Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

CPU permanently runs at 100%, browser freezes, everything freezes!


  • Please log in to reply
8 replies to this topic

#1 puertorico

puertorico

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 07 May 2016 - 06:54 AM

I have run ADWARE / Malwarebytes / Combofix / Tweaking Toolbox All in one repair !

 

Still no improvement !

 

Any suggestions would be greatly appreciated !



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:38 AM

Posted 07 May 2016 - 08:31 PM

Lets have a look at some logs. :)

 

Adware Cleaner Scan.

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

 

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.
  •  

Adware Removal Tool Scan.

 

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

 

 

LOr0Gd7.png

 

Hit Ok.

 

sYFsqHx.png

 

Hit next make sure to leave all items checked, for removal.

 

8NcZjGc.png

 

 

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

 

ZHP Scan.

Please download Zhp Cleaner  to your desktop.  Right Click the icon and select run as administrator.

 http://nicolascoolman.com/download/zhpcleaner

 

 

2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png

The program will close all open browsers!

3. Once the scan is completed, the you will want to click the Repair button.

6QJjV50.png

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 Zemana Scan

 

 

Run a full scan with Zemana AntiMalware!

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.



#3 puertorico

puertorico
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 08 May 2016 - 12:42 PM

I have run all programs as suggested, please find reports attached !

 

# AdwCleaner v5.115 - Logfile created 08/05/2016 at 11:43:14
# Updated 01/05/2016 by Xplode
# Database : 2016-05-04.2 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (X64)
# Username : win - WIN-BILGISAYAR
# Running from : C:\Users\win\Downloads\adwcleaner_5.115.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1550 bytes] - [07/05/2016 12:43:57]
C:\AdwCleaner\AdwCleaner[S1].txt - [1340 bytes] - [07/05/2016 12:10:21]
C:\AdwCleaner\AdwCleaner[S2].txt - [790 bytes] - [08/05/2016 11:43:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [862 bytes] ##########
 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Ultimate x64
Ran by win (Administrator) on 08.05.2016 at 12:26:20,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 25

Successfully deleted: C:\Program Files (x86)\GUTB700.tmp (File)
Successfully deleted: C:\Users\win\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\win\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\win\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6856GYF8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\win\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6IJ8AJEK (Temporary Internet Files Folder)
Successfully deleted: C:\Users\win\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7VNQGWRM (Temporary Internet Files Folder)
Successfully deleted: C:\Users\win\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CEEHXIJR (Temporary Internet Files Folder)
Successfully deleted: C:\Users\win\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\win\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IJ7HATTC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\win\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9FMO8C4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\win\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\win\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q9T8OISY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\win\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUIS8F9G (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6856GYF8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6IJ8AJEK (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7VNQGWRM (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CEEHXIJR (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IJ7HATTC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9FMO8C4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q9T8OISY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUIS8F9G (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.05.2016 at 12:32:20,41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

[-] Deleted ->> File ->> C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[-] Repaired ->> File ->> C:\Users\win\AppData\Local\Google\Chrome\User Data\Default\Preferences
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\DT Soft
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\DT Soft
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\Software\WOW6432Node\DT Soft
 

Zemana AntiMalware 2.20.2.613 (Installed)

-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2016.5.8
Operating System       : Windows 7 64-bit
Processor              : 4X Intel® Core™ i5-3337U CPU @ 1.80GHz
BIOS Mode              : Legacy
CUID                   : 003372370C6E43429A618E
Scan Type              : Deep Scan
Duration               : 39m 57s
Scanned Objects        : 144114
Detected Objects       : 10
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : ON
Detect All Extensions  : OFF
Scan Documents         : OFF
Domain Info            : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

