I suspect my computer is compromised, but I'm not sure

[Blahblason]

Several months ago my PC's internet spontaneously stopped working properly. The wifi was still showing up as normal according to the computer, and internet has worked normally on all other devices on the network, but on the PC I was getting internet speeds too slow to be usable. Web pages loaded slowly, and streaming anything was practically impossible. Oddly enough, when I could manage an Ookla speedtest, I was getting normal numbers (usually around 10 mbps down). After scanning it several times with ESET, i found a few threats and removed them, but the problem persisted. Frustrated, I've left the computer sitting off for a couple of months now.

Here's where I'm really confused. Today I decided I would finally get under the hood and fix this issue, and at first when I started the computer the internet speed was as slow as it had been. About 30 minutes or so of being on, the internet suddenly started working normally again! This was great and all, but it made me rather suspicious. I haven't made any actions or changes to solve the problem, and in my experience computer issues rarely solve themselves. The only things that I can think have changed are that my ESET subscription has run out and windows has had some updates during the time I was away. After seeing nothing obvious having changed, I downloaded Malwarebytes (free) and ran a quick scan. The software identified 29 "potentially unwanted" threats, most of which seem to be related to google chrome, and I selected the option to quarantine them. However, the software got stuck at "0 out of 29" items quarantined, and hasn't moved for a couple of hours. This further increases my suspicion that something malicious may be going on.

What's going on? How do I ensure that my computer is safe?

 

Addition.txt

FRST.txt

[AdvancedSetup]

Please visit the Manufacturer website for your Killer Network Manager network card and get an updated driver. There have updated it with better drivers.

You have old, compromised versions of Java software. Please uninstall all versions of Java.

 

 

Please download AdwCleaner by Malwarebytes and save the file to your Desktop.

• Right-click on the program and select Run as Administrator to start the tool.
• Accept the Terms of use.
• Wait until the database is updated.
• Click Scan.
• When finished, please click Clean.
• Your PC should reboot now if any items were found.
• After reboot, a log file will be opened. Copy its content into your next reply.

 

 

Next,

Please Run TFC by OldTimer to clear temporary files:

• Download TFC from here and save it to your desktop.
• http://oldtimer.geekstogo.com/TFC.exe
• Close any open programs and Internet browsers.
• Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
• Please be patient as clearing out temp files may take a while.
• Once it completes you may be prompted to restart your computer, please do so.
• Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

Thank you

Ron

 

 

[Blahblason]

Here are the results of the Adwcleaner after uninstalling java, installing the updated Killer driver, and restarting:

# AdwCleaner 7.0.2.1 - Logfile created on Tue Sep 19 01:56:00 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\Carson\AppData\Roaming\RPEng

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

 

*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [2338 B] - [2015/11/20 23:39:9]
C:/AdwCleaner/AdwCleaner[S1].txt - [1574 B] - [2015/11/20 23:37:24]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

[Blahblason]

At this point I have also run TFC, and did not have to restart.

[AdvancedSetup]

How is the computer running now?

Are there still any signs of an infection?

Is the speed of the computer continuing to run good?

 

[Blahblason]

Seems to be running normally, and I'm no longer seeing any signs of infection. Thanks for the help!

[AdvancedSetup]

You're quite welcome @Blahblason

I'll go ahead then and close your topic. You can delete any of the tools used.

Take care and stay safe out there

Ron

 

[AdvancedSetup]

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!