possible virus using windows 7? svcchost.exe or devmonsrv.exe?

B

benk

New member
Local time
10:43 AM
Messages
12
Hi,
I have a samsung series 7 gamer with this setup.
Intel core_i7 Processor 2.3GHz
16 GB RAM
1.5TB Hard Drive
17.3-Inch Screen, NVIDIA GeForce GTX 675M
Windows 7 Home Premium (64-bit)
1.5TB 7200 rpm Hard Drive
16 GB SO-DIMM RAM
17.3-Inch Screen; NVIDIA GeForce GTX 675M Graphics
Intel Core i7 Processor 3610QM 2.3GHz

In the last couple of days my computer has randomly been freezing when I'm playing poker and related programs When I went to task manager it shows svchost.exe using 348k memory. This causes CPU usage to fluctuate between 15-60% usage and physical memory 30-40%. These are the services it's running Wlansvc(WLAN Autoconfig), UxSms(desktop window session manager), TrkWks(distributed link tracking client), SysMain(superfetch), PcaSvc(program compatibility assistant service), Netman(network connections), IPBusEnum(Pnp_X IP Bus Enumerator), Audio EndpointBuilder(Windows Audio Endpoint Builder)

I know recently there were windows updates and the only program I could find installed in the last few days under downloads was Nvidia. Nvidia does not seem to be hogging much Ram though.

When I look under Resource Monitor, devmonsrv.exe (bluetooth device monitor) is hogging a ton of the CPU processes and services. It averages 12 while the next program averages 2-5.

I have Comodo firewall and Avira Free anti-virus. I ran scans using both of these as well as a full malwarebytes scan and detected 0 viruses.

I googled this problem and must have read through 9-10 threads but noone seems to have a permanent solution (that I can find at least). Help is very much appreciated. Thanks in advance!

edit: devmonsrv.exe looks like the culprit. I ended the process and it drastically reduced cpu usage. Still not sure if it could be a virus. Probably unlikely if none of the virus scans picked it up right?
 
Last edited:

My Computer My Computer

At a glance

64
Computer type
PC/Desktop
OS
64
Hello and welcome Benk mate run these too.


http://www.sevenforums.com/tutorials/1538-sfc-scannow-command-system-file-checker.html

http://www.sevenforums.com/tutorials/433-disk-check.html


http://www.superantispyware.com/


http://www.bleepingcomputer.com/download/adwcleaner/

ADW download from bleepingcomputer delete any rubbish found with themalware scans

Be aware that ADW has addons – be wary

If these do not do much try the Emsisoft Emergency Kit scanner
https://www.emsisoft.com/en/software/eek/ just run the first scanner.

If worst comes to the worst then we might need to use this
http://www.thewindowsclub.com/bootable-antivirus-rescue-cd-windows-free-download > the Kaspersky one.


 

My Computer My Computer

At a glance

Desk1 7 Home Prem / Desk2 10 Pro / Main lap A...Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i...Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop...Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Own build (new) Desk1 / Asus ROG Win 7 / Desk2 1st build
OS
Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
CPU
Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i5 2500
Motherboard
Desk1 Asus P877-V / Desk2 Gigabyte H67 UD3H / Laptop ?
Memory
Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop 8Gb DDR3
Graphics Card(s)
Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Sound Card
Desk 1 & 2 -XONAR DG Realtek High Def audio Laptop
Monitor(s) Displays
Desk 1 Benq HD 2450 / Desk2 Philips 24" / Laptop 17.5"
Screen Resolution
1920x1080 D1 & D2 & Laptop 1
Hard Drives
Desk1 Samsung 120GB 830 SSD
Asus ROG 256GB 850 Pro SSD
Desk2 Samsung 840 256 SSD
Toshiba 120GB EVO
PSU
Desk 1 Corsair HX 1050/ Laptop ? / Desk 2 Corsair HX 650
Case
Desk 1 Cooler HAF XM ? Toshiba laptop / Desk2 Coolermaster
Cooling
Fans on all Desk1 -2 Desk2 - all Coolermasters 5 Laptop ?
Keyboard
Desk 1 MS Sidewinder X6 Desk 2 MS Sidewinder X 4
Mouse
Desk 1&2 - Gigabyte MS 900 gamer - laptop - Logitec wireless
Internet Speed
ADSL2+
Other Info
One other Desktop (tester) and spare Toshba laptop both with SSD's
Running Kaspersky 2016 ISS on all machines config'd identically
Logitec audio stereo systems on each machine (x3)
Canon MG5250MFC
Router/modem TP-Link running WPA2SK
Thanks! I did the disk check. How can I do the scannow if I don't have my windows 7 disc on hand?

edit: Just wanted to add it looks like the disc check helped some. The CPU usage is lower and physical memory is down from 30% to 21%. :)

And it looks like the anti-spyware found 2 trojans that malwareybytes missed
After I removed the trojans, stuff is starting to freeze for 10-20 seconds every once in a while whether I'm running a lot of programs or not. However running a lot of stuff seems to make it happen more often.
 
Last edited:

My Computer My Computer

At a glance

64
Computer type
PC/Desktop
OS
64
Mate I would run those other two options now and we shall go from there.
 

My Computer My Computer

At a glance

Desk1 7 Home Prem / Desk2 10 Pro / Main lap A...Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i...Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop...Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Own build (new) Desk1 / Asus ROG Win 7 / Desk2 1st build
OS
Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
CPU
Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i5 2500
Motherboard
Desk1 Asus P877-V / Desk2 Gigabyte H67 UD3H / Laptop ?
Memory
Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop 8Gb DDR3
Graphics Card(s)
Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Sound Card
Desk 1 & 2 -XONAR DG Realtek High Def audio Laptop
Monitor(s) Displays
Desk 1 Benq HD 2450 / Desk2 Philips 24" / Laptop 17.5"
Screen Resolution
1920x1080 D1 & D2 & Laptop 1
Hard Drives
Desk1 Samsung 120GB 830 SSD
Asus ROG 256GB 850 Pro SSD
Desk2 Samsung 840 256 SSD
Toshiba 120GB EVO
PSU
Desk 1 Corsair HX 1050/ Laptop ? / Desk 2 Corsair HX 650
Case
Desk 1 Cooler HAF XM ? Toshiba laptop / Desk2 Coolermaster
Cooling
Fans on all Desk1 -2 Desk2 - all Coolermasters 5 Laptop ?
Keyboard
Desk 1 MS Sidewinder X6 Desk 2 MS Sidewinder X 4
Mouse
Desk 1&2 - Gigabyte MS 900 gamer - laptop - Logitec wireless
Internet Speed
ADSL2+
Other Info
One other Desktop (tester) and spare Toshba laptop both with SSD's
Running Kaspersky 2016 ISS on all machines config'd identically
Logitec audio stereo systems on each machine (x3)
Canon MG5250MFC
Router/modem TP-Link running WPA2SK
AdwCleaner should not have any "ad-ons" it's a clean download and scan.


Can you post the .txt log from SuperAntiSpyware? I'd like to see what 'Trojans' it found. It might still be in the 'quarantine' file?
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Jacee said:
AdwCleaner should not have any "ad-ons" it's a clean download and scan.


Can you post the .txt log from SuperAntiSpyware? I'd like to see what 'Trojans' it found. It might still be in the 'quarantine' file?
Click to expand...
Hum Jacee I have had a few downloads where there have been ads for stuff but today i di one on my tester and they were gone perhaps they have removed them??

I'll remove that comment.
 

