Jump to content


Photo

Help Combofix log analysis....


  • This topic is locked This topic is locked
22 replies to this topic

#1 daniloman

daniloman

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 22 September 2012 - 11:37 AM

I read the ' Instructions for posting requested logs' thread at the top of the page, and got freaked out when I read that I shouldn't have used ComboFix as it was a powerful tool and things could go wrong. Everything seems fine at the moment, but anyway, I've put the log as an attachment, and thanks to the person who helps me out on this. It says it's already deleted the infected files, but I was told to go here anyway by BleepingComputer.com. Thanks again...

anyway he is my log.


ComboFix 12-09-22.02 - Daniel Ramirez 22/09/2012 9:15.1.4 - x64
Microsoft Windows 7 Home Basic 6.1.7601.1.1252.57.3082.18.8136.5816 [GMT -5:00]
Running from: c:\users\Daniel Ramirez\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\1343667557.bdinstall.bin
c:\programdata\1346599534.bdinstall.bin
c:\programdata\Roaming
c:\windows\PFRO.log
c:\windows\s.bat
c:\windows\system\threed32.ocx
c:\windows\SysWow64\FlashPlayerInstaller.exe
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-08-22 to 2012-09-22 )))))))))))))))))))))))))))))))
.
.
2012-09-22 14:20 . 2012-09-22 14:20 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-09-22 14:20 . 2012-09-22 14:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-22 13:52 . 2012-09-20 21:38 82944 ----a-w- c:\windows\system32\devcon.exe
2012-09-21 20:28 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F545950-9C67-43B2-A3A5-0CC888A3138C}\mpengine.dll
2012-09-21 03:15 . 2012-09-21 03:15 -------- d-----w- c:\program files (x86)\SafeNet Sentinel
2012-09-21 03:15 . 2012-09-21 03:15 -------- d-----w- c:\program files (x86)\Common Files\SafeNet Sentinel
2012-09-21 02:07 . 2012-09-21 23:47 139776 ----a-w- c:\windows\system32\drivers\sentinel64.sys
2012-09-21 02:06 . 2012-09-21 02:06 -------- d-----w- c:\programdata\SafeNet Sentinel
2012-09-20 21:48 . 2010-04-23 05:15 678408 ----a-w- c:\windows\system32\drivers\multikey.sys
2012-09-20 21:48 . 2012-09-20 21:48 -------- d-----w- C:\Multikey
2012-09-20 20:32 . 2012-09-20 20:32 177152 ----a-w- c:\windows\SysWow64\drivers\XRNBO.sys
2012-09-20 15:03 . 2012-09-20 22:03 -------- d-----w- c:\program files (x86)\IDA
2012-09-20 15:01 . 2012-09-20 15:01 -------- d-----w- c:\users\Daniel Ramirez\AppData\Roaming\Hex-Rays
2012-09-20 13:38 . 1997-03-13 05:00 142848 ----a-w- c:\windows\system32\xceedzip.ocx
2012-09-20 13:29 . 2012-09-20 13:27 205848 ----a-w- c:\windows\threed32.ocx
2012-09-20 13:28 . 2012-09-20 13:27 205848 ----a-w- c:\windows\system32\threed32.ocx
2012-09-20 13:24 . 2012-09-20 13:25 -------- d-----w- c:\program files\ConstruData
2012-09-20 11:21 . 2012-09-20 11:21 -------- d-----w- c:\users\Daniel Ramirez\AppData\Local\Macromedia
2012-09-12 15:49 . 2009-07-14 01:41 258048 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpfppw73.dll
2012-09-11 18:36 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-11 18:36 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-11 18:36 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-11 02:18 . 2012-09-21 23:50 -------- d-----r- c:\users\Daniel Ramirez\Dropbox
2012-09-11 02:16 . 2012-09-21 23:51 -------- d-----w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox
2012-09-02 15:33 . 2012-07-11 22:09 64856 ----a-w- c:\windows\system32\klfphc.dll
2012-09-02 15:32 . 2012-09-02 15:32 -------- d-----w- c:\windows\ELAMBKUP
2012-09-02 15:32 . 2012-09-02 15:32 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2012-09-02 15:32 . 2012-09-22 13:56 -------- d-----w- c:\programdata\Kaspersky Lab
2012-09-02 15:32 . 2012-09-18 15:13 610648 ----a-w- c:\windows\system32\drivers\klif.sys
2012-09-02 15:32 . 2012-08-13 23:24 89432 ----a-w- c:\windows\system32\drivers\klflt.sys
2012-09-02 01:00 . 2012-09-02 01:00 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-09-02 01:00 . 2012-09-02 01:00 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-02 01:00 . 2012-09-02 01:00 -------- d-----w- c:\program files (x86)\Java
2012-08-24 20:35 . 2012-08-24 20:35 -------- d-----w- c:\program files (x86)\Foxy Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-21 20:17 . 2012-05-05 16:41 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-21 20:17 . 2012-02-04 22:20 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-18 15:13 . 2012-07-25 19:53 29528 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2012-09-18 15:13 . 2012-05-26 00:38 29016 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
2012-09-12 10:12 . 2012-01-29 20:37 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-02 01:00 . 2012-06-26 16:44 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-02 01:00 . 2012-02-04 22:32 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-21 02:31 . 2012-08-19 23:03 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-08-21 02:31 . 2012-08-19 23:03 20032 ----a-w- c:\windows\SysWow64\drivers\dgderdrv.sys
2012-08-13 21:49 . 2012-08-13 21:49 178008 ----a-w- c:\windows\system32\drivers\kneps.sys
2012-08-02 20:09 . 2012-08-02 20:09 28504 ----a-w- c:\windows\system32\drivers\klim6.sys
2012-07-30 19:16 . 2012-08-19 23:13 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-07-30 19:16 . 2012-07-30 19:16 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2012-07-30 19:16 . 2012-07-30 19:16 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-07-30 19:16 . 2012-07-30 19:16 30568 ----a-w- c:\windows\MusiccityDownload.exe
2012-07-30 19:16 . 2012-07-30 19:16 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2012-07-30 19:16 . 2012-07-30 19:16 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2012-07-30 19:16 . 2012-07-30 19:16 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2012-07-30 19:16 . 2012-07-30 19:16 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2012-07-30 19:16 . 2012-07-30 19:16 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2012-07-30 19:16 . 2012-07-30 19:16 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2012-07-30 19:16 . 2012-07-30 19:16 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2012-07-30 19:16 . 2012-07-30 19:16 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2012-07-30 19:16 . 2012-07-30 19:16 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2012-07-30 19:16 . 2012-07-30 19:16 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-07-30 19:16 . 2012-07-30 19:16 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2012-07-30 19:16 . 2012-07-30 19:16 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2012-07-30 19:16 . 2012-07-30 19:16 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2012-07-30 19:16 . 2012-07-30 19:16 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2012-07-30 19:16 . 2012-07-30 19:16 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2012-07-30 19:16 . 2012-07-30 19:16 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2012-07-30 19:16 . 2012-07-30 19:16 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2012-07-30 19:16 . 2012-07-30 19:16 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2012-07-30 19:16 . 2012-07-30 19:16 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2012-07-30 19:16 . 2012-07-30 19:16 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2012-07-30 19:16 . 2012-07-30 19:16 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2012-07-30 19:16 . 2012-07-30 19:16 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2012-07-30 19:16 . 2012-07-30 19:16 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2012-07-30 19:16 . 2012-07-30 19:16 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2012-07-30 19:16 . 2012-07-30 19:16 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2012-07-30 18:32 . 2012-07-30 18:32 708168 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2012-07-30 18:32 . 2012-07-30 18:32 203104 ----a-w- c:\windows\system32\drivers\ssudobex.sys
2012-07-30 18:32 . 2012-07-30 18:32 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-07-30 18:32 . 2012-07-30 18:32 102240 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-07-18 18:15 . 2012-08-16 03:00 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-04 22:16 . 2012-08-16 03:00 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-07-04 22:13 . 2012-08-16 03:00 136704 ----a-w- c:\windows\system32\browser.dll
2012-07-04 22:13 . 2012-08-16 03:00 59392 ----a-w- c:\windows\system32\browcli.dll
2012-07-04 21:14 . 2012-08-16 03:00 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-06-27 02:38 . 2012-06-27 02:38 46176 ----a-w- c:\windows\system32\drivers\point64.sys
2012-06-26 16:47 . 2012-06-26 16:47 16504 ----a-w- c:\windows\system32\drivers\GdPhyMem.sys
2012-06-26 16:47 . 2012-06-26 16:47 106648 ----a-w- c:\windows\system32\drivers\GRD.sys
2012-06-26 16:29 . 2012-06-26 16:29 59768 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2012-06-26 01:20 . 2012-06-26 01:20 33408 ----a-w- c:\windows\SysWow64\drivers\fsbts.sys
2012-06-25 03:24 . 2012-06-25 03:24 52320 ----a-w- c:\windows\system32\drivers\dc3d.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Synchronizer"="c:\program files (x86)\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe" [2012-04-04 1261472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2010-12-24 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2010-12-24 224352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2012-08-18 218880]
.
c:\users\Daniel Ramirez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
2X Client.lnk - c:\program files\2X\Client\APPServerClient.exe [2012-6-28 2115976]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-12-14 1133856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-08 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 250288]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2010-12-15 349224]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-12-15 39464]
R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-20 276248]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-05-07 1432400]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-07-30 203104]
R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys [2012-07-30 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R3 XRNBO;XRNBO;c:\windows\system32\drivers\XRNBO.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [2011-04-25 57952]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2011-04-25 39008]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-01-19 25960]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [2011-04-25 13408]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2012-08-02 28504]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2012-06-08 54104]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-04-23 154272]
S2 multikey;Virtual USB MultiKey;c:\windows\system32\DRIVERS\multikey.sys [2010-04-23 678408]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE [2012-02-24 70136]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-19 2009704]
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys [2012-09-21 139776]
S2 SentinelKeysServer;Sentinel Keys Server;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2011-09-22 374304]
S2 SentinelSecurityRuntime;Sentinel Security Runtime;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2011-09-22 292384]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2011-09-24 81008]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-09-24 539248]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-03-09 288768]
S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-03-09 1066896]
S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-03-09 491920]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2011-04-25 29792]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-12-24 31088]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2012-06-25 52320]
S3 IntcDAud;Sonido Intel® para pantallas;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-11-29 173656]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2011-01-05 411688]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2012-09-18 29016]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2012-09-18 29528]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 NETwNs64;___ Controlador del adaptador Intel® Wireless WiFi Link para Windows 7 de 64 bits;c:\windows\system32\DRIVERS\NETwNs64.sys [2010-12-21 8505856]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2012-06-27 46176]
S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;c:\windows\system32\DRIVERS\SNTUSB64.SYS [2011-09-22 63528]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\usbvideo.sys [2010-11-20 184960]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 20:17]
.
2012-09-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3437578039-3608224858-2452284749-1001Core.job
- c:\users\Daniel Ramirez\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-29 22:48]
.
2012-09-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3437578039-3608224858-2452284749-1001UA.job
- c:\users\Daniel Ramirez\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-29 22:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-26 11775592]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2011-04-25 789920]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-04-25 206176]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-04-25 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-04-25 5908928]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-20 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-20 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-20 439064]
"IntelliType Pro"="c:\program files\Microsoft Device Center\itype.exe" [2012-06-27 1464928]
"IntelliPoint"="c:\program files\Microsoft Device Center\ipoint.exe" [2012-06-27 2004584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: &Download All with FlashGet - c:\program files (x86)\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files (x86)\FlashGet\jc_link.htm
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Enviar imagen al dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página al dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: taobao.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Daniel Ramirez\AppData\Roaming\Mozilla\Firefox\Profiles\7y82l9c8.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-09-22 09:22:05
ComboFix-quarantined-files.txt 2012-09-22 14:22
.
Pre-Run: 231,020,638,208 bytes libres
Post-Run: 230,639,538,176 bytes libres
.
- - End Of File - - 0583EF8CA800C9F04AD4D3C10FA0C040

#2 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 22 September 2012 - 12:25 PM

Hello daniloman. ComboFix without a script is relatively safe. It doesn't seem to have caused you any problems?

