Solved Computer slower than normal

[Winterblizzard]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-12-2014 01
Ran by Cole at 2014-12-09 15:21:23 Run:1
Running from C:\Users\Cole\Desktop\FixlistandFRST64
Loaded Profile: Cole (Available profiles: Cole)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1563641593-1657672194-2611614249-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
Toolbar: HKU\S-1-5-21-1563641593-1657672194-2611614249-1001 -> No Name - {5F0DB9C6-EF49-4748-A75D-FAD76538734C} - No File
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
C:\ProgramData\hash.dat
C:\Users\Cole\AppData\Local\temp\Quarantine.exe
C:\Users\Cole\AppData\Local\temp\sqlite3.dll


*****************

"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-1563641593-1657672194-2611614249-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKU\S-1-5-21-1563641593-1657672194-2611614249-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5F0DB9C6-EF49-4748-A75D-FAD76538734C} => value deleted successfully.
"HKCR\CLSID\{5F0DB9C6-EF49-4748-A75D-FAD76538734C}" => Key not found.
catchme => Service deleted successfully.
EagleX64 => Service deleted successfully.
VBoxNetFlt => Service deleted successfully.
X6va012 => Service deleted successfully.
C:\ProgramData\hash.dat => Moved successfully.
C:\Users\Cole\AppData\Local\temp\Quarantine.exe => Moved successfully.
C:\Users\Cole\AppData\Local\temp\sqlite3.dll => Moved successfully.

==== End of Fixlog ====

 

[Broni]

Last scans...

Download Security Check from here or here and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

Download Sophos Free Virus Removal Tool and save it to your desktop.

• Double click the icon and select Run
• Click Next
• Select I accept the terms in this license agreement, then click Next twice
• Click Install
• Click Finish to launch the program
• Once the virus database has been updated click Start Scanning
• If any threats are found click Details, then View log file... (bottom left hand corner)
• Copy and paste the results in your reply
• Close the Notepad document, close the Threat Details screen, then click Start cleanup
• Click Exit to close the program

 

[Winterblizzard]

Results of screen317's Security Check version 0.99.92
x64 (UAC is enabled)
Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 71
Visual Studio Extensions for Windows Library for JavaScript
JavaScript Tooling
Adobe Flash Player 15.0.0.246
Adobe Reader XI
Google Chrome 33.0.1750.154 Google Chrome out of date!
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast setup instup.exe
AVAST Software Avast ng ngservice.exe
AVAST Software Avast avastui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

 

[Winterblizzard]

Farbar Service Scanner Version: 21-07-2014
Ran by Cole (administrator) on 10-12-2014 at 17:02:16
Running from "C:\Users\Cole\Desktop"
Microsoft Windows 8 Pro (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

 

[Broni]

Sophos?

 

[Winterblizzard]

Sorry, its taking a real long time to scan, 2 or 3 hours and barely got anything scanned.
I'll have to hope it gets done over-night.

 

[Broni]

No problem

 

[Winterblizzard]

2014-12-10 22:55:24.260 Sophos Virus Removal Tool version 2.5.4
2014-12-10 22:55:24.260 Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2014-12-10 22:55:24.260 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2014-12-10 22:55:24.261 Windows version 6.2 SP 0.0 build 9200 SM=0x100 PT=0x1 WOW64
2014-12-10 22:55:24.261 Checking for updates...
2014-12-10 22:55:24.400 Update progress: proxy server not available
2014-12-10 22:55:47.579 Downloading updates...
2014-12-10 22:55:47.583 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
2014-12-10 22:55:47.583 Update progress: [I49502] Found supplement SAVIW32 LATEST
2014-12-10 22:55:47.583 Update progress: [I49502] Found supplement IDE509 LATEST
2014-12-10 22:55:47.583 Update progress: [I49502] Found supplement IDE510 LATEST
2014-12-10 22:55:47.583 Update progress: [I49502] Found supplement IDE511 LATEST
2014-12-10 22:55:47.584 Update progress: [I49502] Found supplement IDE512 LATEST
2014-12-10 22:55:47.584 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2014-12-10 22:55:47.584 Update progress: [I19463] Syncing product SAVIW32 48
2014-12-10 22:55:53.459 Update progress: [I19463] Syncing product IDE509 177
2014-12-10 22:55:56.250 Update progress: [I19463] Syncing product IDE510 179
2014-12-10 22:55:56.250 Update progress: [I19463] Syncing product IDE511 17
2014-12-10 22:55:56.775 Installing updates...
2014-12-10 22:56:01.640 Option all = no
2014-12-10 22:56:06.906 Option recurse = yes
2014-12-10 22:56:06.906 Option archive = no
2014-12-10 22:56:06.907 Option service = yes
2014-12-10 22:56:06.907 Option confirm = yes
2014-12-10 22:56:06.908 Option sxl = yes
2014-12-10 22:56:06.910 Option max-data-age = 35
2014-12-10 22:56:06.910 Option EnableSafeClean = yes
2014-12-10 22:56:06.910 Option vdl-logging = yes
2014-12-10 22:56:06.910 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2014-12-10 22:56:06.910 Machine ID: d83665cfc9f242bdb413a6b01e9e96fd
2014-12-10 22:56:06.911 Component SVRTcli.exe version 2.5.4
2014-12-10 22:56:06.911 Component control.dll version 2.5.4
2014-12-10 22:56:06.911 Component SVRTservice.exe version 2.5.4
2014-12-10 22:56:06.912 Component engine\osdp.dll version 1.44.1.2183
2014-12-10 22:56:06.912 Component engine\veex.dll version 3.58.3.2183
2014-12-10 22:56:06.912 Component engine\savi.dll version 8.1.5.2183
2014-12-10 22:56:06.912 Component rkdisk.dll version 1.5.30.0
2014-12-10 22:56:06.912 Version info: Product version 2.5.4
2014-12-10 22:56:06.913 Version info: Detection engine 3.58.3
2014-12-10 22:56:06.913 Version info: Detection data 5.08
2014-12-10 22:56:06.913 Version info: Build date 11/11/2014
2014-12-10 22:56:06.913 Version info: Data files added 369
2014-12-10 22:56:06.913 Version info: Last successful update (not yet updated)
2014-12-10 22:56:06.914 Error level 1
2014-12-10 22:56:07.023 Update progress: [I19463] Syncing product IDE512 1
2014-12-10 22:56:39.085 Update successful
2014-12-10 22:57:11.190 Option all = no
2014-12-10 22:57:11.190 Option recurse = yes
2014-12-10 22:57:11.190 Option archive = no
2014-12-10 22:57:11.190 Option service = yes
2014-12-10 22:57:11.190 Option confirm = yes
2014-12-10 22:57:11.190 Option sxl = yes
2014-12-10 22:57:11.196 Option max-data-age = 35
2014-12-10 22:57:11.196 Option EnableSafeClean = yes
2014-12-10 22:57:12.482 Option vdl-logging = yes
2014-12-10 22:57:12.502 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2014-12-10 22:57:12.502 Machine ID: d83665cfc9f242bdb413a6b01e9e96fd
2014-12-10 22:57:12.508 Component SVRTcli.exe version 2.5.4
2014-12-10 22:57:12.510 Component control.dll version 2.5.4
2014-12-10 22:57:12.513 Component SVRTservice.exe version 2.5.4
2014-12-10 22:57:12.514 Component engine\osdp.dll version 1.44.1.2183
2014-12-10 22:57:12.515 Component engine\veex.dll version 3.58.3.2183
2014-12-10 22:57:12.516 Component engine\savi.dll version 8.1.5.2183
2014-12-10 22:57:12.519 Component rkdisk.dll version 1.5.30.0
2014-12-10 22:57:12.520 Version info: Product version 2.5.4
2014-12-10 22:57:12.529 Version info: Detection engine 3.58.3
2014-12-10 22:57:12.529 Version info: Detection data 5.08G
2014-12-10 22:57:12.529 Version info: Build date 11/11/2014
2014-12-10 22:57:12.529 Version info: Data files added 370
2014-12-10 22:57:12.529 Version info: Last successful update 12/10/2014 5:56:39 PM

2014-12-11 01:21:10.597 SafeClean bin directory is empty.
2014-12-11 01:21:10.629 Error level 0

2014-12-11 01:21:10.660 Scan cancelled by user.
2014-12-11 01:21:10.660

------------------------------------------------------------

2014-12-11 01:22:24.350 Sophos Virus Removal Tool version 2.5.4
2014-12-11 01:22:24.350 Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2014-12-11 01:22:24.350 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2014-12-11 01:22:24.351 Windows version 6.2 SP 0.0 build 9200 SM=0x100 PT=0x1 WOW64
2014-12-11 01:22:24.355 Checking for updates...
2014-12-11 01:22:27.654 Update progress: proxy server not available
2014-12-11 01:22:50.380 Option all = no
2014-12-11 01:22:50.380 Option recurse = yes
2014-12-11 01:22:50.380 Option archive = no
2014-12-11 01:22:50.380 Option service = yes
2014-12-11 01:22:50.380 Option confirm = yes
2014-12-11 01:22:50.380 Option sxl = yes
2014-12-11 01:22:50.395 Option max-data-age = 35
2014-12-11 01:22:50.395 Option EnableSafeClean = yes
2014-12-11 01:22:51.347 Option vdl-logging = yes
2014-12-11 01:22:51.347 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2014-12-11 01:22:51.347 Machine ID: d83665cfc9f242bdb413a6b01e9e96fd
2014-12-11 01:22:51.472 Component SVRTcli.exe version 2.5.4
2014-12-11 01:22:51.472 Component control.dll version 2.5.4
2014-12-11 01:22:51.472 Component SVRTservice.exe version 2.5.4
2014-12-11 01:22:51.472 Component engine\osdp.dll version 1.44.1.2183
2014-12-11 01:22:51.472 Component engine\veex.dll version 3.58.3.2183
2014-12-11 01:22:51.472 Component engine\savi.dll version 8.1.5.2183
2014-12-11 01:22:51.519 Component rkdisk.dll version 1.5.30.0
2014-12-11 01:22:51.519 Version info: Product version 2.5.4
2014-12-11 01:22:51.519 Version info: Detection engine 3.58.3
2014-12-11 01:22:51.519 Version info: Detection data 5.08G
2014-12-11 01:22:51.519 Version info: Build date 11/11/2014
2014-12-11 01:22:51.519 Version info: Data files added 370
2014-12-11 01:22:51.519 Version info: Last successful update 12/10/2014 5:56:39 PM
2014-12-11 01:22:54.139 Downloading updates...
2014-12-11 01:22:54.139 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
2014-12-11 01:22:54.139 Update progress: [I49502] Found supplement SAVIW32 LATEST
2014-12-11 01:22:54.139 Update progress: [I49502] Found supplement IDE509 LATEST
2014-12-11 01:22:54.139 Update progress: [I49502] Found supplement IDE510 LATEST
2014-12-11 01:22:54.139 Update progress: [I49502] Found supplement IDE511 LATEST
2014-12-11 01:22:54.139 Update progress: [I49502] Found supplement IDE512 LATEST
2014-12-11 01:22:54.139 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2014-12-11 01:22:54.139 Update progress: [I19463] Syncing product SAVIW32 48
2014-12-11 01:22:54.155 Update progress: [I19463] Syncing product IDE509 177
2014-12-11 01:22:58.570 Update progress: [I19463] Syncing product IDE510 179
2014-12-11 01:22:58.570 Update progress: [I19463] Syncing product IDE511 18
2014-12-11 01:22:58.866 Installing updates...
2014-12-11 01:22:59.912 Error level 1
2014-12-11 01:23:00.785 Update progress: [I19463] Syncing product IDE512 1
2014-12-11 01:23:00.910 Update successful
2014-12-11 01:23:22.516 Option all = no
2014-12-11 01:23:22.516 Option recurse = yes
2014-12-11 01:23:22.516 Option archive = no
2014-12-11 01:23:22.516 Option service = yes
2014-12-11 01:23:22.516 Option confirm = yes
2014-12-11 01:23:22.516 Option sxl = yes
2014-12-11 01:23:22.516 Option max-data-age = 35
2014-12-11 01:23:22.516 Option EnableSafeClean = yes
2014-12-11 01:23:23.468 Option vdl-logging = yes
2014-12-11 01:23:23.483 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2014-12-11 01:23:23.483 Machine ID: d83665cfc9f242bdb413a6b01e9e96fd
2014-12-11 01:23:23.483 Component SVRTcli.exe version 2.5.4
2014-12-11 01:23:23.483 Component control.dll version 2.5.4
2014-12-11 01:23:23.483 Component SVRTservice.exe version 2.5.4
2014-12-11 01:23:23.483 Component engine\osdp.dll version 1.44.1.2183
2014-12-11 01:23:23.483 Component engine\veex.dll version 3.58.3.2183
2014-12-11 01:23:23.483 Component engine\savi.dll version 8.1.5.2183
2014-12-11 01:23:23.499 Component rkdisk.dll version 1.5.30.0
2014-12-11 01:23:23.499 Version info: Product version 2.5.4
2014-12-11 01:23:23.499 Version info: Detection engine 3.58.3
2014-12-11 01:23:23.499 Version info: Detection data 5.08G
2014-12-11 01:23:23.499 Version info: Build date 11/11/2014
2014-12-11 01:23:23.499 Version info: Data files added 371
2014-12-11 01:23:23.499 Version info: Last successful update 12/10/2014 8:23:00 PM

2014-12-11 01:23:44.312 SafeClean bin directory is empty.
2014-12-11 01:23:44.312 Error level 0

2014-12-11 01:23:44.315 Scan cancelled by user.
2014-12-11 01:23:44.315

------------------------------------------------------------

2014-12-11 02:48:05.296 Sophos Virus Removal Tool version 2.5.4
2014-12-11 02:48:05.297 Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2014-12-11 02:48:05.297 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2014-12-11 02:48:05.297 Windows version 6.2 SP 0.0 build 9200 SM=0x100 PT=0x1 WOW64
2014-12-11 02:48:05.336 Checking for updates...
2014-12-11 02:48:05.394 Update progress: proxy server not available
2014-12-11 02:48:39.547 Update not required
2014-12-11 02:49:09.191 Option all = no
2014-12-11 02:49:09.191 Option recurse = yes
2014-12-11 02:49:09.191 Option archive = no
2014-12-11 02:49:09.191 Option service = yes
2014-12-11 02:49:09.191 Option confirm = yes
2014-12-11 02:49:09.191 Option sxl = yes
2014-12-11 02:49:09.195 Option max-data-age = 35
2014-12-11 02:49:09.195 Option EnableSafeClean = yes
2014-12-11 02:49:11.551 Option vdl-logging = yes
2014-12-11 02:49:11.587 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2014-12-11 02:49:11.587 Machine ID: d83665cfc9f242bdb413a6b01e9e96fd
2014-12-11 02:49:11.607 Component SVRTcli.exe version 2.5.4
2014-12-11 02:49:11.609 Component control.dll version 2.5.4
2014-12-11 02:49:11.610 Component SVRTservice.exe version 2.5.4
2014-12-11 02:49:11.610 Component engine\osdp.dll version 1.44.1.2183
2014-12-11 02:49:11.611 Component engine\veex.dll version 3.58.3.2183
2014-12-11 02:49:11.612 Component engine\savi.dll version 8.1.5.2183
2014-12-11 02:49:11.640 Component rkdisk.dll version 1.5.30.0
2014-12-11 02:49:11.640 Version info: Product version 2.5.4
2014-12-11 02:49:11.641 Version info: Detection engine 3.58.3
2014-12-11 02:49:11.641 Version info: Detection data 5.08G
2014-12-11 02:49:11.641 Version info: Build date 11/11/2014
2014-12-11 02:49:11.642 Version info: Data files added 371
2014-12-11 02:49:11.642 Version info: Last successful update 12/10/2014 8:23:00 PM

2014-12-11 06:32:17.394 Could not open C:\hiberfil.sys
2014-12-11 06:32:18.254 Could not open C:\pagefile.sys
2014-12-11 07:54:20.766 >>> Virus 'Mal/Generic-S' found in file C:\Program Files (x86)\Steam\steamapps\purplecracka\garrysmod\garrysmod\addon\Counter-Strike Source\UltimateNameChanger.exe
2014-12-11 07:54:20.766 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-1563641593-1657672194-2611614249-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2014-12-11 07:54:20.766 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-1563641593-1657672194-2611614249-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2014-12-11 07:54:20.766 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-1563641593-1657672194-2611614249-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208
2014-12-11 07:54:20.766 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-1563641593-1657672194-2611614249-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208
2014-12-11 07:54:20.766 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2014-12-11 12:09:44.322 Could not check C:\ProgramData\Rosetta Stone\Content\data\40\b\40b5881d7757d2029a9168dde5ac5ac7f23add9a (out of memory)
2014-12-11 12:31:00.010 Could not open C:\swapfile.sys
2014-12-11 12:31:00.571 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-11 12:31:00.571 Could not open C:\System Volume Information\{8da630fb-79be-11e4-befc-eca86baead62}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-11 12:31:00.571 Could not open C:\System Volume Information\{bcf74c22-80bd-11e4-bf02-eca86baead62}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-11 12:31:00.587 Could not open C:\System Volume Information\{bd0c4206-7d51-11e4-beff-eca86baead62}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-11 12:31:00.587 Could not open C:\System Volume Information\{cd328a25-7cd6-11e4-befe-eca86baead62}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-11 12:31:00.587 Could not open C:\System Volume Information\{cd328aa7-7cd6-11e4-befe-eca86baead62}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-11 12:31:29.283 Could not open C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Current Session
2014-12-11 12:31:29.283 Could not open C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
2014-12-11 12:31:29.517 Could not check C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK (virus scan failed)
2014-12-11 12:31:30.957 Could not check C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOCK (virus scan failed)
2014-12-11 12:31:32.065 Could not check C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pafkbggdmjlpgkdkcbjmhmfcdpncadgh\LOCK (virus scan failed)
2014-12-11 12:31:39.194 Could not check C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK (virus scan failed)
2014-12-11 12:54:27.852 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2014-12-11 12:54:27.852 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2014-12-11 12:54:32.035 Could not open C:\Windows\System32\config\BBI
2014-12-11 12:54:32.238 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2014-12-11 12:54:32.284 Could not open C:\Windows\System32\config\RegBack\SAM
2014-12-11 12:54:32.331 Could not open C:\Windows\System32\config\RegBack\SECURITY
2014-12-11 12:54:32.378 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2014-12-11 12:54:32.409 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2014-12-11 13:39:18.814 Could not open LOGICAL:0006:00000000
2014-12-11 13:39:18.830 Could not open G:\
2014-12-11 13:39:18.986 Could not open PHYSICAL:0081:0000:0000:0001
2014-12-11 13:39:19.127 The following items will be cleaned up:
2014-12-11 13:39:19.142 Mal/Generic-S

 

[Broni]

Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.

Update your Java version here: https://www.techspot.com/downloads/6463-java-se.html
Alternate download: http://www.java.com/en/download/manual.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.
Note 3: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

===========================================

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download

DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

• Activate UAC (optional; some users prefer to keep it off)
• Remove disinfection tools
• Create registry backup
• Purge System Restore
• Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.

 

[Winterblizzard]

I have some questions, like:
After this cleaning process, a extension called "Adblock" had been infected, and deleted, would it be safe to download it again?
And is it okay if I delete the Malwarebytes Rootkit?

 

[Broni]

Yes to both.

 

[Winterblizzard]

Sorry about not replying.
My computer is running as normally. I see barely a difference from before the incident of those infections.
Thanks for helping me out.

 

[Broni]

Way to go!!
Good luck and stay safe