Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Reply
 
Topic Tools
  #151  
Old September 13th, 2017, 10:41 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 482
Results of screen317's Security Check version 1.014 --- 12/23/15
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Windows Firewall Disabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
AVG PC TuneUp
Java 8 Update 144
Java version 32-bit out of Date!
Adobe Flash Player 26.0.0.151
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (54.0.1)
Google Chrome (60.0.3112.113)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 7%
````````````````````End of Log``````````````````````
Reply With Quote


  #152  
Old September 14th, 2017, 11:44 AM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 482
Hi olgun,

Just an update.

The red cross was back on the action center flag this morning again....
Mouse pad I tried to uninstall driver again, but didn't work this time, so using usb mouse for time being,
Also on startup today the keyboard wouldn't work again, shutdown/restarted (cured it last time) but no change. Uninstalled driver for keyboard and restarted now back working.

I'm not sure why on the above results for the security check it says java and adobe reader etc is out of date, as we updated these earlier on I thought?....

There sure are some gremlins in my laptop by the seems of it.
Reply With Quote
  #153  
Old September 14th, 2017, 02:46 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 482
Hi olgun,

Just another point that has happened now.

I went into malwarebytes to do a quick scan, it checked for database updates, then updated. The update installed now I have the version I had before I think.... It nopw says "unable to connect to the service" again?

What should I do? Or do I need to return to other version, how?
Also, if so, how do I keep it up to date without it automatically installing this version in the future?

Seems destined for issues with this now for some reason.

Thanks.
Reply With Quote
  #154  
Old September 15th, 2017, 12:33 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 7 32-bit
Location: İstanbul
Posts: 1,665
Hi JIO22,

Quote:
I'm not sure why on the above results for the security check it says java and adobe reader etc is out of date, as we updated these earlier on I thought?....

There sure are some gremlins in my laptop by the seems of it.
Yes, that is interesting. But,Java seems to be up to date. (Java 8 Update 144 )
---------------------------------------------------------------------------------------

Please remove with RevoUninstaller free: C:\Program Files\FileASSASSIN and Adobe Reader 9 + AVG PC TuneUp

---------------------------------------------------------------------------------------------
Please check;
Change the Startup type of IP Helper. Please do Automatic.
How to Start/Stop IP Helper from Services.msc
http://computerstepbystep.com/ip_helper_service.html

---------------------------------------------------------------------------------------------

Quote:
The security center, it did have a red cross on the "action canter flag" on the taskbar, when I first loaded the laptop this morning. Since the widows updates the red cross appears to of gone....
But, in action center under security it lists nothing for my protections etc.
I understand. Security software may conflict.

Windows Security Center service is not running! This report may not be accurate!
To resolve this problem, make sure that the Security Center service is configured correctly, and then start the Security Center service. To do this, follow these steps:
https://support.microsoft.com/en-us/...not-be-started

------------------------------------------------------------------------
Quote:
Just another point that has happened now.

I went into malwarebytes to do a quick scan, it checked for database updates, then updated. The update installed now I have the version I had before I think.... It nopw says "unable to connect to the service" again?

What should I do? Or do I need to return to other version, how?
----No,no. I too using Malwarebytes Anti-Malware version 2.2
Malwarebytes Anti-Malware version 3' has an antivirus feature. It may conflict with other antiviruses.

For this issue,do this following;

Please download SystemLook from one of the links below and save it to your Desktop.
Download 1
Download 2
  • Double-click SystemLook_x64.exe to run it. (Vista/Win7/Win8 users, right-click > Run as Administrator)
  • Copy/paste the contents of the following codebox into the main textfield:

Code:
:filefind
ESProtectionDriver

:regfind
ESProtectionDriver
  • Click the Look button to start the scan.
  • Please be patient, as it may take a while.
  • When finished, a Notepad file will open with the results of the scan.
  • Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

================================================== ==================
Reply With Quote
  #155  
Old September 15th, 2017, 02:32 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 482
Hi olgun,

Really struggling here with laptop, still using mouse usb and the keyboard rarely works. I've just got it going again by pure luck, but it could stop working again at any moment or on next start up.

Not very successful with these points sorry, I'll try and cover here:


Quote:
Please remove with RevoUninstaller free: C:\Program Files\FileASSASSIN and Adobe Reader 9 + AVG PC TuneUp
I've removed file assassin and AVG pc tune up. Adobe reader 9 didn't show up, however, there is adobe AIR, and Adobe acrobat reader DC.

Not sure if this is okay,or the same, but couldn't see Adobe Reader 9?

---------------------------------------------------------------

Quote:
Please check;
Change the Startup type of IP Helper. Please do Automatic.
How to Start/Stop IP Helper from Services.msc
http://computerstepbystep.com/ip_helper_service.html

I have tried this and startup type for IP Helper is set to automatic, but it is NOT started. I tried to start it but it will not start, it says "dependencies groups failes to start....".

-------------------------------------------------------------

Quote:
I understand. Security software may conflict.

Windows Security Center service is not running! This report may not be accurate!
To resolve this problem, make sure that the Security Center service is configured correctly, and then start the Security Center service. To do this, follow these steps:
https://support.microsoft.com/en-us/...not-be-started
I have followed these steps. The security center is set to delayed start, but it will not start, it says the dependency group or service failed to start, when I click to start it.

Followed link instructions and also done reg key repair, but still the same and not working/started.


---------------------------------------------------------------------

Quote:
----No,no. I too using Malwarebytes Anti-Malware version 2.2
Malwarebytes Anti-Malware version 3' has an antivirus feature. It may conflict with other antiviruses.

For this issue,do this following;

Please download SystemLook from one of the links below and save it to your Desktop.
Download 1
Download 2
I couldn't do anything with this or system look as it says it is the wrong version for my computer from those download links (when I click to run it), i.e 32bit / 64bit etc. So this doesn't work at all.

The malwarebytes is still the same?


Thanks Ben.
Reply With Quote
  #156  
Old September 15th, 2017, 06:19 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 482
I've just found that i have a system look already on my laptop from what we must of used before, I'll try again and see if I can complete.
Reply With Quote
  #157  
Old September 15th, 2017, 06:29 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 482
So the system look that I had run and completed and I assume this is the correct one.

This was in response to my queries regarding malwarebytes:

Quote:
Just another point that has happened now.

I went into malwarebytes to do a quick scan, it checked for database updates, then updated. The update installed now I have the version I had before I think.... It nopw says "unable to connect to the service" again?

What should I do? Or do I need to return to other version, how?
Does this sort this out, back to the other version and no updates needed after to stop this happening again?

Thank you.
Reply With Quote
  #158  
Old September 15th, 2017, 06:30 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 482
SystemLook 30.07.11 by jpshortstuff
Log created at 18:21 on 15/09/2017 by Ben
Administrator - Elevation successful

========== filefind ==========

Searching for "ESProtectionDriver"
No files found.

========== regfind ==========

Searching for "ESProtectionDriver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ LEGACY_ESPROTECTIONDRIVER]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ LEGACY_ESPROTECTIONDRIVER\0000]
"Service"="ESProtectionDriver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\E SProtectionDriver]

-= EOF =-
Reply With Quote
  #159  
Old September 15th, 2017, 09:08 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 7 32-bit
Location: İstanbul
Posts: 1,665
Hi again,

Quote:
I couldn't do anything with this or system look as it says it is the wrong version for my computer from those download links (when I click to run it), i.e 32bit / 64bit etc. So this doesn't work at all.

The malwarebytes is still the same?
It works on all systems.

MajorGeeks.Com
Malwarebytes Anti-Malware 2.2
Requires: Win 8 / Win 7 / Vista / XP
32-bit and 64-bit
http://www.majorgeeks.com/files/deta...malware_2.html

Bleeping.com
Malwarebytes Anti-Malware version 2.2
Operating System: Windows XP/Vista/7/8
32-bit program. Can run on both a 32-bit and 64-bit OS.
https://www.bleepingcomputer.com/dow...-anti-malware/

================================================== ====================================
Quote:
I have tried this and startup type for IP Helper is set to automatic, but it is NOT started. I tried to start it but it will not start, it says "dependencies groups failes to start....".
Quote:
I have followed these steps. The security center is set to delayed start, but it will not start, it says the dependency group or service failed to start, when I click to start it.

Followed link instructions and also done reg key repair, but still the same and not working/started.
I would suggest you to go through the below methods for this issue:

Follow the below procedure.

1. Press WIN+X.(for win7).Press WIN+S (for win10)
2. Right click command prompt admin.
3. Type " netsh winsock reset catalog " and press enter
4. Then type " netsh int ip reset reset.log hit " and press enter.
You will get a message " Successfully reset the Winsock Catalog".


Restart your computer. and you are done.


If the problem still persists follow these additional steps
1. Go to task manager - Service tab
2. At the bottom of the task manager there is option " open services"
3. Click on it and search for "Group Policy Client" in the new window.
4. See its startup type is Automatic and not manual.
5. Then restart your computer.

Try to check the services and if it is stopped, then start these services:

Press WIN+R.


Type services.msc.


From the list check the below services.

COM+ Event System (for WZC issues)
Computer Browser
DHCP Client
DNS Client
Network Connections
Network Location Awareness
Remote Procedure Call (RPC)
Server
TCP/IP Netbios helper
Workstation

Please let us know the results.
Reply With Quote
  #160  
Old September 15th, 2017, 09:21 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 482
Hi olgun,

I will uninstall malwarebytes with revo unistaller now, and reinstall from your links provided.

But, how do I ensure it doesn't change to this version 3 again?
It done this after it done a update... And I had already uninstalled this version before, to go to version 2, but it changes to version 3...
Reply With Quote
  #161  
Old September 15th, 2017, 09:24 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 7 32-bit
Location: İstanbul
Posts: 1,665
Code:
Searching for "ESProtectionDriver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\  LEGACY_ESPROTECTIONDRIVER]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\  LEGACY_ESPROTECTIONDRIVER\0000]
"Service"="ESProtectionDriver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\E  SProtectionDriver]
Did you ever used Malwarebytes Anti-Exploit software? Need to use security softwares carefully and remove it.

ESProtectionDriver:
http://www.systemlookup.com/Drivers/..._mbae_sys.html
https://www.malwarebytes.com/antiexploit/


Note:I will not be able to answer for two days. I'll be out of city.

Have a nice day.
Reply With Quote
  #162  
Old September 15th, 2017, 09:32 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 482
Quote:
Originally Posted by olgun52 View Post
Code:
Searching for "ESProtectionDriver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\  LEGACY_ESPROTECTIONDRIVER]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\  LEGACY_ESPROTECTIONDRIVER\0000]
"Service"="ESProtectionDriver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\E  SProtectionDriver]
Did you ever used Malwarebytes Anti-Exploit software? Need to use security softwares carefully and remove it.

ESProtectionDriver:
http://www.systemlookup.com/Drivers/..._mbae_sys.html
https://www.malwarebytes.com/antiexploit/


Note:I will not be able to answer for two days. I'll be out of city.

Have a nice day.
Sorry olgun, I don't understand what you are saying here or need me to do?
I have reinstalled malwarebytes from your link.... It is already telling me there is a new version to install? This will put it to version 3 again.

Bit stuck here.
Reply With Quote
  #163  
Old September 15th, 2017, 09:34 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 482
Quote:
Did you ever used Malwarebytes Anti-Exploit software? Need to use security softwares carefully and remove it.
No, I've never used this from what I know about.
Reply With Quote
  #164  
Old September 15th, 2017, 09:40 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 7 32-bit
Location: İstanbul
Posts: 1,665
So, do not use malwareBytes. Remove all of them.

Now I have to go out. Good day.
Reply With Quote
  #165  
Old September 15th, 2017, 10:48 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 482
Hi olgun,

No problem, you go out - have a good time.

I can wait for you to reply, no problem.

I really hope to get this laptop sorted, at the moment things are very inconsistent here and losing the mousepad and keyboard functions intermittently makes it very difficult for me to do these steps. To get my laptop back to a good situation will be good.


Quote:
I would suggest you to go through the below methods for this issue:

Follow the below procedure.

1. Press WIN+X.(for win7).Press WIN+S (for win10)
2. Right click command prompt admin.
3. Type " netsh winsock reset catalog " and press enter
4. Then type " netsh int ip reset reset.log hit " and press enter.
You will get a message " Successfully reset the Winsock Catalog".


Restart your computer. and you are done.
I have done the above, this reset okay and restarted laptop.


Quote:
If the problem still persists follow these additional steps
1. Go to task manager - Service tab
2. At the bottom of the task manager there is option " open services"
3. Click on it and search for "Group Policy Client" in the new window.
4. See its startup type is Automatic and not manual.
5. Then restart your computer.
Group policy client is set to automatic and is started - this is ok. Laptop restarted.



Quote:
Try to check the services and if it is stopped, then start these services:

Press WIN+R.


Type services.msc.


From the list check the below services.

COM+ Event System (for WZC issues)
Computer Browser
DHCP Client
DNS Client
Network Connections
Network Location Awareness
Remote Procedure Call (RPC)
Server
TCP/IP Netbios helper
Workstation
Checked all of the above in services, all of them are "started", not all of them are set to automatic start though, some are manual. None of them were stopped.

After carrying this out, security center and IP helper in services are the same:
IP Helper and security center are both set to automatic but won't start. Both come up with the same error "dependency group or service failed to start".
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 03:03 PM.