Jump to content


Photo

Sluggish comp


  • Please log in to reply
3 replies to this topic

#1 TMA_Cool

TMA_Cool

    Member

  • Full Member
  • Pip
  • 68 posts

Posted 23 March 2015 - 03:39 PM

Hello, recently ive noticed my comp started to be sluggish when opening programs like Firefox.  It must be noted that i changed my HDD because the old one was about to die, i did keep my old HDD as secondary (though i format it), could that be causing the slow performance? Also, a few days ago i got infected with some spyware and browser hijacker but Malwarebytes got rid of it.

 

Anyway, here´s the logs:

 

Malwarebytes log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 23/03/2015
Scan Time: 05:20:39 p.m.
Logfile: Log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.23.07
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Usuario

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 352756
Time Elapsed: 6 min, 16 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
Hacktool.Agent, C:\Users\Usuario\Desktop\Cristian\W.L.D.v2.2.2.zip, Quarantined, [acfdfd25800a93a3bb73393d17ea5ea2],

Physical Sectors: 0
(No malicious items detected)


(end)



#2 TMA_Cool

TMA_Cool

    Member

  • Full Member
  • Pip
  • 68 posts

Posted 23 March 2015 - 03:39 PM

DDS log:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17689
Run by Usuario at 17:31:20 on 2015-03-23
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.54.3082.18.8130.6322 [GMT -3:00]
.
AV: Panda Free Antivirus *Enabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
SP: Panda Free Antivirus *Enabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uDefault_Page_URL = about:blank
mStart Page = about:blank
mSearch Page = www.google.com
mDefault_Page_URL = about:blank
mDefault_Search_URL = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Enviar a OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xportar a Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 200.49.130.41 200.42.4.203 172.20.2.26
TCP: Interfaces\{D394C91A-E739-4801-A69F-DBDE0211E328} : DHCPNameServer = 200.49.130.41 200.42.4.203 172.20.2.26
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-mSearch Page = www.google.com
x64-mDefault_Page_URL = about:blank
x64-mDefault_Search_URL = www.google.com
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 genuine.microsoft.com
Hosts: 127.0.0.1 mpa.one.microsoft.com
Hosts: 127.0.0.1 sls.microsoft.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\4qskok85.default\
FF - prefs.js: browser.search.selectedEngine - omniboxes
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.ar/
FF - prefs.js: keyword.URL - hxxp://search.us.com/serp?guid={FEBEB51E-3F70-4B19-8E26-D9019BD9DA96}&action=default_search&k=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2014-7-9 42624]
R0 DC3410;DC3410;C:\Windows\System32\drivers\DC3410.sys [2014-7-9 48328]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-8-7 644968]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-8-7 28008]
R0 iusb3hcs;Controlador del conmutador de la controladora de host Intel® USB 3.0;C:\Windows\System32\drivers\iusb3hcs.sys [2015-2-5 20464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2015-2-5 283064]
R1 NNSALPC;NNSALPC;C:\Windows\System32\drivers\NNSAlpc.sys [2014-6-4 96800]
R1 NNSHTTP;NNSHTTP;C:\Windows\System32\drivers\NNSHttp.sys [2014-6-18 162336]
R1 NNSHTTPS;NNSHTTPS;C:\Windows\System32\drivers\NNSHttps.sys [2014-6-4 112160]
R1 NNSIDS;NNSIDS;C:\Windows\System32\drivers\NNSIds.sys [2014-6-4 115232]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;C:\Windows\System32\drivers\NNSNAHSL.sys [2014-1-16 46336]
R1 NNSPICC;NNSPICC;C:\Windows\System32\drivers\NNSpicc.sys [2014-6-4 95776]
R1 NNSPIHSW;NNSPIHSW;C:\Windows\System32\drivers\NNSPihsw.sys [2014-6-4 70176]
R1 NNSPOP3;NNSPOP3;C:\Windows\System32\drivers\NNSPop3.sys [2014-6-4 125984]
R1 NNSPROT;NNSPROT;C:\Windows\System32\drivers\NNSProt.sys [2014-6-4 306720]
R1 NNSPRV;NNSPRV;C:\Windows\System32\drivers\NNSPrv.sys [2014-6-4 169504]
R1 NNSSMTP;NNSSMTP;C:\Windows\System32\drivers\NNSSmtp.sys [2014-6-4 115744]
R1 NNSSTRM;NNSSTRM;C:\Windows\System32\drivers\NNSStrm.sys [2014-6-4 261152]
R1 NNSTLSC;NNSTLSC;C:\Windows\System32\drivers\NNStlsc.sys [2014-6-4 109088]
R1 PSINKNC;PSINKNC;C:\Windows\System32\drivers\PSINKNC.sys [2014-7-24 195616]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-11-20 244736]
R2 amdacpksd;ACP Kernel Service Driver;C:\Windows\System32\drivers\amdacpksd.sys [2014-11-20 294600]
R2 amdacpusrsvc;ACP User Service;C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2014-11-20 116224]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2015-2-5 936728]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-7 15720]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2015-2-5 169432]
R2 NanoServiceMain;Panda Protection Service;C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2014-10-13 142072]
R2 PandaAgent;Panda Devices Agent;C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2014-10-9 66808]
R2 PSINAflt;PSINAflt;C:\Windows\System32\drivers\PSINAflt.sys [2014-10-13 163088]
R2 PSINFile;PSINFile;C:\Windows\System32\drivers\PSINFile.sys [2014-10-13 121616]
R2 PSINProc;PSINProc;C:\Windows\System32\drivers\PSINProc.sys [2014-7-24 122400]
R2 PSINProt;PSINProt;C:\Windows\System32\drivers\PSINProt.sys [2014-7-24 132128]
R2 PSINReg;PSINReg;C:\Windows\System32\drivers\PSINReg.sys [2014-10-13 107792]
R2 PSUAService;Panda Product Service;C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2014-10-16 38136]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2014-6-21 94720]
R3 iusb3hub;Controlador del concentrador Intel® USB 3.0;C:\Windows\System32\drivers\iusb3hub.sys [2015-2-5 368112]
R3 iusb3xhc;Controlador de la controladora de host Intel® USB 3.0 eXtensible;C:\Windows\System32\drivers\iusb3xhc.sys [2015-2-5 786416]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-2-6 129752]
R3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2015-3-15 60400]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-2-5 883928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-1-2 315488]
S3 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2014-7-9 292696]
S3 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2014-7-9 82560]
S3 amdide64;amdide64;C:\Windows\System32\drivers\amdide64.sys [2014-7-9 11904]
S3 DC133;DC133;C:\Windows\System32\drivers\DC133.sys [2014-7-9 39320]
S3 DC150;DC150;C:\Windows\System32\drivers\DC150.sys [2014-7-9 39832]
S3 DC154;DC154;C:\Windows\System32\drivers\DC154.sys [2014-7-9 48136]
S3 DC300e;DC300e;C:\Windows\System32\drivers\DC300e.sys [2014-7-9 40344]
S3 DC324e;DC324e;C:\Windows\System32\drivers\DC324e.sys [2014-7-9 49752]
S3 DC4300;DC4300;C:\Windows\System32\drivers\DC4300.sys [2014-7-9 48360]
S3 DC600e;DC600e;C:\Windows\System32\drivers\DC600e.sys [2014-7-9 40744]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-3-11 114688]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376]
S3 megasas2;megasas2;C:\Windows\System32\drivers\megasas2.sys [2014-7-9 51496]
S3 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2015-2-4 1910640]
S3 PNPMEM;Controlador de módulo de memoria de Microsoft;C:\Windows\System32\drivers\pnpmem.sys [2009-7-13 16384]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-5-27 19456]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2014-5-27 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-5-27 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-5-27 29696]
S3 WatAdminSvc;Servicio de tecnologías de activación de Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-2-5 1255736]
.
=============== Created Last 30 ================
.
2015-03-20 12:39:06    11910896    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ABEF8792-3884-4828-A375-FE313C75D916}\mpengine.dll
2015-03-15 20:15:29    60400    ----a-w-    C:\Windows\System32\drivers\PSKMAD.sys
2015-03-14 17:32:47    --------    d-----w-    C:\Users\Usuario\SupTab
2015-03-14 16:59:40    --------    d-----w-    C:\Users\Usuario\AppData\Local\globalUpdate
2015-03-14 16:54:26    --------    d-----w-    C:\Program Files (x86)\Windows Loader
2015-03-14 16:45:10    113543    ----a-w-    C:\Windows\SysWow64\slmgr.vbs
2015-03-13 23:35:25    --------    d-----w-    C:\Users\Usuario\AppData\Roaming\.mono
2015-03-13 23:35:25    --------    d-----w-    C:\ProgramData\.mono
2015-03-13 23:35:24    --------    d-----w-    C:\Users\Usuario\AppData\Roaming\Colossal Order
2015-03-13 23:35:24    --------    d-----w-    C:\Users\Usuario\AppData\Local\Colossal Order
2015-03-11 16:43:59    680960    ----a-w-    C:\Windows\System32\audiosrv.dll
2015-03-11 16:42:32    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
2015-03-11 16:42:32    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2015-03-04 18:32:36    --------    d-----w-    C:\Users\Usuario\AppData\Local\SIPC
2015-03-04 18:31:42    217088    ----a-w-    C:\Windows\SysWow64\libmySQL.dll
