13/2014 03:39:40 PM) (Source: Google Update) (User: Giorgos-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (12/13/2014 03:35:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (12/16/2014 00:04:36 AM) (Source: Disk) (User: )
Description: Το πρόγραμμα οδήγησης εντόπισε ένα σφάλμα ελεγκτή στο "\Device\Harddisk1\DR1".
 
Error: (12/16/2014 00:04:35 AM) (Source: Disk) (User: )
Description: Το πρόγραμμα οδήγησης εντόπισε ένα σφάλμα ελεγκτή στο "\Device\Harddisk1\DR1".
 
Error: (12/16/2014 00:04:35 AM) (Source: Disk) (User: )
Description: Το πρόγραμμα οδήγησης εντόπισε ένα σφάλμα ελεγκτή στο "\Device\Harddisk1\DR1".
 
Error: (12/16/2014 00:04:34 AM) (Source: Disk) (User: )
Description: Το πρόγραμμα οδήγησης εντόπισε ένα σφάλμα ελεγκτή στο "\Device\Harddisk1\DR1".
 
Error: (12/15/2014 04:58:32 PM) (Source: Service Control Manager) (User: )
Description: Το χρονικό όριο αναμονής ξεπεράστηκε (30000 χιλιοστά του δευτερολέπτου) κατά την αναμονή για τη σύνδεση της υπηρεσίας RtkBleServ.
 
Error: (12/15/2014 04:58:20 PM) (Source: Service Control Manager) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας IMF Service εξαιτίας του ακόλουθου σφάλματος: 
%%2
 
Error: (12/15/2014 04:58:17 PM) (Source: BTHUSB) (User: )
Description: Ο τοπικός προσαρμογέας Bluetooth απέτυχε χωρίς καθορισμένο λόγο και δεν θα χρησιμοποιηθεί. Καταργήθηκε η φόρτωση του προγράμματος οδήγησης.
 
Error: (12/14/2014 06:34:03 PM) (Source: Service Control Manager) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας AvastVBox COM Service εξαιτίας του ακόλουθου σφάλματος: 
%%1053
 
Error: (12/14/2014 06:34:03 PM) (Source: Service Control Manager) (User: )
Description: Το χρονικό όριο αναμονής ξεπεράστηκε (30000 χιλιοστά του δευτερολέπτου) κατά την αναμονή για τη σύνδεση της υπηρεσίας AvastVBox COM Service.
 
Error: (12/14/2014 06:34:03 PM) (Source: DCOM) (User: )
Description: 1053AvastVBoxSvc{F319F1B8-7587-4146-AF9C-0D6D77819BF1}
 
 
Microsoft Office Sessions:
=========================
Error: (12/15/2014 06:08:51 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\My Documents\Programs\esetsmartinstaller_enu.exe
 
Error: (12/15/2014 04:59:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/14/2014 10:16:05 PM) (Source: Google Update)(User: Giorgos-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (12/14/2014 07:16:05 PM) (Source: Google Update)(User: Giorgos-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (12/14/2014 06:33:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/13/2014 10:16:06 PM) (Source: Google Update)(User: Giorgos-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (12/13/2014 08:14:07 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.17567fd401d016d9dd0b38b515C:\Windows\Explorer.EXEc5e6eb3b-82f3-11e4-9cf4-0090f5d175fb
 
Error: (12/13/2014 05:30:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\My Documents\Programs\esetsmartinstaller_enu.exe
 
Error: (12/13/2014 03:39:40 PM) (Source: Google Update)(User: Giorgos-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (12/13/2014 03:35:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-10-23 17:03:29.618
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-23 17:03:29.538
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-22 18:22:03.043
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-22 18:22:02.956
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-22 18:16:43.825
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-22 18:16:43.794
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-22 18:04:19.945
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-22 18:04:19.913
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-22 18:03:49.275
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-22 18:03:49.228
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 56%
Total physical RAM: 8082.3 MB
Available physical RAM: 3508.41 MB
Total Pagefile: 16162.77 MB
Available Pagefile: 11827.72 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.06 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows) (Fixed) (Total:234.38 GB) (Free:58.69 GB) NTFS
3 Drive e: (Data) (Fixed) (Total:231.28 GB) (Free:67.49 GB) NTFS
4 Drive f: (NO NAME) (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32
 
