Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News: VMware fixes zero-day vulnerability reported by the NSA

Featured Deal: Learn to code like a pro with this extended Cyber Monday deal

Cyber Monday Deals:

Limited Time: Get 50% off Malwarebytes Premium (Deal Expires Today!)

Limited Time: Get 68% off NordVPN + 3 months FREE (Deal Expires Today!)

Limited Time: Get 70% off ethical hacking, security, programming courses, more (Deal Expires Today!)

Limited Time: The Best Black Friday 2020 Security, IT, VPN, & Antivirus Deals (Deal Expires Today!)

Disk space disappeared - virus?

Started by SSIN , Nov 12 2015 09:52 AM

Please log in to reply

12 replies to this topic

#1 SSIN

Members
6 posts
OFFLINE

Local time:02:01 PM

Posted 12 November 2015 - 09:52 AM

Hello,

In two days I lost 400GB of disk space. I downloaded a couple of things that day, but not close to 400GB. I installed TreeSize to see what takes up all the space, and it looks like there is something in the Appdata folder.

AppData/local/Packages/windows_ie_ac_001/AC/AVG Web TuneUp/cache

Apparently the last folder (cache) is taking up around 539 GB of space. I also installed CCleaner to clean up the computer, but this only resulted in a few GB. I have run antivirus scans (both avira and panda), but they didnt solve anything. Avira didnt manage to complete the scan though after 24 hours. The computer has also been extremely slow since this happened.

(I have windows 8.1)

Is it a virus taking up all the disk space?

What can i do to fix this?

Thanks!

Edited by SSIN, 12 November 2015 - 09:59 AM.

BC AdBot (Login to Remove)

BleepingComputer.com
Register to remove ads

#2 Aura

Bleepin' Special Ops

Malware Response Team
19,707 posts
OFFLINE

Gender:Male
Local time:08:01 AM

Posted 12 November 2015 - 10:03 AM

Hi SSIN

My name is Aura and I'll be assisting you with your issue. Follow the instructions below please.

MiniToolBox

Download MiniToolBox and move the executable file to your Desktop;
Right-click on MiniToolBox.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
Check the following options:
- Flush DNS;
- Report IE Proxy Settings;
- Reset IE Proxy Settings;
- Report FF Proxy Settings;
- Reset FF Proxy Settings;
- List content of Hosts;
- List IP Configuration;
- List Last 10 Event Viewer Errors;
- List Installed Programs;
- List Devices - Only Problems;
- List Users, Partitions and Memory size;
Once this is done, click on Go and wait for the scan to complete;
Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;

Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.

#3 SSIN

Topic Starter

Members
6 posts
OFFLINE

Local time:02:01 PM

Posted 12 November 2015 - 10:12 AM

I'm not that great with computers, or english!

What do you mean by executable file?? The cache folder??

#4 Aura

Bleepin' Special Ops

Malware Response Team
19,707 posts
OFFLINE

Gender:Male
Local time:08:01 AM

Posted 12 November 2015 - 10:14 AM

The executable file is MiniToolBox.exe, the file I ask you to download

#5 SSIN

Topic Starter

Members
6 posts
OFFLINE

Local time:02:01 PM

Posted 12 November 2015 - 10:22 AM

I'm italian and i noticed somethings are written in italian! Hope you can help me anyway!!

MiniToolBox by Farbar Version: 02-11-2015
Ran by Altro (administrator) on 12-11-2015 at 16:20:31
Running from "C:\Users\ShaulaS.I\Desktop"
Microsoft Windows 8.1 (X64)
Model: Aspire E5-571G Manufacturer: Acer
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Configurazione IP di Windows

Cache del resolver DNS svuotata.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Qualcomm Atheros AR956x Wireless Network Adapter = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Dispositivo Bluetooth (Personal Area Network) = Connessione di rete Bluetooth (Media disconnected)

