WiredWX Hobby Weather ToolsLog in

 


descriptionslow pc Emptyslow pc

more_horiz
# AdwCleaner v4.112 - Rapport créé le 20/03/2015 à 10:39:13
# Mis à jour le 09/03/2015 par Xplode
# Base de données : 2015-03-15.1 [Serveur]
# Système d'exploitation : Windows 7 Professional Service Pack 1 (x64)
# Nom d'utilisateur : Claude - CLAUDE-PC
# Exécuté depuis : C:\Users\Claude\Downloads\adwcleaner_4.112 (1).exe
# Option : Scanner

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****


***** [ Tâches planifiées ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****


***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Google Chrome v40.0.2214.111

*************************

AdwCleaner[R0].txt - [5730 octets] - [20/03/2015 09:49:00]
AdwCleaner[R1].txt - [723 octets] - [20/03/2015 10:39:13]
AdwCleaner[S0].txt - [5510 octets] - [20/03/2015 09:53:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [842 octets] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 2015-03-20
Heure de l'examen: 10:01:21
Fichier journal: malware.txt
Administrateur: Oui

Version: 2.01.4.1018
Base de données Malveillants: v2015.03.20.04
Base de données Rootkits: v2015.02.25.01
Licence: Essai
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Auto-protection: Désactivé(e)

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Claude

Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 345359
Temps écoulé: 25 min, 44 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 0
(Aucun élément malicieux détecté)

Modules: 0
(Aucun élément malicieux détecté)

Clés du Registre: 2
PUP.Optional.Multiplug, HKU\S-1-5-21-2735727646-1258469213-3720229703-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [388cda6d0c7e7bbb744d66bde2211be5],
PUP.Optional.Multiplug, HKU\S-1-5-21-2735727646-1258469213-3720229703-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [388cda6d0c7e7bbb744d66bde2211be5],

Valeurs du Registre: 1
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, , [22a2083f9af069cd52416ed3cf369c64]

Données du Registre: 0
(Aucun élément malicieux détecté)

Dossiers: 1
Rogue.Multiple, C:\ProgramData\600440862, , [566e4ef92466c5718e5f80e217ecc838],

