Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

Posted in July, was not addressed

Solved 
12K views 63 replies 3 participants last post by  camsr2000 
#1 ·
I posted this in July, never saw a response, just noticed it was locked:

Been awhile since y'all last helped me, computer is running very slow, also, I noticed something, I play a facebook game while online. I tend to have two or more tabs, sometimes two browsers open so I can stream shows from Amazon or netflix while I play the game. the game I play is "The Last One" in which you receive alerts for battles. If I'm streaming a show or movie, I'll hear the alert, I switch to the game tab or browser and try to change weapons and join a battle. When I switch to the game tab, I click to change weapons and the arsenal will not come up or I click to join the battle but the alert to join the battle will not show. I have to refresh the tab/game to try to get the arsenal or alert to show and allow me to join. This may be due to too much junk, malware, etc. taking up RAM, but not sure. Please help
Tech Support Guy System Info Utility version 1.0.0.4
OS Version: Microsoft Windows 10 Home, 64 bit
Processor: Intel(R) Pentium(R) CPU G630 @ 2.70GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 2
RAM: 8096 Mb
Graphics Card: Intel(R) HD Graphics, -1988 Mb
Hard Drives: C: 914 GB (801 GB Free); D: 16 GB (2 GB Free);
Motherboard: Foxconn, 2ABF
Antivirus: Avast Antivirus, Enabled and Updated
 
See less See more
#56 ·
18:37:28 # product=EOS
# version=8
# esetonlinescanner_enu.exe=3.0.17.0
# country="United States"
# lang=1033
18:37:55 # stats_enabled=0
# scan_type=16530146
18:40:54 # product=EOS
# version=8
# esetonlinescanner_enu (1).exe=3.0.17.0
# country="United States"
# lang=1033
18:42:48 Updating
18:42:48 Update Init
18:42:50 Update Download
18:43:59 esets_scanner_reload returned 0
18:43:59 g_uiModuleBuild: 40153
18:43:59 Update Finalize
18:43:59 Call m_esets_charon_send
18:43:59 Call m_esets_charon_destroy
18:44:00 Updated modules version: 40153
18:44:10 Call m_esets_charon_setup_create
18:44:10 Call m_esets_charon_create
18:44:10 m_esets_charon_create OK
18:44:10 Call m_esets_charon_start_send_thread
18:44:10 Call m_esets_charon_setup_set
18:44:10 m_esets_charon_setup_set OK
18:44:10 Scanner engine: 40153
21:49:41 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Carlos\AppData\Local\ESET\ESETOnlineScanner\Quarantine\
21:49:41 Cleaning up
21:49:41 # product=EOS
# version=8
# flags=0
# av=0
# fw=2
# admin=1
# esetonlinescanner_enu (1).exe=3.0.17.0
# EOSSerial=4ae981516129bc449fcf8dded713dc9c
# engine=40153
# end=finished
# bannerClicked=0
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# sfx_checked=true
# utc_time=2019-01-24 03:49:40
# local_time=2019-01-23 21:49:40 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=10.0.17134 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 24725742 0 0
# scanned=274913
# found=10
# cleaned=10
# scan_time=10517
# flow=2019-01-23 18:41:03|scr|eula|2019-01-23 18:41:07|scr|welcome|2019-01-23 18:41:08|promo|essp|2019-01-23 18:41:18|scr|consents|2019-01-23 18:42:03|scr|scan_type|2019-01-23 18:42:32|scr|pua|2019-01-23 18:42:48|scr|updating|2019-01-23 18:44:00|scr|scanning|2019-01-23 21:39:18|scr|all_cleaned|2019-01-23 21:45:05|click|save_report|2019-01-23 21:48:23|scr|periodic_offer|2019-01-23 21:48:53|scr|upsell|2019-01-23 21:49:11|scr|thanks
# periodic=0,0
# stats_enabled=0
# scan_type=2
sh=788BA11B32EAD116136308D48ABA501827BE6E3E ft=1 fh=0000000000672e58 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Carlos\Desktop\ccsetup511 (1).exe"
sh=788BA11B32EAD116136308D48ABA501827BE6E3E ft=1 fh=0000000000672e58 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Carlos\Desktop\ccsetup511.exe"
sh=5B189555C663407C8DA7930EF070CE16C9B20CE1 ft=1 fh=000000000067c958 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Carlos\Desktop\ccsetup512.exe"
sh=B7C20CA5F3D03CA0B47FE84EA238FF4F69E5183B ft=1 fh=000000000067d750 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Carlos\Desktop\ccsetup513.exe"
sh=91352F7C0C03DBAFE73A9D7B2539C7B346EF9582 ft=1 fh=0000000000683120 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Carlos\Desktop\ccsetup514.exe"
sh=E473F5DB747773B80FCCA8A50B4CF7BAEEC1EA47 ft=1 fh=000000000068cec0 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Carlos\Desktop\ccsetup516.exe"
sh=F2812D6ECF216B1137B86BF4E0AFB4F6B012FF85 ft=1 fh=0000000000690390 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Carlos\Desktop\ccsetup517.exe"
sh=68B0376FB80EC5DBF7B47DCC7B5335383E9B063A ft=1 fh=00000000007c27d8 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Carlos\Desktop\ccsetup520.exe"
sh=F10BD4904CE5A8C9DBCD95B8B8A330CEF75BC924 ft=1 fh=00000000007d88d8 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Carlos\Desktop\ccsetup521.exe"
sh=9920DB30461574924C73CD28D79E80FA0B99468D ft=1 fh=0000000000083209 vn="Win32/InstallMonetizer.AF potentially unwanted application (cleaned by deleting)" ac=C fn="C:\Users\Carlos\Downloads\FreeMouseAutoClickerSetup.exe"
21:49:41 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Carlos\AppData\Local\ESET\ESETOnlineScanner\Modules\
21:49:41 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Carlos\AppData\Local\ESET\ESETOnlineScanner\OldModules\
21:49:41 DeleteEstsApi: C:\Users\Carlos\AppData\Local\ESET\ESETOnlineScanner
21:49:42 DeleteApiStgFile: C:\Users\Carlos\AppData\Local\ESET\ESETOnlineScanner
21:49:42 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Carlos\AppData\Local\ESET\ESETOnlineScanner\Char_Cache\
21:49:42 Call m_esets_charon_send
21:49:42 Call m_esets_charon_destroy
 
