no_one

Yes, it's ok to close my thread. Problem solved! Thank you!

MBAR log : Malwarebytes Anti-Rootkit 1.1.0.1009 www.malwarebytes.org Database version: v2012.12.03.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Proiectare2 :: PROIECTARE2-PC [administrator] 12/3/2012 3:49:10 PM mbar-log-2012-12-03 (15-49-10).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: PUP | PUM | P2P Objects scanned: 27342 Time elapsed: 5 minute(s), 17 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) ADWCleaner log : # AdwCleaner v1.604 - Logfile created 12/03/2012 at 15:57:32 # Updated 23/04/2012 by Xplode # Operating system : Windows 7 Professional Service Pack 1 (64 bits) # User : Proiectare2 - PROIECTARE2-PC # Running from : C:\Users\Proiectare2\AppData\Local\Temp\installer.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E} ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Users\Proiectare2\AppData\Roaming\Mozilla\Firefox\Profiles\t2aj69bb.default\prefs.js [OK] File is clean. ************************* AdwCleaner[s1].txt - [825 octets] - [03/12/2012 15:57:32] ########## EOF - C:\AdwCleaner[s1].txt - [952 octets] ##########

Now my internet speed is very good and I run a computer scan with nod 32 antivirus and it returns a "0" infections. Now, everything is back to normal on my coputer. Thank you very much!

Hello again! Here are the logs : System-log --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.01.0.1009 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 9.0.8112.16421 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, G:\ DRIVE_FIXED CPU speed: 3.292000 GHz Memory total: 8566251520, free: 5991972864 ------------ Kernel report ------------ 11/29/2012 14:42:52 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\drivers\atapi.sys \SystemRoot\system32\drivers\ataport.SYS \SystemRoot\system32\drivers\msahci.sys \SystemRoot\system32\drivers\PCIIDEX.SYS \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\vmstorfl.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\drivers\disk.sys \SystemRoot\system32\drivers\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\system32\DRIVERS\ehdrv.sys \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\drivers\afd.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\DRIVERS\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\DRIVERS\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\system32\drivers\csc.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\nvlddmkm.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HDAudBus.sys \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\DRIVERS\e1c62x64.sys \SystemRoot\system32\drivers\usbehci.sys \SystemRoot\system32\drivers\USBPORT.SYS \SystemRoot\system32\DRIVERS\nusb3xhc.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\DRIVERS\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\rdpbus.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\swenum.sys \SystemRoot\system32\DRIVERS\ks.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\nvhda64v.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\DRIVERS\nusb3hub.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_dumpata.sys \SystemRoot\System32\Drivers\dump_msahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\Drivers\LUsbFilt.Sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\system32\DRIVERS\LHidFilt.Sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\LMouFilt.Sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\DRIVERS\kbdhid.sys \SystemRoot\system32\DRIVERS\USBSTOR.SYS \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\eamonm.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\Drivers\Sentinel64.sys \SystemRoot\system32\DRIVERS\epfwwfpr.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\DRIVERS\asyncmac.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk1\DR2 Upper Device Object: 0xfffffa800c352060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000083\ Lower Device Object: 0xfffffa800c299b60 Lower Device Driver Name: \Driver\USBSTOR\ Driver name found: USBSTOR DriverEntry returned 0x0 Function returned 0x0 <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8007674060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-1\ Lower Device Object: 0xfffffa80072c2680 Lower Device Driver Name: \Driver\atapi\ Driver name found: atapi DriverEntry returned 0x0 Function returned 0x0 Downloaded database version: v2012.11.29.06 Downloaded database version: v2012.11.28.01 Initializing... Done! Scanning directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 2 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8007674060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8007674b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8007674060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800739f520, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xfffffa80072c2680, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\ ------------ End ---------- Upper DeviceData: 0xfffff8a00d9a54e0, 0xfffffa8007674060, 0xfffffa800cc70790 Lower DeviceData: 0xfffff8a00c5a91a0, 0xfffffa80072c2680, 0xfffffa800cca3190 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... MBR is forged! Inspecting partition table: MBR Signature: 55AA Disk Signature: 7F47852B Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 204800 Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 206848 Numsec = 409393152 Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 409600000 Numsec = 567142448 Partition 3 type is HIDDEN (0x17) Partition is ACTIVE. Partition starts at LBA: 976744448 Numsec = 20480 Partition is not bootable Infected: VBR on Hidden active partition --> [Rootkit.Alureon.F.VBR] Changing partition to empty and not active. New active partition is 0 on drive 0 ... Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 MBR infection found on drive 0 Disk Size: 500107862016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)... Sector 976753168 --> [Forged physical sector] Sector 976753169 --> [Forged physical sector] . . here I deleted the lines because here were written all the sector's string and the post was too long . . Sector 976769023 --> [Forged physical sector] Sector 976773167 --> [Forged physical sector] Physical Sector Size: 512 Drive: 1, DevicePointer: 0xfffffa800c352060, DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800b0e65b0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800c352060, DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800c299b60, DeviceName: \Device\00000083\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Upper DeviceData: 0xfffff8a01475c270, 0xfffffa800c352060, 0xfffffa800c3e8090 Lower DeviceData: 0xfffff8a011e83f20, 0xfffffa800c299b60, 0xfffffa800c487e40 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: 9AACD5CF Partition information: Partition 0 type is Extended with LBA (0xf) Partition is NOT ACTIVE. Partition starts at LBA: 16065 Numsec = 488376000 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 250059350016 bytes Sector size: 512 bytes Done! Performing system, memory and registry scan... Done! Scan finished ======================================= mbar-log : Malwarebytes Anti-Rootkit 1.1.0.1009 www.malwarebytes.org Database version: v2012.11.29.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Proiectare2 :: PROIECTARE2-PC [administrator] 11/29/2012 2:50:03 PM mbar-log-2012-11-29 (14-50-03).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: PUP | PUM | P2P Objects scanned: 27354 Time elapsed: 6 minute(s), 8 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 14 C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Bootstrap_0_3_976744448_infected.mbam (Rootkit.Alureon.F.VBR) -> Delete on reboot. [195b46a15dec878e5846f1986c77aa33] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\MBR_0_infected.mbam (Rootkit.Alureon.F.VBR) -> Delete on reboot. [131f87e86517b48eeff0ec83ab1fad51] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_976753168_user.mbam (Forged physical sector) -> Delete on reboot. [ea5c99d73f21747bf95c559603dc5568] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_976754400_user.mbam (Forged physical sector) -> Delete on reboot. [5c89370eda1df2e5d63c6d29d86b55b8] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_976755339_user.mbam (Forged physical sector) -> Delete on reboot. [41c738613dd8253a0240d77ce4431bb5] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_976755484_user.mbam (Forged physical sector) -> Delete on reboot. [d8e9eecd38c37ba6f8ebbae4767d2c6f] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_976757572_user.mbam (Forged physical sector) -> Delete on reboot. [7381ae94fe6918016bc4823f2da5a6d1] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_976758123_user.mbam (Forged physical sector) -> Delete on reboot. [226c39ded25b63837e3fe192bb221bfe] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_976761074_user.mbam (Forged physical sector) -> Delete on reboot. [9771f37b5d71d25d041592255f22a50d] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_976763171_user.mbam (Forged physical sector) -> Delete on reboot. [635ebb8e2e63178dcf6ee39b77981a0b] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_976766288_user.mbam (Forged physical sector) -> Delete on reboot. [1479783dcb9108de97c8478a1e74406a] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_976768733_user.mbam (Forged physical sector) -> Delete on reboot. [0caa23499ef410b376186aab81a469ea] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_976769023_user.mbam (Forged physical sector) -> Delete on reboot. [d76298849e5a394fb6852da78e7bf199] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_976773167_user.mbam (Forged physical sector) -> Delete on reboot. [131f87e86517b48eeff0ec83ab1fad51] (end)

thank you very much, I posted on Malware Removal Forum.

Hello Since approximately 3 months ago, my internet browsers respond very slow. I tried many internet browsers (mozilla,internet explorer, chrome) and all doing the same thing. I type an web address and I hit the "enter" key and I have to wait more that half a minute for the page to start loading. My internet speed is very good and my coworkers don't have any problem with the browsers. Yesterday I did a scan with eset nod antivirus and in the log report I saw the below infections : "Operating memory - Win32/Olmarik.TDL4 trojan - unable to clean" "Operating memory > firefox.exe(7448) - a variant of Win32/Olmasco.AD trojan - unable to clean" I tried to find a way on the internet to get rid of these trojans, but I find out that is a little bit difficult because of the different tipe of these trojans. Hope you can help me like in this post : ( http://forums.malwarebytes.org/index.php?showtopic=115649&st=0 )

Hello Since approximately 3 months ago, my internet browsers respond very slow. I tried many internet browsers (mozilla,internet explorer, chrome) and all doing the same thing. I type an web address and I hit the "enter" key and I have to wait more that half a minute for the page to start loading. My internet speed is very good and my coworkers don't have any problem with the browsers. Yesterday I did a scan with eset nod antivirus and in the log report I saw the below infections : "Operating memory - Win32/Olmarik.TDL4 trojan - unable to clean" "Operating memory > firefox.exe(7448) - a variant of Win32/Olmasco.AD trojan - unable to clean" I tried to find a way on the internet to get rid of these trojans, but I find out that is a little bit difficult because of the different tipe of these trojans. Hope you can help me like in this post : (http://forums.malwarebytes.org/index.php?showtopic=115649&st=0)