Fichiers: 21
PUP.Optional.Multiplug, C:\Users\Claude\AppData\Local\Temp\f1fA59\temp\Crack and Setup.exe, , [388cda6d0c7e7bbb744d66bde2211be5],
PUP.Optional.Multiplug, C:\ProgramData\600440862\BIT582D.tmp, , [2b995aedd7b3d363be7c1915e81ab24e],
PUP.Optional.StormAlert.A, C:\ProgramData\FAXAwbxtwQi\dat\vGbBoanp.exe, , [07bd3413cbbf44f2ec187f80f50c4bb5],
PUP.Optional.Multiplug, C:\$Recycle.Bin\S-1-5-21-2735727646-1258469213-3720229703-1000\$R1OTBCJ\JgC2NoaiZMxhzp.exe, , [1da7c186e4a674c296c54acaf60dec14],
PUP.Optional.Multiplug, C:\$Recycle.Bin\S-1-5-21-2735727646-1258469213-3720229703-1000\$R87NK7S\cDScDcMroivjvB.exe, , [952f9aada3e74fe7a8b3a76da360df21],
PUP.Optional.Multiplug, C:\$Recycle.Bin\S-1-5-21-2735727646-1258469213-3720229703-1000\$RBKH190\easyatosHoap.exe, , [ad1779cef397d85ebba0d3419e65bb45],
PUP.Optional.Multiplug, C:\$Recycle.Bin\S-1-5-21-2735727646-1258469213-3720229703-1000\$RCC1AZI\PriuceDownloader.exe, , [16aec3844248b0868dce8e86bc47ba46],
PUP.Optional.Multiplug, C:\$Recycle.Bin\S-1-5-21-2735727646-1258469213-3720229703-1000\$RIRSAK4\Facebook Platinum.exe, , [05bf69deff8b6fc7ed6e34e0c0434bb5],
PUP.Optional.Multiplug, C:\$Recycle.Bin\S-1-5-21-2735727646-1258469213-3720229703-1000\$RIVXVXT\IULiddexTYtWWG.exe, , [695be5620b7fb68063f800149271a25e],
PUP.Optional.Multiplug, C:\$Recycle.Bin\S-1-5-21-2735727646-1258469213-3720229703-1000\$RQ6LLWH\AoppetOU.exe, , [745045025f2b2214be9dc2522fd435cb],
PUP.Optional.Multiplug, C:\$Recycle.Bin\S-1-5-21-2735727646-1258469213-3720229703-1000\$RR37VWP\Rescroller.exe, , [a3217bcc3654e74fc398789c7d8621df],
PUP.Optional.Multiplug, C:\$Recycle.Bin\S-1-5-21-2735727646-1258469213-3720229703-1000\$RU1YTPY\EvMTT1cuiLQvL0.exe, , [cff5cd7a3f4b58de2a31e72d12f149b7],
PUP.Optional.Wajam.A, C:\Users\Claude\AppData\Local\Temp\A0B3.tmp, , [f2d27acdfa90b18563d6273e06fa08f8],
PUP.Optional.Somoto, C:\Users\Claude\AppData\Local\Temp\bitool.dll, , [566e22254b3f74c27413b82750b20cf4],
PUP.Optional.StormAlert.A, C:\Users\Claude\AppData\Local\Temp\Setup.exe, , [b60ea4a3f8920f27a184d78a629e8080],
PUP.Optional.Somoto.A, C:\Users\Claude\AppData\Local\Temp\nsw9939.tmp, , [5c6854f3c1c9b48273a09cdec23f40c0],
PUP.Optional.EZDownloader.A, C:\Users\Claude\AppData\Local\Temp\f1fA59\temp\EzDownloader_setup.exe, , [4a7a7dcab4d6ef473be0d34d88782cd4],
PUP.Optional.Wajam.A, C:\Users\Claude\AppData\Local\Temp\f1fA59\temp\wajam_install.exe, , [22a290b7820860d68bae8bda1fe1659b],
PUP.Optional.OpenCandy, C:\Users\Claude\Downloads\daemon-tools-lite_4-49-1_fr_10729.exe, , [a91b5dea503a11258a7ba6712ed84db3],
PUP.Optional.MSW, C:\Users\Claude\Downloads\daemon-tools-lite_v-4-49_fr_10729.exe, , [bd07ab9c5c2e77bfe986c23cc14039c7],
Rogue.Multiple, C:\ProgramData\600440862\BIT582D.tmp, , [566e4ef92466c5718e5f80e217ecc838],

Secteurs physiques: 0
(Aucun élément malicieux détecté)


(end)