#58 ·
Hi camsr2000,

Thank you for providing that ESET log.

My game issue has not been resolved yet, what could be causing this?
Let's continue the disinfection process, and then we can go from there. We first needed to rule out the possibility of malware causing the issue. To me this sounds like it may be built in functionality to the game, as a way to deter players from cheating. It may be best to post in a forum specific to that game. Who is the creator of The Last One? I can help you find the right forum to post your question.

Well done!
. Your computer is clean and is ready to be used again
. All of the bad guys have been removed, but please take the time to follow these last steps to clean up the tools we've used throughout the process. It was my pleasure helping you

Now that we are at the end of the disinfection process, the tools that we utilized can now be removed from your machine, since they won't be used again (we hope!). If they need to be, then the most updated versions should be downloaded at that time.

Step 1 of 3: Removing Disinfection Tools with Delfix

This step cleans up the tools we were utilizing and creates a new restore point.

1. Download Delfix by Xplode from here
2. Ensure Remove disinfection tools is ticked
Also tick:
  • Create registry backup
  • Purge system restore

3. Click Run

The program will run for a few moments and then notepad will open with a log. Please copy and paste the log in your next reply.

Step 2 of 3: Filehippo Updatechecker (Optional)

Another weapon against malicious programs and viruses is to keeping other programs updated. There are several programs out there that can check for out of date programs on your computer. One is Filehippo. You can run this on a weekly or monthly basis to check your programs for updates and then it will provide a link for you to download them.

Keep Applications Updated using FileHippo
1. Navigate to this website
2. Click on the green "Download This Version" on the right
3. Click on the downloaded file entitled, "AppManagerSetup_1.47"
4. Follow the on-screen instructions
Once installed, FileHippo will prompt you if any updates are available for the applications you currently have installed.

Step 3 of 3: Installation of Unchecky (Optional)

This is a good program that will automatically uncheck any boxes during a software installation. This helps prevent the software from installing any malware that is by default checked while the program is being installed.
  • Click here to be taken to Unchecky.com
  • Click the Download button in the middle of the screen
  • Click Save
  • Once downloaded, right-click the program and select "Run as Administrator"
  • Once open, click the Install button
  • Then click on Finish
  • Unchecky is now installed and will help you keep unwanted check boxes unchecked
 
#59 ·
# DelFix v1.010 - Logfile created 04/02/2019 at 17:57:13
# Updated 26/04/2015 by Xplode
# Username : Carlos - CARLOS-HP
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Carlos\Desktop\FRST-OlderVersion
Deleted : C:\Users\Carlos\Desktop\Addition.txt
Deleted : C:\Users\Carlos\Desktop\adwcleaner_7.2.6.0.exe
Deleted : C:\Users\Carlos\Desktop\Fixlog.txt
Deleted : C:\Users\Carlos\Desktop\FRST.txt
Deleted : C:\Users\Carlos\Desktop\FRST64.exe

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #44 [Windows Update | 01/16/2019 01:54:50]
Deleted : RP #47 [Scheduled Checkpoint | 01/23/2019 23:58:00]

New restore point created !

########## - EOF - ##########
 
#60 ·
Quote
"My game issue has not been resolved yet, what could be causing this?
Let's continue the disinfection process, and then we can go from there. We first needed to rule out the possibility of malware causing the issue. To me this sounds like it may be built in functionality to the game, as a way to deter players from cheating. It may be best to post in a forum specific to that game. Who is the creator of The Last One? I can help you find the right forum to post your question."

Joe, I disagree that this was a "functionality" , unfortunately, The Last One is an obsolete game I've played for a few years I found on FB, it was created and maintained by "Nexters", they have not added to the game in some time, but I just continue to play it as a member of a group. The game issue had never happened before, just seems like its being caused by RAM issues, not sure. I had always watched movies on Netflix or Amazon as I played and would listen for the alerts to join battles but since the computer started slowing down I noticed as I switched from the movie tab to the game tab I would have to refresh to be able to join a "cad attack", but if it was a "Mass Combat" once I refreshed, the chance to join would be expired. The developers apparently have several games that they still service but have abandoned this one. Seems like it may be time for me to abandon the game as well.
 
#61 ·
Joe, I disagree that this was a "functionality" , unfortunately, The Last One is an obsolete game I've played for a few years I found on FB, it was created and maintained by "Nexters", they have not added to the game in some time, but I just continue to play it as a member of a group. The game issue had never happened before, just seems like its being caused by RAM issues, not sure. I had always watched movies on Netflix or Amazon as I played and would listen for the alerts to join battles but since the computer started slowing down I noticed as I switched from the movie tab to the game tab I would have to refresh to be able to join a "cad attack", but if it was a "Mass Combat" once I refreshed, the chance to join would be expired. The developers apparently have several games that they still service but have abandoned this one. Seems like it may be time for me to abandon the game as well.
Oooh okay. That adds another layer of mystery to your situation. I don't think it should be a RAM issue. It appears that you have 8 GB on your machine, and if it's a Facebook game then it shouldn't be too resource intensive. I didn't know that they had abandoned the game. Hmm.. at least we know that it's not malware related. Is there anything else I can help you with, camsr2000?
 
#62 ·
Was still trying out but this game is pretty intensive, give many options to change weapons ans battle locations. it seemed to get more graphic intensive as they added more and more levels/areas and opponents to battle in and with.
So you feel my computer is now clean? I had also noticed when I logged on to the Spectrum cable site the it would time out, would have to reload 2 or more times. Wasn't like that before it started to slow down 6 to 8 months ago
 
#63 ·
So you feel my computer is now clean? I had also noticed when I logged on to the Spectrum cable site the it would time out, would have to reload 2 or more times. Wasn't like that before it started to slow down 6 to 8 months ago
I do indeed. FRST is designed so that we can take a look at the files/folders that were modified/created within a 1 month timeframe. However, since we ran the ESET scan tool, which is super in-depth, I am confident that this isn't malware we are dealing with. I suggest that you post your question in the Windows 10 forum for further assistance, but we know that this isn't a baddy that's causing you hardship.
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top