Jump to content

Infected with Trojan horse nearly an year.

Recommended Posts

Hi, Everyone. My system is malware affected. I reinstalled it with this windows 8.1. In reinstalling process I formatted local disk (c) also. But malware is not gone. Local disk(c) size is always increases and decreases. No app is set automatically update in my computer even in windows update settings I choose 'never check for updates'. I am using internet in my system. It always uploads data. Scanned with may anti-malware applications but no use. Once I did not started my system for two months after that I scanned it it showed trojan malware. I removed it but nothing useful. Help me.

Link to post
Share on other sites

Hello monkeyjoker,

Continue with the following:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.


Please download Zemana AntiMalware and save it to your Desktop.
  • Install the program and once the installation is complete it will start automatically.
  • Without changing any options, press Scan to begin.
  • After the short scan is finished, if threats are detected press Next to remove them.
    Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please re-boot your computer manually.
  • Open Zemana AntiMalware again.
  • Click on user posted image icon and double click the latest report.
  • Now click File > Save As and choose your Desktop before pressing Save.
  • Attach saved report in your next message.


Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
  • Right-click on AdwCleaner.exe and select user posted imageRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs. "FRST.txt" and "Addition.txt"

Let me see those logs in your reply....

Thank you,



Link to post
Share on other sites

Greetings, Kevin.

May I tell you something. I have been through with all these FRST, AdwCleaner, Rougekiller anti-virus, tdsskiller, eset online scanner, OTL, rkill, JRT,  Revo uninstaller, Speecy app etc. The fixlist I tried it made me lost IP address, I called Technician he came and given a new IP address. It is 10 months my system had this malware. I have been using internet on my system like 4 years. Local disk(c) size changes even there are no downloads and uploads. I used AVG also it even got worse.

Link to post
Share on other sites

Have you ran what I asked, if so can I see those logs...?

There are two IP addresses listed on your system and is listed as private, is that an address known to you and trusted. read here: https://whois.domaintools.com/ is listed to Google, have a read here: https://whois.domaintools.com/

Also read at the following for https://cleantalk.org/blacklists?record=  you can see that address is a known spammer

Link to post
Share on other sites


do you have system restore enabled?

https://windirstat.net/ is a utility which gives a visual indication of disk usage. See those large chunks of data.


They are using the most data on your PC. It shows you a file tree but you can also click on those blocks and right click on Explorer here and go directly to that file. The program can show you where you can possibly save the most space.

Could you also disconnect the other disks as well and let connected only the one with OS you have issue on?

Edited by sosprepc
Link to post
Share on other sites

Do the following, let me know the result:

Select the Windows key and X Key together. From the produced list select::

Command Promt (Admin)

Accept UAC alert...

At the Command prompt, type or copy/paste

dism.exe /Online /Cleanup-Image /AnalyzeComponentStore

hit the Enter key.


Edited by kevinf80
typing error
Link to post
Share on other sites

Greetings, Kevin. The free space in local disk(c) is increased. The operation took 3 hrs 15 mins. Here it is Log file. Now winsxs folder in windows was showing 7.10 GB. Before Dism operation it was always showing 16.1 GB. I will inform you if it increases again.


Edited by monkeyjoker
Forgot to attach log file
Link to post
Share on other sites

You are only seeing minimal changes in free space, that is quite normal for windows. The system and other 3rd party services are constantly adding/removing data/temp data from your hard drive.Unless you see massive free space changes i would not be too concerned. 


if you still feel there maybe malware/infection on your system run the following online AV scan, it is very thorough so may take several hours to complete..

Go here and click 'SCAN NOW' under 'ESET Online Scanner' save to your Desktop.
  • You will be prompted to download and install esetonlinescanner_enu.exe. Click on the link and save the file to a convenient location.
  • Double-click on esetonlinescanner_enu.exe to install and a new window will open. Follow the prompts.
  • Turn off the real-time scanner of any existing antivirus program before performing the online scan. Here's how
  • At the bottom of the Terms of use window, tick the option Download latest version of ESET Online Scanner then click Accept
  • When/if prompted by UAC, 'Do you want to allow this app to make changes to your PC?', please choose Yes
  • Tick the option Enable detection of potentially unwanted applications
  • Click on Advanced settings
  • Make sure that the option Clean threats automatically is unticked.
  • Ensure these options are ticked:
  • Enable detection of potentially unsafe applications
  • Enable detection of suspicious applications
  • Scan archives
  • Enable Anti-Stealth technology
  • Click Scan
  • Wait for the scan to finish.
  • When the scan is done, if it shows a screen that says Threats found, click Save to text file... then name it and save it to your desktop.
  • Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
  • Please copy/paste the contents of the log in your next reply.
  • To close ESET Online Scanner, select Do not clean then Finish

Thank you,


Link to post
Share on other sites

Ok. I ran ESET online scanning. Here is the report. Do you know what, by increasing like that it made full disk without free space left. I reinstalled my system, I formatted the local disk(c) and checked everything was fine. But after minutes again it was full. Now, also it slowly increasing. Yesterday it was 9.90 GB now it is 9.08 GB. Tomorrow it will be 8.50GB, and after tomorrow 8GB. At last it will make disk full. Sometimes it drains internet bandwidth so bad, within two seconds it can drain 100 MB. What do you have me do?

Link to post
Share on other sites

That log is more or less clean, uTorrent is not malicious per se but what it transfers maybe.  Did you read through the following link previously and the problems with free space requirements for windows !O...?


As your system does not have the presence malware or infection I cannot offer you any further help, go to General PC help forum and open a thread there....


Thank you,


Link to post
Share on other sites

This topic is now closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.