Browser acting strange, Snapdo and slow computer.

Active
By Konishi
Jul 13, 2014
  1. I don't know exactly what's happening with my computer, so, sorry about the vague title.

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 13/07/2014
    Scan Time: 04:14:46
    Logfile: 01.txt
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.07.13.01
    Rootkit Database: v2014.07.09.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Konishi

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 311583
    Time Elapsed: 10 min, 5 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Warn
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 1
    PUP.Optional.LinkSwift.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\odpccdgkmiicgocepijnaeihjnjnomca, Quarantined, [e81dacf396e52b0b785f25972cd6837d],

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Ultimate
    Boot Device: \Device\HarddiskVolume1
    Install Date: 03/05/2012 16:39:41
    System Uptime: 13/07/2014 04:11:10 (17 hours ago)
    .
    Motherboard: Gigabyte Technology Co., Ltd. | | GA-78LMT-S2
    Processor: AMD Athlon(tm) II X4 620 Processor | Socket M2 | 2600/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 466 GiB total, 109,56 GiB free.
    D: is CDROM ()
    E: is CDROM (CDFS)
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP151: 10/07/2014 23:42:59 - DirectX instalado
    RP152: 12/07/2014 16:05:10 - DirectX instalado
    RP153: 12/07/2014 16:06:01 - DirectX instalado
    RP154: 12/07/2014 18:10:20 - Instalado NVIDIA PhysX (Legacy)
    RP155: 13/07/2014 04:37:11 - avast! antivirus system restore point
    RP156: 13/07/2014 16:48:59 - Installed STOPzilla
    RP158: 13/07/2014 18:11:51 - DirectX instalado
    RP159: 13/07/2014 18:41:13 - Revo Uninstaller's restore point - STOPzilla
    RP160: 13/07/2014 18:41:34 - Removed STOPzilla
    .
    ==== Installed Programs ======================
    .
    ??????
    100% Orange Juice
    7-Zip 9.20
    7-Zip 9.20 (x64 edition)
    Action!
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 14 Plugin
    AhnLab Online Security
    avast! Free Antivirus
    Bandisoft MPEG-1 Decoder
    Battle.net
    Battlefield 3?
    Battlelog Web Plugins
    BioShock
    CCleaner
    Cheat Engine 6.3
    Child of Light
    D3DX10
    DAEMON Tools Lite
    Daum PotPlayer 1.5.35491
    Dino D-Day
    Dolby Axon - 1.5.1.1
    Dungeon Fighter Online
    Dxtory version 2.0.125
    ESET Online Scanner v3
    ESN Sonar
    Fallout: New Vegas
    Foxit Reader
    Fraps
    Galeria de Fotografias
    Galeria de Fotos
    Google Chrome
    Google Update Helper
    HP Deskjet 1050 J410 series Ajuda
    IrfanView (remove only)
    IRPF2014 - Declaracao de Ajuste Anual, Final de Espolio e Saida Definitiva do Pais
    League of Legends
    LOLReplay
    Malwarebytes Anti-Malware version 2.0.2.1012
    Microsoft .NET Framework 4 Client Profile PTB Language Pack
    Microsoft .NET Framework 4 Extended PTB Language Pack
    Microsoft .NET Framework 4.5.1
    Microsoft Application Error Reporting
    Microsoft Games for Windows - LIVE Redistributable
    Microsoft Games for Windows Marketplace
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
    Microsoft XNA Framework Redistributable 3.1
    Microsoft XNA Framework Redistributable 4.0 Refresh
    Movie Maker
    Mozilla Firefox 30.0 (x86 pt-BR)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT110
    MSVCRT110_amd64
    Narcissu 1st & 2nd
    NeoplePlugin
    Nexon Game Manager
    NirSoft BlueScreenView
    NVIDIA PhysX
    NVIDIA PhysX (Legacy)
    Open Broadcaster Software
    Origin
    Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Portugues (Brasil)
    Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Portugues (Brasil)
    Pando Media Booster
    PC DUAL SHOCK
    Photo Common
    Photo Gallery
    PunkBuster Services
    Realtek Ethernet Controller Driver
    Realtek High Definition Audio Driver
    Receitanet
    Revo Uninstaller 1.95
    RPG 2ic
    Skype? 6.16
    Software basico do dispositivo HP Deskjet 1050 J410 series
    Steam
    Theme Hospital
    To the Moon
    Tomb Raider
    Tunngle beta
    Tweaking.com - Windows Repair (All in One)
    Ultima Online: Mondain's Legacy
    Unity Web Player
    Velvet Assassin
    Vindictus
    VLC media player 2.1.3
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    WinRAR 4.20 (64-bit)
    WTFast 3.2
    XSplit
    μTorrent
    .
    ==== End Of File ===========================



    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16866
    Run by Konishi at 21:38:26 on 2014-07-13
    Microsoft Windows 7 Ultimate 6.1.7601.1.932.81.1046.18.4094.816 [GMT -3:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k apphost
    C:\Windows\system32\inetsrv\inetinfo.exe
    C:\Windows\system32\mqsvc.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k iissvcs
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\AVAST Software\Avast\avastui.exe
    C:\Windows\system32\mqtgsvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://df.nexon.com
    uSearchAssistant = hxxp://www.google.com
    BHO: Auxiliar de Conexao de Conta da Microsoft: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    uPolicies-Explorer: NoDrives = dword:0
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:181
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    mPolicies-System: SynchronousUserGroupPolicy = dword:0
    mPolicies-System: SynchronousMachineGroupPolicy = dword:0
    mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:1
    TCP: NameServer = 192.168.1.1 192.168.1.1
    TCP: Interfaces\{62CD1D53-5700-4E8C-94E5-90D084F3E76C} : DHCPNameServer = 7.254.254.254
    TCP: Interfaces\{981F0BBA-5349-4220-96D0-D0C6278E59FF} : DHCPNameServer = 192.168.1.1 192.168.1.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [MsmqIntCert] regsvr32 /s mqrt.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Konishi\AppData\Roaming\Mozilla\Firefox\Profiles\te4j8cam.default\
    FF - prefs.js: browser.startup.homepage - www.google.com
    FF - prefs.js: network.proxy.ftp - serv1.internet-proxy.eu
    FF - prefs.js: network.proxy.ftp_port - 7891
    FF - prefs.js: network.proxy.http - serv1.internet-proxy.eu
    FF - prefs.js: network.proxy.http_port - 7891
    FF - prefs.js: network.proxy.socks - serv1.internet-proxy.eu
    FF - prefs.js: network.proxy.socks_port - 7891
    FF - prefs.js: network.proxy.ssl - serv1.internet-proxy.eu
    FF - prefs.js: network.proxy.ssl_port - 7891
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\conflict_524\npaosmgr.dll
    FF - plugin: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll
    FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll
    FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll
    FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
    FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\NeoplePlugin\npNeopleGameInstaller.dll
    FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
    FF - plugin: C:\Users\Konishi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: plugin.default.state - 2
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-10-13 65776]
    R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-10-13 224896]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2013-10-13 1041168]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-10-13 427360]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-5-30 283200]
    R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-9 29208]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-10-13 79184]
    R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-5-9 92008]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-5-9 50344]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-13 1809720]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-13 860472]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-13 25816]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-13 122584]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-13 63704]
    R3 Mkd2Nadr;Mkd2Nadr;C:\Windows\System32\drivers\Mkd2Nadr.sys [2013-6-1 112888]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-3 565352]
    R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2013-5-10 31232]
    RUnknown szkg5;szkg5; [x]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
    S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-1-10 49152]
    S3 DirectIP;DirectIP;C:\Users\Konishi\AppData\Local\Temp\Rar$EXa0.243\DirectIP\DirectIP.exe --> C:\Users\Konishi\AppData\Local\Temp\Rar$EXa0.243\DirectIP\DirectIP.exe [?]
    S3 Mkd2Bthf;Mkd2Bthf;C:\Windows\System32\drivers\Mkd2BthF.sys [2013-6-1 98104]
    S3 Mkd3kfNt;Mkd3kfNt;C:\Windows\System32\drivers\mkd3kfnt.sys [2013-6-1 169720]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-3 19456]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-8 56832]
    S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-5-10 754584]
    S3 WatAdminSvc;Servico de Tecnologias de Ativacao do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-3 1255736]
    S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 238080]
    SUnknown is3srv;is3srv; [x]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
    .
    =============== Created Last 30 ================
    .
    2014-07-13 21:13:43 -------- d-----w- C:\Users\Konishi\AppData\Local\FalloutNV
    2014-07-13 07:40:03 43152 ----a-w- C:\Windows\avastSS.scr
    2014-07-13 07:04:53 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2014-07-13 07:04:32 -------- d-----w- C:\Program Files (x86)\NOIR
    2014-07-13 07:04:19 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2014-07-13 07:04:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-07-11 02:44:43 -------- d-----w- C:\Windows\81C42533F5A846CE9013ECF783A4CBD4.TMP
    2014-07-08 18:46:55 315392 ----a-w- C:\Windows\SysWow64\DirectIP.dll
    2014-07-08 18:03:35 -------- d-----w- C:\Program Files\Proxy Labs
    2014-07-07 01:37:59 -------- d-----w- C:\Users\Konishi\AppData\Local\AAA_Internet_Publishing,_
    2014-07-07 01:37:34 79464 ----a-w- C:\Windows\System32\WTFastDrv.dll
    2014-07-07 01:37:34 72296 ----a-w- C:\Windows\SysWow64\WTFastDrv.dll
    2014-07-07 01:37:33 -------- d-----w- C:\Program Files (x86)\WTFast
    2014-07-06 19:05:12 380416 ----a-w- C:\Windows\System32\sbcrreag.dll
    2014-07-06 19:01:30 331776 ----a-w- C:\Windows\SysWow64\sbcrreag.dll
    2014-07-06 16:43:31 -------- d-----w- C:\ProgramData\Nexon
    2014-07-06 03:14:20 -------- d-----w- C:\Program Files (x86)\BandiMPEG1
    2014-07-06 03:05:44 -------- d-----w- C:\Nexon
    2014-07-06 02:46:38 -------- d-----w- C:\ProgramData\NexonUS
    2014-06-27 03:01:58 -------- d-----w- C:\Users\Konishi\AppData\Roaming\Siggy Holiday - Freebird Games
    2014-06-24 20:41:47 -------- d-----w- C:\Users\Konishi\AppData\Roaming\To the Moon - Freebird Games
    2014-06-17 23:36:34 -------- d-----w- C:\Program Files (x86)\Razor
    2014-06-16 13:58:12 -------- d-----w- C:\Users\Konishi\AppData\Roaming\Razor
    2014-06-14 22:14:06 -------- d-----w- C:\Program Files (x86)\EA Games
    .
    ==================== Find3M ====================
    .
    2014-07-13 07:40:04 92008 ----a-w- C:\Windows\System32\drivers\aswstm.sys
    2014-07-13 07:40:04 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2014-07-13 07:40:04 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
    2014-07-13 07:40:04 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
    2014-07-13 07:40:04 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
    2014-07-13 07:40:04 1041168 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
    2014-07-13 07:40:03 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2014-07-12 17:31:37 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-07-12 17:31:37 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-05-12 10:26:00 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2014-05-12 10:25:56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2014-04-29 20:58:05 21504 ----a-w- C:\Windows\jestertb.dll
    .
    ============= FINISH: 21:39:59,57 ===============
  2. Superdave1941

    Superdave1941 Malware Helper Posts: 147

    Hello and welcome to TechSpot.com My name is Dave. I will be helping you out with your particular problem on your computer.
    1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
    2. The fixes are specific to your problem and should only be used for this issue on this machine.
    3. If you don't know or understand something, please don't hesitate to ask.
    4. Please DO NOT run any other tools or scans while I am helping you.
    5. It is important that you reply to this thread. Do not start a new topic.
    6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
    7. Absence of symptoms does not mean that everything is clear.
    If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
    *************************************************************************
    P2P - I see you have P2P software installed on your machine. (µTorrent) We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.
    Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
    I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
    *********************************************
    Please download AdwCleaner by Xplode onto your Desktop.
    Before starting AdwCleaner, close all open programs and internet browsers, then double-click on the AdwCleaner icon.
    [​IMG]
    If Windows prompts you as to whether or not you wish to run AdwCleaner, please allow it to run.
    When the AdwCleaner program will open, click on the Scan button as shown below.
    [​IMG]
    AdwCleaner will now start to search for malicious files that may be installed on your computer.
    To remove the files that were detected in the previous step, please click on the Clean button.
    [​IMG]
    AdwCleaner will now prompt you to save any open files or data as the program will need to reboot the computer. Please do so and then click on the OK button. AdwCleaner will now delete all detected adware from your computer. When it is done it will display an alert that explains what PUPs (Potentially Unwanted Programs) and Adware are. Please read through this information and then press the OK button. You will now be presented with an alert that states AdwCleaner needs to reboot your computer.
    Please click on the OK button to allow AdwCleaner reboot your computer.A log will be produced. Please copy and paste this log in your next reply.
    *********************************************
    Malwarebytes' Anti-Rootkit
    Please download Malwarebytes' Anti-Rootkit and save it to your desktop.
    • Be sure to print out and follow the instructions provided on that same page for performing a scan.
    • Caution: This is a beta version so also read the disclaimer and back up all your data before using.
    • When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
    • Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
    • Copy and paste the contents of these two log files in your next reply.
    *************************************************
    Please download Junkware Removal Tool to your desktop.
    Warning! Once the scan is complete JRT will shut down your browser with NO warning.
    Shut down your protection software now to avoid potential conflicts.
    •Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
    •Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator
    •The tool will open and start scanning your system.
    •Please be patient as this can take a while to complete depending on your system's specifications.
    •On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    •Copy and Paste the JRT.txt log into your next message.
  3. Konishi

    Konishi Newcomer, in training Topic Starter Posts: 94

    # AdwCleaner v3.215 - Relatorio criado 15/07/2014 as 15:22:15
    # Atualizado 09/07/2014 por Xplode
    # Sistema Operacional : Windows 7 Ultimate Service Pack 1 (64 bits)
    # Usuario : Konishi - KONISHI-PC
    # Executando de : C:\Users\Konishi\Desktop\adwcleaner_3.215.exe
    # Opcao : Limpar

    ***** [ Servicos ] *****


    ***** [ Arquivos / Pastas ] *****

    Arquivo Deletada : C:\Users\Konishi\AppData\Roaming\Mozilla\Firefox\Profiles\te4j8cam.default\user.js

    ***** [ Atalhos ] *****

    Atalho Desinfectada : C:\Users\Konishi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
    Atalho Desinfectada : C:\Users\Konishi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk

    ***** [ Registro ] *****


    ***** [ Navegadores ] *****

    -\\ Internet Explorer v10.0.9200.16866


    -\\ Mozilla Firefox v30.0 (pt-BR)

    [ Arquivo : C:\Users\Konishi\AppData\Roaming\Mozilla\Firefox\Profiles\te4j8cam.default\prefs.js ]


    -\\ Google Chrome v35.0.1916.153

    [ Arquivo : C:\Users\Konishi\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Deletedo [Search Provider] : hxxp://br.ask.com/web?q={searchTerms}

    *************************

    AdwCleaner[R1].txt - [1643 octets] - [15/07/2014 15:19:09]
    AdwCleaner[S1].txt - [1253 octets] - [15/07/2014 15:22:15]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1313 octets] ##########

    Malwarebytes Anti-Rootkit BETA 1.07.0.1012
    www.malwarebytes.org

    Database version: v2014.07.15.10

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16866
    Konishi :: KONISHI-PC [administrator]

    15/07/2014 15:30:41
    mbar-log-2014-07-15 (15-30-41).txt

    Scan type: Quick scan
    Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
    Scan options disabled:
    Objects scanned: 315060
    Time elapsed: 10 minute(s), 22 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    Physical Sectors Detected: 0
    (No malicious items detected)

    (end)

    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.07.0.1012

    (c) Malwarebytes Corporation 2011-2012

    OS version: 6.1.7601 Windows 7 Service Pack 1 x64

    Account is Administrative

    Internet Explorer version: 10.0.9200.16866

    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED
    CPU speed: 2.611000 GHz
    Memory total: 4292403200, free: 3002593280