2015-03-04 18:31:42    1056768    ----a-w-    C:\Windows\SysWow64\libmysql41.dll
2015-02-28 02:54:47    --------    d-----w-    C:\Users\Usuario\Zomboid
2015-02-27 01:55:58    --------    d-----w-    C:\Users\Usuario\AppData\Local\SKIDROW
2015-02-27 01:51:46    --------    d-----w-    C:\R.G. Catalyst
2015-02-25 23:51:59    --------    d-----w-    C:\Users\Usuario\AppData\Local\Deployment
2015-02-25 23:51:59    --------    d-----w-    C:\Users\Usuario\AppData\Local\Apps
2015-02-25 19:19:02    950272    ----a-w-    C:\Windows\System32\perftrack.dll
2015-02-25 19:19:02    91136    ----a-w-    C:\Windows\System32\wdi.dll
2015-02-25 19:19:02    76800    ----a-w-    C:\Windows\SysWow64\wdi.dll
2015-02-25 19:19:02    29696    ----a-w-    C:\Windows\System32\powertracker.dll
2015-02-23 19:47:17    --------    d-----w-    C:\Users\Usuario\AppData\Local\ElevatedDiagnostics
2015-02-22 20:17:55    --------    d-----w-    C:\Users\Usuario\AppData\Local\My Games
.
==================== Find3M  ====================
.
2015-03-23 20:29:57    129752    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-03-23 20:27:57    65536    ----a-w-    C:\Windows\System32\spu_storage.bin
2015-03-06 05:56:10    95680    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2015-03-06 05:56:10    155576    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2015-03-06 05:42:39    210944    ----a-w-    C:\Windows\System32\wdigest.dll
2015-03-06 05:42:36    86528    ----a-w-    C:\Windows\System32\TSpkg.dll
2015-03-06 05:42:35    29184    ----a-w-    C:\Windows\System32\sspisrv.dll
2015-03-06 05:42:35    136192    ----a-w-    C:\Windows\System32\sspicli.dll
2015-03-06 05:42:33    341504    ----a-w-    C:\Windows\System32\schannel.dll
2015-03-06 05:42:33    28160    ----a-w-    C:\Windows\System32\secur32.dll
2015-03-06 05:42:29    314880    ----a-w-    C:\Windows\System32\msv1_0.dll
2015-03-06 05:42:29    309760    ----a-w-    C:\Windows\System32\ncrypt.dll
2015-03-06 05:42:27    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2015-03-06 05:42:27    1461760    ----a-w-    C:\Windows\System32\lsasrv.dll
2015-03-06 05:42:20    22016    ----a-w-    C:\Windows\System32\credssp.dll
2015-03-06 05:41:46    31232    ----a-w-    C:\Windows\System32\lsass.exe
2015-03-06 05:41:31    64000    ----a-w-    C:\Windows\System32\auditpol.exe
2015-03-06 05:39:16    60416    ----a-w-    C:\Windows\System32\msobjs.dll
2015-03-06 05:38:57    146432    ----a-w-    C:\Windows\System32\msaudite.dll
2015-03-06 05:36:56    686080    ----a-w-    C:\Windows\System32\adtschema.dll
2015-03-06 05:10:34    172032    ----a-w-    C:\Windows\SysWow64\wdigest.dll
2015-03-06 05:10:30    65536    ----a-w-    C:\Windows\SysWow64\TSpkg.dll
2015-03-06 05:10:26    248832    ----a-w-    C:\Windows\SysWow64\schannel.dll
2015-03-06 05:10:26    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2015-03-06 05:10:22    259584    ----a-w-    C:\Windows\SysWow64\msv1_0.dll
2015-03-06 05:10:22    221184    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2015-03-06 05:10:18    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2015-03-06 05:10:11    17408    ----a-w-    C:\Windows\SysWow64\credssp.dll
2015-03-06 05:09:31    50176    ----a-w-    C:\Windows\SysWow64\auditpol.exe
2015-03-06 05:09:19    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2015-03-06 05:07:50    60416    ----a-w-    C:\Windows\SysWow64\msobjs.dll
2015-03-06 05:07:43    146432    ----a-w-    C:\Windows\SysWow64\msaudite.dll
2015-03-06 05:06:20    686080    ----a-w-    C:\Windows\SysWow64\adtschema.dll
2015-02-26 03:25:44    3204096    ----a-w-    C:\Windows\System32\win32k.sys
2015-02-24 06:17:24    295552    ------w-    C:\Windows\System32\MpSigStub.exe
2015-02-20 04:41:01    41984    ----a-w-    C:\Windows\System32\lpk.dll
2015-02-20 04:40:59    100864    ----a-w-    C:\Windows\System32\fontsub.dll
2015-02-20 04:40:56    14336    ----a-w-    C:\Windows\System32\dciman32.dll
2015-02-20 04:40:55    46080    ----a-w-    C:\Windows\System32\atmlib.dll
2015-02-20 04:13:49    70656    ----a-w-    C:\Windows\SysWow64\fontsub.dll
2015-02-20 04:13:46    10240    ----a-w-    C:\Windows\SysWow64\dciman32.dll
2015-02-20 04:13:43    34304    ----a-w-    C:\Windows\SysWow64\atmlib.dll
2015-02-20 04:12:51    25600    ----a-w-    C:\Windows\SysWow64\lpk.dll
2015-02-20 03:29:16    372224    ----a-w-    C:\Windows\System32\atmfd.dll
2015-02-20 03:09:16    299008    ----a-w-    C:\Windows\SysWow64\atmfd.dll
2015-02-20 03:06:02    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2015-02-20 03:05:49    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2015-02-20 02:50:14    66560    ----a-w-    C:\Windows\System32\iesetup.dll
2015-02-20 02:49:29    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2015-02-20 02:49:19    584192    ----a-w-    C:\Windows\System32\vbscript.dll
2015-02-20 02:47:56    88064    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2015-02-20 02:35:17    144384    ----a-w-    C:\Windows\System32\ieUnatt.exe
2015-02-20 02:35:05    114688    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2015-02-20 02:34:24    814080    ----a-w-    C:\Windows\System32\jscript9diag.dll
2015-02-20 02:32:34    6035456    ----a-w-    C:\Windows\System32\jscript9.dll
2015-02-20 02:26:12    968704    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2015-02-20 02:22:35    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2015-02-20 02:13:57    77824    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-02-20 02:09:08    503296    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2015-02-20 02:08:59    62464    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2015-02-20 02:08:13    47616    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2015-02-20 02:06:44    64000    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2015-02-20 01:56:54    115712    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2015-02-20 01:56:07    620032    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2015-02-20 01:47:06    1359360    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2015-02-20 01:46:45    2125824    ----a-w-    C:\Windows\System32\inetcpl.cpl
2015-02-20 01:41:52    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-02-20 01:30:39    4300288    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2015-02-20 01:28:25    2358784    ----a-w-    C:\Windows\System32\wininet.dll
2015-02-20 01:24:21    2052608    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2015-02-20 01:23:19    1155072    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2015-02-20 01:01:25    1888256    ----a-w-    C:\Windows\SysWow64\wininet.dll
2015-02-17 18:26:28    1217184    ----a-w-    C:\Windows\SysWow64\FM20.DLL
2015-02-06 00:52:44    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-06 00:52:44    701616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2015-02-05 22:47:46    111016    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2015-02-05 04:45:37    283064    ----a-w-    C:\Windows\System32\drivers\dtsoftbus01.sys
2015-02-04 18:56:32    0    ----a-w-    C:\Windows\ativpsrm.bin
2015-02-04 03:16:29    609280    ----a-w-    C:\Windows\System32\generaltel.dll
2015-02-04 03:16:20    762368    ----a-w-    C:\Windows\System32\invagent.dll
2015-02-04 03:16:16    414720    ----a-w-    C:\Windows\System32\devinv.dll
2015-02-04 03:16:14    894976    ----a-w-    C:\Windows\System32\appraiser.dll
2015-02-04 03:16:13    227328    ----a-w-    C:\Windows\System32\aepdu.dll
2015-02-04 03:16:13    192000    ----a-w-    C:\Windows\System32\aepic.dll
2015-02-04 03:13:28    1098752    ----a-w-    C:\Windows\System32\aeinv.dll
2015-02-03 03:34:39    693176    ----a-w-    C:\Windows\System32\winload.efi
2015-02-03 03:34:38    5554104    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2015-02-03 03:34:36    94656    ----a-w-    C:\Windows\System32\drivers\mountmgr.sys
2015-02-03 03:33:29    616360    ----a-w-    C:\Windows\System32\winresume.efi
2015-02-03 03:30:58    631808    ----a-w-    C:\Windows\System32\evr.dll
2015-02-03 03:29:19    8704    ----a-w-    C:\Windows\System32\pcaevts.dll
2015-02-03 03:28:49    2048    ----a-w-    C:\Windows\System32\mferror.dll
2015-02-03 03:28:14    6656    ----a-w-    C:\Windows\System32\apisetschema.dll
2015-02-03 03:19:12    663552    ----a-w-    C:\Windows\System32\drivers\PEAuth.sys
2015-02-03 03:16:31    3973048    ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2015-02-03 03:16:31    3917760    ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2015-02-03 03:11:55    50176    ----a-w-    C:\Windows\SysWow64\rrinstaller.exe
2015-02-03 03:11:48    23040    ----a-w-    C:\Windows\SysWow64\mfpmp.exe
2015-02-03 03:11:18    12625408    ----a-w-    C:\Windows\SysWow64\wmploc.DLL
2015-02-03 03:09:03    2048    ----a-w-    C:\Windows\SysWow64\mferror.dll
.
============= FINISH: 17:32:15,09 ===============
 



#3 TMA_Cool

TMA_Cool

    Member

  • Full Member
  • Pip
  • 68 posts

Posted 23 March 2015 - 03:39 PM

Securitycheck log:

 

 Results of screen317's Security Check version 0.99.99  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
Panda Free Antivirus   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player 10 Flash Player out of Date!
  Adobe Flash Player 16.0.0.305 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (36.0.4)
 Google Chrome (41.0.2272.101)
 Google Chrome (41.0.2272.89)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbam.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 



#4 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,374 posts

Posted 23 March 2015 - 08:21 PM

Hi TMA_Cool, and welcome back

When you download illegal pirated software, or tools to illegally bypass registration like the zip archive from the Daz pirating group that Malwarebytes found used to illegally bypass Microsoft registration, you can expect to become infected. Using pirated software or frequenting sites hosting pirated software is the fastest way to get infected. In many cases, you don't even have to download and install anything, simply browsing the site has the potential to infect your system.

From the DDS log it's apparent that even the copy of windows you are requesting help with is pirated.

You should purchase a legitimate, legal copy of Windows rather than using pirated software. Not only will you be more secure without pirated software, its the right thing to do.

Once you repost a new DDS log that doesn't show efforts at bypassing registration I will assist you in cleaning the system.


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of

Support SpywareInfo Forum - click the button
PayPal - The safer, easier way to pay online!