========================= Users: ========================================
 
¦¨ ©£¦ε User \\GIORGOS-PC
 
Administrator            Giorgos                  Guest                    
塬                     
† ¤«¦Άγ ¦Ά¦΅Ά¨ι΅ £ § «¬®ε.
 
 
**** End of log ****


#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:11 AM

Posted 16 December 2014 - 01:22 AM

Hi -

Among the main items that I can find, are links to minor infection / advertising areas that are mainly located in USA.

If this computer is used for a bit of FaceBook logging on, then several of these "minor" items will relate back to there -

 

Several of the other items require a deep look -In the time that you are waiting please run this Quick Cleaner -

Please download and run RKill by Grinler.
 A black DOS box will appear for a short time and then disappear.
 This is normal and indicates the tool ran successfully.
 At most the tool will usually run for about 2 minutes
 Please Copy / Paste the small log back here.
 
Do not reboot your computer until you complete the next step.

Next :

  • Download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
     * Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button (only once)
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button only once for accuracy.
  • A report (AdwCleaner[R0].txt) will open in Notepad for your review.
  • Check the listed removals and see if you are OK with them.
  • If you have questions, post the Report log back here.

 Next

  • Click on the Clean button only once for accuracy
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK finally to allow AdwCleaner to Restart the computer and complete the removal process.
  • After rebooting, a log report (AdwCleaner[S0].txt) will open automatically.
  • **Copy and Paste the contents of that log in your next reply.**
  • To restore an item that has been deleted by accident : Open the program again,
  • Go to Tools (top left) > Quarantine Manager > check what you want restored > now click on Restore.

Note: With most Adware / Junkware / PUPs it is strongly recommended to deal with it like a legitimate program and uninstall from Programs and Features or Add/Remove Programs in the Control Panel. In many cases, using the uninstaller of the adware not only removes the adware more effectively, but it also restores any changed configuration. After uninstallation, then you can run specialized tools like AdwCleaner and JRT to fix any remaining entries they may find.

 

 

Next -
Please download Junkware Removal Tool to your desktop.
* Temporarily Disable your Antivirus now to avoid potential conflicts.
* Run the tool by double-clicking it.

* If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
* The tool will open and start scanning your system.
* Please be patient as this can take a while to complete depending on your system's specifications.
* On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
* Post the contents of JRT.txt into your next message.
 

 

Thank You -



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:11 PM

Posted 16 December 2014 - 01:38 AM

Step 2 -

After you finish the steps above, please continue down here.

Glary Utilities 3 must be removed as it is causing a lot of problems for your system, but it may be removed by these 2 programs above

 

Run System File Check from an >> Elevated Command Prompt  << See here if you are not sure.
 1. Open Elevated Command Prompt as per directions
 2. Type sfc /scannow and press Enter (note the space between c and / it must be there)
 3. (On average).This should not take longer than 20 minutes to finish
 4. NOTE : Do not touch the keyboard while this is running

This will take (about) 20 minutes depending on your system

If this is a Battery powered model or a laptop, please plug it into a reliable power source.

 

 

Next - Run a Disk Check on your Main Hard Drive in Windows:

  • Click Start and open Computer
  • Right-click on C: (or your main Hard Drive letter) and select Properties
  • Click on the Tools tab
  • Under Error-checking click the Check Now... button
  • Mark the 2 boxes next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors
  • Click on the Start button
  • When the message box pops up, click the Schedule disk check button and RESTART your computer
  • Once your computer restarts it will check the HDD drive; don't press any keys so that it is allowed to do so

NOTES : This can take from 1 to 2 hours to complete depending on your system, so let it continue
Do not Reboot during the scan, as you can (will) lose data from the system.
If this is a laptop, plug it into a reliable power source, as batteries do fail.
Once completed, the computer will reboot back to Normal Mode.