    Downloaded database version: v2014.07.15.10
    Downloaded database version: v2014.07.14.01
    =======================================
    Initializing...
    ------------ Kernel report ------------
    07/15/2014 15:30:29
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_AuthenticAMD.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\system32\drivers\pciide.sys
    \SystemRoot\system32\drivers\PCIIDEX.SYS
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\drivers\vmbus.sys
    \SystemRoot\system32\drivers\winhv.sys
    \SystemRoot\system32\drivers\atapi.sys
    \SystemRoot\system32\drivers\ataport.SYS
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\vmstorfl.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\System32\Drivers\spldr.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\DRIVERS\disk.sys
    \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
    \SystemRoot\System32\Drivers\aswVmm.sys
    \SystemRoot\System32\Drivers\aswRvrt.sys
    \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
    \SystemRoot\system32\DRIVERS\cdrom.sys
    \SystemRoot\system32\drivers\aswSnx.sys
    \SystemRoot\system32\drivers\aswSP.sys
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\DRIVERS\RDPCDD.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\system32\drivers\rdprefmp.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\system32\drivers\aswRdr2.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\serial.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\drivers\termdd.sys
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\system32\drivers\mssmbios.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\system32\drivers\csc.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\blbdrive.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\DRIVERS\amdppm.sys
    \SystemRoot\system32\drivers\wmiacpi.sys
    \SystemRoot\system32\DRIVERS\atikmpag.sys
    \SystemRoot\system32\DRIVERS\atikmdag.sys
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\system32\DRIVERS\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\Rt64win7.sys
    \SystemRoot\system32\DRIVERS\usbohci.sys
    \SystemRoot\system32\DRIVERS\USBPORT.SYS
    \SystemRoot\system32\DRIVERS\usbehci.sys
    \SystemRoot\system32\DRIVERS\serenum.sys
    \SystemRoot\system32\drivers\i8042prt.sys
    \SystemRoot\system32\drivers\kbdclass.sys
    \SystemRoot\system32\drivers\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\tap0901t.sys
    \SystemRoot\system32\DRIVERS\rdpbus.sys
    \SystemRoot\system32\DRIVERS\mouclass.sys
    \SystemRoot\system32\drivers\swenum.sys
    \SystemRoot\system32\drivers\ks.sys
    \SystemRoot\system32\DRIVERS\umbus.sys
    \SystemRoot\system32\DRIVERS\usbhub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\system32\drivers\HdAudio.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\drivers\RTKVHD64.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\system32\DRIVERS\xusb21.sys
    \SystemRoot\system32\DRIVERS\hidusb.sys
    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    \SystemRoot\system32\DRIVERS\USBD.SYS
    \SystemRoot\system32\DRIVERS\usbccgp.sys
    \SystemRoot\system32\drivers\Mkd2Nadr.sys
    \SystemRoot\system32\DRIVERS\mouhid.sys
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_dumpata.sys
    \SystemRoot\System32\Drivers\dump_atapi.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\system32\drivers\luafv.sys
    \SystemRoot\system32\drivers\aswMonFlt.sys
    \??\C:\Windows\system32\drivers\mbam.sys
    \SystemRoot\system32\DRIVERS\RMCAST.sys
    \SystemRoot\system32\drivers\aswStm.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\drivers\aswHwid.sys
    \SystemRoot\system32\drivers\mqac.sys
    \SystemRoot\system32\drivers\peauth.sys
    \SystemRoot\System32\Drivers\secdrv.SYS
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \SystemRoot\system32\DRIVERS\cdfs.sys
    \SystemRoot\system32\drivers\spsys.sys
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    \Windows\System32\autochk.exe
    \Windows\System32\difxapi.dll
    \Windows\System32\clbcatq.dll
    \Windows\System32\wininet.dll
    \Windows\System32\msctf.dll
    \Windows\System32\gdi32.dll
    \Windows\System32\imm32.dll
    \Windows\System32\psapi.dll
    \Windows\System32\iertutil.dll
    \Windows\System32\rpcrt4.dll
    \Windows\System32\Wldap32.dll
    \Windows\System32\shlwapi.dll
    \Windows\System32\ole32.dll
    \Windows\System32\normaliz.dll
    \Windows\System32\nsi.dll
    \Windows\System32\ws2_32.dll
    \Windows\System32\usp10.dll
    \Windows\System32\lpk.dll
    \Windows\System32\oleaut32.dll
    \Windows\System32\sechost.dll
    \Windows\System32\kernel32.dll
    \Windows\System32\advapi32.dll
    \Windows\System32\setupapi.dll
    \Windows\System32\shell32.dll
    \Windows\System32\urlmon.dll
    \Windows\System32\msvcrt.dll
    \Windows\System32\user32.dll
    \Windows\System32\imagehlp.dll
    \Windows\System32\comdlg32.dll
    \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
    \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    \Windows\System32\KernelBase.dll
    \Windows\System32\wintrust.dll
    \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
    \Windows\System32\comctl32.dll
    \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    \Windows\System32\cfgmgr32.dll
    \Windows\System32\crypt32.dll
    \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
    \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    \Windows\System32\devobj.dll
    \Windows\System32\userenv.dll
    \Windows\System32\profapi.dll
    \Windows\System32\msasn1.dll
    ----------- End -----------
    Done!
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xfffffa8004a3b060
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
    Lower Device Object: 0xfffffa8004457060
    Lower Device Driver Name: \Driver\atapi\
    <<<2>>>
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa8004a3b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa8004a3bab0, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8004a3b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa8004455520, DeviceName: Unknown, DriverName: \Driver\ACPI\
    DevicePointer: 0xfffffa8004457060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
    ------------ End ----------
    Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    Upper DeviceData: 0x0, 0x0, 0x0
    Lower DeviceData: 0x0, 0x0, 0x0
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    <<<2>>>
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
    Done!
    Drive 0
    This is a System drive
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 2CA533A6

    Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63 Numsec = 976547840
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is HIDDEN (0x17)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 976549888 Numsec = 204800
    Partition is not bootable
    Hidden partition VBR is not infected.

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Disk Size: 500103634432 bytes
    Sector size: 512 bytes

    Scanning physical sectors of unpartitioned space on drive 0 (1-62-976744911-976764911)...
    Done!
    Scan finished
    =======================================


    Removal queue found; removal started
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-I.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-976549888-I.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
    Removal finished

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.4 (04.06.2014:1)
    OS: Windows 7 Ultimate x64
    Ran by Konishi on 15/07/2014 at 16:16:36,49
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders



    ~~~ FireFox

    Emptied folder: C:\Users\Konishi\AppData\Roaming\mozilla\firefox\profiles\te4j8cam.default\minidumps [113 files]



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 15/07/2014 at 16:24:01,25
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  4. Superdave1941

    Superdave1941 Malware Helper Posts: 147

    I'd like to scan your machine with ESET OnlineScan
    •Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
    •Click the [​IMG] button.
    •For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on [​IMG] to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the [​IMG] icon on your desktop.
    •Check [​IMG]
    •Click the [​IMG] button.
    •Accept any security warnings from your browser.
    • Leave the check mark next to Remove found threats.
    •Check [​IMG]
    •Push the Start button.
    •ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    •When the scan completes, push [​IMG]
    •Push [​IMG], and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    •Push the [​IMG] button.
    •Push [​IMG]
    A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt
  5. Konishi

    Konishi Newcomer, in training Topic Starter Posts: 94

    I scanned my computer but it restarted before I could create the log. In the first scan it found some threads, like 5 or 6, howerever I scanned again and it not found any threads and no logs.
  6. Superdave1941

    Superdave1941 Malware Helper Posts: 147

    That's because the infections were cleaned on the first run. How's your computer running? Any other issues?
  7. Konishi

    Konishi Newcomer, in training Topic Starter Posts: 94

    My browsers still kinda slow, but my computer seems better now.
  8. Superdave1941

    Superdave1941 Malware Helper Posts: 147

    This could be the fault of your ISP. You can test your ISP speed with this.
    Here's the site to test your ISP speed.
    Please let me know the results of the test. What browser are you using?
  9. Konishi

    Konishi Newcomer, in training Topic Starter Posts: 94

  10. Superdave1941

    Superdave1941 Malware Helper Posts: 147

    And the results of the speed test?


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.