Please read the Instructions again and post the DDS, MBAM, and Security Check logs. We need the information in order to help you.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#3 daniloman

daniloman

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 22 September 2012 - 03:37 PM

Thanks for your answer

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by Daniel Ramirez at 16:32:09 on 2012-09-22
Microsoft Windows 7 Home Basic 6.1.7601.1.1252.57.3082.18.8136.5625 [GMT -5:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\windows\SysWOW64\NLSSRV32.EXE
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\windows\SysWOW64\vmnat.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\SysWOW64\vmnetdhcp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Device Center\itype.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Microsoft Device Center\ipoint.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\taskeng.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = <local>
BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - C:\Program Files (x86)\FlashGet\jccatch.dll
BHO: Content Blocker Plugin: {5564cc73-efa7-4cbf-918a-5cf7fbbfff4f} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-e40c-433c-9784-c78dc7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Safe Money Plugin: {9e6d0d23-3d72-4a94-ae1f-2d167624e3d9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - C:\Program Files (x86)\FlashGet\getflash.dll
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\Lenovo\Bluetooth Software\BTTray.exe
uPolicies-explorer: <NO NAME> =
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
IE: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
IE: Agregar a Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xportar a Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Enviar imagen al dispositivo &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página al dispositivo &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: taobao.com
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{351C4785-4018-4DE1-9456-28206F185301} : DhcpNameServer = 200.75.51.132 200.75.51.133
TCP: Interfaces\{49342C14-576F-4A64-B570-F60BE0F3A16F} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{49342C14-576F-4A64-B570-F60BE0F3A16F}\054616E456470284F6473507F647 : DhcpNameServer = 8.8.8.8
TCP: Interfaces\{49342C14-576F-4A64-B570-F60BE0F3A16F}\0757A6E2271646965737 : DhcpNameServer = 192.168.100.146 192.168.100.144
TCP: Interfaces\{49342C14-576F-4A64-B570-F60BE0F3A16F}\0757A6E2679637964716E64756 : DhcpNameServer = 192.168.100.144 192.168.100.146
TCP: Interfaces\{49342C14-576F-4A64-B570-F60BE0F3A16F}\34163716131314 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{49342C14-576F-4A64-B570-F60BE0F3A16F}\4416679646 : DhcpNameServer = 8.8.8.8
TCP: Interfaces\{49342C14-576F-4A64-B570-F60BE0F3A16F}\54E67456E696573713 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{49342C14-576F-4A64-B570-F60BE0F3A16F}\C696E6B6379737 : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
{0055C089-8582-441B-A0BF-17B458C2A3A8}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}
{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}
{73455575-E40C-433C-9784-C78DC7761455}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{E33CF602-D945-461A-83F0-819F76A199F8}
{F156768E-81EF-470C-9057-481BA8380DBA}
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun-x64: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE-X64: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Daniel Ramirez\AppData\Roaming\Mozilla\Firefox\Profiles\7y82l9c8.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Daniel Ramirez\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll
FF - plugin: C:\Users\Daniel Ramirez\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Daniel Ramirez\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
FF - plugin: C:\windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 fbfmon;fbfmon;C:\windows\system32\drivers\fbfmon.sys --> C:\windows\system32\drivers\fbfmon.sys [?]
R0 LHDmgr;LHDmgr;C:\windows\system32\DRIVERS\LhdX64.sys --> C:\windows\system32\DRIVERS\LhdX64.sys [?]
R0 nvpciflt;nvpciflt;C:\windows\system32\DRIVERS\nvpciflt.sys --> C:\windows\system32\DRIVERS\nvpciflt.sys [?]
R1 BPntDrv;BPntDrv;C:\windows\system32\drivers\BPntDrv.sys --> C:\windows\system32\drivers\BPntDrv.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\system32\DRIVERS\klim6.sys --> C:\windows\system32\DRIVERS\klim6.sys [?]
R1 kltdi;kltdi;C:\windows\system32\DRIVERS\kltdi.sys --> C:\windows\system32\DRIVERS\kltdi.sys [?]
R1 kneps;kneps;C:\windows\system32\DRIVERS\kneps.sys --> C:\windows\system32\DRIVERS\kneps.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-1-31 19232]
R2 AVP;Servicio Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-8-17 218880]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-25 13336]
R2 IDMWFP;IDMWFP;C:\windows\system32\DRIVERS\idmwfp.sys --> C:\windows\system32\DRIVERS\idmwfp.sys [?]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-22 399432]
R2 multikey;Virtual USB MultiKey;C:\windows\system32\DRIVERS\multikey.sys --> C:\windows\system32\DRIVERS\multikey.sys [?]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2012-2-24 70136]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-25 2009704]
R2 Sentinel64;Sentinel64;C:\windows\system32\Drivers\Sentinel64.sys --> C:\windows\system32\Drivers\Sentinel64.sys [?]
R2 SentinelKeysServer;Sentinel Keys Server;C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2011-9-22 374304]
R2 SentinelSecurityRuntime;Sentinel Security Runtime;C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2011-9-22 292384]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-4-25 2656280]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-9-23 539248]
R2 WDDMService;WDDMService;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-3-9 288768]
R2 WDFME;WD File Management Engine;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-3-9 1066896]
R2 WDSC;WD File Management Shadow Engine;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-3-9 491920]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys --> C:\windows\system32\DRIVERS\AcpiVpc.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys --> C:\windows\system32\DRIVERS\clwvd.sys [?]
R3 IntcDAud;Sonido Intel® para pantallas;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
R3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys --> C:\windows\system32\DRIVERS\jmcr.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\k57nd60a.sys --> C:\windows\system32\DRIVERS\k57nd60a.sys [?]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\windows\system32\DRIVERS\klkbdflt.sys --> C:\windows\system32\DRIVERS\klkbdflt.sys [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\system32\DRIVERS\klmouflt.sys --> C:\windows\system32\DRIVERS\klmouflt.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Controlador del adaptador Intel® Wireless WiFi Link para Windows 7 de 64 bits;C:\windows\system32\DRIVERS\NETwNs64.sys --> C:\windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\system32\DRIVERS\nusb3hub.sys --> C:\windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\system32\DRIVERS\nusb3xhc.sys --> C:\windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;C:\windows\system32\DRIVERS\SNTUSB64.SYS --> C:\windows\system32\DRIVERS\SNTUSB64.SYS [?]
R3 SPUVCbv;SPUVCb Driver Service;C:\windows\system32\Drivers\usbvideo.sys --> C:\windows\system32\Drivers\usbvideo.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\windows\system32\DRIVERS\WDKMD.sys --> C:\windows\system32\DRIVERS\WDKMD.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-22 676936]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-5 250288]
S3 BTWAMPFL;BTWAMPFL;C:\windows\system32\DRIVERS\btwampfl.sys --> C:\windows\system32\DRIVERS\btwampfl.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\system32\DRIVERS\btwl2cap.sys --> C:\windows\system32\DRIVERS\btwl2cap.sys [?]
S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\system32\DRIVERS\ssudbus.sys --> C:\windows\system32\DRIVERS\ssudbus.sys [?]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-1-29 1432400]
S3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-7-24 113120]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\system32\DRIVERS\netw5v64.sys --> C:\windows\system32\DRIVERS\netw5v64.sys [?]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\system32\DRIVERS\ssudmdm.sys --> C:\windows\system32\DRIVERS\ssudmdm.sys [?]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);C:\windows\system32\DRIVERS\ssudobex.sys --> C:\windows\system32\DRIVERS\ssudobex.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\system32\DRIVERS\wdcsam64.sys --> C:\windows\system32\DRIVERS\wdcsam64.sys [?]
S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.
=============== Created Last 30 ================
.
2012-09-22 17:45:45 -------- d-sh--w- C:\$RECYCLE.BIN
2012-09-22 17:42:31 -------- d-----w- C:\Users\Daniel Ramirez\AppData\Roaming\Malwarebytes
2012-09-22 17:41:29 -------- d-----w- C:\ProgramData\Malwarebytes
2012-09-22 17:41:21 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-09-22 17:41:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-09-22 13:52:21 82944 ----a-w- C:\windows\System32\devcon.exe
2012-09-21 20:28:46 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F545950-9C67-43B2-A3A5-0CC888A3138C}\mpengine.dll
2012-09-21 03:15:32 -------- d-----w- C:\Program Files (x86)\SafeNet Sentinel
2012-09-21 03:15:32 -------- d-----w- C:\Program Files (x86)\Common Files\SafeNet Sentinel
2012-09-21 02:07:05 139776 ----a-w- C:\windows\System32\drivers\sentinel64.sys
2012-09-21 02:06:56 -------- d-----w- C:\ProgramData\SafeNet Sentinel
2012-09-20 21:48:21 678408 ----a-w- C:\windows\System32\drivers\multikey.sys
2012-09-20 21:48:01 -------- d-----w- C:\Multikey
2012-09-20 20:32:43 177152 ----a-w- C:\windows\SysWow64\drivers\XRNBO.sys
2012-09-20 15:03:08 -------- d-----w- C:\Program Files (x86)\IDA
2012-09-20 15:01:33 -------- d-----w- C:\Users\Daniel Ramirez\AppData\Roaming\Hex-Rays
2012-09-20 13:38:12 142848 ----a-w- C:\windows\System32\xceedzip.ocx
2012-09-20 13:29:20 205848 ----a-w- C:\windows\threed32.ocx
2012-09-20 13:28:20 205848 ----a-w- C:\windows\System32\threed32.ocx
2012-09-20 13:24:51 -------- d-----w- C:\Program Files\ConstruData
2012-09-20 11:21:05 -------- d-----w- C:\Users\Daniel Ramirez\AppData\Local\Macromedia
2012-09-12 15:49:15 258048 ----a-w- C:\windows\System32\Spool\prtprocs\x64\hpfppw73.dll
2012-09-11 18:36:18 376688 ----a-w- C:\windows\System32\drivers\netio.sys
2012-09-11 18:36:18 288624 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS
2012-09-11 18:36:18 1913200 ----a-w- C:\windows\System32\drivers\tcpip.sys
2012-09-11 02:18:54 -------- d-----r- C:\Users\Daniel Ramirez\Dropbox
2012-09-11 02:16:06 -------- d-----w- C:\Users\Daniel Ramirez\AppData\Roaming\Dropbox
2012-09-02 15:33:19 64856 ----a-w- C:\windows\System32\klfphc.dll
2012-09-02 15:32:28 -------- d-----w- C:\windows\ELAMBKUP
2012-09-02 15:32:25 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2012-09-02 15:32:24 -------- d-----w- C:\ProgramData\Kaspersky Lab
2012-09-02 15:32:02 89432 ----a-w- C:\windows\System32\drivers\klflt.sys
2012-09-02 01:00:34 95208 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-24 20:35:31 -------- d-----w- C:\Program Files (x86)\Foxy Games
.
==================== Find3M ====================
.
2012-09-21 20:17:11 73136 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-21 20:17:11 696240 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-09-18 15:13:22 29528 ----a-w- C:\windows\System32\drivers\klmouflt.sys
2012-09-18 15:13:20 29016 ----a-w- C:\windows\System32\drivers\klkbdflt.sys
2012-09-02 01:00:26 821736 ----a-w- C:\windows\SysWow64\npdeployJava1.dll
2012-09-02 01:00:26 746984 ----a-w- C:\windows\SysWow64\deployJava1.dll
2012-08-24 10:31:32 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-08-21 02:31:24 821824 ----a-w- C:\windows\SysWow64\dgderapi.dll
2012-08-21 02:31:24 20032 ----a-w- C:\windows\SysWow64\drivers\dgderdrv.sys
2012-08-13 21:49:40 178008 ----a-w- C:\windows\System32\drivers\kneps.sys
2012-08-02 20:09:34 28504 ----a-w- C:\windows\System32\drivers\klim6.sys
2012-07-30 18:32:08 708168 ----a-w- C:\windows\System32\WinUSBCoInstaller.dll
2012-07-30 18:32:08 203104 ----a-w- C:\windows\System32\drivers\ssudobex.sys
2012-07-30 18:32:08 203104 ----a-w- C:\windows\System32\drivers\ssudmdm.sys
2012-07-30 18:32:08 102240 ----a-w- C:\windows\System32\drivers\ssudbus.sys
2012-07-26 03:41:49 731346 ----a-w- C:\windows\SysWow64\sig.bin
2012-07-18 18:15:06 3148800 ----a-w- C:\windows\System32\win32k.sys
2012-07-04 22:13:27 59392 ----a-w- C:\windows\System32\browcli.dll
2012-07-04 22:13:27 136704 ----a-w- C:\windows\System32\browser.dll
2012-07-04 21:14:34 41984 ----a-w- C:\windows\SysWow64\browcli.dll
2012-06-27 02:38:32 46176 ----a-w- C:\windows\System32\drivers\point64.sys
2012-06-26 16:47:48 16504 ----a-w- C:\windows\System32\drivers\GdPhyMem.sys
2012-06-26 16:47:47 106648 ----a-w- C:\windows\System32\drivers\GRD.sys
2012-06-26 16:29:59 59768 ----a-w- C:\windows\System32\drivers\PktIcpt.sys
2012-06-26 01:20:09 33408 ----a-w- C:\windows\SysWow64\drivers\fsbts.sys
2012-06-25 03:24:48 52320 ----a-w- C:\windows\System32\drivers\dc3d.sys
.
============= FINISH: 16:32:53.59 ===============

