Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer

newbie w/I.E. problems caused by malware,adware,or virus


jlj6int4

Recommended Posts

I have a Toshiba Satellite L845 w/win7 starter in 2 languages; Processor:Intel® cpu B820 @ 1.70,memory(ram) 2.00 gb(1.90 usable) Hard drive 460gb.I wish I could send more detailed info but don't know how.I love iobit software and would recommend it to anyone.Now here is my problem.I accidently dnld some software that had malware &/or adware and cant get rid of it and has turned off(disabled) some key components that allow I.E. and other system to operate.I cant re-allocate wasted space because the toolbar doesnt allow the option and it is eating away space when it strips programs of my desktop.Aswell when I run I.E.,the toolbar is stripped or the features doesnt work(ex:options).i deleted mystart search engine from I.E. and firefox.then proceeded to stop ad.yieldmanager by manually blocking it aswell as a few other malicious pop up.I dnlded a few spyware like iobit security 360,spyhunter,spyware terminator 2012,microsoft security essentials,emet3.0.the list goes on.the ads still presist.What I found though,is the adware disabled certain features that run I.E. and other programs. I ran Iobit security 360 using the hijack scan.under the service is a list of disabled programs that I cant turn on through iobit 360 or know how to.What i need to know is how do I enable the keys to run IE and block all these pop ups.If anyone has time to chat or help please feel free to contact me @int4jlj6@hotmail.com..I want this problem resolved:-x

Link to comment
Share on other sites

Hi jlj6int4

 

Welcome. I have moved your thread to Spyware-Malware Removal Help! forum, as it is better suited to your issue.

 

You do not mention in your post, whether you found malware or adware and if you did what was it called. You also did not mention which software you downloaded, which caused the problem. This information will help us to assist you.

 

You also did not clarify whether all the anti malware programs you ran managed to find the problem and cure it.

 

In the meantime you could try restoring your system to a previous time before the issue occurred and see if that resolves your problems with IE and the disabled programs. You can do the restore from the ASC Rescue Centre.

Link to comment
Share on other sites

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

 

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.

2. The fixes are specific to your problem and should only be used for this issue on this machine.

3. If you don't know or understand something, please don't hesitate to ask.

4. Please DO NOT run any other tools or scans while I am helping you.

5. It is important that you reply to this thread. Do not start a new topic.

6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

7. Absence of symptoms does not mean that everything is clear.

 

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

*************************************************************

Please download AdwCleaner by Xplode onto your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

*********************************************

 

 

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

 

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

*************************************************

Download DDS from HERE or HERE and save it to your desktop.

 

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

 

* XP users Double click on dds to run it.

* If your antivirus or firewall try to block DDS then please allow it to run.

* When finished DDS will open two (2) logs.

* Save both reports to your desktop.

* The instructions here ask you to attach the Attach.txt.

 

http://i424.photobucket.com/albums/pp322/digistar/DDS.jpg

 

1) DDS.txt

2) Attach.txt

Instead of attaching, please copy/past both logs into your Thread

 

Note: DDS will instruct you to post the Attach.txt log as an attachment.

Please just post it as you would any other log by copying and pasting it into the reply.

 

•Close the program window, and delete the program from your desktop.

 

Please note: You may have to disable any script protection running if the scan fails to run.

After downloading the tool, disconnect from the internet and disable all antivirus protection.

Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE .Then post your DDS logs. (DDS.txt and Attach.txt )

Link to comment
Share on other sites

adware search

 

# AdwCleaner v2.104 - Fichero creado el 30/12/2012 a 13:44:36

# Actualizado el 29/12/2012 por Xplode

# Sistema operativo : Windows 7 Starter Service Pack 1 (32 bits)

# Usuario : joel - JOEL-PC

# Modo de inicio : Normal

# Ejecutado desde : C:\Users\joel\Downloads\adwcleaner.exe

# Opción [búsqueda]

 

 

***** [servicios] *****

 

Presente : Application Updater

 

***** [Ficheros / Carpetas] *****

 

Carpeta Presente : C:\Program Files\Application Updater

Carpeta Presente : C:\Program Files\Common Files\spigot

Carpeta Presente : C:\Users\joel\AppData\LocalLow\incredibar.com

Carpeta Presente : C:\Users\joel\AppData\LocalLow\Search Settings

Carpeta Presente : C:\Users\joel\AppData\Roaming\OpenCandy

Fichero Presente : C:\user.js

Fichero Presente : C:\Users\joel\AppData\Roaming\Mozilla\Firefox\Profiles\1xzwrqfa.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

 

***** [Registro] *****

 

Clave Presente : HKCU\Software\AppDataLow\Software\Search Settings

Clave Presente : HKCU\Software\IM

Clave Presente : HKCU\Software\ImInstaller

Clave Presente : HKCU\Software\Search Settings

Clave Presente : HKCU\Software\Softonic

Clave Presente : HKCU\Software\SweetIM

Clave Presente : HKLM\Software\Application Updater

Clave Presente : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Clave Presente : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Clave Presente : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn

Clave Presente : HKLM\Software\IB Updater

Clave Presente : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32

Clave Presente : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS

Clave Presente : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32

Clave Presente : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS

Clave Presente : HKLM\Software\Search Settings

Clave Presente : HKLM\Software\SweetIM

 

***** [Navegadores] *****

 

-\\ Internet Explorer v9.0.8112.16457

 

[OK] El registro no contiene ninguna entrada ilegítima.