# ----------------------------------
# Configurazione IPv4
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Connessione alla rete locale (LAN)* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Connessione alla rete locale (LAN)* 6" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Connessione alla rete locale (LAN)* 5" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Connessione di rete Bluetooth" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

popd
# Fine configurazione IPv4

Configurazione IP di Windows

   Nome host . . . . . . . . . . . . . . : SSIN
   Suffisso DNS primario . . . . . . . . :
   Tipo nodo . . . . . . . . . . . . . . : Ibrido
   Routing IP abilitato. . . . . . . . . : No
   Proxy WINS abilitato . . . . . . . . : No

Scheda Ethernet Connessione di rete Bluetooth:

   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione:
   Descrizione . . . . . . . . . . . . . : Dispositivo Bluetooth (Personal Area Network)
   Indirizzo fisico. . . . . . . . . . . : B8-EE-65-8C-1D-6B
   DHCP abilitato. . . . . . . . . . . . : S�
   Configurazione automatica abilitata   : S�

Scheda LAN wireless Connessione alla rete locale (LAN)* 5:

   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione:
   Descrizione . . . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Indirizzo fisico. . . . . . . . . . . : 5A-EE-65-8B-AD-DB
   DHCP abilitato. . . . . . . . . . . . : S�
   Configurazione automatica abilitata   : S�

Scheda LAN wireless Connessione alla rete locale (LAN)* 6:

   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione:
   Descrizione . . . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Indirizzo fisico. . . . . . . . . . . : 1A-EE-65-8B-AD-DB
   DHCP abilitato. . . . . . . . . . . . : S�
   Configurazione automatica abilitata   : S�

Scheda LAN wireless Wi-Fi:

   Suffisso DNS specifico per connessione:
   Descrizione . . . . . . . . . . . . . : Qualcomm Atheros AR956x Wireless Network Adapter
   Indirizzo fisico. . . . . . . . . . . : B8-EE-65-8B-AD-DB
   DHCP abilitato. . . . . . . . . . . . : S�
   Configurazione automatica abilitata   : S�
   Indirizzo IPv6 locale rispetto al collegamento . : fe80::f8d5:4b37:6239:b492%4(Preferenziale)
   Indirizzo IPv4. . . . . . . . . . . . : 192.168.1.106(Preferenziale)
   Subnet mask . . . . . . . . . . . . . : 255.255.255.0
   Lease ottenuto. . . . . . . . . . . . : gioved� 12 novembre 2015 15:03:38
   Scadenza lease . . . . . . . . . . . : domenica 15 novembre 2015 15:03:37
   Gateway predefinito . . . . . . . . . : 192.168.1.1
   Server DHCP . . . . . . . . . . . . . : 192.168.1.1
   IAID DHCPv6 . . . . . . . . . . . : 112782949
   DUID Client DHCPv6. . . . . . . . : 00-01-00-01-1B-0C-B9-40-F8-A9-63-71-EE-E1
   Server DNS . . . . . . . . . . . . . : 192.168.1.1
   NetBIOS su TCP/IP . . . . . . . . . . : Attivato

Scheda Ethernet Ethernet:

   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione: WDS01.COM
   Descrizione . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Indirizzo fisico. . . . . . . . . . . : F8-A9-63-71-EE-E1
   DHCP abilitato. . . . . . . . . . . . : S�
   Configurazione automatica abilitata   : S�

Scheda Tunnel Teredo Tunneling Pseudo-Interface:

   Suffisso DNS specifico per connessione:
   Descrizione . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Indirizzo fisico. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP abilitato. . . . . . . . . . . . : No
   Configurazione automatica abilitata   : S�
   Indirizzo IPv6 . . . . . . . . . . . . . . . . . : 2001:0:9d38:90d7:cb7:359a:3f57:fe95(Preferenziale)
   Indirizzo IPv6 locale rispetto al collegamento . : fe80::cb7:359a:3f57:fe95%7(Preferenziale)
   Gateway predefinito . . . . . . . . . : ::
   IAID DHCPv6 . . . . . . . . . . . : 452984832
   DUID Client DHCPv6. . . . . . . . : 00-01-00-01-1B-0C-B9-40-F8-A9-63-71-EE-E1
   NetBIOS su TCP/IP . . . . . . . . . . : Disattivato