Results of screen317's Security Check version 0.99.99
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Protection antivirus et antispyware McAfee
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
McAfee SiteAdvisor
Adobe Reader XI
Google Chrome (40.0.2214.111)
Google Chrome (40.0.2214.93)
Google Chrome (GoogleUpdate.dll..)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: =
````````````````````End of Log``````````````````````

descriptionslow pc EmptyRe: slow pc

more_horiz
Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Please run AdcCleaner again and hit the Clean button

*************************************************
Please download Junkware Removal Tool to your desktop.

Warning! Once the scan is complete JRT will shut down your browser with NO warning.

Shut down your protection software now to avoid potential conflicts.

•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

•The tool will open and start scanning your system.

•Please be patient as this can take a while to complete depending on your system's specifications.

•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

•Copy and Paste the JRT.txt log into your next message.
*****************************************
Malwarebytes' Anti-Rootkit

Please download Malwarebytes' Anti-Rootkit and save it to your desktop.

  • Be sure to print out and follow the instructions provided on that same page for performing a scan.
  • Caution: This is a beta version so also read the disclaimer and back up all your data before using.
  • When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
  • Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
  • Copy and paste the contents of these two log files in your next reply.

descriptionslow pc EmptyRe: slow pc

more_horiz
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.5 (03.17.2015:1)
OS: Windows 7 Professional x64
Ran by Claude on 2015-03-21 at 10:28:37,77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2015-03-21 at 10:35:35,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
main: v2015.03.21.04
rootkit: v2015.02.25.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17691
Claude :: CLAUDE-PC [administrator]

2015-03-21 10:39:13
mbar-log-2015-03-21 (10-39-13).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 350235
Time elapsed: 18 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17691

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.400000 GHz
Memory total: 4292190208, free: 2267381760

Downloaded database version: v2015.03.21.04
Downloaded database version: v2015.02.25.01
Downloaded database version: v2015.03.09.01
=======================================
Initializing...
------------ Kernel report ------------
03/21/2015 10:39:02
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\nvstor.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\1394ohci.sys
\SystemRoot\system32\DRIVERS\b57nd60a.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\SaiBus.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\WmBEnum.sys
\SystemRoot\system32\drivers\WmXlCore.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\SaiMini.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\system32\drivers\WmFilter.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\usbscan.sys
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\system32\DRIVERS\dot4usb.sys
\SystemRoot\system32\DRIVERS\Dot4.sys
\SystemRoot\system32\DRIVERS\SaiH0763.sys
\SystemRoot\system32\DRIVERS\Dot4Prt.sys
\SystemRoot\system32\DRIVERS\OEM03Vid.sys
\SystemRoot\system32\DRIVERS\OEM03Vfx.sys
\SystemRoot\system32\drivers\usbaudio.sys
\??\C:\Windows\system32\Drivers\OEM03Afx.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_nvstor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\drivers\mfeapfk.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Windows\system32\drivers\mwac.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\system32\drivers\WmVirHid.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\difxapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\imagehlp.dll
\Windows\System32\imm32.dll
----------- End -----------
Done!

Scan started
Database versions:
main: v2015.03.21.04
rootkit: v2015.02.25.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8004d7b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8004d7bb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8004d7b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8003cf69c0, DeviceName: \Device\0000005d\, DriverName: \Driver\nvstor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 20000000

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 976564224

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xfffffa8005b2e790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005b217e0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005b2e790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005b0db60, DeviceName: \Device\00000076\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa8005b2c060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005b2cb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005b2c060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005b2e060, DeviceName: \Device\00000077\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa8005b2b060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005b2bb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005b2b060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005b26960, DeviceName: \Device\00000078\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xfffffa8005b2a060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005b2ab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005b2a060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005b23060, DeviceName: \Device\00000079\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

descriptionslow pc EmptyRe: slow pc

more_horiz
I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan

•Click the slow pc EsetOnline button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on slow pc EsetSmartInstall to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the slow pc EsetSmartInstallDesktopIcon-1 icon on your desktop.

•Check slow pc EsetAcceptTerms
•Click the slow pc EsetStart button.
•Accept any security warnings from your browser.

  • Leave the check mark next to Remove found threats.

•Check slow pc EsetScanArchives
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push slow pc EsetListThreats
•Push slow pc EsetExport, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the slow pc EsetBack button.
•Push slow pc EsetFinish
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

descriptionslow pc EmptyRe: slow pc

more_horiz
C:\AdwCleaner\Quarantine\C\ProgramData\Browser\prompt.exe.vir a variant of MSIL/Adware.PullUpdate.H application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\iccbggfdphiflkkcpadnnblllekkdhpc\lsdb.js.vir JS/Adware.MultiPlug.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\iccbggfdphiflkkcpadnnblllekkdhpc\rF6CE7kMFr.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaembmengpmklfbjdgjghibacnpggphk\1.8\te.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\chrome.dll Win32/Patched.NFY trojan deleted (after the next restart) - quarantined
C:\Users\Claude\AppData\Local\Temp\446BD5D29217B.exe a variant of Win32/Adware.MultiPlug.DZ application cleaned by deleting - quarantined
C:\Users\Claude\AppData\Local\Temp\optprosetup.exe a variant of Win32/OptimizerEliteMax.C potentially unwanted application deleted - quarantined
Operating memory Win32/Patched.NFY trojan contained infected files

descriptionslow pc EmptyRe: slow pc

more_horiz
How's your computer working now? Any other issues or questions?

descriptionslow pc EmptyRe: slow pc

more_horiz
Everything looks great. Thanks! If I can help with a donation it will be a pleasure. Thank you again!

descriptionslow pc EmptyRe: slow pc

more_horiz
I'm not sure if the site is still accepting donations. In the meantime, we can do some cleanup.

Click Start> Computer> right click the C Drive and choose Properties> enter
Click Disk Cleanup from there.

slow pc Diskcleanup2

Click OK on the Disk Cleanup Screen.
Click Yes on the Confirmation screen.

slow pc Diskcleanup

This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
***********************************************
This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create Registry backup
  • Purge System Restore Points
  • Re-set system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.
****************************************
I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

descriptionslow pc EmptyRe: slow pc

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum