possible virus using windows 7? svcchost.exe or devmonsrv.exe?

Page 1 of 3 123 LastLast

  1. benk
    Posts : 12
    64
       New #1

    possible virus using windows 7? svcchost.exe or devmonsrv.exe?


    Hi,
    I have a samsung series 7 gamer with this setup.
    Intel core_i7 Processor 2.3GHz
    16 GB RAM
    1.5TB Hard Drive
    17.3-Inch Screen, NVIDIA GeForce GTX 675M
    Windows 7 Home Premium (64-bit)
    1.5TB 7200 rpm Hard Drive
    16 GB SO-DIMM RAM
    17.3-Inch Screen; NVIDIA GeForce GTX 675M Graphics
    Intel Core i7 Processor 3610QM 2.3GHz

    In the last couple of days my computer has randomly been freezing when I'm playing poker and related programs When I went to task manager it shows svchost.exe using 348k memory. This causes CPU usage to fluctuate between 15-60% usage and physical memory 30-40%. These are the services it's running Wlansvc(WLAN Autoconfig), UxSms(desktop window session manager), TrkWks(distributed link tracking client), SysMain(superfetch), PcaSvc(program compatibility assistant service), Netman(network connections), IPBusEnum(Pnp_X IP Bus Enumerator), Audio EndpointBuilder(Windows Audio Endpoint Builder)

    I know recently there were windows updates and the only program I could find installed in the last few days under downloads was Nvidia. Nvidia does not seem to be hogging much Ram though.

    When I look under Resource Monitor, devmonsrv.exe (bluetooth device monitor) is hogging a ton of the CPU processes and services. It averages 12 while the next program averages 2-5.

    I have Comodo firewall and Avira Free anti-virus. I ran scans using both of these as well as a full malwarebytes scan and detected 0 viruses.

    I googled this problem and must have read through 9-10 threads but noone seems to have a permanent solution (that I can find at least). Help is very much appreciated. Thanks in advance!

    edit: devmonsrv.exe looks like the culprit. I ended the process and it drastically reduced cpu usage. Still not sure if it could be a virus. Probably unlikely if none of the virus scans picked it up right?
    Last edited by benk; 06 Mar 2014 at 18:46.
      My Computer
    Quote Quote

  3. ICIT2LOL
    Posts : 21,004
    Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
       New #2

    Hello and welcome Benk mate run these too.


    https://www.sevenforums.com/tutorials/1538-sfc-scannow-command-system-file-checker.html

    https://www.sevenforums.com/tutorials/433-disk-check.html


    http://www.superantispyware.com/


    http://www.bleepingcomputer.com/download/adwcleaner/

    ADW download from bleepingcomputer delete any rubbish found with themalware scans

    Be aware that ADW has addons – be wary

    If these do not do much try the Emsisoft Emergency Kit scanner
    https://www.emsisoft.com/en/software/eek/ just run the first scanner.

    If worst comes to the worst then we might need to use this
    http://www.thewindowsclub.com/bootable-antivirus-rescue-cd-windows-free-download > the Kaspersky one.


      My Computer
    Quote Quote

  4. benk
    Posts : 12
    64
    Thread Starter
       New #3

    Thanks! I did the disk check. How can I do the scannow if I don't have my windows 7 disc on hand?

    edit: Just wanted to add it looks like the disc check helped some. The CPU usage is lower and physical memory is down from 30% to 21%. :)

    And it looks like the anti-spyware found 2 trojans that malwareybytes missed
    After I removed the trojans, stuff is starting to freeze for 10-20 seconds every once in a while whether I'm running a lot of programs or not. However running a lot of stuff seems to make it happen more often.
    Last edited by benk; 07 Mar 2014 at 17:46.
      My Computer
    Quote Quote

  6. ICIT2LOL
    Posts : 21,004
    Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
       New #4

    Mate I would run those other two options now and we shall go from there.
      My Computer
    Quote Quote

  7. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #5

    AdwCleaner should not have any "ad-ons" it's a clean download and scan.


    Can you post the .txt log from SuperAntiSpyware? I'd like to see what 'Trojans' it found. It might still be in the 'quarantine' file?
      My Computer
    Quote Quote

  8. ICIT2LOL
    Posts : 21,004
    Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
       New #6

    Jacee said:
    AdwCleaner should not have any "ad-ons" it's a clean download and scan.


    Can you post the .txt log from SuperAntiSpyware? I'd like to see what 'Trojans' it found. It might still be in the 'quarantine' file?
    Hum Jacee I have had a few downloads where there have been ads for stuff but today i di one on my tester and they were gone perhaps they have removed them??

    I'll remove that comment.
      My Computer
    Quote Quote

  10. benk
    Posts : 12
    64
    Thread Starter
       New #7

    I ran everything except for the command system file checker (because I don't have a windows 7 cd) and the windowsclub.com link.

    The scanners identified a few programs as trojans that were not in fact trojans. I obviously did not recognize the file that Superantispyware identified as a trojan.

    will post .txt log shortly
      My Computer
    Quote Quote

  11. benk
    Posts : 12
    64
    Thread Starter
       New #8

    I ran 2 scans on superantispyware
    proppokertools is not a trojan

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 03/07/2014 at 06:07 PM

    Application Version : 5.7.1018

    Core Rules Database Version : 11090
    Trace Rules Database Version: 8902

    Scan type : Complete Scan
    Total Scan Time : 01:08:39

    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC Off - Administrator

    Memory items scanned : 633
    Memory threats detected : 0
    Registry items scanned : 76112
    Registry threats detected : 0
    File items scanned : 104128
    File threats detected : 130

    Adware.Tracking Cookie
    C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Cookies\8DRXU8KA.txt [ /atdmt.com ]
    C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Cookies\KBL60HU3.txt [ /ads.yahoo.com ]
    .imrworldwide.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    in.getclicky.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    stats.cardschat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediacru.sh [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    server.lon.liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    account.skrill.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    statse.webtrendslive.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .trackalyzer.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .estat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atlanticmedia.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .yadro.ru [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.blogger.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .xiti.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .xiti.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .hearstmagazines.112.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    server.lon.liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    server.lon.liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .survey.g.doubleclick.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .gntbcstglobal.112.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .bwin.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .solvemedia.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .solvemedia.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mmstat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .cnzz.mmstat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .rtst.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.youtube.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    account.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    account.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    account.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .account.boylesports.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .account.boylesports.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .account.boylesports.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    PokerTracker [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .questionmarket.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .burstnet.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tribalfusion.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .burstnet.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .burstnet.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .burstnet.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .burstnet.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adtechus.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .burstnet.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .s.clickability.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .s.clickability.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .linksynergy.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .burstnet.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    count.carrierzone.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insightexpressai.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insightexpressai.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insightexpressai.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    BurstMedia [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .burstbeacon.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    BurstMedia [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .at.atwola.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .statcounter.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .accounts.google.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .accounts.google.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .accounts.google.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.co.th [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

    Trojan.Agent/Gen-Qhost
    C:\PROGRAM FILES (X86)\PPTODDSORACLE\UNINSTALL.EXE
    C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PROPOKERTOOLS ODDS ORACLE\PROPOKERTOOLS ODDS ORACLE UNINSTALLER.LNK
      My Computer
    Quote Quote

  12. benk
    Posts : 12
    64
    Thread Starter
       New #9

    I have no clue what this other trojan is.

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 03/07/2014 at 03:10 PM

    Application Version : 5.7.1018

    Core Rules Database Version : 11090
    Trace Rules Database Version: 8902

    Scan type : Quick Scan
    Total Scan Time : 00:06:11

    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC Off - Administrator

    Memory items scanned : 716
    Memory threats detected : 0
    Registry items scanned : 64102
    Registry threats detected : 1
    File items scanned : 23245
    File threats detected : 102

    Adware.PTech
    (x86) HKU\S-1-5-21-4017607708-2851936205-3148765964-1000\Software\PTech

    Adware.Tracking Cookie
    C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Cookies\369F75KR.txt [ /doubleclick.net ]
    C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Cookies\0WRHMQY1.txt [ /interclick.com ]
    C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Cookies\8DRXU8KA.txt [ /atdmt.com ]
    statse.webtrendslive.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    account.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    account.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Cookies\KBL60HU3.txt [ /ads.yahoo.com ]
    account.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .account.boylesports.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .account.boylesports.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .account.boylesports.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    PokerTracker [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    in.getclicky.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    stats.cardschat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediacru.sh [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    server.lon.liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    account.skrill.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    statse.webtrendslive.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .trackalyzer.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .estat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atlanticmedia.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .yadro.ru [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.blogger.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .xiti.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .xiti.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .hearstmagazines.112.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .s.clickability.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    server.lon.liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    server.lon.liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .survey.g.doubleclick.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .gntbcstglobal.112.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .bwin.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .solvemedia.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .solvemedia.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mmstat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .cnzz.mmstat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .flagcounter.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .videos.mediaite.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .videos.mediaite.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaite.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    videos.mediaite.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .newsquestdigitalmedia.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .statcounter.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .rtst.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .timeinc.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .s.clickability.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.youtube.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .statcounter.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .histats.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .histats.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insights.themarketiq.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insights.themarketiq.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .wileypublishing.112.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .microsoftsto.112.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .warnerbros.112.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

    Trojan.Agent/Gen-Graftor
    C:\USERS\BEN\APPDATA\LOCAL\TEMP\SET134B.TMP
    C:\USERS\BEN\APPDATA\LOCAL\TEMP\SET90B3.TMP
      My Computer
    Quote Quote

  13. benk
    Posts : 12
    64
    Thread Starter
       New #10

    Thanks a lot guys. I work on this computer so it hurts me a lot to have it not functioning properly. If you help me solve this I'll gladly donate a little $ via BOA, Skrill, or paypal. Whichever you prefer.

    My vpn doesn't work now. A little worried that I accidentally deleted something vital to that when I deleted this. Trojan.Agent/Gen-Graftor
    C:\USERS\BEN\APPDATA\LOCAL\TEMP\SET134B.TMP
    C:\USERS\BEN\APPDATA\LOCAL\TEMP\SET90B3.TMP
      My Computer
    Quote Quote

 
Page 1 of 3 123 LastLast

  Related Discussions
http://i.imgur.com/8bE5b4I.jpg What steps should I take ? How do I resolve this issue
Hello, I am needing some support on what is exactly taking up all the RAM on my brother's PC as after about 8 hours of uptime, 65% of my Physical Memory is being used up with nothing really open. I did some research and found out it was a possible memory leak or virus, so I first tried to run...
my windows infected ramnit virus and virut virus,how to clean them?
Hi, This is my first time posting to the forum. I am not that knowledgeable with computers, but can follow basic instructions. My laptop is acting funny--I think I have a virus. However, I am unable to run any anti-malware or anti-virus software. I try to run McAfee and I get an error...
Hi, Looking for general ideas on how everyone else handles a strong virus. If the virus is showing up in Windows regular mode, it opens in safemode and opens in safmode with command prompt. Besides the usual such as boot to repair mode and use system restore, dock hard drive to another pc and...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 23:47.
Find Us