I've been directed here from this post in the "Am I Infected? What Do I Do?" section. I've attached the FRST logs to this post.
I've had some strange PC problems over the last 6 weeks or so. Initially I thought it was a software problem, but now I'm beginning to think I've been infected. The problems appear to be related to https and secure connections, though they vary in severity / type.
I'm on Win7 32 bit Professional with SP1
- Outlook kept crashing when using MS Exchange connection (pop3 only was ok)
- VPN wouldn't connect, then crashed
- Chrome wouldn't serve https pages. They just gave me ERR_TIMED_OUT after 2 mins or so.
(One example - my bank's http home page would load, but when I tried to login to online banking, that page wouldn't). More details here fwiw.
- Browser downloads refusing to complete - sometimes they stop halfway, other times at 100% but without completing
The symptoms are not consistent - sometimes it's just one, other times the whole lot. Sometimes none at all. The https browser problem varies - sometimes I can't get https pages at all, other times they're just very slow loading.
What I've Tried
Initially I ran MBAM, adwcleaner, SuperAntiSpyware, JRT and ESET online scanner. I didn't see anything particularly bad in there, but that appeared to fix the problem. Until a week later I began having trouble again. Just Outlook this time. Browser and VPN worked fine. Ran the tools again. All good. A week later VPN wouldn't work again and couldn't get https in the browser. But Outlook was OK.
Yesterday I thought I would try some more aggressive cleaning. I downloaded some tools I hadn't tried before like ComboFix and TDSSKiller. JRT seemed to run ok (although at the beginning it always gives me the message "cannot update, unable to ping"). When I tried to launch adwcleaner, it wouldn't run (just got the spinning circle forever). Same for rkill. I changed the name of the rkill.exe file to something random. That then ran. I tried the same trick with adwcleaner, but that didn't work. I ran TDSSKiller - that came up with 0 threats.
Additionally, yesterday I was unable to Set Default Programs / File Associations in Windows. However today that seems fine.
Edited by mhl, 14 April 2015 - 04:15 PM.