Scheda Tunnel isatap.{26880FA3-0CBE-46D9-8D9E-D7D0F2EB2B6A}:

   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione:
   Descrizione . . . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Indirizzo fisico. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP abilitato. . . . . . . . . . . . : No
   Configurazione automatica abilitata   : S�
Server: UnKnown
Address: 192.168.1.1

Nome:    google.com
Addresses: 2a00:1450:4001:807::1005
      173.194.112.168
      173.194.112.166
      173.194.112.167
      173.194.112.160
      173.194.112.174
      173.194.112.169
      173.194.112.165
      173.194.112.161
      173.194.112.162
      173.194.112.164
      173.194.112.163

Esecuzione di Ping google.com [173.194.112.168] con 32 byte di dati:
Risposta da 173.194.112.168: byte=32 durata=26ms TTL=53
Risposta da 173.194.112.168: byte=32 durata=28ms TTL=53

Statistiche Ping per 173.194.112.168:
    Pacchetti: Trasmessi = 2, Ricevuti = 2,
    Persi = 0 (0% persi),
Tempo approssimativo percorsi andata/ritorno in millisecondi:
    Minimo = 26ms, Massimo = 28ms, Medio = 27ms
Server: UnKnown
Address: 192.168.1.1

Nome:    yahoo.com
Addresses: 2001:4998:58:c02::a9
      2001:4998:c:a06::2:4008
      2001:4998:44:204::a7
      98.139.183.24
      98.138.253.109
      206.190.36.45

Esecuzione di Ping yahoo.com [98.139.183.24] con 32 byte di dati:
Risposta da 98.139.183.24: byte=32 durata=127ms TTL=50
Risposta da 98.139.183.24: byte=32 durata=126ms TTL=49

Statistiche Ping per 98.139.183.24:
    Pacchetti: Trasmessi = 2, Ricevuti = 2,
    Persi = 0 (0% persi),
Tempo approssimativo percorsi andata/ritorno in millisecondi:
    Minimo = 126ms, Massimo = 127ms, Medio = 126ms

Esecuzione di Ping 127.0.0.1 con 32 byte di dati:
Risposta da 127.0.0.1: byte=32 durata<1ms TTL=128
Risposta da 127.0.0.1: byte=32 durata<1ms TTL=128

Statistiche Ping per 127.0.0.1:
    Pacchetti: Trasmessi = 2, Ricevuti = 2,
    Persi = 0 (0% persi),
Tempo approssimativo percorsi andata/ritorno in millisecondi:
    Minimo = 0ms, Massimo = 0ms, Medio = 0ms
===========================================================================
Elenco interfacce
11...b8 ee 65 8c 1d 6b ......Dispositivo Bluetooth (Personal Area Network)
6...5a ee 65 8b ad db ......Microsoft Hosted Network Virtual Adapter
5...1a ee 65 8b ad db ......Microsoft Wi-Fi Direct Virtual Adapter
4...b8 ee 65 8b ad db ......Qualcomm Atheros AR956x Wireless Network Adapter
3...f8 a9 63 71 ee e1 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
7...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
8...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Tabella route
===========================================================================
Route attive:
     Indirizzo rete             Mask          Gateway     Interfaccia Metrica
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.106     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1 255.255.255.255         On-link         127.0.0.1    306
127.255.255.255 255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.106    281
    192.168.1.106 255.255.255.255         On-link     192.168.1.106    281
    192.168.1.255 255.255.255.255         On-link     192.168.1.106    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.106    281
255.255.255.255 255.255.255.255         On-link         127.0.0.1    306
255.255.255.255 255.255.255.255         On-link     192.168.1.106    281
===========================================================================
Route permanenti:
Nessuna

IPv6 Tabella route
===========================================================================
Route attive:
Interf Metrica Rete Destinazione      Gateway
7    306 ::/0                     On-link
1    306 ::1/128                  On-link
7    306 2001::/32                On-link
7    306 2001:0:9d38:90d7:cb7:359a:3f57:fe95/128
                                    On-link
4    281 fe80::/64                On-link
7    306 fe80::/64                On-link
7    306 fe80::cb7:359a:3f57:fe95/128
                                    On-link
4    281 fe80::f8d5:4b37:6239:b492/128
                                    On-link
1    306 ff00::/8                 On-link
4    281 ff00::/8                 On-link
7    306 ff00::/8                 On-link
===========================================================================
Route permanenti:
Nessuna

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/12/2015 03:06:32 PM) (Source: TabletServicePen) (User: )
Description: TabletService Error:
Could not init tablet driver

Error: (11/12/2015 03:05:07 PM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue

Error: (11/12/2015 02:29:10 PM) (Source: Application Hang) (User: )
Description: Il programma wwahost.exe versione 6.3.9600.17415 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.

ID processo: 148c

Ora di avvio: 01d11d4d62dac7b8

Ora di chiusura: 4294967295

Percorso applicazione: C:\Windows\syswow64\wwahost.exe

ID segnalazione: 580830d0-8941-11e5-82a8-b8ee658c1d6b

Nome completo pacchetto che ha generato l'errore: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

ID applicazione relativo al pacchetto che ha generato l'errore: App

Error: (11/12/2015 02:15:49 PM) (Source: Application Hang) (User: )
Description: Il programma wwahost.exe versione 6.3.9600.17415 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.

ID processo: 123c

Ora di avvio: 01d11d4b81db9ac2

Ora di chiusura: 4294967295

Percorso applicazione: C:\Windows\syswow64\wwahost.exe

ID segnalazione: 768367d4-893f-11e5-82a8-b8ee658c1d6b

Nome completo pacchetto che ha generato l'errore: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

ID applicazione relativo al pacchetto che ha generato l'errore: App

Error: (11/12/2015 02:00:40 PM) (Source: Application Hang) (User: )
Description: Il programma wwahost.exe versione 6.3.9600.17415 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.

ID processo: 2234

Ora di avvio: 01d11d49696a89d0

Ora di chiusura: 4294967295

Percorso applicazione: C:\Windows\syswow64\wwahost.exe

ID segnalazione: 5d3f771b-893d-11e5-82a8-b8ee658c1d6b

Nome completo pacchetto che ha generato l'errore: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

ID applicazione relativo al pacchetto che ha generato l'errore: App

Error: (11/12/2015 01:46:01 PM) (Source: Application Hang) (User: )
Description: Il programma wwahost.exe versione 6.3.9600.17415 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.

ID processo: a2c

Ora di avvio: 01d11d475101dec9

Ora di chiusura: 4294967295

Percorso applicazione: C:\Windows\syswow64\wwahost.exe

ID segnalazione: 45ad7d1e-893b-11e5-82a8-b8ee658c1d6b

Nome completo pacchetto che ha generato l'errore: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

ID applicazione relativo al pacchetto che ha generato l'errore: App

Error: (11/12/2015 12:46:22 PM) (Source: Application Hang) (User: )
Description: Il programma wwahost.exe versione 6.3.9600.17415 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.

ID processo: 9b8

Ora di avvio: 01d11d3eef302af1

Ora di chiusura: 4294967295

Percorso applicazione: C:\Windows\syswow64\wwahost.exe

ID segnalazione: e3779dfb-8932-11e5-82a8-b8ee658c1d6b

Nome completo pacchetto che ha generato l'errore: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

ID applicazione relativo al pacchetto che ha generato l'errore: App

Error: (11/12/2015 12:26:05 PM) (Source: Application Error) (User: )
Description: Nome dell'applicazione che ha generato l'errore: PSANHost.exe, versione: 4.0.0.785, timestamp: 0x55b882dc
Nome del modulo che ha generato l'errore: psenlc.DLL, versione: 4.0.0.979, timestamp: 0x55b87fc8
Codice eccezione: 0xc0000005
Offset errore 0x000177dc
ID processo che ha generato l'errore: 0x7ac
Ora di avvio dell'applicazione che ha generato l'errore: 0xPSANHost.exe0
Percorso dell'applicazione che ha generato l'errore: PSANHost.exe1
Percorso del modulo che ha generato l'errore: PSANHost.exe2
ID segnalazione: PSANHost.exe3
Nome completo pacchetto che ha generato l'errore: PSANHost.exe4
ID applicazione relativo al pacchetto che ha generato l'errore: PSANHost.exe5

Error: (11/12/2015 12:16:07 PM) (Source: Application Hang) (User: )
Description: Il programma wwahost.exe versione 6.3.9600.17415 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.

