Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

how i download antivirus programms all antivirus webs is blocked or something


  • Please log in to reply
10 replies to this topic

#1 davaawarden

davaawarden

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 24 September 2016 - 05:45 AM

all antivirus websites doesn't work. i think because of viruses. and my registry editor doesn't work too. start>run>regedit> open notepad and doesn't work


Please help me T_T

Attached Files

  • Attached File  rrrr.png   1MB   0 downloads
  • Attached File  rw.png   135.03KB   0 downloads

Edited by hamluis, 24 September 2016 - 06:39 AM.
Moved from MRL to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 The_Codesee

The_Codesee

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:02:48 AM

Posted 24 September 2016 - 07:07 AM

Hello! My name is The Codesee, nice to meet you  :)

 

and my registry editor doesn't work too

 

Are you talking about the built-in regedit or a registry editor downloaded from the internet?

 

Please follow the steps below:

 

:step1: Please download MiniToolBox to your desktop
 

1. Double click MiniToolBox

2. Select the items below and press go

3. Post the log in your next reply

  • List Installed Programs
  • List Restore Points
  • List last 10 Event Viewer log
  • Flush DNS
:step2: Please download Security Check to your desktop
 

1. Double click SecurityCheck and follow the on-screen instructions.

2. A log should open called checkup.txt.

3. Post the log in your next reply

 

:step3: Please download TFC (Temp File Cleaner) to your desktop

 

1. Close all open applications

2. Double click TFC

3. Click the start button and the program will run

4. When done, press OK to restart your computer

 

Logs I expect in your next reply:

  1. MiniToolBox Log
  2. Security Check Log

Edited by The_Codesee, 24 September 2016 - 07:10 AM.


#3 davaawarden

davaawarden
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 24 September 2016 - 10:34 AM

Hi Codesee nice to meet you

Checkup Notepad

 Results of screen317's Security Check version 1.014 --- 12/23/15  
 Windows 7  x86 (UAC is disabled!)  
 Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player     23.0.0.162  
 Mozilla Firefox (48.0.2)
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````


MTB notepad

MiniToolBox by Farbar  Version: 17-06-2016
Ran by pc (administrator) on 24-09-2016 at 23:34:18
Running from "C:\Users\pc\Downloads"
Microsoft Windows 7 Ultimate   (X86)
Model: To Be Filled By O.E.M. Manufacturer: To Be Filled By O.E.M.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/24/2016 11:33:28 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: The volume (C:) was not defragmented because an error was encountered: Access is denied. (0x80070005)

Error: (09/24/2016 11:33:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: wmpnetwk.exe, version: 12.0.7600.16385, time stamp: 0x4a5bccb3
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdaae
Exception code: 0xc06d007f
Fault offset: 0x00009617
Faulting process id: 0x2f04
Faulting application start time: 0xwmpnetwk.exe0
Faulting application path: wmpnetwk.exe1
Faulting module path: wmpnetwk.exe2
Report Id: wmpnetwk.exe3

Error: (09/24/2016 11:32:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: wmpnetwk.exe, version: 12.0.7600.16385, time stamp: 0x4a5bccb3
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdaae
Exception code: 0xc06d007f
Fault offset: 0x00009617
Faulting process id: 0x26f8
Faulting application start time: 0xwmpnetwk.exe0
Faulting application path: wmpnetwk.exe1
Faulting module path: wmpnetwk.exe2
Report Id: wmpnetwk.exe3

Error: (09/24/2016 11:31:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: wmpnetwk.exe, version: 12.0.7600.16385, time stamp: 0x4a5bccb3
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdaae
Exception code: 0xc06d007f
Fault offset: 0x00009617
Faulting process id: 0x1fd0
Faulting application start time: 0xwmpnetwk.exe0
Faulting application path: wmpnetwk.exe1
Faulting module path: wmpnetwk.exe2
Report Id: wmpnetwk.exe3

Error: (09/24/2016 11:30:20 PM) (Source: Software Protection Platform Service) (User: )
Description: The Software Protection service failed to start. 0xD0000022
6.1.7600.16385

Error: (09/24/2016 11:28:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweak.exe, version: 2.4.9.2, time stamp: 0x52648665
Faulting module name: Exeio.dll, version: 1.0.6.3, time stamp: 0x52521caf
Exception code: 0xc0000005
Fault offset: 0x00005197
Faulting process id: 0xe54
Faulting application start time: 0xGPUTweak.exe0
Faulting application path: GPUTweak.exe1
Faulting module path: GPUTweak.exe2
Report Id: GPUTweak.exe3

Error: (09/24/2016 11:25:55 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweak.exe, version: 2.4.9.2, time stamp: 0x52648665
Faulting module name: Exeio.dll, version: 1.0.6.3, time stamp: 0x52521caf
Exception code: 0xc0000005
Fault offset: 0x00005197
Faulting process id: 0xf0c
Faulting application start time: 0xGPUTweak.exe0
Faulting application path: GPUTweak.exe1
Faulting module path: GPUTweak.exe2
Report Id: GPUTweak.exe3

Error: (09/24/2016 06:00:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweak.exe, version: 2.4.9.2, time stamp: 0x52648665
Faulting module name: Exeio.dll, version: 1.0.6.3, time stamp: 0x52521caf
Exception code: 0xc0000005
Fault offset: 0x00005197
Faulting process id: 0xd9c
Faulting application start time: 0xGPUTweak.exe0
Faulting application path: GPUTweak.exe1
Faulting module path: GPUTweak.exe2
Report Id: GPUTweak.exe3

Error: (09/24/2016 05:44:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweak.exe, version: 2.4.9.2, time stamp: 0x52648665
Faulting module name: Exeio.dll, version: 1.0.6.3, time stamp: 0x52521caf
Exception code: 0xc0000005
Fault offset: 0x00005197
Faulting process id: 0xbc0
Faulting application start time: 0xGPUTweak.exe0
Faulting application path: GPUTweak.exe1
Faulting module path: GPUTweak.exe2
Report Id: GPUTweak.exe3

Error: (09/24/2016 05:16:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweak.exe, version: 2.4.9.2, time stamp: 0x52648665
Faulting module name: Exeio.dll, version: 1.0.6.3, time stamp: 0x52521caf
Exception code: 0xc0000005
Fault offset: 0x00005197
Faulting process id: 0xd48
Faulting application start time: 0xGPUTweak.exe0
Faulting application path: GPUTweak.exe1
Faulting module path: GPUTweak.exe2
Report Id: GPUTweak.exe3


System errors:
=============
Error: (09/24/2016 11:33:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 3 time(s).

Error: (09/24/2016 11:32:56 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070057

Error: (09/24/2016 11:32:56 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070505

Error: (09/24/2016 11:32:56 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070057

Error: (09/24/2016 11:32:56 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070505

Error: (09/24/2016 11:32:56 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070505

Error: (09/24/2016 11:32:26 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (09/24/2016 11:32:02 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070057

Error: (09/24/2016 11:32:02 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070505

Error: (09/24/2016 11:32:02 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070057


Microsoft Office Sessions:
=========================
Error: (09/24/2016 11:33:28 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: (C:)Access is denied. (0x80070005)

Error: (09/24/2016 11:33:04 PM) (Source: Application Error)(User: )
Description: wmpnetwk.exe12.0.7600.163854a5bccb3KERNELBASE.dll6.1.7600.163854a5bdaaec06d007f000096172f0401d216708ab9ad69C:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\KERNELBASE.dllcd5112e3-8263-11e6-9a43-00e04c680083

Error: (09/24/2016 11:32:26 PM) (Source: Application Error)(User: )
Description: wmpnetwk.exe12.0.7600.163854a5bccb3KERNELBASE.dll6.1.7600.163854a5bdaaec06d007f0000961726f801d216706a5ca1bbC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\KERNELBASE.dllb65e70a3-8263-11e6-9a43-00e04c680083

Error: (09/24/2016 11:31:25 PM) (Source: Application Error)(User: )
Description: wmpnetwk.exe12.0.7600.163854a5bccb3KERNELBASE.dll6.1.7600.163854a5bdaaec06d007f000096171fd001d216702a622b61C:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\KERNELBASE.dll9245ee91-8263-11e6-9a43-00e04c680083

Error: (09/24/2016 11:30:20 PM) (Source: Software Protection Platform Service)(User: )
Description: 0xD00000226.1.7600.16385

Error: (09/24/2016 11:28:41 PM) (Source: Application Error)(User: )
Description: GPUTweak.exe2.4.9.252648665Exeio.dll1.0.6.352521cafc000000500005197e5401d2166fe17139f1C:\Program Files\ASUS\GPU Tweak\GPUTweak.exeC:\Program Files\ASUS\GPU Tweak\Exeio.dll30068f59-8263-11e6-9a43-00e04c680083

Error: (09/24/2016 11:25:55 PM) (Source: Application Error)(User: )
Description: GPUTweak.exe2.4.9.252648665Exeio.dll1.0.6.352521cafc000000500005197f0c01d2166f878afa9aC:\Program Files\ASUS\GPU Tweak\GPUTweak.exeC:\Program Files\ASUS\GPU Tweak\Exeio.dllcd9aa22e-8262-11e6-bd58-00e04c680083

Error: (09/24/2016 06:00:11 PM) (Source: Application Error)(User: )
Description: GPUTweak.exe2.4.9.252648665Exeio.dll1.0.6.352521cafc000000500005197d9c01d21641ff68563aC:\Program Files\ASUS\GPU Tweak\GPUTweak.exeC:\Program Files\ASUS\GPU Tweak\Exeio.dll4c77b501-8235-11e6-9586-00e04c680083

Error: (09/24/2016 05:44:40 PM) (Source: Application Error)(User: )
Description: GPUTweak.exe2.4.9.252648665Exeio.dll1.0.6.352521cafc000000500005197bc001d2163fdfb12fa8C:\Program Files\ASUS\GPU Tweak\GPUTweak.exeC:\Program Files\ASUS\GPU Tweak\Exeio.dll218776a8-8233-11e6-aa39-00e04c680083

Error: (09/24/2016 05:16:43 PM) (Source: Application Error)(User: )
Description: GPUTweak.exe2.4.9.252648665Exeio.dll1.0.6.352521cafc000000500005197d4801d2163bfad779d0C:\Program Files\ASUS\GPU Tweak\GPUTweak.exeC:\Program Files\ASUS\GPU Tweak\Exeio.dll3a06429e-822f-11e6-9ff1-00e04c680083


=========================== Installed Programs ============================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Acrobat.com (HKLM\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\{00203668-8170-44A0-BE44-B632FA4D780F}) (Version: 1.0.8.4990 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-000182420219}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 372.54 - NVIDIA Corporation) Hidden
ASUS GPU Tweak (HKLM\...\{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU Tweak (HKLM\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Avira Launcher (HKLM\...\{af1966e2-5e60-4d93-8a48-c21462a87e3c}) (Version: 1.2.71.9779 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
GPUTweakStreaming (HKLM\...\{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS) Hidden
GPUTweakStreaming (HKLM\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
IDM Crack 6.25 build 25 (HKLM\...\IDM Crack 6.25 build 25) (Version: build 25 - Crackingpatching.com Team)
IDM Crack 6.26 build 2 (HKLM\...\IDM Crack 6.26 build 2) (Version: build 2 - Crackingpatching.com Team)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version:  - Tonec Inc.)
League of Legends (HKLM\...\{31AC3B64-AB6C-4659-BB1A-EEDFBA9B98F7}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mortal Kombat Komplete Edition (HKLM\...\Mortal Kombat Komplete Edition_is1) (Version: Mortal Kombat Komplete Edition - )
Mozilla Firefox 48.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 48.0.2 (x86 en-US)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OSC Third Party Libraries (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSCLib) (Version: 1.1 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Total War: ROME II Hannibal at the Gates (HKLM\...\VG90YWxXYXJST01FSUk=_is1) (Version: 1 - )
Vista Shortcut Manager (HKLM\...\{47609E69-4C5E-48B1-A889-24C6B82B5C04}) (Version: 2.0 - Frameworkx)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinZip (HKLM\...\WinZip) (Version: 2.2.98 - Winzipper Pvt Ltd.)
========================= Restore Points ==================================


**** End of log ****


 



#4 davaawarden

davaawarden
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 24 September 2016 - 10:37 AM

and last 1 is when programm run my pc is shut down and blue screen counted critcal .... sorry for my language



#5 davaawarden

davaawarden
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 24 September 2016 - 10:43 AM

 

Hello! My name is The Codesee, nice to meet you  :)

 

and my registry editor doesn't work too

 

Are you talking about the built-in regedit or a registry editor downloaded from the internet?

 

Please follow the steps below:

 

:step1: Please download MiniToolBox to your desktop
 

1. Double click MiniToolBox

2. Select the items below and press go

3. Post the log in your next reply

  • List Installed Programs
  • List Restore Points
  • List last 10 Event Viewer log
  • Flush DNS
:step2: Please download Security Check to your desktop
 

1. Double click SecurityCheck and follow the on-screen instructions.

2. A log should open called checkup.txt.

3. Post the log in your next reply

 

:step3: Please download TFC (Temp File Cleaner) to your desktop

 

1. Close all open applications

2. Double click TFC

3. Click the start button and the program will run

4. When done, press OK to restart your computer

 

Logs I expect in your next reply:

  1. MiniToolBox Log
  2. Security Check Log

 

 Results of screen317's Security Check version 1.014 --- 12/23/15  
 Windows 7  x86 (UAC is disabled!)  
 Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player     23.0.0.162  
 Mozilla Firefox (48.0.2)
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````


MiniToolBox by Farbar  Version: 17-06-2016
Ran by pc (administrator) on 24-09-2016 at 23:34:18
Running from "C:\Users\pc\Downloads"
Microsoft Windows 7 Ultimate   (X86)
Model: To Be Filled By O.E.M. Manufacturer: To Be Filled By O.E.M.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/24/2016 11:33:28 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: The volume (C:) was not defragmented because an error was encountered: Access is denied. (0x80070005)

Error: (09/24/2016 11:33:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: wmpnetwk.exe, version: 12.0.7600.16385, time stamp: 0x4a5bccb3
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdaae
Exception code: 0xc06d007f
Fault offset: 0x00009617
Faulting process id: 0x2f04
Faulting application start time: 0xwmpnetwk.exe0
Faulting application path: wmpnetwk.exe1
Faulting module path: wmpnetwk.exe2
Report Id: wmpnetwk.exe3

Error: (09/24/2016 11:32:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: wmpnetwk.exe, version: 12.0.7600.16385, time stamp: 0x4a5bccb3
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdaae
Exception code: 0xc06d007f
Fault offset: 0x00009617
Faulting process id: 0x26f8
Faulting application start time: 0xwmpnetwk.exe0
Faulting application path: wmpnetwk.exe1
Faulting module path: wmpnetwk.exe2
Report Id: wmpnetwk.exe3

Error: (09/24/2016 11:31:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: wmpnetwk.exe, version: 12.0.7600.16385, time stamp: 0x4a5bccb3
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdaae
Exception code: 0xc06d007f
Fault offset: 0x00009617
Faulting process id: 0x1fd0
Faulting application start time: 0xwmpnetwk.exe0
Faulting application path: wmpnetwk.exe1
Faulting module path: wmpnetwk.exe2
Report Id: wmpnetwk.exe3

Error: (09/24/2016 11:30:20 PM) (Source: Software Protection Platform Service) (User: )
Description: The Software Protection service failed to start. 0xD0000022
6.1.7600.16385

Error: (09/24/2016 11:28:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweak.exe, version: 2.4.9.2, time stamp: 0x52648665
Faulting module name: Exeio.dll, version: 1.0.6.3, time stamp: 0x52521caf
Exception code: 0xc0000005
Fault offset: 0x00005197
Faulting process id: 0xe54
Faulting application start time: 0xGPUTweak.exe0
Faulting application path: GPUTweak.exe1
Faulting module path: GPUTweak.exe2
Report Id: GPUTweak.exe3

Error: (09/24/2016 11:25:55 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweak.exe, version: 2.4.9.2, time stamp: 0x52648665
Faulting module name: Exeio.dll, version: 1.0.6.3, time stamp: 0x52521caf
Exception code: 0xc0000005
Fault offset: 0x00005197
Faulting process id: 0xf0c
Faulting application start time: 0xGPUTweak.exe0
Faulting application path: GPUTweak.exe1
Faulting module path: GPUTweak.exe2
Report Id: GPUTweak.exe3

Error: (09/24/2016 06:00:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweak.exe, version: 2.4.9.2, time stamp: 0x52648665
Faulting module name: Exeio.dll, version: 1.0.6.3, time stamp: 0x52521caf
Exception code: 0xc0000005
Fault offset: 0x00005197
Faulting process id: 0xd9c
Faulting application start time: 0xGPUTweak.exe0
Faulting application path: GPUTweak.exe1
Faulting module path: GPUTweak.exe2
Report Id: GPUTweak.exe3

Error: (09/24/2016 05:44:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweak.exe, version: 2.4.9.2, time stamp: 0x52648665
Faulting module name: Exeio.dll, version: 1.0.6.3, time stamp: 0x52521caf
Exception code: 0xc0000005
Fault offset: 0x00005197
Faulting process id: 0xbc0
Faulting application start time: 0xGPUTweak.exe0
Faulting application path: GPUTweak.exe1
Faulting module path: GPUTweak.exe2
Report Id: GPUTweak.exe3

Error: (09/24/2016 05:16:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweak.exe, version: 2.4.9.2, time stamp: 0x52648665
Faulting module name: Exeio.dll, version: 1.0.6.3, time stamp: 0x52521caf
Exception code: 0xc0000005
Fault offset: 0x00005197
Faulting process id: 0xd48
Faulting application start time: 0xGPUTweak.exe0
Faulting application path: GPUTweak.exe1
Faulting module path: GPUTweak.exe2
Report Id: GPUTweak.exe3


System errors:
=============
Error: (09/24/2016 11:33:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 3 time(s).

