Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I need help removing trojan


  • Please log in to reply
9 replies to this topic

#1 robocop321

robocop321

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:56 PM

Posted 09 January 2014 - 12:51 PM

Hi there i am 99% sure i have a trojan.

Im the middle of a game I will have lag spikes from 20 ping which go over to 2000 ping.

My computer is also acting slow and it has never done this before.

Please can someone guide me onto how to find and remove the viruses making this happen, thanks



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:56 AM

Posted 09 January 2014 - 12:55 PM

Hi Robocop

Let's see how it is after these......

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    .
    .
    .
    .
    • Last run ESET.
      • Hold down Control and click on this link to open ESET OnlineScan in a new window.
      • Click the esetonlinebtn.png button.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png icon on your desktop.
      • Check "YES, I accept the Terms of Use."
      • Click the Start button.
      • Accept any security warnings from your browser.
      • Under scan settings, check "Scan Archives" and "Remove found threats"
      • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, click List Threats
      • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Click the Back button.
      • Click the Finish button.
      • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 robocop321

robocop321
  • Topic Starter

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:56 PM

Posted 09 January 2014 - 01:26 PM

MiniToolBox
 
 
MiniToolBox by Farbar  Version: 13-07-2013
Ran by Caroline (administrator) on 09-01-2014 at 18:10:39
Running from "C:\Users\Caroline\Desktop\bleepingputa"
Microsoft Windows 7 Professional   (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
 
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns-5.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com
 
There are 117 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled taskoffload=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : WINDOWS283291
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
   Physical Address. . . . . . . . . : 5C-AC-4C-AA-29-C5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::10aa:6e9:3130:b8ea%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.7(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 09 January 2014 18:04:34
   Lease Expires . . . . . . . . . . : 10 January 2014 18:04:38
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 224177228
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-2E-E1-6B-F0-4D-A2-95-2B-97
   DNS Servers . . . . . . . . . . . : 194.168.4.100
                                       194.168.8.100
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : F0-4D-A2-95-2B-97
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{3809E904-67E5-4908-9AAC-D87D4222D32B}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{0C65CB3E-BF6A-4202-B577-4683A209182E}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100
 
Name:    google.com
Addresses:  2a00:1450:4009:807::1007
 62.253.3.89
 62.253.3.99
 62.253.3.98
 62.253.3.103
 62.253.3.114
 62.253.3.104
 62.253.3.123
 62.253.3.84
 62.253.3.93
 62.253.3.119
 62.253.3.109
 62.253.3.88
 62.253.3.108
 62.253.3.94
 62.253.3.113
 62.253.3.118
 
 
Pinging google.com [62.253.3.98] with 32 bytes of data:
Reply from 62.253.3.98: bytes=32 time=24ms TTL=59
Reply from 62.253.3.98: bytes=32 time=9ms TTL=59
 
Ping statistics for 62.253.3.98:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 9ms, Maximum = 24ms, Average = 16ms
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=154ms TTL=50
Reply from 98.139.183.24: bytes=32 time=202ms TTL=50
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 154ms, Maximum = 202ms, Average = 178ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...5c ac 4c aa 29 c5 ......DW1501 Wireless-N WLAN Half-Mini Card
 11...f0 4d a2 95 2b 97 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.7     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.7    286
      192.168.0.7  255.255.255.255         On-link       192.168.0.7    286
    192.168.0.255  255.255.255.255         On-link       192.168.0.7    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.7    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.7    286
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    286 fe80::/64                On-link
 12    286 fe80::10aa:6e9:3130:b8ea/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
 
System errors:
=============
Error: (01/09/2014 06:03:57 PM) (Source: Service Control Manager) (User: )
Description: The Message Queuing service terminated with the following error: 
%%-2147024877
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.3.0.29082)
Accelerometer (Version: 1.06.08.33)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.14)
Adobe Flash Player 10 Plugin (Version: 10.1.53.64)
Adobe Photoshop CS6 (Version: 13.0)
Advanced Audio FX Engine (Version: 1.12.05)
ASIO4ALL (Version: 2.10)
Auslogics Internet Optimizer (Version: version 2.0)
Autodesk MapGuide® Viewer ActiveX Control Release 6.5 (Version: 6.5.6.11)
AutoHotkey 1.1.09.03 (Version: 1.1.09.03)
Avira (Version: 1.0.5098.24155)
Avira Free Antivirus (Version: 14.0.2.286)
Call of Duty 4: Modern Warfare
CCleaner (Version: 4.06)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Corsair Headset Software (Version: 2.0.16)
Crysis 2 Maximum Edition
D3DX10 (Version: 15.4.2368.0902)
Dell Backup and Recovery Manager (Version: 1.3)
Dell Edoc Viewer (Version: 1.0.0)
Dell Touchpad (Version: 15.0.2.0)
Dell Webcam Central (Version: 1.40.05)
DOOM 3
Dragonica version TEST (Version: TEST)
DW WLAN Card Utility (Version: 5.60.48.35)
ESET Online Scanner v3
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
Fraps (remove only)
Free PDF Tablet 0.1 (Version: 0.1)
GameSpy Arcade
Google Chrome (Version: 31.0.1650.63)
Google Update Helper (Version: 1.3.22.3)
Halo Editing Kit
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2141)
Intel® Management Engine Components (Version: 6.0.0.1179)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 15.4.3502.0922)
Killing Floor
League of Legends (Version: 3.0.1)
Left 4 Dead
Left 4 Dead 2
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Lua for Windows 5.1.4-46 (Version: 5.1.4.46)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Halo
Microsoft Halo Custom Edition
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MOUSE Editor (Version: 10.12.0003)
Mouse Editor (Version: 10.12.0003)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Name Hack Halo CE 1.09 Setup (Version: 1.6.0)
Name Hack Halo PC 1.09 Setup (Version: 1.5.0)
NirSoft SmartSniff
Notepad++ (Version: 6.2.3)
NVIDIA Photoshop Plug-ins (Version: 8.50)
Overwolf (Version: 0.44.256)
Pando Media Booster (Version: 2.6.0.9)
PDF Settings CS6 (Version: 11.0)
PowerDVD DX (Version: 8.3.6029)
PunkBuster Services (Version: 0.993)
QuickSet32 (Version: 1.3.3)
Razer Game Booster (Version: 4.0.68.0)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE 10.3 (Version: 10.3)
Roxio Creator DE 10.3 (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio Update Manager (Version: 6.0.0)
Skype Click to Call (Version: 6.13.13771)
Skype™ 6.9 (Version: 6.9.106)
Spotify (Version: 0.9.6.81.gd359a796)
Steam (Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.13)
TeamViewer 8 (Version: 8.0.22298)
Vegas Pro 9.0 (Version: 9.0.563)
Warframe (Version: 1.0.0)
WIDCOMM Bluetooth Software (Version: 6.2.1.900)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
World of Warcraft (Version: 5.3.0.17128)
Xfire
Xfire 2.0 Alpha (Version: 2.0)
Xfire Codec (remove only)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 44%
Total physical RAM: 2998.68 MB
Available physical RAM: 1674.1 MB
Total Pagefile: 5995.64 MB
Available Pagefile: 4265.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1918.86 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:130.34 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\WINDOWS283291
 
Administrator            Caroline                 Caroline_2               
Guest                    
 
 
**** End of log ****
 
 
 
JRT
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Professional x86
Ran by Caroline on 09/01/2014 at 18:01:07.80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\system32\sho4B89.tmp
Successfully deleted: [File] C:\Windows\system32\sho4B8B.tmp
Successfully deleted: [File] C:\Windows\system32\shoEC7.tmp
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09/01/2014 at 18:03:13.30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
ADWCleaner
 
 
# AdwCleaner v3.010 - Report created 31/10/2013 at 13:55:35
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Professional  (32 bits)
# Username : Caroline - WINDOWS283291
# Running from : C:\Users\Caroline\Desktop\bleepinputa\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7600.17267
 
 
-\\ Google Chrome v30.0.1599.101
 
[ File : C:\Users\Caroline\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2486 octets] - [23/10/2013 17:13:53]
AdwCleaner[R1].txt - [880 octets] - [25/10/2013 22:04:15]
AdwCleaner[R2].txt - [1009 octets] - [29/10/2013 23:55:00]
AdwCleaner[R3].txt - [1069 octets] - [30/10/2013 02:43:57]
AdwCleaner[R4].txt - [1258 octets] - [31/10/2013 13:54:33]
AdwCleaner[S0].txt - [2595 octets] - [23/10/2013 17:14:36]
AdwCleaner[S1].txt - [1135 octets] - [30/10/2013 02:44:34]
AdwCleaner[S2].txt - [1184 octets] - [31/10/2013 13:55:35]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1244 octets] ##########
# AdwCleaner v3.010 - Report created 31/10/2013 at 22:56:52
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Professional  (32 bits)
# Username : Caroline - WINDOWS283291
# Running from : C:\Users\Caroline\Desktop\bleepingputa\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7600.17267
 
 
-\\ Google Chrome v30.0.1599.101
 
[ File : C:\Users\Caroline\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2486 octets] - [23/10/2013 17:13:53]
AdwCleaner[R1].txt - [880 octets] - [25/10/2013 22:04:15]
AdwCleaner[R2].txt - [1009 octets] - [29/10/2013 23:55:00]
AdwCleaner[R3].txt - [1069 octets] - [30/10/2013 02:43:57]
AdwCleaner[R4].txt - [2452 octets] - [31/10/2013 13:54:33]
AdwCleaner[S0].txt - [2595 octets] - [23/10/2013 17:14:36]
AdwCleaner[S1].txt - [1135 octets] - [30/10/2013 02:44:34]
AdwCleaner[S2].txt - [2379 octets] - [31/10/2013 13:55:35]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2439 octets] ##########
# AdwCleaner v3.016 - Report created 09/01/2014 at 18:00:38
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Professional  (32 bits)
# Username : Caroline - WINDOWS283291
# Running from : C:\Users\Caroline\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Program Files\NCH Software
Folder Deleted : C:\Users\Caroline\AppData\Roaming\NCH Software
File Deleted : C:\Windows\System32\Tasks\NCH Software
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askchecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askchecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKCU\Software\AVG Nation toolbar
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKLM\Software\AVG Nation toolbar
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7600.17267
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Caroline\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2486 octets] - [23/10/2013 17:13:53]
AdwCleaner[R1].txt - [880 octets] - [25/10/2013 22:04:15]
AdwCleaner[R2].txt - [1009 octets] - [29/10/2013 23:55:00]
AdwCleaner[R3].txt - [1069 octets] - [30/10/2013 02:43:57]
AdwCleaner[R4].txt - [4690 octets] - [31/10/2013 13:54:33]
AdwCleaner[S0].txt - [2595 octets] - [23/10/2013 17:14:36]
AdwCleaner[S1].txt - [1135 octets] - [30/10/2013 02:44:34]
AdwCleaner[S2].txt - [4654 octets] - [31/10/2013 13:55:35]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [4714 octets] ##########


#4 robocop321

robocop321
  • Topic Starter

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:56 PM

Posted 09 January 2014 - 01:27 PM

Nothing was detected with TDSSKiller

I am doing the ESET scan now and I will post results when it is finished. At the moment it has found 1 threat.



#5 robocop321

robocop321
  • Topic Starter

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:56 PM

Posted 09 January 2014 - 04:11 PM

ESET
 
C:\Program Files\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting (after the next restart) - quarantined
C:\Users\Caroline\Desktop\internet-optimizer-setup.rar a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:56 AM

Posted 09 January 2014 - 05:00 PM

OK, looks good . How is it running?
 
Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 robocop321

robocop321
  • Topic Starter

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:56 PM

Posted 10 January 2014 - 01:46 PM

Im still getting lag spikes in game that go over like 700 for no reason, its so damn annoying



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:56 AM

Posted 10 January 2014 - 02:46 PM

Hi, well it's clean.. I looked around and I see a lot of Cable providers as the issue. You can ask in Networking and maybe they can check.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 robocop321

robocop321
  • Topic Starter

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:56 PM

Posted 14 January 2014 - 05:25 AM

Ok thanks very much



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:56 AM

Posted 14 January 2014 - 08:49 PM

You're welcome.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users