VeriSign Class 3 Code Signing 2009-2 CA
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5557C0953FBD9F93745B214FB2483E9369B597F0\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5557C0953FBD9F93745B214FB2483E9369B597F0\Blob = 190000000100000010000000C763A218002B666458293666AF69E0960F000000010000001400000003F55B4DB5C35C83945318021724039001E009DA0300000001000000140000005557C0953FBD9F93745B214FB2483E9369B597F0140000000100000014000000B9ADA723835784199FC276D5825FA7C23E48FF322000000001000000E7040000308204E3308203CBA0030201020210109F1DAAAFB83315A6B64A6EED82D816300D06092A864886F70D01010505003081B6310B300906035504061302555331173015060355040A130E566572695369676E2C20496E632E311F301D060355040B1316566572695369676E205472757374204E6574776F726B313B3039060355040B13325465726D73206F66207573652061742068747470733A2F2F7777772E766572697369676E2E636F6D2F7270612028632930393130302E06035504031327566572695369676E20436C617373203320436F6465205369676E696E6720323030392D32204341301E170D3039313130343030303030305A170D3132313130333233353935395A3081A0310B300906035504061302425A310F300D0603550408130642656C697A65311430120603550407130B42656C697A65204369747931143012060355040A140B445420536F6674204C7464313E303C060355040B13354469676974616C20494420436C6173732033202D204D6963726F736F667420536F6674776172652056616C69646174696F6E207632311430120603550403140B445420536F6674204C746430819F300D06092A864886F70D010101050003818D003081890281810098D43C8BDBF9ABF7B0628E0F5C146E0A20D1177F550643082387488EE46B0270ECF7BD62C4C5F14D3FA8568F9CCEEA469BF325CEA2065E76369298C78194B8252461C5E59E24A024947858009AFD811564366E756A85089E52C116B191829AE93AEC4747D99F2301A3DEFC43266B466F4F19293658594BD9A98BE92D245B2F2F0203010001A38201833082017F30090603551D1304023000300E0603551D0F0101FF04040302078030440603551D1F043D303B3039A037A0358633687474703A2F2F637363332D323030392D322D63726C2E766572697369676E2E636F6D2F435343332D323030392D322E63726C30440603551D20043D303B3039060B6086480186F84501071703302A302806082B06010505070201161C68747470733A2F2F7777772E766572697369676E2E636F6D2F72706130130603551D25040C300A06082B06010505070303307506082B0601050507010104693067302406082B060105050730018618687474703A2F2F6F6373702E766572697369676E2E636F6D303F06082B060105050730028633687474703A2F2F637363332D323030392D322D6169612E766572697369676E2E636F6D2F435343332D323030392D322E636572301F0603551D2304183016801497D06BA82670C8A13F941F082DC4359BA4A11EF2301106096086480186F84201010404030204103016060A2B06010401823702011B040830060101000101FF300D06092A864886F70D010105050003820101006B0B1C2813CAE3A009B57810C2DA153DB4342DA632717A0374BAE9A489F87877DAEF4A72A960BAFD1A41E2A08C6B17BD39DEA86D5C52DDB4CAA00A57DF07F3766103DE0D8FF3C8396D86C9F8BAB4C90F13A13212CED23339697F48B67541173AF9B17D83C5178982D556F4C56BBCB1A764B2CF70667B95AAF44C4A12E74D3BA4BB93FB9FA414AF5638E89CCEE9A40C47857C61FF8C57551BE1959E60C10DE477AD52457CBA23DB9753BF5FB5E2C31F13619AACA720A2C287DBE0D91C29F5D8862E203476D126A4922FFDC5FDB63EFFEA611582485AF7F28209C4BB133ED0CA06316DEA5FB40058F94B52245DEAF8DD5173CC18955870F6388C73EC8135699D89

sbs_wminet_utils.dat
Status             : Scanned
Object             : %systemroot%\syswow64\sbs_wminet_utils.dat
MD5                : DC8D92EF5BD5AB667E2C81E0F2632586
Publisher          : -
Size               : 270848
Version            : 4.0.30319.1
Detection          : Malware:Win32/Cognito.A!Teea
Cleaning Action    : Quarantine
Related Objects    :
                File - %systemroot%\syswow64\sbs_wminet_utils.dat
                Process - 1680 - C:\Windows\SysWOW64\sbs_wminet_utils.dat

iMeshV11.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\imeshv11.exe
MD5                : EC77389E519004D557A75036C84223BB
Publisher          : iMesh Inc.
Size               : 2404320
Version            : 11.0.881.47070
Detection          : Adware:Win32/iMesh!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\desktop\downloads\imeshv11.exe

How-to-Sell-Your-Way-Through-Life-Napoleon-Hill_downloader.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\how-to-sell-your-way-through-life-napoleon-hill_downloader.exe
MD5                : 86569DD6E9D8CB8A7A045955E176AED6
Publisher          : Faglaro Enterprises Limited
Size               : 4694136
Version            : 2.0.0.0
Detection          : Adware:Win32/Faglaro!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\desktop\downloads\how-to-sell-your-way-through-life-napoleon-hill_downloader.exe

CAT.EXE
Status             : Scanned
Object             : %userprofile%\downloads\dr.seuss.cat.in.the.hat.2003.pc\setup\rusres\cat.exe
MD5                : 428E874E67E58338512AF8F47D0BCC20
Publisher          : -
Size               : 1072708
Version            : -
Detection          : Malware:Win32/Fuzzgun!Relr
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\downloads\dr.seuss.cat.in.the.hat.2003.pc\setup\rusres\cat.exe

t6sp.exe
Status             : Scanned
Object             : %userprofile%\downloads\call of duty black ops ii update 1 and 2 + crackfix v2 alternative - skidrow\skidrow\t6sp.exe
MD5                : 7087F320DE56B567DF60BE0D99397205
Publisher          : -
Size               : 4146688
Version            : 1.0.0.1
Detection          : Malware:Win32/Bailoat.A!Kkka
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\downloads\call of duty black ops ii update 1 and 2 + crackfix v2 alternative - skidrow\skidrow\t6sp.exe

Call.of.Duty.Black.Ops.II.Update.1.and.2.exe
Status             : Scanned
Object             : %userprofile%\downloads\call of duty black ops ii update 1 and 2 + crackfix v2 alternative - skidrow\call.of.duty.black.ops.ii.update.1.and.2.exe
MD5                : 701AE42BECFC877C3545346D723F9C35
Publisher          : -
Size               : 30129664
Version            : 9.0.8112.16421
Detection          : Heur.Malicious!Pd
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\downloads\call of duty black ops ii update 1 and 2 + crackfix v2 alternative - skidrow\call.of.duty.black.ops.ii.update.1.and.2.exe

steam_api64.dll
Status             : Scanned
Object             : %programfiles%\r.g. mechanics\call of duty - advanced warfare\steam_api64.dll
MD5                : AF2989F4BC456C46A5385BF4223C0C75
Publisher          : -
Size               : 678400
Version            : 2.37.91.26
Detection          : PUA:Win32/SoftCrack.Gen
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\r.g. mechanics\call of duty - advanced warfare\steam_api64.dll

Call of Duty_Advanced Warfare v1.0-Update 6 Plus 14 Trainer.exe
Status             : Scanned
Object             : %programfiles%\r.g. mechanics\call of duty - advanced warfare\call of duty_advanced warfare v1.0-update 6 plus 14 trainer.exe
MD5                : 98AD87216ED86F57E4CDA07858789C25
Publisher          : -
Size               : 911872
Version            : 1.0.0.0
Detection          : PUA:Win32/HackTool.Gen
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\r.g. mechanics\call of duty - advanced warfare\call of duty_advanced warfare v1.0-update 6 plus 14 trainer.exe

steam_api64r.dll
Status             : Scanned
Object             : %programfiles%\r.g. games\call of duty black ops iii\steam_api64r.dll
MD5                : ADA8151F9352F789E9A94D8F9914CAD6
Publisher          : -
Size               : 1808388
Version            : 6.2.0.0
Detection          : Malware:Win64/Multi.Generic!Ckae
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\r.g. games\call of duty black ops iii\steam_api64r.dll


Cleaning Result
-------------------------------------------------------
Cleaned               : 10
Reported as safe      : 0
Failed                : 0
 

 

~ ZHPCleaner v2016.5.6.63 by Nicolas Coolman (2016/05/06)
~ Run by win (Administrator)  (08/05/2016 19:36:40)
~ Site : http://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\win\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\win\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (1)
~ The hosts file is legitimate (23)


---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\  Explorer ( File, Folder) (0)
~ No malicious or unnecessary items found.


