Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

slow boot up and programs

This is a discussion on slow boot up and programs within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. Hello, recently I installed secondary harddisk and now my machine is very slow. Security Essential found viruses on it and


Closed Thread
 
Thread Tools Search this Thread
Old 05-03-2018, 10:34 AM   #1
Registered Member
 
JMSBLK's Avatar
 
Join Date: May 2010
Posts: 75
OS: win7 ultimate

My System


Hello, recently I installed secondary harddisk and now my machine is very slow. Security Essential found viruses on it and deleted it, also Antibytes found some malware on primary harddisk. I also ran ESETonline scan but nothing was found. i am attaching DDS' attach.txt,

dds.txt:-

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.18698
Run by MoaxxaM at 15:07:27 on 2018-05-03
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3543.3012 [GMT 5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189}
SP: Microsoft Security Essentials *Enabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k defragsvc
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
BHO: EGet Class: {1E871FF8-029C-4732-8AA7-39E3D3872057} - c:\program files\eagleget\eagleSniffer.dll
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
dRunOnce: [SPReview] "c:\windows\system32\spreview\SPReview.exe" /sp:1 /errorfwlink:"https://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoSimpleNetIDList = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all links with EagleGet - c:\program files\eagleget\IEGraberBHO.dll/202
IE: Download with EagleGet - c:\program files\eagleget\IEGraberBHO.dll/201
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.10.1
TCP: Interfaces\{091DB5C2-36F9-423B-B070-492FA38509E8} : DHCPNameServer = 192.168.10.1
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\66.0.3359.139\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\moaxxam\appdata\roaming\mozilla\firefox\profiles\xmntywwz.default-1519943099510\
FF - plugin: c:\program files\eagleget\npEagleget.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.33.7\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_28_0_0_137.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2016-8-25 252808]
R3 e1kexpress;Intel(R) Network Connections Driver K;c:\windows\system32\drivers\e1k6232.sys [2013-12-20 369416]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2016-8-25 105696]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2016-11-14 280864]
R3 tapwindscribe0901;Windscribe VPN;c:\windows\system32\drivers\tapwindscribe0901.sys [2018-1-24 41976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2017-10-4 107624]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 eagleGet;eagleGet;c:\windows\system32\drivers\eagleGet.sys [2017-11-28 62064]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2017-6-17 104960]
S3 MBAMService;Malwarebytes Service;e:\anti-malware\MBAMService.exe [2018-4-17 4707104]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2017-6-21 14848]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2017-6-21 49152]
S3 WindscribeService;WindscribeService;c:\program files\windscribe\WindscribeService.exe [2018-1-24 372328]
S4 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\codemeter\runtime\bin\CodeMeter.exe [2017-6-25 3105144]
S4 DiagTrack;Diagnostics Tracking Service;c:\windows\system32\svchost.exe -k utcsvc [2009-7-14 20992]
S4 egGetSvc;egGetSvc;c:\program files\eagleget\EGMonitor.exe [2017-11-28 247992]
.
=============== Created Last 30 ================
.
2018-05-02 16:32:45 11847976 -c--a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{7f440229-c123-48d9-af8e-2ceaf02ec572}\mpengine.dll
2018-05-01 09:18:00 11847976 -c--a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2018-04-17 11:18:29 -------- dc----w- c:\users\moaxxam\appdata\local\Steam
2018-04-17 10:25:49 -------- dc----w- c:\program files\common files\Steam
2018-04-17 09:40:16 58656 ----a-w- c:\windows\system32\drivers\mbae.sys
2018-04-15 05:26:28 1893376 ----a-w- c:\windows\system32\aitstatic.exe
2018-04-15 05:26:27 594944 ----a-w- c:\windows\system32\generaltel.dll
2018-04-15 05:26:27 535040 ----a-w- c:\windows\system32\aeinv.dll
2018-04-15 05:26:27 507392 ----a-w- c:\windows\system32\devinv.dll
2018-04-15 05:26:27 338432 ----a-w- c:\windows\system32\invagent.dll
2018-04-15 05:26:27 338432 ----a-w- c:\windows\system32\centel.dll
2018-04-15 05:26:27 238592 ----a-w- c:\windows\system32\acmigration.dll
2018-04-15 05:26:27 190976 ----a-w- c:\windows\system32\aepic.dll
2018-04-15 05:26:27 1319424 ----a-w- c:\windows\system32\appraiser.dll
2018-04-15 05:26:27 116928 ----a-w- c:\windows\system32\CompatTelRunner.exe
2018-04-07 07:10:37 133987696 -c--a-w- c:\windows\system32\MRT-KB890830.exe
.
==================== Find3M ====================
.
.
============= FINISH: 15:08:50.67 ===============

Thanks.
Attached Files
File Type: zip attach.zip (3.4 KB, 29 views)
JMSBLK is offline  
Sponsored Links
Advertisement
 
Old 05-08-2018, 01:17 AM   #2
Registered Member
 
JMSBLK's Avatar
 
Join Date: May 2010
Posts: 75
OS: win7 ultimate

My System


BUMP!
JMSBLK is offline  
Old 06-05-2018, 09:40 AM   #3
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Do you still need help?
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 01:07 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts