Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help!

Unread postby Shroomie » June 5th, 2016, 1:17 am

My computer doesn't shut down, it gets stuck on "Logging off..." and weird stuff always happens! I've attached the initial FRST scan.
You do not have the required permissions to view the files attached to this post.
Shroomie
Active Member
 
Posts: 11
Joined: June 4th, 2016, 5:12 am
Advertisement
Register to Remove

Re: Help!

Unread postby pgmigg » June 5th, 2016, 2:45 pm

Hello Shroomie,

Welcome to the forum! :)

I am pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3187
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Help!

Unread postby pgmigg » June 5th, 2016, 3:06 pm

Hello Shroomie,

P2P Advisory!
IMPORTANT: There are signs of one or more P2P (Peer to Peer) File Sharing Programs installed on your computer.
µTorrent

As long as you have the P2P program(s) installed, per Forum Policy, I can offer you no further assistance.
If you choose NOT to remove the program(s), please indicate that in your next reply and this topic will be closed.

Otherwise, please perform the following steps:

Step 1.
Remove P2P Program
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without into the open text entry box:
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    µTorrent
  4. Click on the Change/Remove button to uninstall it.
  5. When the program have been uninstalled, please close Control Panel
  6. Reboot (restart) your computer.
By using any form of P2P networking to download files you can anticipate infestations of malware to occur. The P2P program itself may be safe but the files may not - use P2P at your own risk!
Keep in mind that this practice may be the source of your current malware infestation.
Reference... siting risk factors, using P2P programs: How to Prevent the Online Invasion of Spyware and Adware

Step 2.
Run CKScanner
  1. Please download CKScanner from here
  2. Important: - Save it to your Desktop.
  3. Double-click CKScanner.exe and click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.

Step 3.
TSG - SysInfo utility
  1. Please download SysInfo.exe and save it to your Desktop.
  2. Right click SysInfo.exe and select "Run As Administrator" to run it... if UAC prompts, please allow it.
  3. The small square window will be opened with already highlighted text - please right click on it, select Copy and then paste it in your next post.

Then:
Please tell me is this computer used for business purposes and connected to a business network?
I need to know it - so I can provide the proper instructions.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...
Don't post anything as attachments unless I will ask you about it specifically!

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Your decision about P2P programs
  3. Contents of CKFiles.txt log file
  4. Contents of TSG - SysInfo utility
  5. Answers to my question related to type of using of your computer

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3187
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Help!

Unread postby Shroomie » June 6th, 2016, 3:50 am

No, this computer is not used for any business. I just use it for browsing and playing games as you will probably see a ton of game files.

CK files:
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\users\boss sauce\appdata\local\temp\hyd4853.tmp.1465199194_permissionscopy\mafia.ii.crackfix-skidrow.torrent
c:\users\boss sauce\appdata\local\temp\hyd4853.tmp.1465199194_permissionscopy\rust.client.v25.02.2014.and.server.v1069.cracked.torrent
c:\users\boss sauce\appdata\local\temp\hyd4853.tmp.1465199194_permissionscopy\[pc game multi] - gran theft auto san andreas + crack nocd - (perfect dvd version) - (eng-ita-deu-fra-esp) - (by g-adlvr_r7.rar.1.torrent
c:\users\boss sauce\appdata\local\temp\hyd4853.tmp.1465199194_permissionscopy\[pc game multi] - gran theft auto san andreas + crack nocd - (perfect dvd version) - (eng-ita-deu-fra-esp) - (by g-adlvr_r7.rar.torrent
scanner sequence 3.BB.11.OSAPPZ
----- EOF -----


TSG SysInfo:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz, Intel64 Family 6 Model 60 Stepping 3
Processor Count: 4
RAM: 8122 Mb
Graphics Card: NVIDIA GeForce GTX 770, -2048 Mb
Hard Drives: C: Total - 57138 MB, Free - 1157 MB; D: Total - 953866 MB, Free - 124510 MB;
Motherboard: ASRock, Z87 Pro3
Antivirus: avast! Antivirus, Updated and Enabled

I removed uTorrent
Shroomie
Active Member
 
Posts: 11
Joined: June 4th, 2016, 5:12 am

Re: Help!

Unread postby pgmigg » June 6th, 2016, 12:54 pm

Shroomie wrote:My computer doesn't shut down, it gets stuck on "Logging off..."

Hard Drives: C: Total - 57138 MB, Free - 1157 MB;
Your original problem related to catastrophically small amount of free space on system disk C: !
During the shutdown the Windows needs to have not less than 12-15% of empty space on the system hard drive for temporary data exchange to have possibility to write some data from memory to hard drive and save it as "Last Know Good Configuration" in registry - then it will be used for the next system start and login. When you have approximately 2% (actually less) of free space, the Windows needs infinity amount of time to exchange data by dividing it to very small portions and write and read it many-many times to finish the shutdown...

You need to clean up your disk immediately! How to do it?..

Cracked - Illegal Software

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.
The section here explains why we bring this to your attention.

If you wish to receive help from us, you must remove any and all of the following from your computer:
  • Illegal software
  • Cracked software
  • Illegal software key generators

Once the software and/or keygens have been removed, if you still need help, please start a new thread... include a link to your closed topic and include NEW FRST logs :

  • FRST.txt.
  • Addition.txt.
  • Details of the problems you're experiencing.
  • Link to your closed topic.

Wait for a new helper. Do not reply to your topic before a helper has replied.

This topic is now closed.
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3187
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 44 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware