• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
    • Budfred

      UPDATE on Upgrade   02/07/2017

      We were somewhat delayed on getting the upgrade done, but it looks like it will now be done in the next few days or possibly even later today.   There is one change coming with the new upgrade that may affect people when they log in. There will no longer be separate Usernames and Display Names. Your Display Name will now be the only name you have for the forum and, if you used your Username to log in, you will now need to use your Display Name. It is likely that everyone who visits after the upgrade will need to log in again, so please keep this in mind.   Update again - Feb 7 - We have completed the main part of the upgrade and we are working to tweak settings for the site.  It will probably take us a while, but we will eventually settle down to the way we want it.  In the meanwhile, your posts should be secure, but the look of the forum and some functions may change over time.
    • cnm

      We backup daily at 9:00 PM Pacific Time   02/13/2017

      You may notice the forum being unresponsive for a few minutes around 9:00 PM PST (11:00 PM CST, 5:00 AM GMT) while we back up the database.
    • cnm

      Notifications blocked by Outlook.com, Hotmail, Live, etc   02/14/2017

      Our notifications are blocked by those mail servers. If you have email address at Hotmail, Hotmail.uk, etc etc then you will not get notifications and need to manually check for new replies. We recommend Gmail.   The notifications won't even be in your Spam folder - they just go down a black hole.
    • Budfred

      PLEASE READ - Reversing upgrade   02/23/2017

      We have found that this new upgrade is somewhat of a disaster.  We are finding lots of glitches in being able to post and administer the forum.  Additionally, there are new costs associated with the upgrade that we simply cannot afford.  As a result, we have decided to reverse course and go back to the previous version of our software.  Since this will involve restoring it from a backup, we will lose posts that have been added since January 30 or possibly even some before that.    If you started a topic during that time, we urge you to make backups of your posts and you will need to start the topics over again after the change.  You can simply paste the copies of your posts that you created at that point.    If you joined the forum this month, you will need to re-register since your membership will be lost along with the posts.  Since you have a concealed password, we cannot simply restore your membership for you.   We are going to backup as much as we can so that it will reduce inconvenience for our members.  Unfortunately we cannot back everything up since much will be incompatible with the old version of our software.  We apologize for the confusion and regret the need to do this even though it is not viable to continue with this version of the software.   We plan to begin the process tomorrow evening and, if it goes smoothly, we shouldn't be offline for very long.  However, since we have not done this before, we are not sure how smoothly it will go.  We ask your patience as we proceed.   EDIT: I have asked our hosting service to do the restore at 9 PM Central time and it looks like it will go forward at that time.  Please prepare whatever you need to prepare so that we can restore your topics when the forum is stable again.
TMA_Cool

Sluggish comp

4 posts in this topic

Hello, recently ive noticed my comp started to be sluggish when opening programs like Firefox. It must be noted that i changed my HDD because the old one was about to die, i did keep my old HDD as secondary (though i format it), could that be causing the slow performance? Also, a few days ago i got infected with some spyware and browser hijacker but Malwarebytes got rid of it.

 

Anyway, here´s the logs:

 

Malwarebytes log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 23/03/2015
Scan Time: 05:20:39 p.m.
Logfile: Log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.23.07
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Usuario

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 352756
Time Elapsed: 6 min, 16 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
Hacktool.Agent, C:\Users\Usuario\Desktop\Cristian\W.L.D.v2.2.2.zip, Quarantined, [acfdfd25800a93a3bb73393d17ea5ea2],

Physical Sectors: 0
(No malicious items detected)


(end)

Share this post


Link to post
Share on other sites

DDS log:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17689
Run by Usuario at 17:31:20 on 2015-03-23
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.54.3082.18.8130.6322 [GMT -3:00]
.
AV: Panda Free Antivirus *Enabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
SP: Panda Free Antivirus *Enabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uDefault_Page_URL = about:blank
mStart Page = about:blank
mSearch Page = www.google.com
mDefault_Page_URL = about:blank
mDefault_Search_URL = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [startCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Enviar a OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xportar a Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 200.49.130.41 200.42.4.203 172.20.2.26
TCP: Interfaces\{D394C91A-E739-4801-A69F-DBDE0211E328} : DHCPNameServer = 200.49.130.41 200.42.4.203 172.20.2.26
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-mSearch Page = www.google.com
x64-mDefault_Page_URL = about:blank
x64-mDefault_Search_URL = www.google.com
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [iAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 genuine.microsoft.com
Hosts: 127.0.0.1 mpa.one.microsoft.com
Hosts: 127.0.0.1 sls.microsoft.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\4qskok85.default\
FF - prefs.js: browser.search.selectedEngine - omniboxes
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.ar/
FF - prefs.js: keyword.URL - hxxp://search.us.com/serp?guid={FEBEB51E-3F70-4B19-8E26-D9019BD9DA96}&action=default_search&k=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2014-7-9 42624]
R0 DC3410;DC3410;C:\Windows\System32\drivers\DC3410.sys [2014-7-9 48328]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-8-7 644968]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-8-7 28008]
R0 iusb3hcs;Controlador del conmutador de la controladora de host Intel® USB 3.0;C:\Windows\System32\drivers\iusb3hcs.sys [2015-2-5 20464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2015-2-5 283064]
R1 NNSALPC;NNSALPC;C:\Windows\System32\drivers\NNSAlpc.sys [2014-6-4 96800]
R1 NNSHTTP;NNSHTTP;C:\Windows\System32\drivers\NNSHttp.sys [2014-6-18 162336]
R1 NNSHTTPS;NNSHTTPS;C:\Windows\System32\drivers\NNSHttps.sys [2014-6-4 112160]
R1 NNSIDS;NNSIDS;C:\Windows\System32\drivers\NNSIds.sys [2014-6-4 115232]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;C:\Windows\System32\drivers\NNSNAHSL.sys [2014-1-16 46336]
R1 NNSPICC;NNSPICC;C:\Windows\System32\drivers\NNSpicc.sys [2014-6-4 95776]
R1 NNSPIHSW;NNSPIHSW;C:\Windows\System32\drivers\NNSPihsw.sys [2014-6-4 70176]
R1 NNSPOP3;NNSPOP3;C:\Windows\System32\drivers\NNSPop3.sys [2014-6-4 125984]
R1 NNSPROT;NNSPROT;C:\Windows\System32\drivers\NNSProt.sys [2014-6-4 306720]
R1 NNSPRV;NNSPRV;C:\Windows\System32\drivers\NNSPrv.sys [2014-6-4 169504]
R1 NNSSMTP;NNSSMTP;C:\Windows\System32\drivers\NNSSmtp.sys [2014-6-4 115744]
R1 NNSSTRM;NNSSTRM;C:\Windows\System32\drivers\NNSStrm.sys [2014-6-4 261152]
R1 NNSTLSC;NNSTLSC;C:\Windows\System32\drivers\NNStlsc.sys [2014-6-4 109088]
R1 PSINKNC;PSINKNC;C:\Windows\System32\drivers\PSINKNC.sys [2014-7-24 195616]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-11-20 244736]
R2 amdacpksd;ACP Kernel Service Driver;C:\Windows\System32\drivers\amdacpksd.sys [2014-11-20 294600]
R2 amdacpusrsvc;ACP User Service;C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2014-11-20 116224]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2015-2-5 936728]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-7 15720]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2015-2-5 169432]
R2 NanoServiceMain;Panda Protection Service;C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2014-10-13 142072]
R2 PandaAgent;Panda Devices Agent;C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2014-10-9 66808]
R2 PSINAflt;PSINAflt;C:\Windows\System32\drivers\PSINAflt.sys [2014-10-13 163088]
R2 PSINFile;PSINFile;C:\Windows\System32\drivers\PSINFile.sys [2014-10-13 121616]
R2 PSINProc;PSINProc;C:\Windows\System32\drivers\PSINProc.sys [2014-7-24 122400]
R2 PSINProt;PSINProt;C:\Windows\System32\drivers\PSINProt.sys [2014-7-24 132128]
R2 PSINReg;PSINReg;C:\Windows\System32\drivers\PSINReg.sys [2014-10-13 107792]
R2 PSUAService;Panda Product Service;C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2014-10-16 38136]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2014-6-21 94720]
R3 iusb3hub;Controlador del concentrador Intel® USB 3.0;C:\Windows\System32\drivers\iusb3hub.sys [2015-2-5 368112]
R3 iusb3xhc;Controlador de la controladora de host Intel® USB 3.0 eXtensible;C:\Windows\System32\drivers\iusb3xhc.sys [2015-2-5 786416]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-2-6 129752]
R3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2015-3-15 60400]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-2-5 883928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-1-2 315488]
S3 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2014-7-9 292696]
S3 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2014-7-9 82560]
S3 amdide64;amdide64;C:\Windows\System32\drivers\amdide64.sys [2014-7-9 11904]
S3 DC133;DC133;C:\Windows\System32\drivers\DC133.sys [2014-7-9 39320]
S3 DC150;DC150;C:\Windows\System32\drivers\DC150.sys [2014-7-9 39832]
S3 DC154;DC154;C:\Windows\System32\drivers\DC154.sys [2014-7-9 48136]
S3 DC300e;DC300e;C:\Windows\System32\drivers\DC300e.sys [2014-7-9 40344]
S3 DC324e;DC324e;C:\Windows\System32\drivers\DC324e.sys [2014-7-9 49752]
S3 DC4300;DC4300;C:\Windows\System32\drivers\DC4300.sys [2014-7-9 48360]
S3 DC600e;DC600e;C:\Windows\System32\drivers\DC600e.sys [2014-7-9 40744]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-3-11 114688]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376]
S3 megasas2;megasas2;C:\Windows\System32\drivers\megasas2.sys [2014-7-9 51496]
S3 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2015-2-4 1910640]
S3 PNPMEM;Controlador de módulo de memoria de Microsoft;C:\Windows\System32\drivers\pnpmem.sys [2009-7-13 16384]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-5-27 19456]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2014-5-27 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-5-27 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-5-27 29696]
S3 WatAdminSvc;Servicio de tecnologías de activación de Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-2-5 1255736]
.
=============== Created Last 30 ================
.
2015-03-20 12:39:06 11910896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ABEF8792-3884-4828-A375-FE313C75D916}\mpengine.dll
2015-03-15 20:15:29 60400 ----a-w- C:\Windows\System32\drivers\PSKMAD.sys
2015-03-14 17:32:47 -------- d-----w- C:\Users\Usuario\SupTab
2015-03-14 16:59:40 -------- d-----w- C:\Users\Usuario\AppData\Local\globalUpdate
2015-03-14 16:54:26 -------- d-----w- C:\Program Files (x86)\Windows Loader
2015-03-14 16:45:10 113543 ----a-w- C:\Windows\SysWow64\slmgr.vbs
2015-03-13 23:35:25 -------- d-----w- C:\Users\Usuario\AppData\Roaming\.mono
2015-03-13 23:35:25 -------- d-----w- C:\ProgramData\.mono
2015-03-13 23:35:24 -------- d-----w- C:\Users\Usuario\AppData\Roaming\Colossal Order
2015-03-13 23:35:24 -------- d-----w- C:\Users\Usuario\AppData\Local\Colossal Order
2015-03-11 16:43:59 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2015-03-11 16:42:32 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2015-03-11 16:42:32 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2015-03-04 18:32:36 -------- d-----w- C:\Users\Usuario\AppData\Local\SIPC
2015-03-04 18:31:42 217088 ----a-w- C:\Windows\SysWow64\libmySQL.dll
2015-03-04 18:31:42 1056768 ----a-w- C:\Windows\SysWow64\libmysql41.dll
2015-02-28 02:54:47 -------- d-----w- C:\Users\Usuario\Zomboid
2015-02-27 01:55:58 -------- d-----w- C:\Users\Usuario\AppData\Local\SKIDROW
2015-02-27 01:51:46 -------- d-----w- C:\R.G. Catalyst
2015-02-25 23:51:59 -------- d-----w- C:\Users\Usuario\AppData\Local\Deployment
2015-02-25 23:51:59 -------- d-----w- C:\Users\Usuario\AppData\Local\Apps
2015-02-25 19:19:02 950272 ----a-w- C:\Windows\System32\perftrack.dll
2015-02-25 19:19:02 91136 ----a-w- C:\Windows\System32\wdi.dll
2015-02-25 19:19:02 76800 ----a-w- C:\Windows\SysWow64\wdi.dll
2015-02-25 19:19:02 29696 ----a-w- C:\Windows\System32\powertracker.dll
2015-02-23 19:47:17 -------- d-----w- C:\Users\Usuario\AppData\Local\ElevatedDiagnostics
2015-02-22 20:17:55 -------- d-----w- C:\Users\Usuario\AppData\Local\My Games
.
==================== Find3M ====================
.
2015-03-23 20:29:57 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-03-23 20:27:57 65536 ----a-w- C:\Windows\System32\spu_storage.bin
2015-03-06 05:56:10 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-03-06 05:56:10 155576 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-03-06 05:42:39 210944 ----a-w- C:\Windows\System32\wdigest.dll
2015-03-06 05:42:36 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2015-03-06 05:42:35 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2015-03-06 05:42:35 136192 ----a-w- C:\Windows\System32\sspicli.dll
2015-03-06 05:42:33 341504 ----a-w- C:\Windows\System32\schannel.dll
2015-03-06 05:42:33 28160 ----a-w- C:\Windows\System32\secur32.dll
2015-03-06 05:42:29 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2015-03-06 05:42:29 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2015-03-06 05:42:27 728064 ----a-w- C:\Windows\System32\kerberos.dll
2015-03-06 05:42:27 1461760 ----a-w- C:\Windows\System32\lsasrv.dll
2015-03-06 05:42:20 22016 ----a-w- C:\Windows\System32\credssp.dll
2015-03-06 05:41:46 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-03-06 05:41:31 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-03-06 05:39:16 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-03-06 05:38:57 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-03-06 05:36:56 686080 ----a-w- C:\Windows\System32\adtschema.dll
2015-03-06 05:10:34 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2015-03-06 05:10:30 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2015-03-06 05:10:26 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2015-03-06 05:10:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2015-03-06 05:10:22 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2015-03-06 05:10:22 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2015-03-06 05:10:18 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2015-03-06 05:10:11 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2015-03-06 05:09:31 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-03-06 05:09:19 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-03-06 05:07:50 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-03-06 05:07:43 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-03-06 05:06:20 686080 ----a-w- C:\Windows\SysWow64\adtschema.dll
2015-02-26 03:25:44 3204096 ----a-w- C:\Windows\System32\win32k.sys
2015-02-24 06:17:24 295552 ------w- C:\Windows\System32\MpSigStub.exe
2015-02-20 04:41:01 41984 ----a-w- C:\Windows\System32\lpk.dll
2015-02-20 04:40:59 100864 ----a-w- C:\Windows\System32\fontsub.dll
2015-02-20 04:40:56 14336 ----a-w- C:\Windows\System32\dciman32.dll
2015-02-20 04:40:55 46080 ----a-w- C:\Windows\System32\atmlib.dll
2015-02-20 04:13:49 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2015-02-20 04:13:46 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2015-02-20 04:13:43 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2015-02-20 04:12:51 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2015-02-20 03:29:16 372224 ----a-w- C:\Windows\System32\atmfd.dll
2015-02-20 03:09:16 299008 ----a-w- C:\Windows\SysWow64\atmfd.dll
2015-02-20 03:06:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-02-20 03:05:49 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-02-20 02:50:14 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-02-20 02:49:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-02-20 02:49:19 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-02-20 02:47:56 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-02-20 02:35:17 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-02-20 02:35:05 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-02-20 02:34:24 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-02-20 02:32:34 6035456 ----a-w- C:\Windows\System32\jscript9.dll
2015-02-20 02:26:12 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-02-20 02:22:35 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-02-20 02:13:57 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-02-20 02:09:08 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-02-20 02:08:59 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-02-20 02:08:13 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-02-20 02:06:44 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-02-20 01:56:54 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-02-20 01:56:07 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-02-20 01:47:06 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-02-20 01:46:45 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-02-20 01:41:52 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-02-20 01:30:39 4300288 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-02-20 01:28:25 2358784 ----a-w- C:\Windows\System32\wininet.dll
2015-02-20 01:24:21 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-02-20 01:23:19 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-02-20 01:01:25 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-02-17 18:26:28 1217184 ----a-w- C:\Windows\SysWow64\FM20.DLL
2015-02-06 00:52:44 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-06 00:52:44 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-02-05 22:47:46 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2015-02-05 04:45:37 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2015-02-04 18:56:32 0 ----a-w- C:\Windows\ativpsrm.bin
2015-02-04 03:16:29 609280 ----a-w- C:\Windows\System32\generaltel.dll
2015-02-04 03:16:20 762368 ----a-w- C:\Windows\System32\invagent.dll
2015-02-04 03:16:16 414720 ----a-w- C:\Windows\System32\devinv.dll
2015-02-04 03:16:14 894976 ----a-w- C:\Windows\System32\appraiser.dll
2015-02-04 03:16:13 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-02-04 03:16:13 192000 ----a-w- C:\Windows\System32\aepic.dll
2015-02-04 03:13:28 1098752 ----a-w- C:\Windows\System32\aeinv.dll
2015-02-03 03:34:39 693176 ----a-w- C:\Windows\System32\winload.efi
2015-02-03 03:34:38 5554104 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-02-03 03:34:36 94656 ----a-w- C:\Windows\System32\drivers\mountmgr.sys
2015-02-03 03:33:29 616360 ----a-w- C:\Windows\System32\winresume.efi
2015-02-03 03:30:58 631808 ----a-w- C:\Windows\System32\evr.dll
2015-02-03 03:29:19 8704 ----a-w- C:\Windows\System32\pcaevts.dll
2015-02-03 03:28:49 2048 ----a-w- C:\Windows\System32\mferror.dll
2015-02-03 03:28:14 6656 ----a-w- C:\Windows\System32\apisetschema.dll
2015-02-03 03:19:12 663552 ----a-w- C:\Windows\System32\drivers\PEAuth.sys
2015-02-03 03:16:31 3973048 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-02-03 03:16:31 3917760 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-02-03 03:11:55 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2015-02-03 03:11:48 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2015-02-03 03:11:18 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2015-02-03 03:09:03 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
.
============= FINISH: 17:32:15,09 ===============

Share this post


Link to post
Share on other sites

Securitycheck log:

 

Results of screen317's Security Check version 0.99.99
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Panda Free Antivirus
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 16.0.0.305 Flash Player out of Date!
Adobe Reader XI
Mozilla Firefox (36.0.4)
Google Chrome (41.0.2272.101)
Google Chrome (41.0.2272.89)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbam.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

Share this post


Link to post
Share on other sites

Hi TMA_Cool, and welcome back

When you download illegal pirated software, or tools to illegally bypass registration like the zip archive from the Daz pirating group that Malwarebytes found used to illegally bypass Microsoft registration, you can expect to become infected. Using pirated software or frequenting sites hosting pirated software is the fastest way to get infected. In many cases, you don't even have to download and install anything, simply browsing the site has the potential to infect your system.

From the DDS log it's apparent that even the copy of windows you are requesting help with is pirated.

You should purchase a legitimate, legal copy of Windows rather than using pirated software. Not only will you be more secure without pirated software, its the right thing to do.

Once you repost a new DDS log that doesn't show efforts at bypassing registration I will assist you in cleaning the system.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now