 

 

After that we can do a final Antivirus check -

 

Thank You -

 

Minor edit to change some words .


Edited by noknojon, 16 December 2014 - 01:57 AM.


#10 GeorgeStam89

GeorgeStam89
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 16 December 2014 - 03:19 AM

Rkill 2.6.9 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 12/16/2014 09:02:20 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 12/16/2014 09:02:41 AM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)

# AdwCleaner v4.105 - Report created 16/12/2014 at 09:10:46
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.4 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Giorgos - GIORGOS-PC
# Running from : E:\My Documents\Downloads\adwcleaner_4.105.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : Skype C2C Service
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
 
-\\ Mozilla Firefox v23.0.1 (el)
 
 
-\\ Google Chrome v39.0.2171.95
 
 
*************************
 
AdwCleaner[R0].txt - [3548 octets] - [27/11/2014 09:58:17]
AdwCleaner[R1].txt - [915 octets] - [28/11/2014 01:56:02]
AdwCleaner[R2].txt - [1666 octets] - [16/12/2014 09:07:04]
AdwCleaner[R3].txt - [1518 octets] - [16/12/2014 09:10:46]
AdwCleaner[S0].txt - [3491 octets] - [27/11/2014 10:05:47]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1638 octets] ##########

# AdwCleaner v4.105 - Report created 16/12/2014 at 09:14:52
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.4 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Giorgos - GIORGOS-PC
# Running from : E:\My Documents\Downloads\adwcleaner_4.105.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : Skype C2C Service
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
 
-\\ Mozilla Firefox v23.0.1 (el)
 
 
-\\ Google Chrome v39.0.2171.95
 
 
*************************
 
AdwCleaner[R0].txt - [3548 octets] - [27/11/2014 09:58:17]
AdwCleaner[R1].txt - [915 octets] - [28/11/2014 01:56:02]
AdwCleaner[R2].txt - [1666 octets] - [16/12/2014 09:07:04]
AdwCleaner[R3].txt - [1726 octets] - [16/12/2014 09:10:46]
AdwCleaner[S0].txt - [3491 octets] - [27/11/2014 10:05:47]
AdwCleaner[S1].txt - [1657 octets] - [16/12/2014 09:14:52]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1717 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Professional x64
Ran by Giorgos on ’¨  16/12/2014 at  9:24:17,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ’¨  16/12/2014 at  9:28:19,41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

As for Glary Utilities 3 the Elevated Command Prompt didn't find problems so i didn't remove the program... Now i'll run a disk check in my main disk
 


#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:11 AM

Posted 16 December 2014 - 07:17 AM

Go HERE and update Reader to X1 (eleven).
Untick the Mcafee program as it is just advertising.

Next go http://get.adobe.com/flashplayer. and update your Flash player -
Again, Untick the Mcafee advertising, as it is not related to the program

 

You must uninstall the Glary Utilities 3 from Programs and Features and IObit Smart Defrag 3

Your M/soft Defrag will do a much better job, and Defrag every day or 2 -

 

 

Thank you -



#12 GeorgeStam89

GeorgeStam89
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 16 December 2014 - 03:49 PM

I updated Reader, Flash Player and i uninstalled these 2 programs.
What's next?



#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,613 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:11 AM

Posted 16 December 2014 - 05:43 PM

Is this the same computer as in your other topic here or a different one?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 GeorgeStam89

GeorgeStam89
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 16 December 2014 - 06:37 PM

No,this is a laptop.The other is desktop



#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,613 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:11 AM

Posted 16 December 2014 - 07:17 PM

Ok. I just wanted to make sure we were not making more work than necessary for our Helpers.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users