Malwarebytes Anti-Malware (Versión de Prueba) 1.65.0.1400
www.malwarebytes.org

Versión de la Base de Datos: v2012.09.22.05

Windows 7 Service Pack 1 x64 NTFS (modo seguro)
Internet Explorer 9.0.8112.16421
Daniel Ramirez :: DANIELRAMIREZ [administrador]

Protección: Personas de movilidad reducida

22/09/2012 01:22:12 p.m.
mbam-log-2012-09-22 (13-22-12).txt

Tipos de Análisis: Análisis Completo (C:\|D:\|)
Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opciones de análisis desactivados: P2P
Objetos examinados: 709096
Tiempo transcurrido: 1 hora(s), 10 minuto(s), 15 segundo(s)

Procesos en Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Módulos de Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Claves del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Valores del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Carpetas Detectadas: 0
(No se han detectado elementos maliciosos)

Archivos Detectados: 0

(No se han detectado elementos maliciosos)

fin)

Results of screen317's Security Check version 0.99.51
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Kaspersky Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware versión 1.65.0.1400
Java 7 Update 7
Adobe Flash Player 11.4.402.265
Adobe Reader X 10.1.3 Adobe Reader out of Date!
Mozilla Firefox 14.0.1 Firefox out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome plugins...
````````Process Check: objlist.exe by Laurent````````
Malwarebytes' Anti-Malware mbamscheduler.exe
Kaspersky Lab Kaspersky Internet Security 2013 avp.exe
Kaspersky Lab Kaspersky Internet Security 2013 klwtblfs.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

Edited by daniloman, 22 September 2012 - 03:40 PM.


#4 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 22 September 2012 - 03:49 PM

Looks good. Are you having any problems?

Please do these important security updates:
Get the new security update for Internet Explorer (use Windows update) http://technet.micro...lletin/ms12-063
Update Firefox.
Update Adobe Reader (uncheck the option box for McAfee scan)
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#5 daniloman

daniloman

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 22 September 2012 - 03:57 PM

sometimes my pc freezes, when i'm writing is delayed and after some secs it´s displayed on the screen

#6 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 22 September 2012 - 04:00 PM

Please scan with AdwCleaner.

Download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#7 daniloman

daniloman

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 22 September 2012 - 04:10 PM

Please scan with AdwCleaner.

Download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

# AdwCleaner v2.002 - Logfile created 09/22/2012 at 16:28:05
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Basic Service Pack 1 (64 bits)
# User : Daniel Ramirez - DANIELRAMIREZ
# Boot Mode : Normal
# Running from : C:\Users\Daniel Ramirez\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Daniel Ramirez\AppData\Roaming\Mozilla\Firefox\Profiles\7y82l9c8.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [1724 octets] - [22/09/2012 15:01:26]
AdwCleaner[R1].txt - [936 octets] - [22/09/2012 16:28:05]

########## EOF - C:\AdwCleaner[R1].txt - [995 octets] ##########


# AdwCleaner v2.002 - Logfile created 09/22/2012 at 15:01:26
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Basic Service Pack 1 (64 bits)
# User : Daniel Ramirez - DANIELRAMIREZ
# Boot Mode : Safe mode
# Running from : C:\Users\Daniel Ramirez\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Daniel Ramirez\AppData\Roaming\Mozilla\Firefox\Profiles\7y82l9c8.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Daniel Ramirez\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [1601 octets] - [22/09/2012 15:01:26]

########## EOF - C:\AdwCleaner[S2].txt - [1661 octets] ##########

#8 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 22 September 2012 - 04:13 PM

Do some writing and let me know if you are still seeing the problem.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#9 daniloman

daniloman

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 22 September 2012 - 04:26 PM

yes the problem still there, and its getting worse

#10 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 22 September 2012 - 05:21 PM

When you have the delayed writing, are you writing in a browser window, or are you using a word processor?
If while browsing does it happen in all three IE, FF, Chrome?


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#11 daniloman

daniloman

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 22 September 2012 - 05:29 PM

It happens in bothss, in a browser (Chrome, IE, FF) and also in a word processor
MiniToolBox by Farbar Version: 07/23/2012
Ran by Daniel Ramirez (administrator) on 22/09/2012 at 18:25:55
Microsoft Windows 7 Home Basic Service Pack 1 (X64)
Boot Mode: Normal
************************************************** *************************

========================= Flush DNS: ====================== =============

Windows IP Configuration

Properly emptied the cache of DNS resolution.

========================= IE Proxy Settings: ===================== =========

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings Were reset.

========================= FF Proxy Settings: ===================== =========


"Reset FF Proxy Settings": Firefox Proxy settings reset Were.

========================= Hosts content: ====================== ===========

127.0.0.1 localhost

========================= IP Configuration: ====================== ==========

Intel ® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Hardware not present)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# Configuration of IPv4
# ----------------------------------
pushd interface ipv4

reset
set global taskoffload icmpredirects = enabled = enabled
add route prefix = 0.0.0.0 / 0 interface = "Wireless network Connection mbrica" ​​nexthop = 192.168.1.1 publish = Yes
set interface interface = "Wireless network Connection mbrica" ​​forwarding = disabled advertise = disabled siteprefixlength = 0 nud = disabled = disabled routerdiscovery otherstateful managedaddress = disabled = disabled weakhostreceive weakhostsend = disabled = disabled = disabled ignoredefaultroutes advertisedefaultroute advertisedrouterlifetime = 0 = 0 = disabled currenthoplimit enabledirectedmacwolpattern forcearpndwolpattern = disabled = disabled


popd
# End of IPv4 settings



Windows IP Configuration

   Hostname. . . . . . . . . : DanielRamirez
   Primary DNS Suffix. . . . . :
   Node type. . . . . . . . . . : Hybrid
   IP Routing enabled. . . : No
   WINS Proxy enabled. . . . . : No

Inal LAN Adapter Wireless network Connection mbrica mbrica 3:

   Media State. . . . . . . . . . . : Media disconnected
   DNS suffix for the connection. . :
   Description. . . . . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter # 11
   Physical Address. . . . . . . . . . . . . : 8C-A9-82-62-2A-D1
   DHCP enabled. . . . . . . . . . . . . : Yes
   Auto policy settings enabled. . . : Yes

Inal LAN Adapter Wireless network Connection mbrica mbrica 2:

   Media State. . . . . . . . . . . : Media disconnected
   DNS suffix for the connection. . :
   Description. . . . . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter # 10
   Physical Address. . . . . . . . . . . . . : 8C-A9-82-62-2A-D1
   DHCP enabled. . . . . . . . . . . . . : Yes
   Auto policy settings enabled. . . : Yes

Inal LAN Adapter Wireless network Connection mbrica mbrica:

   DNS suffix for the connection. . :
   Description. . . . . . . . . . . . . . . : Intel ® WiFi Link 1000 BGN
   Physical Address. . . . . . . . . . . . . : 8C-A9-82-62-2A-D0
   DHCP enabled. . . . . . . . . . . . . : Yes
   Auto policy settings enabled. . . : Yes
   IPv4 Address. . . . . . . . . . . . . . : 192.168.1.4 (Preferred)
   M subnet mask. . . . . . . . . . . . : 255.255.255.0
   Concession obtained. . . . . . . . . . . . : S Saturday, September 22, 2012 5:45:09 PM
   The concession expires. . . . . . . . . . . : Sunday, September 23, 2012 5:45:09 PM
   Default Gateway. . . . . : 192.168.1.1
   DHCP server. . . . . . . . . . . . . . : 192.168.1.1
   DNS servers. . . . . . . . . . . . . . : 192.168.1.1
   NetBIOS over TCP / IP. . . . . . . . . . . : Enabled

Tenel adapter isatap. {49342C14-576F-4A64-B570-F60BE0F3A16F}:

   Media State. . . . . . . . . . . : Media disconnected
   DNS suffix for the connection. . :
   Description. . . . . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enabled. . . . . . . . . . . . . : No
   Auto policy settings enabled. . . : Yes

Tenel adapter Teredo Tunneling Pseudo-Interface:

   DNS suffix for the connection. . :
   Description. . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enabled. . . . . . . . . . . . . : No
   Auto policy settings enabled. . . : Yes
   IPv6 address. . . . . . . . . . : 2001:0:4137:9 e76: 28e7: F9E: 41e7: 4de8 (Preferred)
   Link-local IPv6 Address. . . : Fe80 :: 28e7: F9E: 41e7: 4de8% 15 (Preferred)
   Default Gateway. . . . . :::
   NetBIOS over TCP / IP. . . . . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607: f8b0: 1008 :: 4008:802
74125229161
74125229164
74125229162
74125229163
74125229166
74125229167
74125229169
74125229174
74125229165
74125229168
74125229160


Pinging google.com [74,125,229,161] with 32 bytes of data:
Reply from 74,125,229,161: bytes = 32 time = 95ms TTL = 56
Reply from 74,125,229,161: bytes = 32 time = 92ms TTL = 56

Ping statistics for 74125229161:
    Packets: Sent = 2, Received = 2, Lost = 0
    (0% loss),
Approximate round trip times in milliseconds:
    Minimum = 92ms, Maximum = 95ms M, Average = 93ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98138253109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes = 32 time = 473ms TTL = 49
Reply from 72.30.38.140: bytes = 32 time = 302ms TTL = 49

Ping statistics for 72.30.38.140:
    Packets: Sent = 2, Received = 2, Lost = 0
    (0% loss),
Approximate round trip times in milliseconds:
    Minimum = 302ms, Maximum = 473ms M, Average = 387ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
    Packets: Sent = 2, Received = 2, Lost = 0
    (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes = 32 time = 3ms TTL = 128
Reply from 127.0.0.1: bytes = 32 time = 1ms TTL = 128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0
    (0% loss),
Approximate round trip times in milliseconds:
    Minimum = 1ms, Maximum = 3ms M, Average = 2ms
================================================== =========================
Interface ILIST
 33 ... 82 62 a9 8c d1 the 2nd ...... Microsoft Virtual WiFi Miniport Adapter # 11
 28 ... 82 62 a9 8c d1 the 2nd ...... Microsoft Virtual WiFi Miniport Adapter # 10
 14 ... the 2nd 8c d0 a9 82 62 ...... Intel ® WiFi Link 1000 BGN
  1 ........................... Software Loopback Interface 1
 17 ... 00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 15 ... 00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
================================================== =========================

IPv4 routing table
================================================== =========================
Active Routes:
M Network Destination Network Mask Gateway Interface M, Trica
          0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 281
        127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
        127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
  127 255 255 255 306 255 255 255 255 On-link 127.0.0.1
      192.168.1.0 255.255.255.0 On-link 192.168.1.4 281
      192.168.1.4 281 192.168.1.4 255.255.255.255 in bond
    192.168.1.4 192.168.1.255 281 255.255.255.255 in bond
        224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
        224.0.0.0 240.0.0.0 On-link 192.168.1.4 281
  255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
  255.255.255.255 255.255.255.255 On-link 192.168.1.4 281
================================================== =========================
Persistent Routes:
  M network address network mask gateway address M, Trica
          0.0.0.0 0.0.0.0 192.168.1.1 Default
================================================== =========================

IPv6 Routing Table
================================================== =========================
Active Routes:
 When network destination m, Trica Gateway
 15 58 :: / 0 On-link
  1306 :: 1/128 On-link
 15 58 2001 :: / 32 link
 15 306 2001: 0:4137:9 e76: 28e7: F9E: 41e7: 4de8/128
                                    In bond
 15 306 fe80 :: / 64 On-link
 15 306 fe80 :: 28e7: F9E: 41e7: 4de8/128
                                    In bond
  1306 ff00 :: / 8 On-link
 15 306 ff00 :: / 8 On-link
================================================== =========================
Persistent Routes:
  None
========================= Winsock entries ======================= ==============

Catalog5 01 C: \ Windows \ SysWOW64 \ NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C: \ Windows \ SysWOW64 \ napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C: \ Windows \ SysWOW64 \ pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C: \ Windows \ SysWOW64 \ pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C: \ Windows \ SysWOW64 \ wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C: \ Program Files (x86) \ Common Files \ Microsoft Shared \ Windows Live \ WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C: \ Program Files (x86) \ Common Files \ Microsoft Shared \ Windows Live \ WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C: \ Windows \ SysWOW64 \ winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog5 x64-01 C: \ Windows \ System32 \ NLAapi.dll [70656] (Microsoft Corporation)
Catalog5 x64-02 C: \ Windows \ System32 \ napinsp.dll [68096] (Microsoft Corporation)
Catalog5 x64-03 C: \ Windows \ System32 \ pnrpnsp.dll [86016] (Microsoft Corporation)
Catalog5 x64-04 C: \ Windows \ System32 \ pnrpnsp.dll [86016] (Microsoft Corporation)
Catalog5 x64-05 C: \ Windows \ System32 \ wshbth.dll [47104] (Microsoft Corporation)
Catalog5 x64-06 C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WLIDNSP.DLL [170880] (Microsoft Corp.)
Catalog5 x64-07 C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WLIDNSP.DLL [170880] (Microsoft Corp.)
Catalog5 x64-08 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog5 x64-09 C: \ Windows \ System32 \ winrnr.dll [28672] (Microsoft Corporation)
Catalog9 x64-01 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-02 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-03 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-04 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-05 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-06 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-07 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-08 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-09 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-10 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-11 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===================== ==========

Application errors:
==================
Error: (09/22/2012 5:24:51 PM) (Source: DeviceCenter) (User:)
Description: Unknown Node: # text ->

Error: (09/22/2012 5:24:33 PM) (Source: MsiInstaller) (User: DanielRamirez) DanielRamirez
Description: Product: Center Microsoft Mouse and Keyboard - Error 1706. There is no installation package for the product Center Microsoft Mouse and Keyboard. Try the installation again using a valid copy of the installation package 'mkc.msi'.

Error: (09/22/2012 5:17:27 PM) (Source: MsiInstaller) (User: DanielRamirez) DanielRamirez
Description: Product: Center Microsoft Mouse and Keyboard - Error 1706. There is no installation package for the product Center Microsoft Mouse and Keyboard. Try the installation again using a valid copy of the installation package 'mkc.msi'.

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: The Windows Search Service is stopping because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Unable to initialize the index.

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Unable to initialize the application.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Unable to initialize the Collector object.

Context: Windows Application, catalog SystemIndex

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Unable to initialize <Search.TripoliIndexer>.

Context: Windows Application, catalog SystemIndex

Details:
Not found element. (HRESULT: 0x80070490) (0x80070490)

Error: (09/22/2012 3:04:11 PM) (Source: Windows Search Service) (User:)
Description: Unable to initialize <Search.JetPropStore>.

Context: Windows Application, catalog SystemIndex

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:11 PM) (Source: Windows Search Service) (User:)
Description: The Windows Search Service can not load the property store information.

Context: Windows Application, catalog SystemIndex

Details:
The content index server can not update or access information because of a database error. Stop and restart the search service. If the problem persists, reset the content index and crawl again. Sometimes it may be necessary to remove the content index and recreate it. (HRESULT: 0x8004117f) (0x8004117f)


System errors:
=============
Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: The Windows Driver Foundation - User-mode Driver Framework terminated unexpectedly. This was repeated one time. They perform the following corrective action in 120000 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: The WLAN AutoConfig service terminated unexpectedly. This was repeated one time. They perform the following corrective action in 120000 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: Service Diagnostic System Host is terminated unexpectedly. This has happened 1 times.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: Service Manager Session Manager Desktop Window terminated unexpectedly. This was repeated one time. They perform the following corrective action in 120000 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: The Customer Service Distributed Link Tracking terminated unexpectedly. This was repeated one time. They perform the following corrective action in 120000 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: The Superfetch service terminated unexpectedly. This was repeated one time. They perform the following corrective action in 60000 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: Service Program Compatibility service terminated unexpectedly. This was repeated one time. They perform the following corrective action in 60000 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: The Network Connections service terminated unexpectedly. This was repeated one time. They perform the following corrective action in 100 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: The Public Service Human Interface Device terminated unexpectedly. This was repeated one time. They perform the following corrective action in 120000 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: The service Compiler Windows audio end terminated unexpectedly. This was repeated one time. They perform the following corrective action in 60000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (09/22/2012 5:24:51 PM) (Source: DeviceCenter) (User:)
Description: Unknown Node: # text ->

Error: (09/22/2012 5:24:33 PM) (Source: MsiInstaller) (User: DanielRamirez) DanielRamirez
Description: Product: Center Microsoft Mouse and Keyboard - Error 1706. There is no installation package for the product Center Microsoft Mouse and Keyboard. Try the installation again using a valid copy of the installation package 'mkc.msi'. (NULL) (NULL) (NULL) (NULL) (NULL)

Error: (09/22/2012 5:17:27 PM) (Source: MsiInstaller) (User: DanielRamirez) DanielRamirez
Description: Product: Center Microsoft Mouse and Keyboard - Error 1706. There is no installation package for the product Center Microsoft Mouse and Keyboard. Try the installation again using a valid copy of the installation package 'mkc.msi'. (NULL) (NULL) (NULL) (NULL) (NULL)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Context: Windows Application, catalog SystemIndex

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Context: Windows Application, catalog SystemIndex

Details:
Not found element. (HRESULT: 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (09/22/2012 3:04:11 PM) (Source: Windows Search Service) (User:)
Description: Context: Windows Application, catalog SystemIndex

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (09/22/2012 3:04:11 PM) (Source: Windows Search Service) (User:)
Description: Context: Windows Application, catalog SystemIndex

Details:
The content index server can not update or access information because of a database error. Stop and restart the search service. If the problem persists, reset the content index and crawl again. Sometimes it may be necessary to remove the content index and recreate it. (HRESULT: 0x8004117f) (0x8004117f)


===================== =========================== Installed Programs =======

2X Client-64 bit (Version: 10.01.1275)
abgx360 v1.0.6
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader X (10.1.4) - Spanish (Version: 10.1.4)
uTorrent (Version: 3.2.0)
AutoCAD 2010 - Inglés (Version: 18.0.55.0)
AutoCAD 2010 Language Pack - Inglés (Version: 18.0.55.0)
AutoCAD Civil 3D 2013 - Inglés (Version: 10.0.1111.0)
AutoCAD Civil 3D 2013 (Version: 10.0.1111.0)
AutoCAD Civil 3D 2013 Language Pack - Inglés (Version: 10.0.1111.0)
Autodesk Content Service (Version: 3.0.84.0)
Autodesk Content Service Language Pack (Version: 3.0.84.0)
Autodesk Material Library 2013 (Version: 3.0.13)
Autodesk Material Library Base Resolution Image Library 2013 (Version: 3.0.13)
Autodesk Sync (Version: 3.5.24.0)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.32)
Bridge Builder (Version: 1.0)
Broadcom NetLink Gigabit Controller (Version: 14.4.9.2)
CCleaner (Version: 3.19)
Center Keyboard Mouse and Microsoft (Version: 1.1.500.0)
ActiveX Control for Windows Live Mesh Remote Connections (Version: 15.4.5722.2)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Uninstaller EPSON TX220 Series
DivX Setup (Version: 2.6.1.5)
Dropbox (Version: 1.4.17)
Energy Management (Version: 6.0.2.0)
EPSON Scan
FARO LS 1.1.406.58 (Version: 4.6.58.2)
FlashGet 1.9.6.1073 (Version: 1.9.6.1073)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Google Chrome (Version: 21.0.1180.89)
Groovedown version 0.84 (Version: 0.84)
ImgBurn (Version: 2.5.7.0)
Intel PROSet Wireless
Intel ® Control Center (Version: 1.2.1.1007)
Intel ® Management Engine Components (Version: 7.0.0.1144)
Intel ® Graphics Processor (Version: 8.15.10.2253)
Intel ® Rapid Storage Technology (Version: 10.1.0.1008)
Intel ® Wireless Display
Intel ® Wireless Display (Version: 2.0.27.0)
Internet Download Manager
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
JDownloader 0.9 (Version: 0.9)
JMicron Flash Media Controller Driver (Version: 1.0.53.5)
Junk Mail filter update (Version: 15.4.3502.0922)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190)
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 6.3.0.7400)
Lenovo DirectShare (Version:)
Lenovo EasyCamera (Version: 1.10.1209.1)
Lenovo EE Boot Optimizer (Version: 0.0.1.7)
Lenovo OneKey Recovery (Version: 7.0.1628)
Lenovo PowerDVD 10 (Version: 10.0.2318.52)
Lenovo YouCam (Version: 3.1.3623)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MATLAB Compiler Runtime 7.17 (Version: 7.17)
MATLAB R2012a (Version: 7.14)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft. NET Framework 1.1 (Version: 1.1.4322)
Microsoft. NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft. NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Basque) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Catalan) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Inglés) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Galician) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Visual Basic Power Packs 10.0 (Version: 10.0.20911)
Microsoft Visual C + + 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C + + 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C + + 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C + + 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C + + 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C + + 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C + + 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C + + 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C + + 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C + + 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C + + 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Nokia Connectivity Cable Driver (Version: 7.1.78.0)
Nokia PC Suite (Version: 7.1.180.94)
NVIDIA 3D Vision Controller Driver (Version: 266.19)
NVIDIA 3D Vision Controller Driver 266.34 (Version: 266.34)
NVIDIA Graphics Driver 266.74 (Version: 266.74)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA Optimus 1.0.16 (Version: 1.0.16)
NVIDIA Update Components (Version: 1.0.16)
OneKey Theater (Version: 2.0.2.7)
NVIDIA Control Panel 266.74 (Version: 266.74)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (Version: 12/02/2010 6.1.0.1)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
PC Connectivity Solution (Version: 12.0.27.0)
Power2Go (Version: 5.6.0.7108)
Python 2.7.3 (64-bit) (Version: 2.7.3150)
Realtek High Definition Audio Driver (Version: 6.0.1.6301)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.30.0)
Samsung Kies (Version: 2.3.2.12074_13)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.6.0)
Sentinel Protection Installer 7.6.5 (Version: 7.6.5)
Skype ™ 5.10 (Version: 5.10.116)
Intel ® PROSet / Wireless WiFi (Version: 14.00.1000)
SRS Control Panel (Version: 1.11.0200)
Statgraphics Centurion XV.II (Version: 15.02.0006)
Synaptics Pointing Device Driver (Version: 15.3.31.1)
TI Connect 1.6 (Version: 1.6)
NoteFolio IT Creator (Version: 1.1.0.276)
UltraISO Premium V9.36
Unity Web Player (Version:)
Update for Microsoft. NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft. NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft. NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft. NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft. NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft. NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598289) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 2.0.2 (Version: 2.0.2)
WD SmartWare (Version: 1.4.5.5)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (11/06/2009 1.0.0.0) (Version: 06/11/2009 1.0.0.0)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (Version: 09/02/2009 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
Xilisoft Video Converter Ultimate 6 (Version: 6.5.8.0513)

Devices =========================: ======================= =========

Name: ACPI DelayMan Filter
Description: ACPI DelayMan Filter
Class Guid: {4d36e97d-E325-11CE-BFC1-08002BE10318}
Manufacturer: Bastage Inc.
Service: DelayMan
Problem :: Windows can not start this hardware device configuration Because its information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This Can Occur When more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name can not be Obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Broadcom NetLink ™ Gigabit Ethernet
Description: Broadcom NetLink ™ Gigabit Ethernet
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: k57nd60a
Problem :: This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom Bluetooth 2.1 USB
Description: Broadcom Bluetooth 2.1 USB
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem :: This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ====================== =============

Percentage of memory in use: 25%
Total physical RAM: 8135.73 MB
Available physical RAM: 6067.85 MB
Total Pagefile: 16269.66 MB
Available Pagefile: 14020.23 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.83 MB

Partitions =========================: ======================= ==============

1 Drive c: () (Fixed) (Total: 298.32 GB) (Free: 224.9 GB) NTFS
2 Drive d: (Local Disk) (Fixed) (Total: 282.9 GB) (Free: 204.95 GB) NTFS

Users =========================: ======================= =================

User Accounts \ \ DANIELRAMIREZ

Administrator ASPNET Daniel Ramirez
Guest UpdatusUser
He has completed the command successfully.

========================= Minidump Files ======================= ===========

No minidump file found


**** End of log ****

Edited by daniloman, 22 September 2012 - 05:35 PM.


#12 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 22 September 2012 - 05:40 PM

Unfortunately I can't understand Spanish.

Please download Farbar Service Scanner to your Desktop and run it.
  • Check all the boxes.
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#13 daniloman

daniloman

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 22 September 2012 - 05:50 PM

I translated it for you

#14 daniloman

daniloman

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 22 September 2012 - 05:51 PM

I translated it for you



Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


happens in bothss, in a browser (Chrome, IE, FF) and also in a word processor
MiniToolBox by Farbar Version: 07/23/2012
Ran by Daniel Ramirez (administrator) on 22/09/2012 at 18:25:55
Microsoft Windows 7 Home Basic Service Pack 1 (X64)
Boot Mode: Normal
************************************************** *************************

========================= Flush DNS: ====================== =============

Windows IP Configuration

Properly emptied the cache of DNS resolution.

========================= IE Proxy Settings: ===================== =========

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings Were reset.

========================= FF Proxy Settings: ===================== =========


"Reset FF Proxy Settings": Firefox Proxy settings reset Were.

========================= Hosts content: ====================== ===========

127.0.0.1 localhost

========================= IP Configuration: ====================== ==========

Intel ® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Hardware not present)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# Configuration of IPv4
# ----------------------------------
pushd interface ipv4

reset
set global taskoffload icmpredirects = enabled = enabled
add route prefix = 0.0.0.0 / 0 interface = "Wireless network Connection mbrica" ​​nexthop = 192.168.1.1 publish = Yes
set interface interface = "Wireless network Connection mbrica" ​​forwarding = disabled advertise = disabled siteprefixlength = 0 nud = disabled = disabled routerdiscovery otherstateful managedaddress = disabled = disabled weakhostreceive weakhostsend = disabled = disabled = disabled ignoredefaultroutes advertisedefaultroute advertisedrouterlifetime = 0 = 0 = disabled currenthoplimit enabledirectedmacwolpattern forcearpndwolpattern = disabled = disabled


popd
# End of IPv4 settings



Windows IP Configuration

Hostname. . . . . . . . . : DanielRamirez
Primary DNS Suffix. . . . . :
Node type. . . . . . . . . . : Hybrid
IP Routing enabled. . . : No
WINS Proxy enabled. . . . . : No

Inal LAN Adapter Wireless network Connection mbrica mbrica 3:

Media State. . . . . . . . . . . : Media disconnected
DNS suffix for the connection. . :
Description. . . . . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter # 11
Physical Address. . . . . . . . . . . . . : 8C-A9-82-62-2A-D1
DHCP enabled. . . . . . . . . . . . . : Yes
Auto policy settings enabled. . . : Yes

Inal LAN Adapter Wireless network Connection mbrica mbrica 2:

Media State. . . . . . . . . . . : Media disconnected
DNS suffix for the connection. . :
Description. . . . . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter # 10
Physical Address. . . . . . . . . . . . . : 8C-A9-82-62-2A-D1
DHCP enabled. . . . . . . . . . . . . : Yes
Auto policy settings enabled. . . : Yes

Inal LAN Adapter Wireless network Connection mbrica mbrica:

DNS suffix for the connection. . :
Description. . . . . . . . . . . . . . . : Intel ® WiFi Link 1000 BGN
Physical Address. . . . . . . . . . . . . : 8C-A9-82-62-2A-D0
DHCP enabled. . . . . . . . . . . . . : Yes
Auto policy settings enabled. . . : Yes
IPv4 Address. . . . . . . . . . . . . . : 192.168.1.4 (Preferred)
M subnet mask. . . . . . . . . . . . : 255.255.255.0
Concession obtained. . . . . . . . . . . . : S Saturday, September 22, 2012 5:45:09 PM
The concession expires. . . . . . . . . . . : Sunday, September 23, 2012 5:45:09 PM
Default Gateway. . . . . : 192.168.1.1
DHCP server. . . . . . . . . . . . . . : 192.168.1.1
DNS servers. . . . . . . . . . . . . . : 192.168.1.1
NetBIOS over TCP / IP. . . . . . . . . . . : Enabled

Tenel adapter isatap. {49342C14-576F-4A64-B570-F60BE0F3A16F}:

Media State. . . . . . . . . . . : Media disconnected
DNS suffix for the connection. . :
Description. . . . . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP enabled. . . . . . . . . . . . . : No
Auto policy settings enabled. . . : Yes

Tenel adapter Teredo Tunneling Pseudo-Interface:

DNS suffix for the connection. . :
Description. . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP enabled. . . . . . . . . . . . . : No
Auto policy settings enabled. . . : Yes
IPv6 address. . . . . . . . . . : 2001:0:4137:9 e76: 28e7: F9E: 41e7: 4de8 (Preferred)
Link-local IPv6 Address. . . : Fe80 :: 28e7: F9E: 41e7: 4de8% 15 (Preferred)
Default Gateway. . . . . :::
NetBIOS over TCP / IP. . . . . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607: f8b0: 1008 :: 4008:802
74125229161
74125229164
74125229162
74125229163
74125229166
74125229167
74125229169
74125229174
74125229165
74125229168
74125229160


Pinging google.com [74,125,229,161] with 32 bytes of data:
Reply from 74,125,229,161: bytes = 32 time = 95ms TTL = 56
Reply from 74,125,229,161: bytes = 32 time = 92ms TTL = 56

Ping statistics for 74125229161:
Packets: Sent = 2, Received = 2, Lost = 0
(0% loss),
Approximate round trip times in milliseconds:
Minimum = 92ms, Maximum = 95ms M, Average = 93ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98138253109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes = 32 time = 473ms TTL = 49
Reply from 72.30.38.140: bytes = 32 time = 302ms TTL = 49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0
(0% loss),
Approximate round trip times in milliseconds:
Minimum = 302ms, Maximum = 473ms M, Average = 387ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0
(0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes = 32 time = 3ms TTL = 128
Reply from 127.0.0.1: bytes = 32 time = 1ms TTL = 128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0
(0% loss),
Approximate round trip times in milliseconds:
Minimum = 1ms, Maximum = 3ms M, Average = 2ms
================================================== =========================
Interface ILIST
33 ... 82 62 a9 8c d1 the 2nd ...... Microsoft Virtual WiFi Miniport Adapter # 11
28 ... 82 62 a9 8c d1 the 2nd ...... Microsoft Virtual WiFi Miniport Adapter # 10
14 ... the 2nd 8c d0 a9 82 62 ...... Intel ® WiFi Link 1000 BGN
1 ........................... Software Loopback Interface 1
17 ... 00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15 ... 00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
================================================== =========================

IPv4 routing table
================================================== =========================
Active Routes:
M Network Destination Network Mask Gateway Interface M, Trica