My Computer My Computer

At a glance

Desk1 7 Home Prem / Desk2 10 Pro / Main lap A...Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i...Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop...Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Own build (new) Desk1 / Asus ROG Win 7 / Desk2 1st build
OS
Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
CPU
Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i5 2500
Motherboard
Desk1 Asus P877-V / Desk2 Gigabyte H67 UD3H / Laptop ?
Memory
Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop 8Gb DDR3
Graphics Card(s)
Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Sound Card
Desk 1 & 2 -XONAR DG Realtek High Def audio Laptop
Monitor(s) Displays
Desk 1 Benq HD 2450 / Desk2 Philips 24" / Laptop 17.5"
Screen Resolution
1920x1080 D1 & D2 & Laptop 1
Hard Drives
Desk1 Samsung 120GB 830 SSD
Asus ROG 256GB 850 Pro SSD
Desk2 Samsung 840 256 SSD
Toshiba 120GB EVO
PSU
Desk 1 Corsair HX 1050/ Laptop ? / Desk 2 Corsair HX 650
Case
Desk 1 Cooler HAF XM ? Toshiba laptop / Desk2 Coolermaster
Cooling
Fans on all Desk1 -2 Desk2 - all Coolermasters 5 Laptop ?
Keyboard
Desk 1 MS Sidewinder X6 Desk 2 MS Sidewinder X 4
Mouse
Desk 1&2 - Gigabyte MS 900 gamer - laptop - Logitec wireless
Internet Speed
ADSL2+
Other Info
One other Desktop (tester) and spare Toshba laptop both with SSD's
Running Kaspersky 2016 ISS on all machines config'd identically
Logitec audio stereo systems on each machine (x3)
Canon MG5250MFC
Router/modem TP-Link running WPA2SK
I ran everything except for the command system file checker (because I don't have a windows 7 cd) and the windowsclub.com link.

The scanners identified a few programs as trojans that were not in fact trojans. I obviously did not recognize the file that Superantispyware identified as a trojan.

will post .txt log shortly
 

My Computer My Computer

At a glance

64
Computer type
PC/Desktop
OS
64
I ran 2 scans on superantispyware
proppokertools is not a trojan

SUPERAntiSpyware Scan Log
SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 03/07/2014 at 06:07 PM

Application Version : 5.7.1018

Core Rules Database Version : 11090
Trace Rules Database Version: 8902

Scan type : Complete Scan
Total Scan Time : 01:08:39

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 633
Memory threats detected : 0
Registry items scanned : 76112
Registry threats detected : 0
File items scanned : 104128
File threats detected : 130

Adware.Tracking Cookie
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Cookies\8DRXU8KA.txt [ /atdmt.com ]
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Cookies\KBL60HU3.txt [ /ads.yahoo.com ]
.imrworldwide.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stats.cardschat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediacru.sh [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.lon.liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
account.skrill.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trackalyzer.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.estat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atlanticmedia.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.blogger.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hearstmagazines.112.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.lon.liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.lon.liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.survey.g.doubleclick.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gntbcstglobal.112.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bwin.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mmstat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cnzz.mmstat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rtst.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
account.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
account.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
account.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.account.boylesports.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.account.boylesports.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.account.boylesports.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
PokerTracker [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtechus.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.linksynergy.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
count.carrierzone.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
BurstMedia [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstbeacon.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
BurstMedia [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.co.th [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\BIGBEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

Trojan.Agent/Gen-Qhost
C:\PROGRAM FILES (X86)\PPTODDSORACLE\UNINSTALL.EXE
C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PROPOKERTOOLS ODDS ORACLE\PROPOKERTOOLS ODDS ORACLE UNINSTALLER.LNK
 

My Computer My Computer

At a glance

64
Computer type
PC/Desktop
OS
64
I have no clue what this other trojan is.

SUPERAntiSpyware Scan Log
SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 03/07/2014 at 03:10 PM

Application Version : 5.7.1018

Core Rules Database Version : 11090
Trace Rules Database Version: 8902

Scan type : Quick Scan
Total Scan Time : 00:06:11

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 716
Memory threats detected : 0
Registry items scanned : 64102
Registry threats detected : 1
File items scanned : 23245
File threats detected : 102