Error: (09/24/2016 11:32:56 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070057

Error: (09/24/2016 11:32:56 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070505

Error: (09/24/2016 11:32:56 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070057

Error: (09/24/2016 11:32:56 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070505

Error: (09/24/2016 11:32:56 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070505

Error: (09/24/2016 11:32:26 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (09/24/2016 11:32:02 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070057

Error: (09/24/2016 11:32:02 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070505

Error: (09/24/2016 11:32:02 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070057


Microsoft Office Sessions:
=========================
Error: (09/24/2016 11:33:28 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: (C:)Access is denied. (0x80070005)

Error: (09/24/2016 11:33:04 PM) (Source: Application Error)(User: )
Description: wmpnetwk.exe12.0.7600.163854a5bccb3KERNELBASE.dll6.1.7600.163854a5bdaaec06d007f000096172f0401d216708ab9ad69C:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\KERNELBASE.dllcd5112e3-8263-11e6-9a43-00e04c680083

Error: (09/24/2016 11:32:26 PM) (Source: Application Error)(User: )
Description: wmpnetwk.exe12.0.7600.163854a5bccb3KERNELBASE.dll6.1.7600.163854a5bdaaec06d007f0000961726f801d216706a5ca1bbC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\KERNELBASE.dllb65e70a3-8263-11e6-9a43-00e04c680083

Error: (09/24/2016 11:31:25 PM) (Source: Application Error)(User: )
Description: wmpnetwk.exe12.0.7600.163854a5bccb3KERNELBASE.dll6.1.7600.163854a5bdaaec06d007f000096171fd001d216702a622b61C:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\KERNELBASE.dll9245ee91-8263-11e6-9a43-00e04c680083

Error: (09/24/2016 11:30:20 PM) (Source: Software Protection Platform Service)(User: )
Description: 0xD00000226.1.7600.16385

Error: (09/24/2016 11:28:41 PM) (Source: Application Error)(User: )
Description: GPUTweak.exe2.4.9.252648665Exeio.dll1.0.6.352521cafc000000500005197e5401d2166fe17139f1C:\Program Files\ASUS\GPU Tweak\GPUTweak.exeC:\Program Files\ASUS\GPU Tweak\Exeio.dll30068f59-8263-11e6-9a43-00e04c680083

Error: (09/24/2016 11:25:55 PM) (Source: Application Error)(User: )
Description: GPUTweak.exe2.4.9.252648665Exeio.dll1.0.6.352521cafc000000500005197f0c01d2166f878afa9aC:\Program Files\ASUS\GPU Tweak\GPUTweak.exeC:\Program Files\ASUS\GPU Tweak\Exeio.dllcd9aa22e-8262-11e6-bd58-00e04c680083

Error: (09/24/2016 06:00:11 PM) (Source: Application Error)(User: )
Description: GPUTweak.exe2.4.9.252648665Exeio.dll1.0.6.352521cafc000000500005197d9c01d21641ff68563aC:\Program Files\ASUS\GPU Tweak\GPUTweak.exeC:\Program Files\ASUS\GPU Tweak\Exeio.dll4c77b501-8235-11e6-9586-00e04c680083

Error: (09/24/2016 05:44:40 PM) (Source: Application Error)(User: )
Description: GPUTweak.exe2.4.9.252648665Exeio.dll1.0.6.352521cafc000000500005197bc001d2163fdfb12fa8C:\Program Files\ASUS\GPU Tweak\GPUTweak.exeC:\Program Files\ASUS\GPU Tweak\Exeio.dll218776a8-8233-11e6-aa39-00e04c680083

Error: (09/24/2016 05:16:43 PM) (Source: Application Error)(User: )
Description: GPUTweak.exe2.4.9.252648665Exeio.dll1.0.6.352521cafc000000500005197d4801d2163bfad779d0C:\Program Files\ASUS\GPU Tweak\GPUTweak.exeC:\Program Files\ASUS\GPU Tweak\Exeio.dll3a06429e-822f-11e6-9ff1-00e04c680083


=========================== Installed Programs ============================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Acrobat.com (HKLM\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\{00203668-8170-44A0-BE44-B632FA4D780F}) (Version: 1.0.8.4990 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-000182420219}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 372.54 - NVIDIA Corporation) Hidden
ASUS GPU Tweak (HKLM\...\{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU Tweak (HKLM\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Avira Launcher (HKLM\...\{af1966e2-5e60-4d93-8a48-c21462a87e3c}) (Version: 1.2.71.9779 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
GPUTweakStreaming (HKLM\...\{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS) Hidden
GPUTweakStreaming (HKLM\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
IDM Crack 6.25 build 25 (HKLM\...\IDM Crack 6.25 build 25) (Version: build 25 - Crackingpatching.com Team)
IDM Crack 6.26 build 2 (HKLM\...\IDM Crack 6.26 build 2) (Version: build 2 - Crackingpatching.com Team)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version:  - Tonec Inc.)
League of Legends (HKLM\...\{31AC3B64-AB6C-4659-BB1A-EEDFBA9B98F7}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mortal Kombat Komplete Edition (HKLM\...\Mortal Kombat Komplete Edition_is1) (Version: Mortal Kombat Komplete Edition - )
Mozilla Firefox 48.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 48.0.2 (x86 en-US)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OSC Third Party Libraries (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSCLib) (Version: 1.1 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Total War: ROME II Hannibal at the Gates (HKLM\...\VG90YWxXYXJST01FSUk=_is1) (Version: 1 - )
Vista Shortcut Manager (HKLM\...\{47609E69-4C5E-48B1-A889-24C6B82B5C04}) (Version: 2.0 - Frameworkx)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinZip (HKLM\...\WinZip) (Version: 2.2.98 - Winzipper Pvt Ltd.)
========================= Restore Points ==================================


**** End of log ****
 



#6 The_Codesee

The_Codesee

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:02:48 AM

Posted 24 September 2016 - 11:15 AM

Thank you for the logs.
 
I have gathered that you have not installed SP1 for your Windows 7 computer - please download it from the following URL: https://www.microsoft.com/en-us/download/details.aspx?id=5842
 
Peer to Peer (P2P) Warning
 
You currently have µTorrent installed - this can be a huge contributor to infecting computers. Ransomware is also known to be spread through P2P file transfers. I highly recommend you remove µTorrent or at-least until your computer is clean.
 
:step1: Please uninstall some programs

 

There's currently some programs on your PC that we need to remove. Press the Windows + R key on your keyboard and type in appwiz.cpl and press enter. Navigate to each of the following below one-by-one and click uninstall:

  • IDM Crack 6.25 build 25
  • IDM Crack 6.26 build 2

:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log:

  • On the Malwarebytes Anti-Malware dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Please download AdwCleaner to your desktop

  • Double click adwcleaner_x.xxx.exe.
  • If prompted, click I agree.
  • Click scan. When it's finished, select clean.
  • Allow AdwCleaner to restart your computer.
  • Once your computer's restarted, a log should appear.
  • Please post this in your next reply.

:step4: Please download Junkware Removal Tool to your desktop

  • Double click JRT.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • Press any key and the scan will begin.
  • At the end, a log will open. Please post this in your next reply.

Logs I expect in your next reply:

  • Malwarebytes Log
  • AdwCleaner Log
  • Junkware Removal Tool (JRT) Log

Please also update me on the status of the computer


Edited by The_Codesee, 24 September 2016 - 11:19 AM.


#7 davaawarden

davaawarden
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 24 September 2016 - 08:50 PM

Thank you for the logs.
 
I have gathered that you have not installed SP1 for your Windows 7 computer - please download it from the following URL: https://www.microsoft.com/en-us/download/details.aspx?id=5842
 
Peer to Peer (P2P) Warning
 
You currently have µTorrent installed - this can be a huge contributor to infecting computers. Ransomware is also known to be spread through P2P file transfers. I highly recommend you remove µTorrent or at-least until your computer is clean.
 
:step1: Please uninstall some programs

 

There's currently some programs on your PC that we need to remove. Press the Windows + R key on your keyboard and type in appwiz.cpl and press enter. Navigate to each of the following below one-by-one and click uninstall:

  • IDM Crack 6.25 build 25
  • IDM Crack 6.26 build 2

:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log:

  • On the Malwarebytes Anti-Malware dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Please download AdwCleaner to your desktop

  • Double click adwcleaner_x.xxx.exe.
  • If prompted, click I agree.
  • Click scan. When it's finished, select clean.
  • Allow AdwCleaner to restart your computer.
  • Once your computer's restarted, a log should appear.
  • Please post this in your next reply.

:step4: Please download Junkware Removal Tool to your desktop

  • Double click JRT.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • Press any key and the scan will begin.
  • At the end, a log will open. Please post this in your next reply.

Logs I expect in your next reply:

  • Malwarebytes Log
  • AdwCleaner Log
  • Junkware Removal Tool (JRT) Log

Please also update me on the status of the computer

i cant download Malwarebytes Anti-Malware   its called server is not found .... problem loading page Firefox can't find the server at www.malwarebytes.org.
how i download this programm



#8 JohnC_21

JohnC_21

  • Members
  • 23,286 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:48 PM

Posted 24 September 2016 - 09:06 PM

If you have access to another computer download and copy the installer of Malwarebytes to a USB flash drive, transfer it to your problem computer and launch it. It may be safer to burn the Malwarebytes installer to a CD as your USB flash drive may get infected depending on what malware if any is on the computer. At the same time you burn Malwarebytes to the computer also put Adwcleaner and Junkware Removal Tool on the CD.



#9 The_Codesee

The_Codesee

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:02:48 AM

Posted 25 September 2016 - 04:23 AM

I have uploaded the Malwarebytes Anti-Malware download file to the following URL: http://www.filedropper.com/mbam-setup-2211043_1

 

Please try to download it from there.



#10 davaawarden

davaawarden
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 25 September 2016 - 11:07 PM

# AdwCleaner v6.020 - Logfile created 25/09/2016 at 10:52:06
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-09-24.2 [Server]
# Operating System : Windows 7 Ultimate  (X86)
# Username : pc - PC-PC
# Running from : C:\Users\pc\Downloads\adwcleaner_6.020.exe
# Mode: Clean
# Support : https://toolslib.net/forum



***** [ Services ] *****

[-] Service deleted: SPnP3
[-] Service deleted: SPnP4
[-] Service deleted: SPnP5
[-] Service deleted: SPnP6
[-] Service deleted: Undp33
[-] Service deleted: Undp44
[-] Service deleted: Undp55
[-] Service deleted: Undp66
[-] Service deleted: iSafeKrnlBoot
[-] Service deleted: iSafeKrnlR3
[-] Service deleted: iSafeNetFilter
[-] Service deleted: iSafeService
[-] Service deleted: torchcrashhandler
[-] Service deleted: winzipersvc
[-] Service deleted: BugreportW
[-] Service deleted: winsaber
[-] Service deleted: CommandHandler
[-] Service deleted: FirefoxU


***** [ Folders ] *****

[-] Folder deleted: C:\Users\pc\AppData\Roaming\eCyber
[-] Folder deleted: C:\Users\pc\AppData\Roaming\Elex-tech
[-] Folder deleted: C:\Users\pc\AppData\Roaming\WinZiper
[-] Folder deleted: C:\Users\pc\AppData\Roaming\Uncheckit
[-] Folder deleted: C:\ProgramData\ChelfNotify
[#] Folder deleted on reboot: C:\ProgramData\Application Data\ChelfNotify
[-] Folder deleted: C:\Program Files\Elex-tech
[#] Folder deleted on reboot: C:\Program Files\WinZipper
[-] Folder deleted: C:\Program Files\SPnP6
[-] Folder deleted: C:\Program Files\SPnP5
[-] Folder deleted: C:\Program Files\SPnP4
[-] Folder deleted: C:\Program Files\SPnP3
[-] Folder deleted: C:\Windows\system32\_SSpm
[-] Folder deleted: C:\Windows\system32\_tWm
[-] Folder deleted: C:\Windows\system32\config\systemprofile\AppData\Roaming\Uncheckit
[-] Folder deleted: C:\Users\Public\Documents\dmp
[-] Folder deleted: C:\Program Files\Firefox


***** [ Files ] *****

[-] File deleted: C:\Program Files\Mozilla Firefox\wtsapi32.dll
[-] File deleted: C:\Windows\Reimage.ini
[-] File deleted: C:\Windows\system32\findit.xml
[-] File deleted: C:\Windows\system32\drivers\iSafeKrnlBoot.sys
[-] File deleted: C:\Windows\system32\drivers\iSafeNetFilter.sys
[#] File deleted: C:\Program Files\Mozilla Firefox\wtsapi32.dll
[-] File deleted: C:\prefs.js
[-] File deleted: C:\Users\pc\AppData\Roaming\Mozilla\Profiles\veguuvv4.Warden\searchplugins\findit.xml
[#] File deleted: C:\Program Files\Mozilla Firefox\wtsapi32.dll
[-] File deleted: C:\Users\pc\AppData\Roaming\Mozilla\Profiles\veguuvv4.Warden\searchplugins\nice.xml
[#] File deleted: C:\Program Files\Mozilla Firefox\wtsapi32.dll
[#] File deleted: C:\Program Files\Mozilla Firefox\wtsapi32.dll


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\a37650ad-92de-bc2b-c752-da2e8239b9d9
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.001
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.z
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[-] Key deleted: HKLM\SOFTWARE\Classes\MTview.bmp
[-] Key deleted: HKLM\SOFTWARE\Classes\MTview.dib
[-] Key deleted: HKLM\SOFTWARE\Classes\MTview.emf
[-] Key deleted: HKLM\SOFTWARE\Classes\MTview.exif
[-] Key deleted: HKLM\SOFTWARE\Classes\MTview.gif
[-] Key deleted: HKLM\SOFTWARE\Classes\MTview.ico
[-] Key deleted: HKLM\SOFTWARE\Classes\MTview.jfif
[-] Key deleted: HKLM\SOFTWARE\Classes\MTview.jpe
[-] Key deleted: HKLM\SOFTWARE\Classes\MTview.jpeg
[-] Key deleted: HKLM\SOFTWARE\Classes\MTview.jpg
[-] Key deleted: HKLM\SOFTWARE\Classes\MTview.png
[-] Key deleted: HKLM\SOFTWARE\Classes\MTview.tif
[-] Key deleted: HKLM\SOFTWARE\Classes\MTview.tiff
[-] Key deleted: HKLM\SOFTWARE\Classes\MTview.wmf
[-] Key deleted: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key deleted: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key deleted: HKU\S-1-5-21-3920709836-686679621-2781559053-1000\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key deleted: HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{6E727987-C8EA-44DA-8749-310C0FBE3C3E}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F}
[-] Key deleted: HKLM\SOFTWARE\Classes\SOFTWARE\Classes\CLSID\{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{357D32FC-F0AE-4B37-B36F-D44AA31496F5}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{80B3B43F-7508-4627-BE66-00FB9AE5EE72}
[#] Key deleted on reboot: HKCU\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{5A83D7C9-4A14-4000-BC05-389268238753}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E727987-C8EA-44DA-8749-310C0FBE3C3E}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key deleted: HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Key deleted: HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Key deleted: HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key deleted: HKU\S-1-5-21-3920709836-686679621-2781559053-1000\Software\Reimage
[-] Key deleted: HKU\S-1-5-21-3920709836-686679621-2781559053-1000\Software\torch
[-] Key deleted: HKU\S-1-5-21-3920709836-686679621-2781559053-1000\Software\WEBAPP
[-] Key deleted: HKU\S-1-5-21-3920709836-686679621-2781559053-1000\Software\STA
[-] Key deleted: HKU\S-1-5-21-3920709836-686679621-2781559053-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Key deleted: HKU\S-1-5-21-3920709836-686679621-2781559053-1000\Software\COMMONMSG
[-] Key deleted: HKU\S-1-5-21-3920709836-686679621-2781559053-1000\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[#] Key deleted on reboot: HKU\S-1-5-18\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[#] Key deleted on reboot: HKU\S-1-5-18\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] Key deleted on reboot: HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[#] Key deleted on reboot: HKCU\Software\Reimage
[#] Key deleted on reboot: HKCU\Software\torch
[#] Key deleted on reboot: HKCU\Software\WEBAPP
[#] Key deleted on reboot: HKCU\Software\STA
[#] Key deleted on reboot: HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Key deleted on reboot: HKCU\Software\COMMONMSG
[#] Key deleted on reboot: HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key deleted: HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Key deleted: HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key deleted: HKLM\SOFTWARE\Elex-tech
[-] Key deleted: HKLM\SOFTWARE\hdcode
[-] Key deleted: HKLM\SOFTWARE\Reimage
[-] Key deleted: HKLM\SOFTWARE\torch
[-] Key deleted: HKLM\SOFTWARE\hohosearchSoftware
[-] Key deleted: HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Key deleted: HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Key deleted: HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Key deleted: HKLM\SOFTWARE\mtAirtostrong
[-] Key deleted: HKLM\SOFTWARE\youndooSoftware
[-] Key deleted: HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Key deleted: HKLM\SOFTWARE\mtApService
[-] Key deleted: HKLM\SOFTWARE\mtcaMyciloP
[-] Key deleted: HKLM\SOFTWARE\WinZiper
[-] Key deleted: HKLM\SOFTWARE\WinSaberSvc
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Key deleted: HKLM\SOFTWARE\CLIENTS\Corner Sunshine
[-] Data restored: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{AF4D0692-E50D-4749-B074-F741D1B5634F} [NameServer]
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Key deleted: HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Key deleted: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Key deleted: HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [HealerCheckout.exe]
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Stpro.exe
[-] Key deleted: HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Key deleted: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Medlight.exe
[-] Value deleted: HKCU\Environment [SNF]
[-] Value deleted: HKCU\Environment [SNP]
[-] Key deleted: HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Key deleted: HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[#] Key deleted on reboot: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting
[#] Key deleted on reboot: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe
[#] Key deleted on reboot: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\Airtostrong.exe
[-] Key deleted: HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
[-] Value deleted: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]


***** [ Web browsers ] *****



*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [12974 Bytes] - [25/09/2016 10:52:06]
C:\AdwCleaner\AdwCleaner[S0].txt - [12327 Bytes] - [25/09/2016 10:47:55]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [13122 Bytes] ##########



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.8 (09.20.2016)
Operating System: Windows_NT x86
Ran by pc (Administrator) on Sun 09/25/2016 at 12:09:33.92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 09/25/2016 at 12:13:04.02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#11 The_Codesee

The_Codesee

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:02:48 AM

Posted 26 September 2016 - 01:13 AM

What about the Malwarebytes log?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users