ID processo: 1f8c

Ora di avvio: 01d11d3abe4dbac9

Ora di chiusura: 4294967295

Percorso applicazione: C:\Windows\syswow64\wwahost.exe

ID segnalazione: b5d4eae0-892e-11e5-82a8-b8ee658c1d6b

Nome completo pacchetto che ha generato l'errore: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

ID applicazione relativo al pacchetto che ha generato l'errore: App

Error: (11/12/2015 11:15:38 AM) (Source: Application Hang) (User: )
Description: Il programma wwahost.exe versione 6.3.9600.17415 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.

ID processo: 1560

Ora di avvio: 01d11d325f3db764

Ora di chiusura: 4294967295

Percorso applicazione: C:\Windows\syswow64\wwahost.exe

ID segnalazione: 50a94af9-8926-11e5-82a8-b8ee658c1d6b

Nome completo pacchetto che ha generato l'errore: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

ID applicazione relativo al pacchetto che ha generato l'errore: App

System errors:
=============
Error: (11/12/2015 03:07:14 PM) (Source: cdrom) (User: )
Description: Rilevato blocco danneggiato sul dispositivo \Device\CdRom0.

Error: (11/12/2015 03:07:07 PM) (Source: cdrom) (User: )
Description: Rilevato blocco danneggiato sul dispositivo \Device\CdRom0.

Error: (11/12/2015 03:07:00 PM) (Source: cdrom) (User: )
Description: Rilevato blocco danneggiato sul dispositivo \Device\CdRom0.

Error: (11/12/2015 03:06:53 PM) (Source: cdrom) (User: )
Description: Rilevato blocco danneggiato sul dispositivo \Device\CdRom0.

Error: (11/12/2015 03:06:47 PM) (Source: cdrom) (User: )
Description: Rilevato blocco danneggiato sul dispositivo \Device\CdRom0.

Error: (11/12/2015 03:06:40 PM) (Source: cdrom) (User: )
Description: Rilevato blocco danneggiato sul dispositivo \Device\CdRom0.

Error: (11/12/2015 03:06:33 PM) (Source: cdrom) (User: )
Description: Rilevato blocco danneggiato sul dispositivo \Device\CdRom0.

Error: (11/12/2015 03:06:26 PM) (Source: cdrom) (User: )
Description: Rilevato blocco danneggiato sul dispositivo \Device\CdRom0.

Error: (11/12/2015 03:06:20 PM) (Source: cdrom) (User: )
Description: Rilevato blocco danneggiato sul dispositivo \Device\CdRom0.

Error: (11/12/2015 03:06:13 PM) (Source: cdrom) (User: )
Description: Rilevato blocco danneggiato sul dispositivo \Device\CdRom0.

Microsoft Office Sessions:
=========================
Error: (11/12/2015 03:06:32 PM) (Source: TabletServicePen)(User: )
Description: Could not init tablet driver

Error: (11/12/2015 03:05:07 PM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue

Error: (11/12/2015 02:29:10 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.17415148c01d11d4d62dac7b84294967295C:\Windows\syswow64\wwahost.exe580830d0-8941-11e5-82a8-b8ee658c1d6bMicrosoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp

Error: (11/12/2015 02:15:49 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.17415123c01d11d4b81db9ac24294967295C:\Windows\syswow64\wwahost.exe768367d4-893f-11e5-82a8-b8ee658c1d6bMicrosoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp

Error: (11/12/2015 02:00:40 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.17415223401d11d49696a89d04294967295C:\Windows\syswow64\wwahost.exe5d3f771b-893d-11e5-82a8-b8ee658c1d6bMicrosoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp

Error: (11/12/2015 01:46:01 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.17415a2c01d11d475101dec94294967295C:\Windows\syswow64\wwahost.exe45ad7d1e-893b-11e5-82a8-b8ee658c1d6bMicrosoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp

Error: (11/12/2015 12:46:22 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.174159b801d11d3eef302af14294967295C:\Windows\syswow64\wwahost.exee3779dfb-8932-11e5-82a8-b8ee658c1d6bMicrosoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp

Error: (11/12/2015 12:26:05 PM) (Source: Application Error)(User: )
Description: PSANHost.exe4.0.0.78555b882dcpsenlc.DLL4.0.0.97955b87fc8c0000005000177dc7ac01d11befb5b123d8C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exeC:\Program Files (x86)\Panda Security\Panda Security Protection\psenlc.DLL2925749f-8930-11e5-82a8-b8ee658c1d6b

Error: (11/12/2015 12:16:07 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.174151f8c01d11d3abe4dbac94294967295C:\Windows\syswow64\wwahost.exeb5d4eae0-892e-11e5-82a8-b8ee658c1d6bMicrosoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp

Error: (11/12/2015 11:15:38 AM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.17415156001d11d325f3db7644294967295C:\Windows\syswow64\wwahost.exe50a94af9-8926-11e5-82a8-b8ee658c1d6bMicrosoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp

CodeIntegrity Errors:
===================================
Date: 2015-03-22 18:18:47.674
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-03-21 23:02:30.328
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-03-21 22:32:10.072
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-14 14:42:53.996
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

=========================== Installed Programs ============================

4K Video Downloader 3.4 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.4.5.1525 - Open Media LLC)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.08.2003 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.03.2004.4 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8103 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.07.2003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8103 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3010 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Aloha TriPeaks (HKLM-x32\...\WTA-3e164873-656b-4594-97cb-c99da121fbde) (Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.09.2004.0 - Acer Incorporated)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{18BD67B4-2BB3-4D1B-A33A-1B57A3BB7A1C}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: - Wacom Technology Corp.)
Bamboo (HKLM-x32\...\Pen Tablet Driver) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canali di giochi (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Canali di giochi (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 9.2.0.11 - WildTangent, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-aa77ccf7-aa63-464c-8964-4a65424108f4) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-293d2cb5-3c76-4f57-be3f-9bf3e84fbd3b) (Version: 2.2.0.110 - WildTangent) Hidden
Host App Service (HKCU\...\Pokki) (Version: 0.269.7.783 - Pokki)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation)
Intel® Technology Access Software Asset Manager (HKLM-x32\...\{22EC308C-6294-4924-9546-56B0B9164593}) (Version: 1.0.1562 - Intel Corporation) Hidden
Intel® Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java™ 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (HKLM-x32\...\WTA-b2e102ce-3cb3-4b8e-ae9f-c9ef36581aa1) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-9c002f20-b54a-4b36-84eb-b77d0a613e6e) (Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 it) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 it)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
NVIDIA Graphics Driver 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{2A845A64-3F80-41D7-9F33-6146E56997E6}) (Version: 3.3.9567 - OpenOffice.org)
Panda Devices Agent (HKLM-x32\...\{DDE3DECA-9139-4A39-9276-143ECA1DB75E}) (Version: 1.06.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.05 - Panda Security) Hidden
Panda Free Antivirus (HKLM\...\{A5226610-3F78-4561-B799-432B37D20505}) (Version: 8.03.00.0000 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.00.01.0000 - Panda Security)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle Nights (HKLM-x32\...\WTA-092cc7f2-8ce5-4446-bd2b-a21942dd58bc) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-f5f562fd-05e2-4411-90e7-eeff523b9580) (Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKCU\...\Pokki_Start_Menu) (Version: 0.269.7.783 - Pokki)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Supporto applicazioni Apple (32 bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Supporto applicazioni Apple (64 bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-f37cd62a-ec6f-4d4d-8001-e76a8de30434) (Version: 3.0.2.32 - WildTangent) Hidden
TreeSize Free V3.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.2 - JAM Software)
Trinklit Supreme (HKLM-x32\...\WTA-ceeaba88-e03b-471b-899e-a0c2b0a7d6bf) (Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vodafone Mobile Broadband Lite (HKLM-x32\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.2.103.31248 - Vodafone)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.5 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.4 - Wacom Technology Corp.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.14 - WildTangent) Hidden

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 8083.27 MB
Available physical RAM: 5856.38 MB
Total Virtual: 9363.27 MB
Available Virtual: 6501.3 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:912.71 GB) (Free:50.43 GB) NTFS
2 Drive d: (Death note pt2) (CDROM) (Total:4.26 GB) (Free:0 GB) CDFS

========================= Users: ========================================

Account utente per \\SSIN

Administrator            Altro                    guess
Guest                    UpdatusUser
Esecuzione comando riuscita.

**** End of log ****

#6 Aura

Bleepin' Special Ops

Malware Response Team
19,707 posts
OFFLINE

Gender:Male
Local time:08:01 AM

Posted 12 November 2015 - 10:27 AM

All good

Please uninstall the following program since it's outdated and vulnerable, Java™ 6 Update 22.

I noticed that you are using two Antivirus, Avira and Panda. You should never have more than one Antivirus installed at the time on a system. Having more than one can result in system instability and conflict between the two programs, which can lead to random issues. I suggest you to uninstall one of them, and keep the other. If you pay for one Antivirus (be it Avira or Panda), keep that one and uninstall the free one. For more information about the risks of running two Antivirus at the same time, read the IMPORTANT NOTE at the bottom of quietman7's article below.

Choosing an Anti-Virus Program

#7 SSIN

Topic Starter

Members
6 posts
OFFLINE

Local time:02:01 PM

Posted 13 November 2015 - 09:32 AM

Hi Aura,

So I did everything you told me, but i still haven't recovered space on the disk!

What is the problem?? What should i do now? :/

Right now i'm doing a scan with Panda.

#8 Aura

Bleepin' Special Ops

Malware Response Team
19,707 posts
OFFLINE

Gender:Male
Local time:08:01 AM

Posted 13 November 2015 - 09:38 AM

I suggest you to delete the following folder.

C:\Users\$USERNAME\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache

You might need to enable hidden and system files to see it.

http://www.bleepingcomputer.com/tutorials/how-to-see-hidden-files-in-windows/#win7

#9 SSIN

Topic Starter

Members
6 posts
OFFLINE

Local time:02:01 PM

Posted 13 November 2015 - 03:29 PM

While i was deleting the file it asked me this! What should i do?

the file 404b466b6bfefd5de0c0a19f33336d46_8f1064ca-63e6-4fcb-aa75-473df90

è un file di sistema. La rimozione del file potrebbe compromettere il funzionamento di Windows o di un altro programma.

Delete??

#10 BIGBEARJEDI

Members
103 posts
OFFLINE

Gender:Male
Location:Tattooine
Local time:06:01 AM

Posted 13 November 2015 - 05:50 PM

@Aura:

this error message translated (per Bing) is:

is a system file. Removing the file could compromise a Windows or another program

Thought that might help.

Also, looking in his FRST log, I noticed this:

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:912.71 GB) (Free:50.43 GB) NTFS
2 Drive d: (Death note pt2) (CDROM) (Total:4.26 GB) (Free:0 GB) CDFS

**********************************************************************************************************

His C: drive is now at 94.47% used; 5.5% free space; he's completed clogged up that bootdrive!

I'm sure you noticed that he has a TON of games on this computer/drive; perhaps if you have him uninstall some of those (like most of them), you'd have enough room to run diagnostics and repair tools at that point.

Just an observation!

Best, <<<BBJ>>>

Edited by BIGBEARJEDI, 13 November 2015 - 05:50 PM.

#11 Aura

Bleepin' Special Ops

Malware Response Team
19,707 posts
OFFLINE

Gender:Male
Local time:08:01 AM

Posted 13 November 2015 - 07:55 PM

Yes, please delete it. This is just because the file is "marked" as a system file, it isn't a "real" system file.

Thanks BBJ, I noticed all that already