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127 255 255 255 306 255 255 255 255 On-link 127.0.0.1
192.168.1.0 255.255.255.0 On-link 192.168.1.4 281
192.168.1.4 281 192.168.1.4 255.255.255.255 in bond
192.168.1.4 192.168.1.255 281 255.255.255.255 in bond
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.4 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.4 281
================================================== =========================
Persistent Routes:
M network address network mask gateway address M, Trica
0.0.0.0 0.0.0.0 192.168.1.1 Default
================================================== =========================

IPv6 Routing Table
================================================== =========================
Active Routes:
When network destination m, Trica Gateway
15 58 :: / 0 On-link
1306 :: 1/128 On-link
15 58 2001 :: / 32 link
15 306 2001: 0:4137:9 e76: 28e7: F9E: 41e7: 4de8/128
In bond
15 306 fe80 :: / 64 On-link
15 306 fe80 :: 28e7: F9E: 41e7: 4de8/128
In bond
1306 ff00 :: / 8 On-link
15 306 ff00 :: / 8 On-link
================================================== =========================
Persistent Routes:
None
========================= Winsock entries ======================= ==============

Catalog5 01 C: \ Windows \ SysWOW64 \ NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C: \ Windows \ SysWOW64 \ napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C: \ Windows \ SysWOW64 \ pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C: \ Windows \ SysWOW64 \ pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C: \ Windows \ SysWOW64 \ wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C: \ Program Files (x86) \ Common Files \ Microsoft Shared \ Windows Live \ WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C: \ Program Files (x86) \ Common Files \ Microsoft Shared \ Windows Live \ WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C: \ Windows \ SysWOW64 \ winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C: \ Windows \ SysWOW64 \ mswsock.dll [232448] (Microsoft Corporation)
Catalog5 x64-01 C: \ Windows \ System32 \ NLAapi.dll [70656] (Microsoft Corporation)
Catalog5 x64-02 C: \ Windows \ System32 \ napinsp.dll [68096] (Microsoft Corporation)
Catalog5 x64-03 C: \ Windows \ System32 \ pnrpnsp.dll [86016] (Microsoft Corporation)
Catalog5 x64-04 C: \ Windows \ System32 \ pnrpnsp.dll [86016] (Microsoft Corporation)
Catalog5 x64-05 C: \ Windows \ System32 \ wshbth.dll [47104] (Microsoft Corporation)
Catalog5 x64-06 C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WLIDNSP.DLL [170880] (Microsoft Corp.)
Catalog5 x64-07 C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WLIDNSP.DLL [170880] (Microsoft Corp.)
Catalog5 x64-08 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog5 x64-09 C: \ Windows \ System32 \ winrnr.dll [28672] (Microsoft Corporation)
Catalog9 x64-01 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-02 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-03 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-04 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-05 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-06 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-07 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-08 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-09 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-10 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)
Catalog9 x64-11 C: \ Windows \ System32 \ mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===================== ==========

Application errors:
==================
Error: (09/22/2012 5:24:51 PM) (Source: DeviceCenter) (User:)
Description: Unknown Node: # text ->

Error: (09/22/2012 5:24:33 PM) (Source: MsiInstaller) (User: DanielRamirez) DanielRamirez
Description: Product: Center Microsoft Mouse and Keyboard - Error 1706. There is no installation package for the product Center Microsoft Mouse and Keyboard. Try the installation again using a valid copy of the installation package 'mkc.msi'.

Error: (09/22/2012 5:17:27 PM) (Source: MsiInstaller) (User: DanielRamirez) DanielRamirez
Description: Product: Center Microsoft Mouse and Keyboard - Error 1706. There is no installation package for the product Center Microsoft Mouse and Keyboard. Try the installation again using a valid copy of the installation package 'mkc.msi'.

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: The Windows Search Service is stopping because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Unable to initialize the index.

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Unable to initialize the application.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Unable to initialize the Collector object.

Context: Windows Application, catalog SystemIndex

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Unable to initialize <Search.TripoliIndexer>.

Context: Windows Application, catalog SystemIndex

Details:
Not found element. (HRESULT: 0x80070490) (0x80070490)

Error: (09/22/2012 3:04:11 PM) (Source: Windows Search Service) (User:)
Description: Unable to initialize <Search.JetPropStore>.

Context: Windows Application, catalog SystemIndex

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:11 PM) (Source: Windows Search Service) (User:)
Description: The Windows Search Service can not load the property store information.

Context: Windows Application, catalog SystemIndex

Details:
The content index server can not update or access information because of a database error. Stop and restart the search service. If the problem persists, reset the content index and crawl again. Sometimes it may be necessary to remove the content index and recreate it. (HRESULT: 0x8004117f) (0x8004117f)


System errors:
=============
Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: The Windows Driver Foundation - User-mode Driver Framework terminated unexpectedly. This was repeated one time. They perform the following corrective action in 120000 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: The WLAN AutoConfig service terminated unexpectedly. This was repeated one time. They perform the following corrective action in 120000 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: Service Diagnostic System Host is terminated unexpectedly. This has happened 1 times.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: Service Manager Session Manager Desktop Window terminated unexpectedly. This was repeated one time. They perform the following corrective action in 120000 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: The Customer Service Distributed Link Tracking terminated unexpectedly. This was repeated one time. They perform the following corrective action in 120000 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: The Superfetch service terminated unexpectedly. This was repeated one time. They perform the following corrective action in 60000 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: Service Program Compatibility service terminated unexpectedly. This was repeated one time. They perform the following corrective action in 60000 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: The Network Connections service terminated unexpectedly. This was repeated one time. They perform the following corrective action in 100 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: The Public Service Human Interface Device terminated unexpectedly. This was repeated one time. They perform the following corrective action in 120000 milliseconds: Restart the service.

Error: (09/22/2012 5:42:27 PM) (Source: Service Control Manager) (User:)
Description: The service Compiler Windows audio end terminated unexpectedly. This was repeated one time. They perform the following corrective action in 60000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (09/22/2012 5:24:51 PM) (Source: DeviceCenter) (User:)
Description: Unknown Node: # text ->

Error: (09/22/2012 5:24:33 PM) (Source: MsiInstaller) (User: DanielRamirez) DanielRamirez
Description: Product: Center Microsoft Mouse and Keyboard - Error 1706. There is no installation package for the product Center Microsoft Mouse and Keyboard. Try the installation again using a valid copy of the installation package 'mkc.msi'. (NULL) (NULL) (NULL) (NULL) (NULL)

Error: (09/22/2012 5:17:27 PM) (Source: MsiInstaller) (User: DanielRamirez) DanielRamirez
Description: Product: Center Microsoft Mouse and Keyboard - Error 1706. There is no installation package for the product Center Microsoft Mouse and Keyboard. Try the installation again using a valid copy of the installation package 'mkc.msi'. (NULL) (NULL) (NULL) (NULL) (NULL)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Context: Windows Application, catalog SystemIndex

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)

Error: (09/22/2012 3:04:12 PM) (Source: Windows Search Service) (User:)
Description: Context: Windows Application, catalog SystemIndex

Details:
Not found element. (HRESULT: 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (09/22/2012 3:04:11 PM) (Source: Windows Search Service) (User:)
Description: Context: Windows Application, catalog SystemIndex

Details:
The content index catalog is corrupt. (HRESULT: 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (09/22/2012 3:04:11 PM) (Source: Windows Search Service) (User:)
Description: Context: Windows Application, catalog SystemIndex

Details:
The content index server can not update or access information because of a database error. Stop and restart the search service. If the problem persists, reset the content index and crawl again. Sometimes it may be necessary to remove the content index and recreate it. (HRESULT: 0x8004117f) (0x8004117f)


===================== =========================== Installed Programs =======

2X Client-64 bit (Version: 10.01.1275)
abgx360 v1.0.6
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader X (10.1.4) - Spanish (Version: 10.1.4)
uTorrent (Version: 3.2.0)
AutoCAD 2010 - Inglés (Version: 18.0.55.0)
AutoCAD 2010 Language Pack - Inglés (Version: 18.0.55.0)
AutoCAD Civil 3D 2013 - Inglés (Version: 10.0.1111.0)
AutoCAD Civil 3D 2013 (Version: 10.0.1111.0)
AutoCAD Civil 3D 2013 Language Pack - Inglés (Version: 10.0.1111.0)
Autodesk Content Service (Version: 3.0.84.0)
Autodesk Content Service Language Pack (Version: 3.0.84.0)
Autodesk Material Library 2013 (Version: 3.0.13)
Autodesk Material Library Base Resolution Image Library 2013 (Version: 3.0.13)
Autodesk Sync (Version: 3.5.24.0)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.32)
Bridge Builder (Version: 1.0)
Broadcom NetLink Gigabit Controller (Version: 14.4.9.2)
CCleaner (Version: 3.19)
Center Keyboard Mouse and Microsoft (Version: 1.1.500.0)
ActiveX Control for Windows Live Mesh Remote Connections (Version: 15.4.5722.2)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Uninstaller EPSON TX220 Series
DivX Setup (Version: 2.6.1.5)
Dropbox (Version: 1.4.17)
Energy Management (Version: 6.0.2.0)
EPSON Scan
FARO LS 1.1.406.58 (Version: 4.6.58.2)
FlashGet 1.9.6.1073 (Version: 1.9.6.1073)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Google Chrome (Version: 21.0.1180.89)
Groovedown version 0.84 (Version: 0.84)
ImgBurn (Version: 2.5.7.0)
Intel PROSet Wireless
Intel ® Control Center (Version: 1.2.1.1007)
Intel ® Management Engine Components (Version: 7.0.0.1144)
Intel ® Graphics Processor (Version: 8.15.10.2253)
Intel ® Rapid Storage Technology (Version: 10.1.0.1008)
Intel ® Wireless Display
Intel ® Wireless Display (Version: 2.0.27.0)
Internet Download Manager
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
JDownloader 0.9 (Version: 0.9)
JMicron Flash Media Controller Driver (Version: 1.0.53.5)
Junk Mail filter update (Version: 15.4.3502.0922)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190)
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 6.3.0.7400)
Lenovo DirectShare (Version:)
Lenovo EasyCamera (Version: 1.10.1209.1)
Lenovo EE Boot Optimizer (Version: 0.0.1.7)
Lenovo OneKey Recovery (Version: 7.0.1628)
Lenovo PowerDVD 10 (Version: 10.0.2318.52)
Lenovo YouCam (Version: 3.1.3623)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MATLAB Compiler Runtime 7.17 (Version: 7.17)
MATLAB R2012a (Version: 7.14)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft. NET Framework 1.1 (Version: 1.1.4322)
Microsoft. NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft. NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Basque) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Catalan) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Inglés) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Galician) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Visual Basic Power Packs 10.0 (Version: 10.0.20911)
Microsoft Visual C + + 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C + + 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C + + 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C + + 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C + + 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C + + 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C + + 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C + + 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C + + 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C + + 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C + + 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Nokia Connectivity Cable Driver (Version: 7.1.78.0)
Nokia PC Suite (Version: 7.1.180.94)
NVIDIA 3D Vision Controller Driver (Version: 266.19)
NVIDIA 3D Vision Controller Driver 266.34 (Version: 266.34)
NVIDIA Graphics Driver 266.74 (Version: 266.74)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA Optimus 1.0.16 (Version: 1.0.16)
NVIDIA Update Components (Version: 1.0.16)
OneKey Theater (Version: 2.0.2.7)
NVIDIA Control Panel 266.74 (Version: 266.74)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (Version: 12/02/2010 6.1.0.1)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
PC Connectivity Solution (Version: 12.0.27.0)
Power2Go (Version: 5.6.0.7108)
Python 2.7.3 (64-bit) (Version: 2.7.3150)
Realtek High Definition Audio Driver (Version: 6.0.1.6301)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.30.0)
Samsung Kies (Version: 2.3.2.12074_13)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.6.0)
Sentinel Protection Installer 7.6.5 (Version: 7.6.5)
Skype ™ 5.10 (Version: 5.10.116)
Intel ® PROSet / Wireless WiFi (Version: 14.00.1000)
SRS Control Panel (Version: 1.11.0200)
Statgraphics Centurion XV.II (Version: 15.02.0006)
Synaptics Pointing Device Driver (Version: 15.3.31.1)
TI Connect 1.6 (Version: 1.6)
NoteFolio IT Creator (Version: 1.1.0.276)
UltraISO Premium V9.36
Unity Web Player (Version:)
Update for Microsoft. NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft. NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft. NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft. NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft. NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft. NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598289) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 2.0.2 (Version: 2.0.2)
WD SmartWare (Version: 1.4.5.5)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (11/06/2009 1.0.0.0) (Version: 06/11/2009 1.0.0.0)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (Version: 09/02/2009 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
Xilisoft Video Converter Ultimate 6 (Version: 6.5.8.0513)

Devices =========================: ======================= =========

Name: ACPI DelayMan Filter
Description: ACPI DelayMan Filter
Class Guid: {4d36e97d-E325-11CE-BFC1-08002BE10318}
Manufacturer: Bastage Inc.
Service: DelayMan
Problem :: Windows can not start this hardware device configuration Because its information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This Can Occur When more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name can not be Obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Broadcom NetLink ™ Gigabit Ethernet
Description: Broadcom NetLink ™ Gigabit Ethernet
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: k57nd60a
Problem :: This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom Bluetooth 2.1 USB
Description: Broadcom Bluetooth 2.1 USB
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem :: This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ====================== =============

Percentage of memory in use: 25%
Total physical RAM: 8135.73 MB
Available physical RAM: 6067.85 MB
Total Pagefile: 16269.66 MB
Available Pagefile: 14020.23 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.83 MB

Partitions =========================: ======================= ==============

1 Drive c: () (Fixed) (Total: 298.32 GB) (Free: 224.9 GB) NTFS
2 Drive d: (Local Disk) (Fixed) (Total: 282.9 GB) (Free: 204.95 GB) NTFS

Users =========================: ======================= =================

User Accounts \ \ DANIELRAMIREZ

Administrator ASPNET Daniel Ramirez
Guest UpdatusUser
He has completed the command successfully.

========================= Minidump Files ======================= ===========

No minidump file found


**** End of log ****

Edited by daniloman, 22 September 2012 - 05:52 PM.


#15 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 22 September 2012 - 06:05 PM

Thanks. This could be the problem:

The content index server can not update or access information because of a database error. Stop and restart the search service. If the problem persists, reset the content index and crawl again. Sometimes it may be necessary to remove the content index and recreate it.


That is for Sharepoint.

See if you can follow these directions to reset the content index. http://office.micros...A001160463.aspx

Another possibility is your graphics card or its driver. Is NVidia up to date?
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#16 daniloman

daniloman

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 23 September 2012 - 12:05 PM

ok i did what you said, but it didnt work so i searched in others forums and now the problem is solved, I used chkdsk /r and also SFC /SCANNOW..

Thanks a lot for your help

PS: You didnt see anything suspiciuos on my combofix log???

Edited by daniloman, 23 September 2012 - 12:07 PM.


#17 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 23 September 2012 - 12:17 PM

Good work. Very well done! :)
I gather that you no longer have the delayed writing.

ComboFix removed a number of items, see 'Other Deletions'. I saw nothing suspicious in the remaining entries.
Please run ComboFix again to be sure nothing came back. Post its log.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#18 daniloman

daniloman

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 23 September 2012 - 01:35 PM

ComboFix 12-09-23.02 - Daniel Ramirez 23/09/2012 13:52:27.2.4 - x64
Microsoft Windows 7 Home Basic 6.1.7601.1.1252.57.3082.18.8136.6101 [GMT -5:00]
Running from: c:\users\Daniel Ramirez\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-08-23 to 2012-09-23 )))))))))))))))))))))))))))))))
.
.
2012-09-23 19:01 . 2012-09-23 19:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-09-23 19:01 . 2012-09-23 19:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-23 01:06 . 2012-09-23 01:06 -------- d-----w- C:\NVIDIA
2012-09-23 00:52 . 2012-09-23 00:52 -------- d-----w- c:\windows\Sun
2012-09-22 22:00 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-22 22:00 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-22 21:41 . 2012-09-22 21:41 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-22 17:42 . 2012-09-22 17:42 -------- d-----w- c:\users\Daniel Ramirez\AppData\Roaming\Malwarebytes
2012-09-22 17:41 . 2012-09-22 17:41 -------- d-----w- c:\programdata\Malwarebytes
2012-09-22 17:41 . 2012-09-07 22:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-22 17:41 . 2012-09-22 17:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-22 13:52 . 2012-09-20 21:38 82944 ----a-w- c:\windows\system32\devcon.exe
2012-09-21 20:28 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F545950-9C67-43B2-A3A5-0CC888A3138C}\mpengine.dll
2012-09-21 03:15 . 2012-09-21 03:15 -------- d-----w- c:\program files (x86)\SafeNet Sentinel
2012-09-21 03:15 . 2012-09-21 03:15 -------- d-----w- c:\program files (x86)\Common Files\SafeNet Sentinel
2012-09-21 02:07 . 2012-09-21 23:47 139776 ----a-w- c:\windows\system32\drivers\sentinel64.sys
2012-09-21 02:06 . 2012-09-21 02:06 -------- d-----w- c:\programdata\SafeNet Sentinel
2012-09-20 21:48 . 2010-04-23 05:15 678408 ----a-w- c:\windows\system32\drivers\multikey.sys
2012-09-20 21:48 . 2012-09-20 21:48 -------- d-----w- C:\Multikey
2012-09-20 20:32 . 2012-09-20 20:32 177152 ----a-w- c:\windows\SysWow64\drivers\XRNBO.sys
2012-09-20 15:03 . 2012-09-20 22:03 -------- d-----w- c:\program files (x86)\IDA
2012-09-20 15:01 . 2012-09-20 15:01 -------- d-----w- c:\users\Daniel Ramirez\AppData\Roaming\Hex-Rays
2012-09-20 13:38 . 1997-03-13 05:00 142848 ----a-w- c:\windows\system32\xceedzip.ocx
2012-09-20 13:29 . 2012-09-20 13:27 205848 ----a-w- c:\windows\threed32.ocx
2012-09-20 13:28 . 2012-09-20 13:27 205848 ----a-w- c:\windows\system32\threed32.ocx
2012-09-20 13:24 . 2012-09-20 13:25 -------- d-----w- c:\program files\ConstruData
2012-09-20 11:21 . 2012-09-20 11:21 -------- d-----w- c:\users\Daniel Ramirez\AppData\Local\Macromedia
2012-09-12 15:49 . 2009-07-14 01:41 258048 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpfppw73.dll
2012-09-11 18:36 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-11 18:36 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-11 18:36 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-11 02:18 . 2012-09-21 23:50 -------- d-----r- c:\users\Daniel Ramirez\Dropbox
2012-09-11 02:16 . 2012-09-21 23:51 -------- d-----w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox
2012-09-02 15:33 . 2012-07-11 22:09 64856 ----a-w- c:\windows\system32\klfphc.dll
2012-09-02 15:32 . 2012-09-02 15:32 -------- d-----w- c:\windows\ELAMBKUP
2012-09-02 15:32 . 2012-09-02 15:32 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2012-09-02 15:32 . 2012-09-23 17:51 -------- d-----w- c:\programdata\Kaspersky Lab
2012-09-02 15:32 . 2012-09-18 15:13 610648 ----a-w- c:\windows\system32\drivers\klif.sys
2012-09-02 15:32 . 2012-08-13 23:24 89432 ----a-w- c:\windows\system32\drivers\klflt.sys
2012-09-02 01:00 . 2012-09-02 01:00 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-09-02 01:00 . 2012-09-02 01:00 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-02 01:00 . 2012-09-02 01:00 -------- d-----w- c:\program files (x86)\Java
2012-08-24 20:35 . 2012-08-24 20:35 -------- d-----w- c:\program files (x86)\Foxy Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-21 20:17 . 2012-05-05 16:41 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-21 20:17 . 2012-02-04 22:20 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-18 15:13 . 2012-07-25 19:53 29528 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2012-09-18 15:13 . 2012-05-26 00:38 29016 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
2012-09-12 10:12 . 2012-01-29 20:37 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-02 01:00 . 2012-06-26 16:44 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-02 01:00 . 2012-02-04 22:32 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-30 19:14 . 2011-04-25 21:19 971624 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-08-30 19:14 . 2011-04-25 21:19 2725224 ----a-w- c:\windows\system32\nvapi64.dll
2012-08-30 16:18 . 2011-01-19 21:16 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-08-30 16:18 . 2011-01-19 21:16 865640 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-08-30 16:18 . 2011-01-19 21:16 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-08-30 16:18 . 2011-01-19 21:16 439144 ----a-w- c:\windows\SysWow64\oemdspif.dll
2012-08-30 16:18 . 2011-01-19 21:16 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-08-30 16:18 . 2011-01-19 21:16 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-30 16:18 . 2011-01-19 21:16 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-08-30 16:18 . 2011-01-19 21:16 3487434 ----a-w- c:\windows\system32\nvcoproc.bin
2012-08-30 16:18 . 2011-01-19 21:15 3266920 ----a-w- c:\windows\system32\nvsvc64.dll
2012-08-30 16:17 . 2011-01-19 21:15 6198120 ----a-w- c:\windows\system32\nvcpl.dll
2012-08-21 02:31 . 2012-08-19 23:03 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-08-21 02:31 . 2012-08-19 23:03 20032 ----a-w- c:\windows\SysWow64\drivers\dgderdrv.sys
2012-08-13 21:49 . 2012-08-13 21:49 178008 ----a-w- c:\windows\system32\drivers\kneps.sys
2012-08-02 20:09 . 2012-08-02 20:09 28504 ----a-w- c:\windows\system32\drivers\klim6.sys
2012-07-30 19:16 . 2012-08-19 23:13 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-07-30 19:16 . 2012-07-30 19:16 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2012-07-30 19:16 . 2012-07-30 19:16 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-07-30 19:16 . 2012-07-30 19:16 30568 ----a-w- c:\windows\MusiccityDownload.exe
2012-07-30 19:16 . 2012-07-30 19:16 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2012-07-30 19:16 . 2012-07-30 19:16 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2012-07-30 19:16 . 2012-07-30 19:16 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2012-07-30 19:16 . 2012-07-30 19:16 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2012-07-30 19:16 . 2012-07-30 19:16 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2012-07-30 19:16 . 2012-07-30 19:16 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2012-07-30 19:16 . 2012-07-30 19:16 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2012-07-30 19:16 . 2012-07-30 19:16 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2012-07-30 19:16 . 2012-07-30 19:16 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2012-07-30 19:16 . 2012-07-30 19:16 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-07-30 19:16 . 2012-07-30 19:16 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2012-07-30 19:16 . 2012-07-30 19:16 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2012-07-30 19:16 . 2012-07-30 19:16 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2012-07-30 19:16 . 2012-07-30 19:16 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2012-07-30 19:16 . 2012-07-30 19:16 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2012-07-30 19:16 . 2012-07-30 19:16 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2012-07-30 19:16 . 2012-07-30 19:16 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2012-07-30 19:16 . 2012-07-30 19:16 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2012-07-30 19:16 . 2012-07-30 19:16 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2012-07-30 19:16 . 2012-07-30 19:16 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2012-07-30 19:16 . 2012-07-30 19:16 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2012-07-30 19:16 . 2012-07-30 19:16 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2012-07-30 19:16 . 2012-07-30 19:16 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2012-07-30 19:16 . 2012-07-30 19:16 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2012-07-30 19:16 . 2012-07-30 19:16 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2012-07-30 18:32 . 2012-07-30 18:32 708168 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2012-07-30 18:32 . 2012-07-30 18:32 203104 ----a-w- c:\windows\system32\drivers\ssudobex.sys
2012-07-30 18:32 . 2012-07-30 18:32 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-07-30 18:32 . 2012-07-30 18:32 102240 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-07-18 18:15 . 2012-08-16 03:00 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-04 22:16 . 2012-08-16 03:00 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-07-04 22:13 . 2012-08-16 03:00 136704 ----a-w- c:\windows\system32\browser.dll
2012-07-04 22:13 . 2012-08-16 03:00 59392 ----a-w- c:\windows\system32\browcli.dll
2012-07-04 21:14 . 2012-08-16 03:00 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-06-27 02:38 . 2012-06-27 02:38 46176 ----a-w- c:\windows\system32\drivers\point64.sys
2012-06-26 16:47 . 2012-06-26 16:47 16504 ----a-w- c:\windows\system32\drivers\GdPhyMem.sys
2012-06-26 16:47 . 2012-06-26 16:47 106648 ----a-w- c:\windows\system32\drivers\GRD.sys
2012-06-26 16:29 . 2012-06-26 16:29 59768 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2012-06-26 01:20 . 2012-06-26 01:20 33408 ----a-w- c:\windows\SysWow64\drivers\fsbts.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2010-12-24 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2010-12-24 224352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2012-08-18 218880]
.
c:\users\Daniel Ramirez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
2X Client.lnk - c:\program files\2X\Client\APPServerClient.exe [2012-6-28 2115976]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R2 multikey;Virtual USB MultiKey;c:\windows\system32\DRIVERS\multikey.sys [2010-04-23 678408]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-08 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 250288]
R3 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2010-12-15 349224]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-12-15 39464]
R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-20 276248]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-05-07 1432400]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2011-01-05 411688]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-22 114144]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2012-06-27 46176]
R3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;c:\windows\system32\DRIVERS\SNTUSB64.SYS [2011-09-22 63528]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-07-30 203104]
R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys [2012-07-30 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
R3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R3 XRNBO;XRNBO;c:\windows\system32\drivers\XRNBO.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [2011-04-25 57952]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2011-04-25 39008]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-08-30 30056]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [2011-04-25 13408]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2012-08-02 28504]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2012-06-08 54104]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-04-23 154272]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE [2012-02-24 70136]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys [2012-09-21 139776]
S2 SentinelKeysServer;Sentinel Keys Server;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2011-09-22 374304]
S2 SentinelSecurityRuntime;Sentinel Security Runtime;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2011-09-22 292384]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-03-09 288768]
S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-03-09 1066896]
S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-03-09 491920]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2011-04-25 29792]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-12-24 31088]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2012-06-25 52320]
S3 IntcDAud;Sonido Intel® para pantallas;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-11-29 173656]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2012-09-18 29016]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2012-09-18 29528]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 NETwNs64;___ Controlador del adaptador Intel® Wireless WiFi Link para Windows 7 de 64 bits;c:\windows\system32\DRIVERS\NETwNs64.sys [2010-12-21 8505856]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\usbvideo.sys [2010-11-20 184960]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 20:17]
.
2012-09-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3437578039-3608224858-2452284749-1001Core.job
- c:\users\Daniel Ramirez\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-29 22:48]
.
2012-09-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3437578039-3608224858-2452284749-1001UA.job
- c:\users\Daniel Ramirez\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-29 22:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Daniel Ramirez\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-26 11775592]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-04-25 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-04-25 5908928]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-20 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-20 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-20 439064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: &Download All with FlashGet - c:\program files (x86)\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files (x86)\FlashGet\jc_link.htm
IE: Agregar a Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Enviar imagen al dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página al dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: taobao.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Daniel Ramirez\AppData\Roaming\Mozilla\Firefox\Profiles\7y82l9c8.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-09-23 14:13:59
ComboFix-quarantined-files.txt 2012-09-23 19:13
ComboFix2.txt 2012-09-22 14:22
.
Pre-Run: 237,075,423,232 bytes libres
Post-Run: 237,123,829,760 bytes libres
.
- - End Of File - - BD17036FA7F5A732B04F4FA1D5EAFEA1

#19 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 23 September 2012 - 01:52 PM

OK, good. No remaining problems?
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#20 daniloman

daniloman

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 23 September 2012 - 01:54 PM

No, everything is going good now, thanks a lot

Edited by daniloman, 23 September 2012 - 01:54 PM.


#21 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 23 September 2012 - 02:05 PM

Good. :)

Please clean up our tools:
Start > Run and enter 'combofix /uninstall'. Note the space after 'combofix'. Among other things your Restore Points will be purged and a new clean one created.

Delete DDS, MiniToolBox, FSS, and Security Check from your Desktop.

Uninstall AdwCleaner:
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with yes


Advice for malware prevention:

Configure Windows to do automatic updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Keep MalwareBytes Anti-Malware updated and run it whenever you suspect a problem.

The free FileHippo Update Checker makes it easy to keep all your programs up to date - run it every few weeks.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you may be able to find out if it is a rogue here:

http://www.systemloo...p?type=filename

A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different from the rogues mentioned above.

For much more old but still useful information, read Tony Klein's excellent article: How did I get infected in the first place
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#22 daniloman

daniloman

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 23 September 2012 - 03:45 PM

thanks for the advice

Edited by daniloman, 23 September 2012 - 03:54 PM.


#23 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 23 September 2012 - 06:00 PM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE




Member of UNITE
Support SpywareInfo Forum - click the button