Adware.PTech
(x86) HKU\S-1-5-21-4017607708-2851936205-3148765964-1000\Software\PTech

Adware.Tracking Cookie
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Cookies\369F75KR.txt [ /doubleclick.net ]
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Cookies\0WRHMQY1.txt [ /interclick.com ]
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Cookies\8DRXU8KA.txt [ /atdmt.com ]
statse.webtrendslive.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
account.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
account.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Cookies\KBL60HU3.txt [ /ads.yahoo.com ]
account.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.wptaccount.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.account.boylesports.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.account.boylesports.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.account.boylesports.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
PokerTracker [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.pokertracker.com [ C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZL37VSN.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stats.cardschat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediacru.sh [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.lon.liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
account.skrill.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trackalyzer.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.estat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atlanticmedia.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.blogger.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hearstmagazines.112.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.lon.liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.lon.liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.survey.g.doubleclick.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gntbcstglobal.112.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nj.partypoker.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bwin.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mmstat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cnzz.mmstat.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.flagcounter.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.videos.mediaite.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.videos.mediaite.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaite.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
videos.mediaite.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.newsquestdigitalmedia.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rtst.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitetrader.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.timeinc.122.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insights.themarketiq.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insights.themarketiq.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.wileypublishing.112.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.microsoftsto.112.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.warnerbros.112.2o7.net [ C:\USERS\BEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

Trojan.Agent/Gen-Graftor
C:\USERS\BEN\APPDATA\LOCAL\TEMP\SET134B.TMP
C:\USERS\BEN\APPDATA\LOCAL\TEMP\SET90B3.TMP
 

My Computer My Computer

At a glance

64
Computer type
PC/Desktop
OS
64
Thanks a lot guys. I work on this computer so it hurts me a lot to have it not functioning properly. If you help me solve this I'll gladly donate a little $ via BOA, Skrill, or paypal. Whichever you prefer.

My vpn doesn't work now. A little worried that I accidentally deleted something vital to that when I deleted this. Trojan.Agent/Gen-Graftor
C:\USERS\BEN\APPDATA\LOCAL\TEMP\SET134B.TMP
C:\USERS\BEN\APPDATA\LOCAL\TEMP\SET90B3.TMP
 

My Computer My Computer

At a glance

64
Computer type
PC/Desktop
OS
64
Be sure to quarantine Everything the SuperAntiSpyware found!


You may have a dirty DNS cache. Let's flush it:


Click the Start button.
2. Enter cmd in the Start menu search field.
3. Right-click on Command Prompt and select Run as Administrator.
4. Type, or copy/paste the following command and press Enter: ipconfig /flushdns
5. If the command was successful, you will see the following message: Windows IP configuration successfully flushed the DNS Resolver Cache.
Reboot.


Next, I'd like you to scan your machine with ESET OnlineScan
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the
    esetOnline.png
    button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on
      esetSmartInstall.png
      to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the
      esetSmartInstallDesktopIcon.png
      icon on your desktop.
  4. Check
    esetAcceptTerms.png
  5. Click the
    esetStart.png
    button.
  6. Accept any security warnings from your browser.
  7. Check
    esetScanArchives.png
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
    esetListThreats.png
  11. Push
    esetExport.png
    , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  12. Push the
    esetBack.png
    button.
  13. Push
    esetFinish.png
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Ok will do. Jeez 5 1/2 hours and only 33% complete.
 

My Computer My Computer

At a glance

64
Computer type
PC/Desktop
OS
64
It said the flush was a success and Eset online found 0 viruses.
 

My Computer My Computer

At a glance

64
Computer type
PC/Desktop
OS
64
Okay, now ... did you download AdwCleaner? If not, please read above and follow the instructions.
Post the .txt log it produces.
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
This is the 2nd scan I did. Not sure how to find log for the 1st.

# AdwCleaner v3.020 - Report created 09/03/2014 at 18:26:10
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Ben - BEN-PC
# Running from : C:\Users\Ben\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\9zl37vsn.default\prefs.js ]


-\\ Google Chrome v33.0.1750.146

[ File : C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : search_url
Deleted : suggest_url

[ File : C:\Users\bigben\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1920 octets] - [07/03/2014 16:27:08]
AdwCleaner[R1].txt - [1142 octets] - [09/03/2014 17:22:26]
AdwCleaner[S0].txt - [2015 octets] - [07/03/2014 16:30:32]
AdwCleaner[S1].txt - [1068 octets] - [09/03/2014 18:26:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1128 octets] ##########
 

My Computer My Computer

At a glance

64
Computer type
PC/Desktop
OS
64
Looks good!
Next:
Removing/Uninstalling AdwCleaner:
Double click on AdwCleaner.exe to run the tool again. Click on the Uninstall button.
Click Yes when asked are you sure you want to uninstall.
Both AdwCleaner.exe, its folder and all logs will be removed.


Now, download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop.
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.



Let me know if there are any more problems after rebooting
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
I think that fixed it. If no probs, I'll come back next week and get your info to send $25. Thanks!
 

My Computer My Computer

At a glance

64
Computer type
PC/Desktop
OS
64

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio

My Computer My Computer

At a glance

Desk1 7 Home Prem / Desk2 10 Pro / Main lap A...Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i...Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop...Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Own build (new) Desk1 / Asus ROG Win 7 / Desk2 1st build
OS
Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
CPU
Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i5 2500
Motherboard
Desk1 Asus P877-V / Desk2 Gigabyte H67 UD3H / Laptop ?
Memory
Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop 8Gb DDR3
Graphics Card(s)
Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Sound Card
Desk 1 & 2 -XONAR DG Realtek High Def audio Laptop
Monitor(s) Displays
Desk 1 Benq HD 2450 / Desk2 Philips 24" / Laptop 17.5"
Screen Resolution
1920x1080 D1 & D2 & Laptop 1
Hard Drives
Desk1 Samsung 120GB 830 SSD
Asus ROG 256GB 850 Pro SSD
Desk2 Samsung 840 256 SSD
Toshiba 120GB EVO
PSU
Desk 1 Corsair HX 1050/ Laptop ? / Desk 2 Corsair HX 650
Case
Desk 1 Cooler HAF XM ? Toshiba laptop / Desk2 Coolermaster
Cooling
Fans on all Desk1 -2 Desk2 - all Coolermasters 5 Laptop ?
Keyboard
Desk 1 MS Sidewinder X6 Desk 2 MS Sidewinder X 4
Mouse
Desk 1&2 - Gigabyte MS 900 gamer - laptop - Logitec wireless
Internet Speed
ADSL2+
Other Info
One other Desktop (tester) and spare Toshba laptop both with SSD's
Running Kaspersky 2016 ISS on all machines config'd identically
Logitec audio stereo systems on each machine (x3)
Canon MG5250MFC
Router/modem TP-Link running WPA2SK
It was fine for a day, then it froze again and I had to reboot. :( I'll try emsisoft and see what happens.
 

My Computer My Computer

At a glance

64
Computer type
PC/Desktop
OS
64
You must log in or register to reply here.

Similar threads

Is anyone still using Windows 7?
21 22 23
Replies
442
Views
155K
spapakons
spapakons
Can you disable Chrome's new "This Computer is Using Windows 7" bar?
2
Replies
24
Views
14K
wkeller
W
Possible to Continue Using Windows 7 Isolated from Internet?
Replies
7
Views
3K
torchwood
torchwood
Modifying Windows XP 64 using Windows 7 Dlls to run Latest Programs!
Replies
11
Views
8K
johnhoh
johnhoh
Explorer.exe crashes several times when using Windows 7 Pro
Replies
3
Views
2K
wither 2
W
Back
Top