Results below - zero issues with cleanup and dskchk.
Also looks as if there are 35 Windows updates pending. I assume I should apply those, however, whatever log is created after these updates is where the Avast CSR informed me that prior updates hadn't been installed correctly....
Well, without actually going through a Forensics reconstruction, I'm going to guess with reasonable assurance, that they Root Kit did some modifications of those (and many other) files. Not at all unusual. That said, absolutely keep updates and Service Packs up to date.
Next, I'll step off the Soap Box in a second. I would offer that the overwhelming number of exploits arrive at the Home Computer via: Browser Exploits, Java Vulnerabilities, Flash Vulnerabilities and Operating System Vulnerabilities. Keep all update Your version of Java is NOT update, so I put the update instructions next. Your Adobe IS up to date, but I put in the update instructions so that you'd have them.
Keeping Java Updated
WARNING: Java is one of the most exploited program at this time. The Department of Homeland Security recommends that computer users disable Java. You can read more about this here.
I would recommend that you completely uninstall Java unless you need it to run an important software. If you need it or are unsure or uncomfortable with removing it then I would
recommend that you disable Java in your browsers until you need it and then enable it at that time. (See How to disable Java in your web browser and How to unplug Java from the browser). If you don't uninstall it, it's also important that you keep it updated. In your case you have the most current version so if you decide to keep it there is nothing to do presently. Please keep it current however.
Unless you have disabled the default behavior, Java will check for updates once a month and then prompt you that there is an update. You should allow this program to update.
Keep Adobe Reader Updated
Check to see what the latest major version of Adobe Reader is here. The full version is something like 11.0.06 for example but the major version is just the first
number before the period so 11 in this case or XI.
Verify what version you have by doing the following.
1. Open Adobe Reader
2. Click Help on the menu at the top
3. Select About Adobe Reader
If your major version matches the major version from Adobe then perform the following steps.
1. Open Adobe Reader
2. Click Help on the menu at the top
3. Click Check for Updates
4. Allow any Updates to be downloaded and installed
5. If asked to reboot, please do.
6. Repeat these steps until you are told that no updates are available.
If your major version is lower than the major version from Adobe then perform the following steps.
1. Uninstall Adobe Reader. Click here for instructions on
how to uninstall a program.
2. Install the newest version from this website.
Note: Make sure to uncheck the Optional Offer (i.e. Google Chrome, Google Toolbar) unless you really want it.
instructions to disable it in Adobe Reader.
1. Open Adobe Reader
2. Select Edit from the menu and select Preferences
4. Click OK and close the program.
NOTE: Many installers, including Adobe Reader, offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While
most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.
I glanced at the logs in control panel - system and security - Administrative tools - event viewer that goes back to 2011....not sure what is important or not.
Well, it's always a good idea to keep on top of your log files. This particular one is actually calling out specific IP addresses that should NOT be blocked by MBAM. I didn't leg out all of those addresses, but they don't look good to me. Can't remember if you had P2P on this computer, but these IP's I'd expect to part of P2P. Feel free to remove the addresses.
Let's talk about computer speed. The machine itself is likely fast "enough". Well, enough for cruising the Internet, etc. However, throttling can occur at a number of points. Your ISP could be slowing you down (trust me, they'd never admit it), your Router could be slowing you down, MBAM in monitoring mode could be, and any other program that assess your Browsing before letting you get to where ever your going. You have to figure out where the line of "just enough protection" and :just enough speed" intersect. For my two cents, I have many machines. I run nothing but A/V on all of them. I have MSE on a few, Defender on a few, and Avast (free version) on the rest. That's it. Then, I just practice cautious computing. i.e. know which websites I'm visiting, careful on e-mail attachments, update everything. So, to figure out your browser and speed issues, one at a time, I'd suspend or remove protection programs and see how that goes. I'd try a different Browser and see what happens there. Keep it going. Last resort I'd backup my computer and Refresh the Operating System which should get it running a lot faster.
Ok, a couple more things to do.
I'd like you to run Malwarebytes. You already have it on your computer
Right click on Malwarebytes' icon and choose Run as administrator
- If an update is found, it will download and install the latest updates automatically:
- Now select the Settings tab, and check the box next to Scan for rootkits:
- Go back to the Dashboard tab, and click the Scan Now button:
- The scan may take some time to finish,so please be patient.
- When the scan is complete, it will show you the results. (This one is clean):
- Make sure that everything is checked, and click Quarantine All (or similar).
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note below) If the log doesn't open, select View detailed log in the Scan tab:
- The log is automatically saved by MBAM and can be viewed by going to the History tab and clicking on Application Logs:
- Choose the latest Scan Log, and click on the View button:
- In the bottom of the Scanning History Log window that opens, you can click on Export > Save to Text file (*.txt). Save the report to your Desktop.
- Copy & Paste the entire contents of the report log in your next reply.
ESET Online Scanner
Please run a free online scan with ESET ~> *click here*
Note: You will need to disable your current installed Anti-Virus for the duration of the online scan, how to do so can be read here.
Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.
Note: This scan works with Internet Explorer or Mozilla FireFox.
If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
- Click the <~ ESET Online Scanner box
- A new window will open:
then click on: Start ~>
- You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
- Make sure that the option Scan archives is checked.
- Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
- Click on Start
- The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
- When completed the Online Scan will begin automatically. The scan may take several hours.
- Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
- When completed select Uninstall application on close, make sure you copy the logfile first!
- Then click on: Finish
- Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
- Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!