Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Reply
 
Topic Tools
  #16  
Old May 18th, 2018, 09:35 AM
vpessoa79's Avatar
vpessoa79 vpessoa79 is offline
CTH Subscriber
 
Join Date: Aug 2010
O/S: Windows 7 64-bit
Posts: 77
C:\AdwCleaner\Quarantine\v1\20180514.021530\5\Down loaded Installers\{95294F1F-3F2F-48E6-A33B-B89632F8F1B7}\setup.msi#7B238CD47778005F a variant of Win32/UwS.SlimDrivers.A application
C:\Users\VAL\AppData\Roaming\uTorrent\updates\3.4. 2_34309.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application
C:\Users\VAL\Downloads\AIDA64_Extreme_5.90.4200___ Keygen.rar Win32/Keygen.LE potentially unsafe application
C:\Users\VAL\Downloads\AVG_Driver_Updater_Setup_11 _1.exe a variant of Win32/Slimware.A potentially unwanted application
C:\Users\VAL\Downloads\ccsetup524.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\VAL\Downloads\ex_1.txt.exe a variant of Win32/Adware.YoBrowser.CN application
C:\Users\VAL\Downloads\iM3xZ3Bocq.zip a variant of Win32/Injector.DJLU trojan
C:\Users\VAL\Downloads\Last Day On Earth Survival 1.5.4 Mod v2.apk a variant of Android/Autoins.P potentially unsafe application,a variant of Android/Packed.Jiagu.D potentially unsafe application,a variant of Android/Packed.Jiagu.B potentially unsafe application
C:\Users\VAL\Downloads\Last Day On Earth Survival 1.5.4 Mod.apk a variant of Android/Autoins.P potentially unsafe application,a variant of Android/Packed.Jiagu.D potentially unsafe application,a variant of Android/Packed.Jiagu.B potentially unsafe application
C:\Users\VAL\Downloads\sengame.net_last-day-on-earth-survival-1.6.4-mod.apk a variant of Android/Autoins.P potentially unsafe application,a variant of Android/Packed.Jiagu.D potentially unsafe application,a variant of Android/Packed.Jiagu.B potentially unsafe application
C:\Users\VAL\Downloads\SenGame.Net_LastDayOnEarthS urvival-1.6-Mod.apk a variant of Android/Autoins.P potentially unsafe application,a variant of Android/Packed.Jiagu.D potentially unsafe application,a variant of Android/Packed.Jiagu.B potentially unsafe application
C:\Users\VAL\Downloads\SenGame.Net_LastDayOnEarthS urvival_1.6.2_CN_Mod.apk a variant of Android/Autoins.P potentially unsafe application,a variant of Android/Packed.Jiagu.D potentially unsafe application,a variant of Android/Packed.Jiagu.B potentially unsafe application
C:\Users\VAL\Downloads\VqsPhone.apk a variant of Android/Autoins.P potentially unsafe application
C:\Users\VAL\Downloads\[SenGame.Net]Last-Day-On-Earth-Survival-1.5.6-Mod-APK.apk a variant of Android/Autoins.P potentially unsafe application,a variant of Android/Packed.Jiagu.D potentially unsafe application,a variant of Android/Packed.Jiagu.B potentially unsafe application
F:\Games\Android Emulator Games\Last Day on Earth\VqsPhone.apk a variant of Android/Autoins.P potentially unsafe application
F:\Games\Android Emulator Games\Last Day on Earth\[SenGame.Net] last-day-on-earth-survival-1.6.4-mod.apk a variant of Android/Autoins.P potentially unsafe application,a variant of Android/Packed.Jiagu.D potentially unsafe application,a variant of Android/Packed.Jiagu.B potentially unsafe application
F:\My Stuff\ARMA2OA KEYCHANG.exe Win32/GameTool.CG potentially unsafe application
Reply With Quote


  #17  
Old May 18th, 2018, 09:40 AM
vpessoa79's Avatar
vpessoa79 vpessoa79 is offline
CTH Subscriber
 
Join Date: Aug 2010
O/S: Windows 7 64-bit
Posts: 77
So I guess now I will watch and see how the computer acts over the next few days and I will report back to you. Thank you for taking the time in helping me cleanup some of this stuff you found - hopefully that helps with the issues and with some performance as well. I will report back to you how the computer is doing. Thanks again.
Reply With Quote
  #18  
Old May 19th, 2018, 12:47 AM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 10 Pro
Location: Europa
Posts: 1,938
Quote:
Originally Posted by vpessoa79 View Post
So I guess now I will watch and see how the computer acts over the next few days and I will report back to you. Thank you for taking the time in helping me cleanup some of this stuff you found - hopefully that helps with the issues and with some performance as well. I will report back to you how the computer is doing. Thanks again.
Okay.
You should stay away from crack and keygen software.All the softwares you use must be up to date.


Update your Firefox browser.



Please do the following:

İnternet explorer:
Internet Explorer 9, 10 and 11 (Win) - Clearing Cache and Cookies
https://kb.wisc.edu/page.php?id=15141
Next >>
How to reset Internet Explorer settings
https://support.microsoft.com/en-us/kb/923737

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb...w.google.ca%2F

Clean the Firefox Cache.
https://kb.wisc.edu/page.php?id=15141

Chrome:
Delete your cache, history, and other browser data
https://support.google.com/chrome/answer/95582?hl=en
Next >>
Reset Chrome browser settings
https://support.google.com/chrome/answer/3296214?hl=en
Reply With Quote
  #19  
Old May 19th, 2018, 09:01 AM
vpessoa79's Avatar
vpessoa79 vpessoa79 is offline
CTH Subscriber
 
Join Date: Aug 2010
O/S: Windows 7 64-bit
Posts: 77
Sounds good, I have updated all the browsers as you instructed as well. The one thing I'm still noticing is that sometimes - not always - when I 'cold start' my computer I will have about a 10 second black screen 'delay' after the Windows logo and before my desktop appears. It's probably one of the startup programs that is using up some extra resources at the time which is slowing down reaching the desktop. Any ideas/suggestions on how to find out which program might be doing that?
Reply With Quote
  #20  
Old May 19th, 2018, 08:57 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 10 Pro
Location: Europa
Posts: 1,938
Okay.
Please open CCleaner Free
https://www.piriform.com/ccleaner
Tools > Startup > save to txt file button press.
Post it in your next reply startup.txt file
Reply With Quote
  #21  
Old May 19th, 2018, 10:48 PM
vpessoa79's Avatar
vpessoa79 vpessoa79 is offline
CTH Subscriber
 
Join Date: Aug 2010
O/S: Windows 7 64-bit
Posts: 77
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run EPLTarget\P0000000000000000 SEIKO EPSON CORPORATION C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIICE. EXE /EPT "EPLTarget\P0000000000000000" /M "XP-300 Series" /EF "HKCU"
Yes HKCU:Run Gyazo Nota Inc. C:\Program Files (x86)\Gyazo\GyStation.exe
Yes HKCU:Run Spotify Web Helper Spotify Ltd C:\Users\VAL\AppData\Roaming\Spotify\SpotifyWebHel per.exe --autostart
Yes HKLM:Run EEventManager SEIKO EPSON CORPORATION "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
Yes HKLM:Run MSC Microsoft Corporation "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
Yes HKLM:Run Razer Synapse Razer Inc. "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
Yes HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
Yes HKLM:Run RzSBHelper Razer Inc C:\Program Files (x86)\Razer\SwitchBlade\RzSBHelper.exe
No Startup Common GIGABYTE OC_GURU.lnk C:\PROGRA~2\GIGABYTE\GIGABY~1\OC_GURU.exe
Yes Startup Common RazerFPSStartup.lnk Razer USA Ltd C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE2 44-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\RzFPS.exe
Reply With Quote
  #22  
Old May 20th, 2018, 06:20 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 10 Pro
Location: Europa
Posts: 1,938
Suggest Disabling these Startups: Use CCleaner by clicking on each item and choosing Disable on the right.
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run EPLTarget\P0000000000000000 SEIKO EPSON CORPORATION C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIICE. EXE /EPT "EPLTarget\P0000000000000000" /M "XP-300 Series" /EF "HKCU"
Yes HKCU:Run Gyazo Nota Inc. C:\Program Files (x86)\Gyazo\GyStation.exe
Yes HKCU:Run Spotify Web Helper Spotify Ltd C:\Users\VAL\AppData\Roaming\Spotify\SpotifyWebHel per.exe --autostart
Yes HKLM:Run EEventManager SEIKO EPSON CORPORATION "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

Delete these Startups: Use CCleaner by clicking on each item and choosing Delete on the right.
No Startup Common GIGABYTE OC_GURU.lnk C:\PROGRA~2\GIGABYTE\GIGABY~1\OC_GURU.exe





Restart the system.How does the PC work now?
Reply With Quote
  #23  
Old May 22nd, 2018, 07:42 PM
vpessoa79's Avatar
vpessoa79 vpessoa79 is offline
CTH Subscriber
 
Join Date: Aug 2010
O/S: Windows 7 64-bit
Posts: 77
I've purposely waited a couple of days to see how it reacted after restarts and so far it's been good - no delay after restarts. I'll follow your suggestions and keep an eye on any changes. Thanks again for the help, very much appreciated.
Reply With Quote
  #24  
Old May 22nd, 2018, 10:09 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 10 Pro
Location: Europa
Posts: 1,938
Quote:
Originally Posted by vpessoa79 View Post
I've purposely waited a couple of days to see how it reacted after restarts and so far it's been good - no delay after restarts. I'll follow your suggestions and keep an eye on any changes. Thanks again for the help, very much appreciated.
You're welcome. Congratulations!

Please do this following;

In any case please download delfix to your desktop.
  • Close all other programms and start delfix.
  • Please check all the boxes and run the tool.
  • Delfix will now delete all found traces of our removal process.
If there is still something left please delete it manualy.

ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

Note:
Some safety suggestions !
http://trmalwarefix.freeforums.net/t...ty-suggestions

Best regards. Greetings.

Last edited by olgun52; May 22nd, 2018 at 10:27 PM.
Reply With Quote
  #25  
Old May 23rd, 2018, 05:16 AM
vpessoa79's Avatar
vpessoa79 vpessoa79 is offline
CTH Subscriber
 
Join Date: Aug 2010
O/S: Windows 7 64-bit
Posts: 77
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 05:35 PM.