---\\  Registry ( Key, Value, Data) (6)
DELETED key*: HKEY_USERS\S-1-5-21-521312487-3525000650-2199044663-1000\SOFTWARE\GreenTree Applications []  =>.Superfluous.GreenTreeApp
DELETED key: HKCU\Software\GreenTree Applications []  =>.Superfluous.GreenTreeApp
DELETED key*: HKCU\Software\undefined []  =>.Superfluous.Downloader
DELETED key*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} [OCComSDK 1.0 Type Library]  =>PUP.Optional.OpenCandy
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} [OCComSDK 1.0 Type Library]  =>PUP.Optional.OpenCandy
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.]  =>Heuristic.Suspect


---\\  Summary of the elements found (4)






---\\  Other deletions. (24)
~ Registry Keys Tracing deleted (24)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 560
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 6


~ End of clean in 00h01mn47s
~====================
ZHPCleaner-[R]-08052016-19_38_27.txt
ZHPCleaner-[S]-08052016-18_34_50.txt
 



#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:38 AM

Posted 08 May 2016 - 06:27 PM

How are things running now?

 

Malwarebytes Scan.

 

We need you to run MalwareBytes to get a log, please download the free version of MalwareBytes HERE

http://data-cdn.mbamupdates.com/web/mbam-setup-2.2.0.1024.exe  Alternate Link.

Save the file to somewhere you can easily find it. Double click the saved file to start the install, accept any security warnings that may appear, and after the install click the new desktop icon to start the program. We need to modify a couple of things with MalwareBytes before we use it so please follow the steps below.

  1. If the dashboard is not already displayed select it.
  2. Then select "Update Now" to get the latest database.

VSKiiIc.jpg

  1. Next we need to change a scanning option, select "Settings" on the main menu, then "Detection and Protection" on the left.
  2. Then select "Scan for rootkits" in the detection options, as well as the other two options already checked.

ZU4W2g2.jpg

  • Now return to Dashboard on the main menu and select "Scan Now" at the bottom of the screen.

nF8dOcq.jpg

  • Allow MalwareBytes to scan your system, it may take some time depending on what you have loaded onto your hard drive.

L8lsasM.jpg

When the scan is finished

  1. Click "Save Results"
  2. Then click on "Text file"

5x4JOvA.jpg

  • A window will then open allowing you to choose a name for the logfile and also allowing you to choose where to save it, save it to the desktop.
  • Please copy and paste the contents of this file in your next post.

 

 

Eset Online Scanner.

 

Eset Scan

Click Me To Download Eset Scan

Disable your antivirus prior to this scan.
 
 esetonlinebtn.png
 

  •  Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

 

Minitoolbox scan.

 

 

Please download MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Security Check Scan.

 

Download Security Check to your desktop, right click it run as administrator. When the program completes, the tool will automatically open a log file, please post that log here in your next post.



#5 puertorico

puertorico
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 09 May 2016 - 01:42 AM

The CPU is running much better thanks, although the system is still freezing for no apparent reason !

 

I will follow your instructions and paste the results, tks for your assistance .



#6 puertorico

puertorico
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 09 May 2016 - 03:10 AM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 09.05.2016
Scan Time: 10:06
Logfile: malwarebytes.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.05.09.01
Rootkit Database: v2016.05.06.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: win

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 293083
Time Elapsed: 19 min, 27 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

MiniToolBox by Farbar  Version: 23-07-2012
Ran by win (administrator) on 09-05-2016 at 10:57:21
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




127.0.0.1       localhost

========================= IP Configuration: ================================

Broadcom 802.11n Ağ Bağdaştırıcı = Kablosuz Ağ Bağlantısı 3 (Connected)
Bluetooth Aygıtı (Kişisel Alan Ağı) = Bluetooth Ağ Bağlantısı (Media disconnected)
Realtek PCIe GBE Family Controller = Yerel Ağ Bağlantısı (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Kablosuz Ağ Bağlantısı 4 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
add address name="Yerel A§ Ba§lants" address=192.168.137.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : win-Bilgisayar
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : zte.com.cn

Wireless LAN adapter Kablosuz A§ Ba§lants 4:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 3C-77-E6-D7-3F-A7
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Kablosuz A§ Ba§lants 3:

   Connection-specific DNS Suffix  . : zte.com.cn
   Description . . . . . . . . . . . : Broadcom 802.11n A§ Ba§daŸtrc
   Physical Address. . . . . . . . . : 3C-77-E6-D7-3F-A7
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::909e:b53b:919d:c92%16(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.2.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 08 Mays 2016 Pazar 23:17:57
   Lease Expires . . . . . . . . . . : 09 Mays 2016 Pazartesi 11:47:56
   Default Gateway . . . . . . . . . : fe80::1%16
                                       192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 389838822
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-73-C9-78-F0-BF-97-08-B5-BD
   DNS Servers . . . . . . . . . . . : fe80::1%16
                                       4.2.2.3
                                       4.2.2.4
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Yerel A§ Ba§lants:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : F0-BF-97-08-B5-BD
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth A§ Ba§lants:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Aygt (KiŸisel Alan A§)
   Physical Address. . . . . . . . . : 3C-77-E6-D7-3F-A8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.zte.com.cn:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : zte.com.cn
   Description . . . . . . . . . . . : Microsoft ISATAP Ba§daŸtrcs
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  fe80::1

Name:    google.com
Addresses:  2a00:1450:4017:804::200e
      216.58.212.14


Pinging google.com [172.217.16.46] with 32 bytes of data:
Reply from 172.217.16.46: bytes=32 time=81ms TTL=55
Reply from 172.217.16.46: bytes=32 time=138ms TTL=55

Ping statistics for 172.217.16.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 81ms, Maximum = 138ms, Average = 109ms
Server:  UnKnown
Address:  fe80::1

Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
      2001:4998:44:204::a7
      2001:4998:58:c02::a9
      206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=328ms TTL=44
Reply from 206.190.36.45: bytes=32 time=271ms TTL=44

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 271ms, Maximum = 328ms, Average = 299ms
Server:  UnKnown
Address:  fe80::1

Name:    bleepingcomputer.com
Addresses:  104.20.92.192
      104.20.91.192


Pinging bleepingcomputer.com [104.20.91.192] with 32 bytes of data:
Reply from 104.20.91.192: bytes=32 time=143ms TTL=53
Reply from 104.20.91.192: bytes=32 time=151ms TTL=53

Ping statistics for 104.20.91.192:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 143ms, Maximum = 151ms, Average = 147ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 18...3c 77 e6 d7 3f a7 ......Microsoft Virtual WiFi Miniport Adapter
 16...3c 77 e6 d7 3f a7 ......Broadcom 802.11n A§ Ba§daŸtrc
 13...f0 bf 97 08 b5 bd ......Realtek PCIe GBE Family Controller
 12...3c 77 e6 d7 3f a8 ......Bluetooth Aygt (KiŸisel Alan A§)
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Ba§daŸtrcs
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1      192.168.2.4     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.2.0    255.255.255.0         On-link       192.168.2.4    281
      192.168.2.4  255.255.255.255         On-link       192.168.2.4    281
    192.168.2.255  255.255.255.255         On-link       192.168.2.4    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.2.4    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.2.4    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 16    281 ::/0                     fe80::1
  1    306 ::1/128                  On-link
 16    281 fe80::/64                On-link
 16    281 fe80::909e:b53b:919d:c92/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/09/2016 07:49:28 AM) (Source: Application Hang) (User: )
Description: The program WolfNewOrder_x64.exe version 1.0.0.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e40

Start Time: 01d1a9adca6d1a3f

Termination Time: 58

Application Path: C:\Program Files (x86)\R.G. Mechanics\Wolfenstein - The New Order\WolfNewOrder_x64.exe

Report Id: 5b2b72c0-15a1-11e6-9b46-3c77e6d73fa8

Error: (05/07/2016 05:09:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (05/06/2016 10:49:55 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (05/06/2016 10:49:55 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (05/06/2016 08:58:12 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Ayrıntılar:
    İçerik dizini meta kataloğu bozuk.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/06/2016 08:58:12 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Bağlam: Windows Uygulaması

Ayrıntılar:
    İçerik dizini meta kataloğu bozuk.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/06/2016 08:58:12 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Bağlam: Windows Uygulaması, SystemIndex Kataloğu

Ayrıntılar:
    İçerik dizini meta kataloğu bozuk.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/06/2016 08:58:12 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Bağlam: Windows Uygulaması, SystemIndex Kataloğu

Ayrıntılar:
    Eleman bulunamadı.  (HRESULT : 0x80070490) (0x80070490)

Error: (05/06/2016 08:58:11 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Bağlam: Windows Uygulaması, SystemIndex Kataloğu

Ayrıntılar:
    İçerik dizini meta kataloğu bozuk.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/06/2016 08:58:11 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Bağlam: Windows Uygulaması, SystemIndex Kataloğu

Ayrıntılar:
    İçerik dizini bozuk.  (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (05/09/2016 00:49:05 AM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{6F0B9C7A-D6BD-4F5E-BC1A-2D9C2930E0A4}.
The backup browser is stopping.

Error: (05/08/2016 11:19:01 PM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (05/08/2016 11:18:31 PM) (Source: Service Control Manager) (User: )
Description: The Heimdal Secure DNS Service service failed to start due to the following error:
%%1053

Error: (05/08/2016 11:18:31 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Heimdal Secure DNS Service service to connect.

Error: (05/07/2016 00:47:25 PM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (05/07/2016 00:46:02 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modül Yükleyicisi service failed to start due to the following error:
%%1069

Error: (05/07/2016 00:46:02 PM) (Source: Service Control Manager) (User: )
Description: The TrustedInstaller service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (05/07/2016 00:45:59 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv64.dll

Error: (05/07/2016 00:45:59 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv64.dll

Error: (05/07/2016 00:45:32 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv64.dll


Microsoft Office Sessions:
=========================
Error: (05/09/2016 07:49:28 AM) (Source: Application Hang)(User: )
Description: WolfNewOrder_x64.exe1.0.0.2e4001d1a9adca6d1a3f58C:\Program Files (x86)\R.G. Mechanics\Wolfenstein - The New Order\WolfNewOrder_x64.exe5b2b72c0-15a1-11e6-9b46-3c77e6d73fa8

Error: (05/07/2016 05:09:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\win\Desktop\Downloads\esetsmartinstaller_enu.exe

Error: (05/06/2016 10:49:55 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (05/06/2016 10:49:55 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (05/06/2016 08:58:12 AM) (Source: Windows Search Service)(User: )
Description: Ayrıntılar:
    İçerik dizini meta kataloğu bozuk.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/06/2016 08:58:12 AM) (Source: Windows Search Service)(User: )
Description: Bağlam: Windows Uygulaması

Ayrıntılar:
    İçerik dizini meta kataloğu bozuk.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/06/2016 08:58:12 AM) (Source: Windows Search Service)(User: )
Description: Bağlam: Windows Uygulaması, SystemIndex Kataloğu

Ayrıntılar:
    İçerik dizini meta kataloğu bozuk.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/06/2016 08:58:12 AM) (Source: Windows Search Service)(User: )
Description: Bağlam: Windows Uygulaması, SystemIndex Kataloğu

Ayrıntılar:
    Eleman bulunamadı.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (05/06/2016 08:58:11 AM) (Source: Windows Search Service)(User: )
Description: Bağlam: Windows Uygulaması, SystemIndex Kataloğu

Ayrıntılar:
    İçerik dizini meta kataloğu bozuk.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (05/06/2016 08:58:11 AM) (Source: Windows Search Service)(User: )
Description: Bağlam: Windows Uygulaması, SystemIndex Kataloğu

Ayrıntılar:
    İçerik dizini bozuk.  (HRESULT : 0xc0041800) (0xc0041800)


=========================== Installed Programs ============================

Adobe Acrobat Reader DC (Version: 15.010.20060)
Adobe Flash Player 21 ActiveX (Version: 21.0.0.213)
Adobe Flash Player 21 NPAPI (Version: 21.0.0.213)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Alps Pointing-device for VAIO
µTorrent (Version: 3.4.6.42094)
Canon LBP6020
CCleaner (Version: 5.14)
DAEMON Tools Lite (Version: 4.45.1.0236)
Dropbox (Version: 3.18.1)
Dropbox Update Helper (Version: 1.3.39.1)
EPSON L110 Series Printer Uninstall
ESET NOD32 Antivirus (Version: 6.0.316.1)
Far Cry 4 Gold Edition v1.10 versão PT-BR [BR-Repacks.com] (Version: PT-BR [BR-Repacks.com])
GOM Player (Version: 2.1.43.5119)
Google Chrome (Version: 50.0.2661.94)
Google Update Helper (Version: 1.3.29.5)
Heimdal (Version: 1.10.3.686)
Inpaint 6.2
Intel® Driver Update Utility 2.4 (Version: 2.4.0.7)
Intel® Processor Graphics (Version: 10.18.10.4358)
Intel® Driver Update Utility (Version: 2.4.0.7)
Java™ 6 Update 37 (64-bit) (Version: 6.0.370)
K-Lite Codec Pack 9.5.0 (64-bit) (Version: 9.5.0)
Malwarebytes Anti-Malware version 2.2.1.1043 (Version: 2.2.1.1043)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 TRK Dil Paketi (Version: 4.5.50709)
Microsoft .NET Framework 4.5 TRK Language Pack (Version: 4.5.50709)
Microsoft Office 2007 Uyumluluk Paketi (Version: 12.0.6215.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (Version: 11.0.61030.0)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (Version: 11.0.61030.0)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030)
Mozilla Firefox 46.0.1 (x86 en-US) (Version: 46.0.1)
Mozilla Maintenance Service (Version: 46.0.1.5966)
NVIDIA Denetim Masası 355.82 (Version: 355.82)
NVIDIA Güncelleştirmeleri 2.5.14.5 (Version: 2.5.14.5)
NVIDIA Grafik Sürücüsü 355.82 (Version: 355.82)
NVIDIA Install Application (Version: 2.1002.186.1591)
NVIDIA Optimus Update 2.5.14.5 (Version: 2.5.14.5)
Realtek High Definition Audio Driver (Version: 6.0.1.7592)
Synaptics Pointing Device Driver (Version: 19.0.5.0)
Tweaking.com - Simple System Tweaker (Version: 2.1.0)
Tweaking.com - Windows Repair (All in One) (Version: 2.9.2)
VirtualCloneDrive
WinRAR 5.30 (64-bit) (Version: 5.30.0)
Wolfenstein - The New Order
Zemana AntiMalware (Version: 2.20.613)

========================= Devices: ================================

Name: DAEMON Tools Virtual Bus
Description: DAEMON Tools Virtual Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: DT Soft Ltd
Service: dtsoftbus01
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.


========================= Memory info: ===================================

Percentage of memory in use: 74%
Total physical RAM: 3977.88 MB
Available physical RAM: 1011.98 MB
Total Pagefile: 43746.09 MB
Available Pagefile: 40038.7 MB
Total Virtual: 4095.88 MB
Available Virtual: 3943.64 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:421.91 GB) (Free:87.03 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.3 GB) NTFS
3 Drive e: (Yeni) (CDROM) (Total:1.37 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\WIN-BILGISAYAR

Administrator            Guest                    win                      


**** End of log ****
SecurityCheck by glax24 & Severnyj v.1.4.0.39 [23.04.16]
WebSite: www.safezone.cc
DateLog: 09.05.2016 11:05:36
Path starting: C:\Users\win\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: win
VersionXML: 2.86is-05.05.2016
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x64) Ultimate Lang: 041F
Installation date OS: 31.12.2012 22:18:11
LicenseStatus: Windows® 7, Ultimate edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
SystemDrive: C: FS: [NTFS] Capacity: [421.9 Gb] Used: [334.9 Gb] Free: [87 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.17843 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Automatic Updates disabled
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service is running
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
ESET NOD32 Antivirus 6.0 (disabled and out of date)
Windows Defender (enabled and out of date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
ESET NOD32 Antivirus v.6.0.316.1
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.20.613
--------------------------- [ OtherUtilities ] ----------------------------
WinRAR 5.30 (64-bit) v.5.30.0 Warning! Download Update
Microsoft Silverlight v.5.1.10411.0 Warning! Download Update
--------------------------------- [ P2P ] ---------------------------------
µTorrent v.3.4.6.42094 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java™ 6 Update 37 (64-bit) v.6.0.370 Warning! Download Update
Uninstall old version and install new one. Should install Java 8.
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 21 ActiveX v.21.0.0.213
Adobe Flash Player 21 NPAPI v.21.0.0.213
Adobe Shockwave Player 11.6 v.11.6.6.636 Warning! Download Update
Adobe Acrobat Reader DC v.15.010.20060
------------------------------- [ Browser ] -------------------------------
Google Chrome v.50.0.2661.94
Mozilla Firefox 46.0.1 (x86 en-US) v.46.0.1
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Mozilla Firefox\firefox.exe v.46.0.1.5966
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe v.6.0.316.0
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe v.6.0.316.0
----------------------------- [ End of Log ] ------------------------------

