Inactive [Piracy] Have to reactivate windows, possible malware?

[Wimk]

Hello,

Yesterday I installed some software which needed to install 2 additional pieces of software to be installed first for it to work.
Somewhere during the installing my AV avast went to 50% cpu and it all went slow. I installed everything though and the software worked fine.
However, after I restarted my pc, windows XP suddenly said that the configuration of my hardware differed too much from the point of installing windows XP and that I had to reactivate it.
I de-installed the software and tried a previous system restore point from the day before but that didn't work. I did notice there that there were also two windows updates installed after the software.
Namely: windows XP KB942288-v3 (this?)
and: Software updates KB952011 (this?)

I started with the 8-step since those are helpfull anyway.
The first two logs looked good to me but running the DDS didn't entirely work for me. First try it made my comp freeze at around 2/3. Second try (after a reboot and this time turning off avast) the same thing happened. (waited 3 min or more after it froze)

I have no other problems besides suddenly having to reactivate windows within 3 days.
On a side note: some time ago I emptied my windows DLL cache.

My question is: do you think I should just reactivate windows XP or do you strongly suggest me to go through this malware removal process first?

Thanks in advance.

 

[Wimk]

mbam log

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Databaseversie: 5553

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

19-1-2011 15:43:27
mbam-log-2011-01-19 (15-43-27).txt

Scantype: Snelle scan
Objecten gescand: 132595
Verstreken tijd: 2 minuut/minuten, 36 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

 

[Wimk]

gmer log

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-01-19 15:52:02
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 IC35L040AVVA07-0 rev.VA2OA52A
Running: g8sof791.exe; Driver: C:\DOCUME~1\admin\LOCALS~1\Temp\fwlcypog.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xAFBF382E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xAFBF3652]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xAFBF378C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

Device \Driver\Tcpip \Device\Ip socketlock.sys

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\Tcpip \Device\Tcp socketlock.sys

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\Tcpip \Device\Udp socketlock.sys

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\Tcpip \Device\RawIp socketlock.sys

AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- EOF - GMER 1.0.15 ----

 

[Bobbye]

Welcome to TechSpot! I
'll help with the problem if you give me some information:

I installed some software which needed to install 2 additional pieces of software to be installed first for it to work.

What did you download? Where did you download it from? And the following are matters of concern:

I have no other problems besides suddenly having to reactivate windows within 3 days.
On a side note: some time ago I emptied my windows DLL cache.

Is your copy of Windows OS legitimate?
Was there a reason you deleted the dll cache? Has it repopulated again?

My language is English, but I see all zeroes in the Mbam log, so nothing was found. but I need to be able to read the log entries. When I get some answers, I will know better how to proceed.

 

[Wimk]

My windows OS is legitimate.
Besides using CCleaner and moving some files to uninstall windows updates, I emptied my dll cache to get some space on my c-drive which is only 8 gig and had like only 10MB free space. My father made it that size so he could make a backup of the partition with some software (max size 8 gig)
I just checked and yea, the dll cache is filling up again, its on 34MB now. (was 500MB or something when i emptied it)

but I need to be able to read the log entries.

Which log entires do you mean? DDS wasn't working for me.

Edit:

My language is English, but I see all zeroes in the Mbam log, so nothing was found.

I finaly realize why you said that. I didn't think of or notice it at all.

Edit2:
Since I had only 1 day left before I was forced to reactivate windows anyway I decided to do it now already. Everything went fine but DDS still freezes on 2/3. I'm assuming everything is fine though, so I'll continue with updating everything to the newest version and de-installing the older versions and leave it at that.
Thanks for the help anyway and keep up the good work here

 

[Bobbye]

I noticed you went in and edited out your sentence that you had downloaded Sony Vegas Pro 10.0 from piratebay. That program starts at $600.00. It would appear that you pirated it by getting a crack or keygen for it.

Since you no longer need help, I am closing the thread.

Please note that we do no support piracy. If you need help in the future:
All pirated programs or apps must be removed.
Logs must be in English.