How remove traffic outbrain, slow perfomance

[bigabulk]

Thanks for reading my message, first sorry for my bad English. This is my first post and I will try to follow all the instructions.

I'm using windows 7 and I'm having problems with my browser. When I open a new browser tab or new window I cannot connect, so it looks like I'm without internet connection. I have the same problem using google chrome, mozilla and internet explorer. After several attempts, I performed a search but it appears that address was revealed associated with traffic.outbrain (all searchs)

I did a scan using malwarebytes anti-malware and kaspersky internet security, but they didn't find any threats. My laptop is getting slower and it's more difficult to connect to internet.

Any info or help you can give me would be of great help

Good morning!

Hope that you ask me, however i had a problem with aswMBR, some few minutes after to start scan, i received a message: Avast Rootkit stop working, windows is looking for a solution. I closed kaspersky and Malwarebytes, and i tried scan again, but i couldn't complete scan.

Thanks


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.55.2
Run by Gabriela at 8:28:08 on 2014-06-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.52.3082.18.5941.2900 [GMT -5:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\ksm.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\smui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
C:\Program Files (x86)\BlueStacks\HD-Service.exe
C:\Program Files (x86)\BlueStacks\HD-Network.exe
C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
mStart Page = about:blank
uURLSearchHooks: {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - <orphaned>
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mWinlogon: Userinit = userinit.exe,
BHO: Content Blocker Plugin: {245ED308-F160-4979-BFF9-08F6F0B931B6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Safe Money Plugin: {33E45E2D-241C-4351-8724-B9859C9AE662} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Virtual Keyboard Plugin: {FE0FD95C-E1E0-42D8-A747-84CC575FC9A8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Enviar a OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Agregar a Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportar a Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Enviar imagen al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\14D616A7F6E69616 : DHCPNameServer = 192.168.30.253
TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\84F64756C60265562716362757A70205143594C4C4F4 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\84F64756C60265562716362757A70223 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\C494E44414026594354514 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\E454454505C45535D294E4455425E45425A4D4 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{652DC0DE-A8BF-4378-BDDC-3EC811E10D69} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Handler: WSIEChrome - <Clsid value has no data>
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Content Blocker Plugin: {245ED308-F160-4979-BFF9-08F6F0B931B6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Safe Money Plugin: {33E45E2D-241C-4351-8724-B9859C9AE662} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-BHO: Virtual Keyboard Plugin: {FE0FD95C-E1E0-42D8-A747-84CC575FC9A8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Handler: WSIEChrome - <Clsid value has no data>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\etp2zg0r.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\content_blocker_sm@kaspersky.com\npcontentblocker.dll
FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\online_banking_sm@kaspersky.com\nponlinebanking.dll
FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\virtual_keyboard_sm@kaspersky.com\npvkplugin.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\Gabriela\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.irmysearch.aflt - ir_14_17_ch
FF - user.js: extensions.irmysearch.instlRef - 140305_a
FF - user.js: extensions.irmysearch.cr - 1603295462
FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q
FF - user.js: extensions.mysearchdial.hmpg - true
FF - user.js: extensions.mysearchdial.hmpgUrl - hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q&cr=1603295462&ir=
FF - user.js: extensions.mysearchdial.dfltSrch - true
FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
FF - user.js: extensions.mysearchdial.dnsErr - true
FF - user.js: extensions.mysearchdial_i.newTab - false
FF - user.js: extensions.mysearchdial.newTabUrl - hxxp://start.mysearchdial.com/?f=2&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q&cr=1603295462&ir=
FF - user.js: extensions.mysearchdial.tlbrSrchUrl - hxxp://start.mysearchdial.com/?f=3&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q&cr=1603295462&ir=&q=
FF - user.js: extensions.mysearchdial.id - B8AC6F5210BBC9D7
FF - user.js: extensions.mysearchdial.instlDay - 16184
FF - user.js: extensions.mysearchdial.vrsn - 1.8.29.0
FF - user.js: extensions.mysearchdial.vrsni - 1.8.29.0
FF - user.js: extensions.mysearchdial_i.vrsnTs - 1.8.29.09:51:51
FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
FF - user.js: extensions.mysearchdial.prdct - mysearchdial
FF - user.js: extensions.mysearchdial.aflt - ir_14_17_ch
FF - user.js: extensions.mysearchdial_i.smplGrp - none
FF - user.js: extensions.mysearchdial.tlbrId - base
FF - user.js: extensions.mysearchdial.instlRef - 140305_a
FF - user.js: extensions.mysearchdial.dfltLng -
FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
FF - user.js: extensions.mysearchdial.excTlbr - false
FF - user.js: extensions.mysearchdial.cr - 1603295462
FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q
FF - user.js: extensions.mysearchdial.AL - 2
.
FF - user.js: plugin.state.npcontentblocker - 2
.
FF - user.js: plugin.state.nponlinebanking - 2
.
FF - user.js: plugin.state.npvkplugin - 2
.
============= SERVICES / DRIVERS ===============
.
R0 kl1sm;kl1sm;C:\Windows\System32\drivers\kl1sm.sys [2013-9-5 7717984]
R0 PCTCore;PCTools KDS;C:\Windows\System32\drivers\PCTCore64.sys [2012-7-9 426616]
R0 pctDS;PC Tools Data Store;C:\Windows\System32\drivers\pctDS64.sys [2012-7-9 453896]
R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\System32\drivers\pctEFA64.sys [2012-7-9 1096176]
R1 KLIFSM;Kaspersky Lab SafeMoney Driver;C:\Windows\System32\drivers\klifsm.sys [2014-4-23 692832]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 29792]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54368]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]
R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\System32\drivers\PCTSD64.sys [2012-7-9 251528]
R2 AVP;Servicio Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-8-17 356128]
R2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-5-1 402192]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-5-1 123152]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-5-1 385808]
R2 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-5-1 774928]
R2 KSM;Servicio Kaspersky Fraud Prevention for Endpoint;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\ksm.exe [2013-12-19 233040]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-1 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-1 701512]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-3-6 39056]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2011-11-22 60416]
R2 risdpcie;risdpcie;C:\Windows\System32\drivers\risdpe64.sys [2011-11-22 80896]
R2 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2011-11-22 55808]
R2 Sentinel64;Sentinel64;C:\Windows\System32\drivers\Sentinel64.sys [2006-4-20 142888]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-6-4 2143072]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-22 2320920]
R2 WMCoreService;Mobile Broadband Service;C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode --> C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-11-22 35104]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-5-25 29280]
R3 klkbdfltsm;Kaspersky Lab KLKBDFLTSM;C:\Windows\System32\drivers\klkbdfltsm.sys [2014-3-14 28768]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-7-25 29280]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-1 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-5-8 11856]
S1 klhk;klhk;C:\Windows\System32\drivers\klhk.sys [2014-4-23 228448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-21 111616]
S3 klfltsm;Kaspersky Lab SafeMoney Kernel DLL;C:\Windows\System32\drivers\klfltsm.sys [2014-4-23 118368]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-5 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-14 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Servicio de tecnologías de activación de Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-21 1255736]
S4 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2011-11-21 89600]
S4 ArcGIS License Manager;ArcGIS License Manager;C:\PROGRA~2\ESRI\License\arcgis9x\lmgrd.exe [2013-1-12 1431440]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=Notepad.exe "%1"
FileExt: .ini: inifile=Notepad.exe "%1"
FileExt: .inf: inffile=Notepad.exe "%1"
.
=============== Created Last 30 ================
.
2014-06-06 23:58:03 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FCE8AE18-CCCF-47AB-B725-1898F7B0D392}\mpengine.dll
2014-05-28 11:51:34 -------- d-----w- C:\Windows\AutoKMS
2014-05-19 22:15:01 -------- d-----w- C:\ProgramData\BlueStacks
2014-05-19 22:15:01 -------- d-----w- C:\Program Files (x86)\BlueStacks
2014-05-19 22:13:33 -------- d-----w- C:\Users\Gabriela\AppData\Local\Bluestacks
2014-05-15 02:59:33 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-15 02:59:33 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-15 01:51:25 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-15 01:51:24 424448 ----a-w- C:\Windows\System32\aeinv.dll
.
==================== Find3M ====================
.
2014-05-20 15:20:03 91008 ----a-w- C:\Windows\System32\drivers\klflt.sys
2014-05-07 04:58:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-03-31 14:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-03-14 21:12:44 692832 ----a-w- C:\Windows\System32\drivers\klifsm.sys
2014-03-14 21:12:44 28768 ----a-w- C:\Windows\System32\drivers\klkbdfltsm.sys
2014-03-14 21:12:44 118368 ----a-w- C:\Windows\System32\drivers\klfltsm.sys
2014-03-14 21:12:42 228448 ----a-w- C:\Windows\System32\drivers\klhk.sys
2013-11-12 00:00:12 50053120 ----a-w- C:\Program Files (x86)\GUT64BD.tmp
2013-11-11 23:35:10 4188160 ----a-w- C:\Program Files (x86)\GUT9D79.tmp
2013-11-11 23:09:07 50053120 ----a-w- C:\Program Files (x86)\GUT784C.tmp
.
============= FINISH: 8:29:44.89 ===============

[Dakeyras]

Hi and welcome to Safer Networking.

Lets proceed as follows shall we...

Before we start:

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

• Please download the installer for Registry Backup from here or here and save to your desktop.
• Right-click on tweaking.com_registry_backup_setup.exe and select Run as Administrator >> Follow the prompts for a default installation
• Ensure the option Open "Tweaking.com - Registry Backup" When Install Completes is selected >> Next > >> Finish
• Once the GUI(graphical user interface) has appeared/loaded:-

• Click on Backup Now >> once the process is complete, similar to the below will displayed in the GUI:-

• Close Tweaking.com - Registry Backup

Note: There will now be a folder at the root of the Hard-Drive named C:\RegBackup, do not delete this as it is the actual backup just created.

A tutorial for Registry Backup explaining the various features can be viewed here.

Scan with AdwCleaner:

Please download adwcleaner from here and save to your desktop.

Alternate downloads are here or here.

• Right-click on adwcleaner.exe and select Run as Administrator to launch the application.
• Now click on the Scan tab >> once the scan is complete click on the Clean tab and follow the prompts.
• Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

Note: The log can also be located at C: >> AdwCleaner >> AdwCleaner[S0].txt

Scan with JRT:

Please download Junkware Removal Tool to your desktop.

Alternate download is here.

Note: Temp' disable/shut down your protection software now to avoid potential conflicts, how to do so can be read here.

• Right-click on on JRT.exe and select Run as Administrator to launch the application >> follow the on-screen prompt.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Note: Reboot your machine and ensure all disabled security software is now enabled etc.

Next:

When completed the above, please post back the following in the order asked for:

• How is your computer performing now, any further symptoms and or problems encountered?
• AdwCleaner Log.
• Junkware Removal Tool Log.

[bigabulk]

Done.

1. When I do a search, traffic Outbrain finally disappeared, but is still somewhat slow performance, especially when I do a search, slow show results

But now I have a little problem. Wireless broadband was working perfectly, now appears: Not connected, no connections available (but symbol showing CONNECTED, yes i'm; my computer is able to detect and connect to my home wireless network) however not allowed me to see the connections available. Now, it's not a problem (i'm home), but it will be when i need to use other networks


2. Logs AdwCleaner, and Junkware Removal Tool Log (attached)

Thanks for your help and patience


# AdwCleaner v3.212 - Reporte Creado 10/06/2014 en 15:57:25
# Actualizado 05/06/2014 por Xplode
# Sistema Operativo : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nombre de usuario : Gabriela - A
# Ejecutado desde : C:\Users\Gabriela\Downloads\adwcleaner_3.212.exe
# Opción : Limpiar

***** [ Servicios ] *****


***** [ Archivos / Carpetas ] *****

Carpeta Borrar : C:\Users\Gabriela\AppData\Local\iLivid
Carpeta Borrar : C:\Users\Gabriela\AppData\Roaming\eCyber
Archivo Borrar : C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\etp2zg0r.default\searchplugins\Mysearchdial.xml
Archivo Borrar : C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\etp2zg0r.default\user.js

***** [ Accesos directos ] *****


***** [ Registro ] *****

Clave Borrar : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (es-MX)

[ Archivo : C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\etp2zg0r.default\prefs.js ]

Linea borrada : user_pref("extensions.irmysearch.aflt", "ir_14_17_ch");
Linea borrada : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDt[...]
Linea borrada : user_pref("extensions.irmysearch.cr", "1603295462");
Linea borrada : user_pref("extensions.irmysearch.instlRef", "140305_a");
Linea borrada : user_pref("extensions.mysearchdial.AL", 2);
Linea borrada : user_pref("extensions.mysearchdial.aflt", "ir_14_17_ch");
Linea borrada : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Linea borrada : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzy[...]
Linea borrada : user_pref("extensions.mysearchdial.cr", "1603295462");
Linea borrada : user_pref("extensions.mysearchdial.dfltLng", "");
Linea borrada : user_pref("extensions.mysearchdial.dfltSrch", true);
Linea borrada : user_pref("extensions.mysearchdial.dnsErr", true);
Linea borrada : user_pref("extensions.mysearchdial.excTlbr", false);
Linea borrada : user_pref("extensions.mysearchdial.hmpg", true);
Linea borrada : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtD[...]
Linea borrada : user_pref("extensions.mysearchdial.id", "B8AC6F5210BBC9D7");
Linea borrada : user_pref("extensions.mysearchdial.instlDay", "16184");
Linea borrada : user_pref("extensions.mysearchdial.instlRef", "140305_a");
Linea borrada : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyE[...]
Linea borrada : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Linea borrada : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Linea borrada : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Linea borrada : user_pref("extensions.mysearchdial.tlbrId", "base");
Linea borrada : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutC[...]
Linea borrada : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
Linea borrada : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
Linea borrada : user_pref("extensions.mysearchdial_i.newTab", false);
Linea borrada : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Linea borrada : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.09:51:51");

-\\ Google Chrome v35.0.1916.114

[ Archivo : C:\Users\Gabriela\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Borrar [Extension] : iagcajndpnfncplednpbnkahadegklfa

*************************

AdwCleaner[R0].txt - [16671 octets] - [18/12/2013 19:58:26]
AdwCleaner[R1].txt - [937 octets] - [19/12/2013 09:19:04]
AdwCleaner[R2].txt - [1053 octets] - [28/12/2013 19:52:16]
AdwCleaner[R3].txt - [1427 octets] - [29/01/2014 21:35:49]
AdwCleaner[R4].txt - [1428 octets] - [03/02/2014 12:07:43]
AdwCleaner[R5].txt - [5048 octets] - [10/06/2014 15:54:14]
AdwCleaner[S0].txt - [15487 octets] - [18/12/2013 20:02:11]
AdwCleaner[S1].txt - [995 octets] - [19/12/2013 09:19:41]
AdwCleaner[S2].txt - [1113 octets] - [28/12/2013 19:53:04]
AdwCleaner[S3].txt - [1482 octets] - [29/01/2014 21:37:45]
AdwCleaner[S4].txt - [1487 octets] - [03/02/2014 12:08:20]
AdwCleaner[S5].txt - [4852 octets] - [10/06/2014 15:57:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [4912 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Dakeyras]

Added JRT zip to this post as was having problems downloading from prior post.

@bigabulk, please ignore this post. It is merely so I am able to download the zip file you attached correctly. Not a cause for concern nor did you do anything wrong I assure you.

[Dakeyras]

Hi.

1. When I do a search, traffic Outbrain finally disappeared, but is still somewhat slow performance, especially when I do a search, slow show results

But now I have a little problem. Wireless broadband was working perfectly, now appears: Not connected, no connections available (but symbol showing CONNECTED, yes i'm; my computer is able to detect and connect to my home wireless network) however not allowed me to see the connections available. Now, it's not a problem (i'm home), but it will be when i need to use other networks

Acknowledged and thanks for the update. Be some way to go as of yet to complete the malware removal process and in turn remedy the other issues your machine has. I see AdwCleaner has been ran a fair few times in the past, have you been experiencing malware related problems for quite some time then ?

Thanks for your help and patience

You're welcome!

Java Advice

There has been a recent severe exploitation of this software. Even though this exploit has been reportedly fixed there is still a vulnerability with the software, the below is currently all that it is installed Java related:-

Java 7 Update 13 (64-bit)
Java 7 Update 55

So you need to uninstall all(if still present via Uninstall a program or Programs and Features located in the Control Panel)...Your choice if you wish to go ahead and reinstall but as mentioned I advise against it and for the present I do not even have anything Java related installed on my machines.

Please let myself know what you wish to do about this in your next reply please and if you opt to re-install I will provide both the appropriate instructions and safety advice etc.

P2P Advice:

I advise you consider uninstalling the below:-

µTorrent via Uninstall a program or Programs and Features located in the Control Panel.

Please read this for further information:-

File Sharing, otherwise known as Peer To Peer. (P2P)

To be honest I have lost count of the number of machines I have dealt with over the years that became infected due to the use of P2P software. However if you opt not to...please refrain from using µTorrent for the duration of the malware removal process, thank you.

Uninstall Software

I also strongly advise you consider uninstalling the below:-

TuneUp Utilities 2012
TuneUp Utilities Language Pack (es-MX)

Via Uninstall a program or Programs and Features located in the Control Panel.

Such software rarely if ever makes any improvements and actually has the potential to leave your machine little more than a expensive doorstop!

Scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 64-Bit to your Desktop.

• Right-click on FRST.exe and select Run as Administrator to start FRST >> follow the prompt/click on Yes
• Under Optional Scan ensure both Drivers MD5 and Addition.txt are selected.
• Now click on the Scan button/radio tab >> at the Scan completed prompt click on OK
• At the next prompt denoting Addition.txt is saved in the same location FRST tool is run >> click on OK
• There will now be two logs on your desktop, Addition.txt and FRST.txt. Post the contents of both in your next reply.

Next:

When completed the above, please post back the following in the order asked for:

• Answer to my questions regarding AdwCleaner and Java.
• Both FRST logs. <-- Post them individually please, IE: one Log per post/reply.

[bigabulk]

Morning!

About Adwcleaner: In the past I had a problem with malware and used adwcleaner apparently solved everything. About 6 months ago I started having problems with the internet connection (suddenly could not open any page from the browser especially using google chrome, but internet connection worked well, even skype worked fine), but this problem appeared and disappeared quickly (the problem did not last more than a day) but now is constant. For example right now I had to refresh the page several times to write this message.

Java uninstalled, but I need to reinstall it ('cause I need it for my work: accounting software)

uTorrent uninstalled

TuneUp uninstalled