Inactive Office not connecting, all apps incredibly slow

Status
Not open for further replies.
dallasazcat

dallasazcat

I found this site thanks to malware found on my computer. Out of nowhere Outlook will not open/connect and all applications are incredibly slow. Here are my logs:

RogueKiller V8.6.11 _x64_ [Sep 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : kconway [Admin rights]
Mode : Scan -- Date : 09/17/2013 18:13:32
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ROC_ROC_APR2013_AV (C:\Users\kconway\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid d07c77e4b70b47d39c3ed19299c8f66c-ea06bbab520c9da7a76c7cef37b583eb44c102bf --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x][x][x][x]) -> FOUND
[RUN][SUSP PATH] HKCU\[...]\Run : AVG-Secure-Search-Update_0913a (C:\Users\kconway\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid d07c77e4b70b47d39c3ed19299c8f66c-ea06bbab520c9da7a76c7cef37b583eb44c102bf --CMPID 0913a [x][x][x]) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-2171718755-3811931943-4235911742-4726\[...]\Run : ROC_ROC_APR2013_AV (C:\Users\kconway\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid d07c77e4b70b47d39c3ed19299c8f66c-ea06bbab520c9da7a76c7cef37b583eb44c102bf --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x][x][x][x]) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-2171718755-3811931943-4235911742-4726\[...]\Run : AVG-Secure-Search-Update_0913a (C:\Users\kconway\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid d07c77e4b70b47d39c3ed19299c8f66c-ea06bbab520c9da7a76c7cef37b583eb44c102bf --CMPID 0913a [x][x][x]) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][SUSP PATH] IHUninstallTrackingTASK : CMD - /C DEL C:\Users\kconway\AppData\Local\Temp\IHU80E5.tmp.exe [x][x] -> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: LITEONIT LMT-256M3M +++++
--- User ---
[MBR] d578cebb25d9888cf0e089516d675f6c
[BSP] ea898adc716292fc4c68a6fc82bfb76e : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 12042 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 24743936 | Size: 223917 Mo
3 - [XXXXXX] OS/2-HIBER (0x84) [HIDDEN!] Offset (sectors): 483325952 | Size: 8198 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_09172013_181332.txt >>



RogueKiller V8.6.11 _x64_ [Sep 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : kconway [Admin rights]
Mode : Remove -- Date : 09/17/2013 18:14:17
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ROC_ROC_APR2013_AV (C:\Users\kconway\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid d07c77e4b70b47d39c3ed19299c8f66c-ea06bbab520c9da7a76c7cef37b583eb44c102bf --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x][x][x][x]) -> DELETED
[RUN][SUSP PATH] HKCU\[...]\Run : AVG-Secure-Search-Update_0913a (C:\Users\kconway\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid d07c77e4b70b47d39c3ed19299c8f66c-ea06bbab520c9da7a76c7cef37b583eb44c102bf --CMPID 0913a [x][x][x]) -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-21-2171718755-3811931943-4235911742-4726\[...]\Run : ROC_ROC_APR2013_AV (C:\Users\kconway\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid d07c77e4b70b47d39c3ed19299c8f66c-ea06bbab520c9da7a76c7cef37b583eb44c102bf --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x][x][x][x]) -> [0x2] The system cannot find the file specified.
[RUN][SUSP PATH] HKUS\S-1-5-21-2171718755-3811931943-4235911742-4726\[...]\Run : AVG-Secure-Search-Update_0913a (C:\Users\kconway\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid d07c77e4b70b47d39c3ed19299c8f66c-ea06bbab520c9da7a76c7cef37b583eb44c102bf --CMPID 0913a [x][x][x]) -> [0x2] The system cannot find the file specified.
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][SUSP PATH] IHUninstallTrackingTASK : CMD - /C DEL C:\Users\kconway\AppData\Local\Temp\IHU80E5.tmp.exe [x][x] -> DELETED

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: LITEONIT LMT-256M3M +++++
--- User ---
[MBR] d578cebb25d9888cf0e089516d675f6c
[BSP] ea898adc716292fc4c68a6fc82bfb76e : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 12042 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 24743936 | Size: 223917 Mo
3 - [XXXXXX] OS/2-HIBER (0x84) [HIDDEN!] Offset (sectors): 483325952 | Size: 8198 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_09172013_181417.txt >>
RKreport[0]_S_09172013_181332.txt


Any idea or tips please?
 
I should have mentioned I also ran Malwarebytes and it said no Malware was found. The Microsoft error when logging into Outlook said "unable to start subscription service for Microsoft Office cannot be started"
 
Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Thank you for your feedback. I believe the two steps I took have worked as my computer is magically working again. If you see anything in the logs I previously posted that I should be concerned about, please let me know. Thank you for being such a fantastic resource!
 
I'm glad to hear good news but it's not the way we do things around here.
Please re-read my previous reply.
 
Status
Not open for further replies.

Similar threads

P
Sony Vaio VGN-NW240F Not staying connected to WiFi
Replies
1
Views
1K
PakseFrustration
P
N
Solved The specified service does not exist as an installed service
2
Replies
43
Views
13K
Broni
Broni
Kaelkitty
Solved Two problems: tinny music everyday at 4pm, AND a scareware pop-up
2
Replies
45
Views
5K
Broni
Broni

Latest posts

Back