Isp Keeps Closing Connection Because Of A Virus, I Find No Malware

Hello, m4s4

Are you following the steps given for running the tools exactly? Why are you trying to edit the logs?

 

Hmmm... haven't dealt with such problems. If the logs were created and "Saved", navigate to them and compress them into a zip file and upload... I'll go from there with them. *Just make sure that they are .txt format before zipping.

 

You're welcome. Stand by while I quickly run Hitman myself to see what I can find out....

 

Hitman Pro 3.7.14 Build 276

Next to the Buy Now radio button > in blue Save Log > choose "save directory" - file type = "Save as type - Text Log files(*.log)". What happens then?

 

Yes - all logs are okay. Give me time to review them and I'll post a fix afterwards.

 

You're welcome. Have you knowingly setup a proxy?

 

Ok, please run this tool.

Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop.

Note: Make sure you download the correct version ( 32 bit or 64 bit ) for your PC. Only the correct version will run so if you make a mistake and download the wrong one, go back and get the other.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press the Scan button and wait.
• The first time the tool is run it makes two logs, FRST.txt and Addition.txt in the same directory the tool is run.
• Please upload them in your next reply.

EDIT: And you're aware of Tftpd32 and LOIC.exe which Hitman Pro doesn't like?

 

Did you see my EDIT to previous reply?

 

http://tftpd32-standalone-edition.software.informer.com/

Tftpd32 Standalone Edition (remove only)
Tftpd64 Standalone Edition (remove only)
The above are in your HKLM Uninstall Program list...

 

Let's start with this -

NOTES: I would not allow uTorrent.exe to auto-run at startup --- very risky as it opens your PC up to the world. *You're getting very close to only having 15% free space remaining on both your OS and Data drives.

*Other than the tools our guide instructed you to save there, I strongly recommend that you clean up this account's Desktop immediately leaving only shortcut links. [ C:\Users\Matti\Desktop ] Do not store downloads, exe files, iso files....etc on your Desktop. First it is not a safe place to keep them (i.e., you may loose them due to malware, and a cluttered Desktop is an easy hiding place for malware), and last but not least - it can have an effect on your PCs performance.

Please disconnect your internet before performing this fix!

Re-run Hitman Pro, activate/enable the free trial and allow it to remove:

Malware => dllhost.exe.exe
Potential Unwanted Programs​

After reboot and when you are back in Windows, rescan with HitmanPro and upload the new log.

Now, re-run RogueKiller.exe. (Vista/Windows7/8/10 users should right-click and select "Run as Administrator")
After it finishes the scan, select the following tabs and then select any of the below that exist and then click the Remove Selected button.

¤¤¤ Registry ¤¤¤ <== all PUPs
¤¤¤ Files ¤¤¤​

Then immediately reboot your PC.

Now run a new scan with RogueKiller and save a log as in the original instructions and upload that new log.

NOTE: This script was written specifically for this user for use on this particular computer. Running this on another machine may cause damage to your operating system.

• Save the attached (fixlist.txt) to your desktop.
• Right-click FRST(x32/64) and select Run as Administrator.
• Click the FIX button once.
• Wait while FRST processes fixlist.txt
• A report should pop up named Fixlog.txt, please upload it here in your next reply.

 

The two desktop.ini files are normally hidden files, so leave them.

Now please download Junkware Removal Tool to your desktop.

• Make sure to shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Note: That JRT may reset your home page to a google default so you will need to restore your home page setting if this happens.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Upload JRT.txt to your next message.

Next download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• When it's done you'll see: Pending: Please uncheck elements you don't want removed.
• Now click on the Report button...a logfile (AdwCleaner[S#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
• Upload this log to your next reply.

How is your machine running now?

 

You're welcome.

Using AdwCleaner.exe previously downloaded:

• Double click on AdwCleaner.exe to run the tool. (Vista, Win7/8/10 users should right-click and "Run As Administrator")
• Click on the Scan button.
• When the scan has completed, click on the Clean button.
• Press OK when asked to close all programs and follow the on-screen prompts.
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
• After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.
• Upload this log to your next reply.

We're down to performing minor cleanup, now. But if you wish, you could run this online scanner. {The scan takes 2 hr +- so be patient}
eSet Online Scan

 

Your error.png comes back as related to Razer Synapse

 

Just go here ==> https://www.eset.com/us/online-scanner/ and click on the SCAN NOW radio button > save the esetonlinescanner_enu.exe Binary file to your Desktop > then right-click and choose "Run as Administrator".

 

Yes, delete everything in quarantine. Although they are prevented from causing any more trouble now, there's no reason for them to remain. The scanner log should reinforce to you what programs and applications that you don't need to have on your system, right? Especially the hacks, cracks, and infected torrents...

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase it, it provide no protection. It do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. Go back to step 6 of the READ ME and re-enable your Disk Emulation software with Defogger if you had disabled it.
3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
4. If running Vista, Win 7/8/10 - it is time to make sure you have re-enabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
5. Go to add/remove programs and uninstall HijackThis.
6. Go to the C:\MGtools folder and find the MGclean.bat file. Double-click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
7. If you are running Win 7/8/10, Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures pointed to by step 6 of the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
8. After doing the above, you should work through the below link:
   • How to Protect yourself from malware!

Safe surfing!

 

If the problem returns, the same cause should be suspected and the same cleaning procedure needs to be performed. Meanwhile, you need to read the following thread closely - http://forums.majorgeeks.com/index....ens-cracks-and-other-illegal-software.178565/.

We appreciate your desire to support the forum. Recommend us to your friends!