Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

iexplore.exe problem


  • Please log in to reply
25 replies to this topic

#1 Squall87

Squall87

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 28 July 2015 - 06:31 AM

hi all,it's been several days that i have problems with iexplore.exe,it tells me that internet explorer has stopped functioning when i don't use it all,so i checked task manager and i saw that there are like 4-5 iexplore.exe processes,and even if i terminate them,they just appear again,i tried a lot of antivirus but without success..thanks in advance for help


Edited by hamluis, 28 July 2015 - 07:07 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


m

#2 Squall87

Squall87
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 28 July 2015 - 02:56 PM

Someone could help?



#3 DK87

DK87

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Zealand
  • Local time:08:05 PM

Posted 28 July 2015 - 09:03 PM

Hello Squall87

 

What version of internet explorer are you using?

 

Have you tried running malwarebytes to check for any active infections? - https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

If not, please download as per link and run the full scan.

 

Have you also tried resetting internet explorer settings?
 

You can reset Internet Explorer settings to return them to the state they were in when Internet Explorer was first installed on your PC. This can be useful for troubleshooting problems that might be caused by settings changed after installation. Resetting Internet Explorer isn't reversible, and all previous settings are lost after reset. To reset Internet Explorer settings:

  1. Close all Internet Explorer windows that are currently open.

  2. Open the desktop, and then tap or click the Internet Explorer icon on the taskbar. Changing your settings will affect both Internet Explorer and Internet Explorer for the desktop.

  3. Tap or click the Tools button f2d3a394-a4c3-4747-989e-cf3f6b782b2f_43., and then tap or click Internet options.
  4. Tap or Click the Advanced tab, and then tap or click Reset.

  5. In the Reset Internet Explorer Settings dialog box, tap or click Reset.

  6. When Internet Explorer finishes applying default settings, tap or click Close, and then tap or click OK. You'll need to restart your PC for these changes to take effect.

Also have you tried another web browser to see if the issue exists? Google chrome or firefox would be examples to test.

 

DK



#4 Squall87

Squall87
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 29 July 2015 - 04:00 AM

i'm using internet explorer 11,and i have already done a scan with malware bytes but didn't found nothing..i reset settings too but the malware is still there..i always use google chrome


Edited by Squall87, 29 July 2015 - 04:02 AM.


#5 hedgeley

hedgeley

  • Members
  • 306 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bristol/Bath UK
  • Local time:09:05 AM

Posted 29 July 2015 - 08:25 AM

Hi Squall87, and welcome,

 

A friend has been having similar problems, I was hoping to glean some info from the reply's, not forthcoming so here's what I did.

 

I followed the method out lined here, there where a few problems (permissions in one case, and a lot of restarts)

 

http://www.malwareremovalguides.info/iexplorer-exe-is-running-in-background/

 

At the moment I think there are no problems (time will tell)

 

Hope that might help (always here to help if you need it)

 

Good luck

 

Hedge   



#6 hedgeley

hedgeley

  • Members
  • 306 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bristol/Bath UK
  • Local time:09:05 AM

Posted 29 July 2015 - 10:50 AM

@Squall87,

 

How you getting on?

 

Hedge

 

 

 

Never mind I'm going now, see you all tomorrow.

 

Edit To say goodbye


Edited by hedgeley, 29 July 2015 - 11:04 AM.


#7 Squall87

Squall87
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 29 July 2015 - 02:19 PM

I have done all the steps you suggest me,but the malware is still there,anyway it seems hitman pro blocks the malware when it starts attacking,but since i have hitman pro on trial i didn't consider that a solution



#8 DK87

DK87

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Zealand
  • Local time:08:05 PM

Posted 29 July 2015 - 07:44 PM

Hi Squall87

 

Please download rkill.exe here: http://www.bleepingcomputer.com/download/rkill/dl/132/

 

Rename it to iexplore.exe (yes same as internet explorer) and run it, then post the results of the rkill.txt that gets generated on your desktop.

 

DK



#9 Squall87

Squall87
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 30 July 2015 - 03:50 AM

 
Program started at: 07/30/2015 10:49:19 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  77.221.151.19 rubotvip.ru
 
Program finished at: 07/30/2015 10:49:26 AM
Execution time: 0 hours(s), 0 minute(s), and 6 seconds(s)


#10 Squall87

Squall87
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 30 July 2015 - 01:20 PM

i post the log of hitman pro too

 

Mitigation   CallerCheck
 
Platform     6.1.7601/x64 06_2a
PID          6648
Application  C:\Program Files (x86)\Internet Explorer\iexplore.exe
Description  Internet Explorer 11
 
Callee Type  CreateProcess
             C:\Program Files (x86)\Internet Explorer\iexplore.exe
 
Stack Trace
#  Address  Module                   Location
-- -------- ------------------------ ----------------------------------------
1  766EA5B2 kernel32.dll             CreateProcessInternalA +0x123
2  766D109E kernel32.dll             CreateProcessA +0x2c
 
3  60001522 (anonymous; chrome.exe:5648)
            85c0                     TEST         EAX, EAX
            0f84aa010000             JZ           0x600016d4
            bf04000000               MOV          EDI, 0x4
            90                       NOP         
            8d44241c                 LEA          EAX, [ESP+0x1c]
            50                       PUSH         EAX
            6840170060               PUSH         DWORD 0x60001740
            6a00                     PUSH         0x0
            ff156c110160             CALL         DWORD [0x6001116c]
            68fa000000               PUSH         DWORD 0xfa
            ff1524100160             CALL         DWORD [0x60011024]
            4f                       DEC          EDI
            75e0                     JNZ          0x60001530
            ff742428                 PUSH         DWORD [ESP+0x28]
            57                       PUSH         EDI
            683a041000               PUSH         DWORD 0x10043a
 
4  6000379D (anonymous; chrome.exe:5648)
5  766D337A kernel32.dll             BaseThreadInitThunk +0x12
6  76F492E2 ntdll.dll                RtlInitializeExceptionChain +0x63
7  76F492B5 ntdll.dll                RtlInitializeExceptionChain +0x36
 
Process Trace
1  C:\Program Files (x86)\Internet Explorer\iexplore.exe [6648]
2  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5648]
3  C:\Windows\explorer.exe [1868]
4  C:\Windows\System32\userinit.exe [1816]


#11 DK87

DK87

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Zealand
  • Local time:08:05 PM

Posted 30 July 2015 - 03:45 PM

 

 
Program started at: 07/30/2015 10:49:19 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  77.221.151.19 rubotvip.ru
 
Program finished at: 07/30/2015 10:49:26 AM
Execution time: 0 hours(s), 0 minute(s), and 6 seconds(s)

 

 

The host file entry listed at the bottom maybe part of the problem.

 

You would be best to remove that line of text "77.221.151.19 rubotvip.ru" from the host file then save. Instructions below.

 

For Windows 7 and Windows Vista
  1. Click Start > All Programs > Accessories.
  2. Right-click Notepad and select Run as administrator.
  3. Click Continue on the Windows needs your permission UAC window.
  4. When Notepad opens, click File > Open.
  5. In the File name field, type C:\Windows\System32\Drivers\etc\hosts.
  6. Click Open.
  7. Make the necessary changes to the file.
  8. Click File > Save to save your changes.

 

Can you also run iexplore.exe again as above once you've remoted the host file entry but do not reboot and run malwarebytes immediately afterwards and post results of the rkill.txt file & malwarebytes scan

Download malwarebytes here: https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/
 

 

DK



#12 Squall87

Squall87
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 30 July 2015 - 05:54 PM

Rkill 2.7.0 by Lawrence Abrams (Grinler)
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 07/31/2015 12:43:48 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 07/31/2015 12:44:05 AM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)
 
 
 
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Data scansione: 31/07/2015
Ora scansione: 00:44
File di log: malware.txt
Amministratore: Sì
 
Versione: 2.1.8.1057
Database malware: v2015.07.30.05
Database rootkit: v2015.07.29.02
Licenza: Premium
Protezione da malware: Attivata
Protezione da siti web nocivi: Attivata
Auto-protezione: Disattivata
 
SO: Windows 7 Service Pack 1
CPU: x64
File system: NTFS
Utente: User
 
Tipo di scansione: Ricerca elementi nocivi
Risultati: Completata
Elementi analizzati: 363672
Tempo impiegato: 7 min, 23 sec
 
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Euristiche: Attivata
PUP: Attivata
PUM: Attivata
 
Processi: 0
(Nessun elemento nocivo rilevato)
 
Moduli: 0
(Nessun elemento nocivo rilevato)
 
Chiavi di registro: 0
(Nessun elemento nocivo rilevato)
 
Valori di registro: 0
(Nessun elemento nocivo rilevato)
 
Dati di registro: 0
(Nessun elemento nocivo rilevato)
 
Cartelle: 0
(Nessun elemento nocivo rilevato)
 
File: 0
(Nessun elemento nocivo rilevato)
 
Settori fisici: 0
(Nessun elemento nocivo rilevato)
 
 
(end)

 

Judging from the scans seems fine

 

EDIT: The problem is still here..hitman pro just alerted me again


Edited by Squall87, 30 July 2015 - 07:20 PM.


#13 Firehouse

Firehouse

  • Members
  • 637 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:05 AM

Posted 03 August 2015 - 04:29 AM

Hello,
 
since you have reported your topic and problem unsolved, i will see what i can do.
 
Please download MiniToolBox by Farbar and save it to your desktop.
 
Run tool as Administrator and make sure that these options are checked :
 
  • Flush DNS
  • Reset IE Proxy Settings
  • Reset FF Proxy Settings
  • List Installed Programs
 
Post log here .
 
Step 2
 
Download TFC by OldTimer and save it to your desktop.
 
Run it as Administrator and click on Start button.
 
If programs need reboot, allow it to do so.
 
NOTE: IF your desktop disappears, don't panic, it's normal.
 
Step 3
 
Scan with Norton Power Eraser
 
CAUTION: NPE uses aggressive methods to detect and remove malware,so do not touch any of settings !
 
Download NPE by Symantec and save it to your desktop.
 
Run the tool as Administrator,accept license agreement,and click  Scan button. 
 
Program will ask you to reboot to continue scanning (includes rootkit scan),so allow it to restart.
 
After restart program will automatically launch itself and start scanning. Scanning takes 5-10 minutes,so be patient !
 
If malware is detected,make sure that Create restore point option is checked,then click Fix button. After that,click on Restart now to complete removal.
 
Step 4
 
Scan with Malwarebytes AntiRootkit
 
Please download MBAR and save it to your desktop.
 
Run tool as Administrator, tool will extract itself, and then launch.
 
Click Next to accept terms and conditions, and click Update to obtain latest definitions.
 
If malware is found click on Cleanup button , but make sure that Create restore point option is checked before proceeding !
 
Program will ask you to restart, allow it to do so.
 
Note: If you're experiencing internet connection issues or other anomalies after running MBAR and removal of rootkits, it is recommended to run fixdamage.exe located inside mbar folder. Run it as Administrator and press Y if asks you do you want to continue.


#14 Squall87

Squall87
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 03 August 2015 - 03:27 PM

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by User (administrator) on 03-08-2015 at 22:26:12
Running from "C:\Users\User\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: System Product Name Manufacturer: System manufacturer
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Configurazione IP di Windows
 
Cache del resolver DNS svuotata.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
 
=========================== Installed Programs ============================
 
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
agederar (HKLM-x32\...\{9f58a80e-3c37-4557-0e9d-4857a20ed324}) (Version: 1.0.0 - ryofward)
Aggiornamenti NVIDIA 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.3.2223 - AVAST Software)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.5.143 - AVG Technologies)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\{A6B204B6-8BC9-4E04-8A9F-2BC792655706}) (Version: 0.9.34.4500 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.23 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Debut Video Capture Software (HKLM-x32\...\Debut) (Version:  - NCH Software)
DX-Ball 1.09 (HKLM-x32\...\DX-Ball 1.09) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Final Fantasy XIII-2 (HKLM-x32\...\Final Fantasy XIII-2_is1) (Version:  - )
FlashGet 1.9.6.1073 (HKLM-x32\...\FlashGet) (Version: 1.9.6.1073 - http://www.FlashGet.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.1 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 3.0.48.196 - SurfRight B.V.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 5.5.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 5.5.0 - )
League of Legends (HKLM-x32\...\{83B763CD-5771-408A-B7C9-6C1A5B161F41}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Light Image Resizer 4.6.5.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.6.5.0 - ObviousIdea)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Malware versione 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1051 - Marvell)
Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0410-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{F03CB3EF-DC16-35CE-B3C1-C68EA09E5E97}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d61ab584-9b0a-404e-8a23-76032e6744c0}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{5b6b8fa4-b54c-4388-ba7f-1f8b39b1abea}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{1390c812-b04a-42c0-b6c9-52c801ac49aa}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools per Office Runtime (x64) - Language Pack - ITA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ITA) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 it) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 it)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
NVIDIA Driver 3D Vision 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)
NVIDIA Driver audio HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Driver del controller 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Driver grafico 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Pacchetto driver Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Pannello di controllo NVIDIA 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.62 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{DF95F1EE-9ECA-45C1-B02B-F56DDB8A3E83}) (Version: 11.5.22.0 - Nokia)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Skype Web Plugin (HKLM-x32\...\{15AF46DB-9EBA-4662-AA52-29EF23585035}) (Version: 3.2.0.23388 - Skype Technologies S.A.)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
Wassapp (HKLM-x32\...\{9F997E0A-276C-4BC7-B8C5-82C3CC1769A9}) (Version: 1.1.0 - Lowlevel Studios)
WinRAR 4.10 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.3 - win.rar GmbH)
 
**** End of log ****
 
Norton power eraser has found 2 dangerous files,and it didn't remove one for some reason


#15 Firehouse

Firehouse

  • Members
  • 637 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:05 AM

Posted 03 August 2015 - 03:33 PM

Uninstall AVG Web TuneUp. I will also need logs from mentioned tools.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users