 



#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:38 AM

Posted 09 May 2016 - 09:34 PM

Please update the software suggested, and then post a new security check log. :) 



#8 puertorico

puertorico
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 10 May 2016 - 05:06 PM

Hi, and thanks for your attention to my problem.

 

I have deleted both the old Java and installed Java 8, and ESET and replaced it with Dr Web.

I am unable to update windows, although I used the update fix from Microsoft, no change.. Any ideas ?

 

 

SecurityCheck by glax24 & Severnyj v.1.4.0.39 [23.04.16]
WebSite: www.safezone.cc
DateLog: 11.05.2016 01:02:39
Path starting: C:\Users\win\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: win
VersionXML: 2.87is-10.05.2016
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x64) Ultimate Lang: 041F
Installation date OS: 31.12.2012 22:18:11
LicenseStatus: Windows® 7, Ultimate edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
SystemDrive: C: FS: [NTFS] Capacity: [421.9 Gb] Used: [347.8 Gb] Free: [74.1 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.17843 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Automatic Updates disabled
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service is running
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Dr.Web Anti-virus (enabled)
---------------------------- [ Firewall_WMI ] -----------------------------
Dr.Web Firewall (enabled)
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (disabled and up to date)
Dr.Web Anti-virus (enabled)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Dr.Web Anti-virus for Windows v.11.0.3.04210
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.20.613
--------------------------- [ OtherUtilities ] ----------------------------
WinRAR 5.31 (64-bit) v.5.31.0
Microsoft Silverlight v.5.1.10411.0 Warning! Download Update
--------------------------------- [ P2P ] ---------------------------------
µTorrent v.3.4.6.42094 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 92 (64-bit) v.8.0.920.14
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 21 ActiveX v.21.0.0.213
Adobe Flash Player 21 NPAPI v.21.0.0.213
Adobe Shockwave Player 12.2 v.12.2.4.194
Adobe Shockwave Player 11.6 v.11.6.6.636 Warning! Download Update
Adobe Acrobat Reader DC v.15.010.20060 Warning! Download Update
------------------------------- [ Browser ] -------------------------------
Google Chrome v.50.0.2661.94
Mozilla Firefox 46.0.1 (x86 en-US) v.46.0.1
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Mozilla Firefox\firefox.exe v.46.0.1.5966
C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe v.11.0.1.10200
C:\Program Files\DrWeb\dwservice.exe v.11.0.5.2091
C:\Program Files\DrWeb\dwnetfilter.exe v.11.0.4.1150
C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwarkdaemon.exe v.11.0.1.10200
C:\Program Files\DrWeb\spideragent.exe v.11.0.4.1182
----------------------------- [ End of Log ] ------------------------------
 



#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:38 AM

Posted 11 May 2016 - 04:27 PM

Install (use the direct download) the Tweaking.com - Windows all in one repair tool. Then boot Windows into Safe Mode, (Make Certain To Run This Program As Administrator) then run through the Prescan on step 2 tab. Then skip to step 5 and create  a system restore point. Then go to the repair tab...

Notice create a registry backup is ticked by default, so no need to do so in step 5...n5ppx0l.png

Now run the program, with the  All Default boxes ticked!!

Important: Make certain to reboot twice after running this tool!!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users