Jump to content
  • Announcements

    • Rodion Nagornov

      Долгое сохранение сообщений || Delays while posting (click here to read the full text RU/EN)   09/20/2017

      Due to some technical reasons visual delays are possible while message sending. Actually your message is published immediately - just interface works long. In such case, please, do not re-send your message immediately! Press F5 to reload the page and check if your message/topic is published. || По техническим причинам возможно визуально долгое отправление сообщений на форуме. Фактически ваше сообщение публикуется мгновенно - долго отрабатывает графика. В случае подобной ситуации, пожалуйста, сначала обновите страницу (F5) и проверьте, появилось ли ваше сообщение. Не пытайтесь сразу отправить его заново.


  • Content count

  • Joined

  • Last visited

About Erefin

  • Rank
  1. Dear Richbuff, your advise seemingly resolved the issue (adwcleaner states so, too). Thank you - once more. Did TouchMe Gestures (a WindowsStore-App and the necessary engine downloaded from the Internet) compromise the security?
  2. Furthermore, there seems to be something wrong with Kasperksy: 1. It didn't find the Virus beforehand - nor does it now 2. Even though Kasperksy Signals that the scan has been completed, the Windows-Icon says otherwise (see Image) 3. Kaspersky is having 4 Background processes running, even though I'm not actively running the program at the Moment, e.g. with a scan (see Image)
  3. A thorough Kaspersky-check didn't find anything...
  4. And there's this OpenVPN Daemon displayed in the taskManager...
  5. It appears as though the Problem hasn't been resolved yet and there's some Virus hidden somewhere: 1.: Google Scholar tells me that my Computer or Network is sending automated queries 2.: I'm now using Google.fr - even though I'm not living there 3.: The security rask Manager found some pretty dubious programs, especially that VPN DAEMON and the Microsoft Photos.exe How can this be - and what should I do? Cheers Felix
  6. Then we can conclude that we've resolved that issue. Thank you so much, richbuff, you've really saved me from a lot of worry and a stressful weekend. :-) Cheers and a big 'thank you'once again ~Felix
  7. And now the second log (from the other account). AdwCleaner[S1].txt
  8. Uff, I'm unfathomably relieved at this prospect. I've now run AdwCleaner on the first account and will do so on the second in a minutes time. AdwCleaner[S0].txt
  9. And now the logs from the second Account. GSI-log #2: http://www.getsysteminfo.com/read.php?file=4f4fafe83708172a06c9e5bec6bb6688 Thank you :-) KL_syscure.htm KL_syscure.zip
  10. Dear all, thanks to you, richbuff, I've seemingly managed to get rid of the (supposedly? I'm not sure how to call it exactly) Virus/Adware/Trojan. I've also employed the AVZ tool and used the GSI- log creating tool, for both of the user accounts I have running on the same PC - this is why I'll post 2 pairs of AVZ and GSI-logs. So far, my remaining questions are the following: 1. Do the AVZ-logs and GSI-logs look good/safe? Did all the viruses get deleted permanently (I'm not sure, as for example this line of the AVZ-log makes it Sound as if a Virus had been found but simply got 'reprogrammed': Function kernel32.dll:ReadConsoleInputExA (1123) intercepted, method - ProcAddressHijack.GetProcAddress ->768EB2AE->74390A20)? 2. This infected PC of mine also had a Micro-SD-Card inserted in the back on which I've had the most important data. I've managed to scan it (with anothr PC that had Kaspersky Total Security on it) and to move the most important files (mostly PDF-files) to that other PC - and made a thorough Windows-formatting afterwards (by unticking the 'fast-format' Option that Win10 offers). Now the entire Micro-SD Card has been wiped clean and no data can be found when opening the Card with WinExplorer - however, when going to 'properties', it is reported that 1.25MB of the Micro-SD-Card are already taken up - but I can't tell by what? Chkdsk didn't find anything suspicious. Are These simply two files (as said by chkdsk) that are necessary for the Micro-SD-Card to run properly? Or could they be traces of the Virus? Gratefully Yours Felix P.s: Link to the first GetSystemInfo file: http://www.getsysteminfo.com/read.php?file=b78a9023ceb68adf47a0eca715c2b205 KL_syscure.htm KL_syscure.zip
  11. Dear everyone, I'm a faithful Kaspersky user since almost 4 years now and nothing bad has happened so far - or at least, whenever my PC caught a Virus/a trojan/ sth. else during the occassional Streaming of series on dubious Websites, Kaspersky detected it and removed it with ease. However, yesterday evening while streaming my PC seemingly caught... something... which Kaspersky can't get rid of: The 'symptoms': 1. Far greater strain on the battery than usual 2. Kaspersky crashes, reporting bad_module_info. Whenever I do the complete scan it crashes halfway through, saying the same. The Crash "somehow" resumes afterwards, reporting no viruses or other threats have been found... 3. Google and other Websites block my IP adress, in order to protect other users from me 4. When using Chrome (Win10,64bit), my Google is beinng turned into Google.com.ua, i.e. my Internet traffic is redirected via the Ukraine! 5. Opening the Win10 Task-Manager reveals that Edge and Google Chrome use up a ton of working Memory (almost 1GB each), even though I'm barely doing anything 6. The task-manager also Shows that there's aprogram active called 'file picker', several 'COM surrogate's and a VPN-Client that I've never installed... Employed 'solutions': 1. Running Kaspersky's thorough search doesn't find anything 2. Rootkit search won't get beyond 0.1% 3. Windows-Defender didn't detect anything, too (of course...) 4. I've blocked my online-Banking account and everything else What should I do? Would wiping and completely einstalling Windows help? Could I Keep some PDF-files, as I'd really Need them for my master-Thesis? I'm truly desperate and I can't contact my local Kaspersky Support as it's the Weekend. Cheers Felix P.s.: I've downloaded the GetSystem Info but it gets opened with a wrong program (MindMaple) and thus can't be executed...