 

-\\ Mozilla Firefox v17.0.1 (en-US)

 

Fichero : C:\Users\joel\AppData\Roaming\Mozilla\Firefox\Profiles\1xzwrqfa.default\prefs.js

 

[OK] El fichero no contiene ninguna entrada ilegítima.

 

-\\ Google Chrome v23.0.1271.97

 

Fichero : C:\Users\joel\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] El fichero no contiene ninguna entrada ilegítima.

 

*************************

 

AdwCleaner[R1].txt - [2486 octets] - [30/12/2012 13:44:36]

 

########## EOF - C:\AdwCleaner[R1].txt - [2546 octets] ##########

Link to comment
Share on other sites

malwarebytes scan

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100

http://www.malwarebytes.org

 

Database version: v2012.12.30.08

 

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 9.0.8112.16421

joel :: JOEL-PC [administrator]

 

Protection: Enabled

 

12/30/2012 2:02:45 PM

mbam-log-2012-12-30 (14-02-45).txt

 

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 292420

Time elapsed: 1 hour(s), 26 minute(s), 48 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

:grin:

Link to comment
Share on other sites

dds

 

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16457

Run by joel at 15:43:22 on 2012-12-30

Microsoft Windows 7 Starter 6.1.7601.1.1252.52.3082.18.1942.678 [GMT -5:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

AV: Advanced SystemCare Ultimate *Enabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}

SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: IObit Security 360 *Enabled/Updated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}

SP: IObit Malware Fighter *Disabled/Outdated* {A751AC20-3B48-5237-898A-78C4436BB78D}

SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ================

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe

C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe

C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Application Updater\ApplicationUpdater.exe

C:\windows\system32\CxAudMsg32.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\Spyware Terminator\st_rsser.exe

C:\Program Files\Fighters\FighterSuiteService.exe

C:\Windows\system32\TODDSrv.exe

C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe

C:\Program Files\TOSHIBA\TECO\TecoService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\windows\system32\taskeng.exe

C:\Program Files\IObit\Advanced SystemCare Ultimate\Monitor.exe

C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe

C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe

C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe

C:\Program Files\Toshiba\Power Saver\TPwrMain.exe

C:\Program Files\Toshiba\FlashCards\TCrdMain.exe

C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files\Toshiba\TECO\Teco.exe

C:\Program Files\Toshiba\TOSHIBA Sleep Utility\TSleepSrv.exe

C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe

C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe

C:\Windows\System32\igfxtray.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Fighters\Tray\FightersTray.exe

C:\Program Files\EMET\EMET_notifier.exe

C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe

C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe

C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\windows\system32\wuauclt.exe

C:\windows\System32\alg.exe

C:\windows\system32\IntelCpHeciSvc.exe

C:\Program Files\WildTangent Games\App\GamesAppService.exe

C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\IObit\IObit Security 360\is360tray.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\IObit\Advanced SystemCare Ultimate\ASC.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe

C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

c:\Program Files\Microsoft Security Client\MpCmdRun.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k GPSvcGroup

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

.

============== Pseudo HJT Report ===============

.

uProxyOverride = <local>

BHO: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\engine\19.9.0.9\coieplg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton internet security\engine\19.9.0.9\ips\ipsbho.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\advanced systemcare ultimate\browerprotect\ASCPlugin_Protection.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - c:\program files\toshiba\toshiba media controller plug-in\TOSHIBAMediaControllerIE.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\19.9.0.9\coieplg.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\19.9.0.9\coieplg.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [Advanced SystemCare Ultimate] "c:\program files\iobit\advanced systemcare ultimate\ASCTray.exe" /AutoStart

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

uRun: [FDPRO-516] c:\program files\fighters\FighterLauncher.exe FDPRO

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [smartAudio] c:\program files\conexant\saii\SACpl.exe /t

mRun: [sRS Premium Sound HD] "c:\program files\srs labs\srs control panel\srspanel.exe" /f="c:\program files\srs labs\srs control panel\SRS_Premium_Sound_HD.zip" /h

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [uSB3MON] "c:\program files\intel\intel® usb 3.0 extensible host controller driver\application\iusb3mon.exe"

mRun: [AmIcoSinglun] c:\program files\amicosinglun\AmIcoSinglun.exe

mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE

mRun: [TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe

mRun: [TosWaitSrv] c:\program files\toshiba\tphm\TosWaitSrv.exe

mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60

mRun: [Teco] "c:\program files\toshiba\teco\Teco.exe" /r

mRun: [TSleepSrv] c:\program files\toshiba\toshiba sleep utility\TSleepSrv.exe

mRun: [TosVolRegulator] c:\program files\toshiba\tosvolregulator\TosVolRegulator.exe

mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe

mRun: [TosNC] c:\program files\toshiba\bulletinboard\TosNcCore.exe

mRun: [TosReelTimeMonitor] c:\program files\toshiba\reeltime\TosReelTimeMonitor.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [CommonToolkitTray] c:\program files\fighters\tray\FightersTray.exe

mRun: [EMET Notifier] c:\program files\emet\EMET_notifier.exe

mRun: [spywareTerminatorShield] c:\program files\spyware terminator\SpywareTerminatorShield.exe

mRun: [spywareTerminatorUpdater] c:\program files\spyware terminator\SpywareTerminatorUpdate.exe

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [iObit Security 360] "c:\program files\iobit\iobit security 360\IS360tray.exe" /autostart

mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

TCP: NameServer = 10.1.2.253 10.1.2.254 10.1.2.8

TCP: Interfaces\{E04876FE-DB0B-465F-8F68-79B51D73F386} : DHCPNameServer = 10.1.2.253 10.1.2.254 10.1.2.8

Handler: skype-ie-addon-data - <Clsid value has no data>

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: igfxcui - igfxdev.dll

SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\joel\appdata\roaming\mozilla\firefox\profiles\1xzwrqfa.default\

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\intel\intel® management engine components\ipt\npIntelWebAPIIPT.dll

FF - plugin: c:\program files\intel\intel® management engine components\ipt\npIntelWebAPIUpdater.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: c:\program files\veetle\player\npvlc.dll

FF - plugin: c:\program files\veetle\plugins\npVeetle.dll

FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\2\NP_wtapp.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\joel\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll

FF - ExtSQL: 2012-12-03 17:38; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\IPSFFPlgn

FF - ExtSQL: 2012-12-13 00:14; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\coFFPlgn

FF - ExtSQL: 2012-12-17 12:05; ascsurfingprotection@iobit.com; c:\users\joel\appdata\roaming\mozilla\firefox\profiles\1xzwrqfa.default\extensions\ascsurfingprotection@iobit.com

FF - ExtSQL: 2012-12-23 17:43; addlyrics@addlyrics.net; c:\program files\addlyrics\FF

FF - ExtSQL: 2012-12-24 03:22; {EEE6C361-6118-11DC-9C72-001320C79847}; c:\users\joel\appdata\roaming\mozilla\firefox\profiles\1xzwrqfa.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

.

============= SERVICES / DRIVERS ===============

.

R0 iusb3hcs;Controlador del conmutador de la controladora de host Intel® USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys [2012-2-27 13592]

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]

R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2012-11-9 15672]

R1 MpKsl1d3ce6e5;MpKsl1d3ce6e5;c:\programdata\microsoft\microsoft antimalware\definition updates\{2739f9db-4ba5-4ced-88c8-4cb4036e95f4}\MpKsl1d3ce6e5.sys [2012-12-30 29904]

R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [2012-12-29 32768]

R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\iobit\advanced systemcare ultimate\ASCSvc.exe [2012-12-5 1050496]

R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-11-28 793600]

R2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;c:\program files\iobit\advanced systemcare ultimate\ASCAvSvc.exe [2012-12-5 625536]

R2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\codemeter\runtime\bin\CodeMeter.exe [2012-12-12 2571704]

R2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg32.exe [2012-8-6 190592]

R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-8-30 99272]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-6-19 12920]

R3 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\bashdefs\20121130.005\BHDrvx86.sys [2012-12-3 995488]

R3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1309000.009\ccsetx86.sys [2012-11-8 132768]

R3 Common Toolkit Tools;Common Toolkit Tools;c:\program files\fighters\full-diskfighter\Common Toolkit Tools.exe [2012-6-5 217200]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-11-8 106656]

R3 esgiguard;esgiguard;c:\program files\enigma software group\spyhunter\esgiguard.sys [2011-5-6 13904]

R3 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\ipsdefs\20121205.001\IDSvix86.sys [2012-12-6 386720]

R3 IntcDAud;Sonido Intel® para pantallas;c:\windows\system32\drivers\IntcDAud.sys [2011-12-6 280576]

R3 iusb3hub;Controlador del concentrador Intel® USB 3.0;c:\windows\system32\drivers\iusb3hub.sys [2012-2-27 348440]

R3 iusb3xhc;Controlador de la controladora de host Intel® USB 3.0 eXtensible;c:\windows\system32\drivers\iusb3xhc.sys [2012-2-27 792856]

R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2012-1-16 90224]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-30 21104]

R3 MEI;Intel® Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2011-11-10 46080]

R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2012-8-6 33616]

R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2009-6-15 9216]

R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\drivers\rtl8192ce.sys [2012-8-6 1036904]

R3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver.sys [2011-12-22 20240]

R3 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1309000.009\symds.sys [2012-11-8 340088]

R3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1309000.009\symefa.sys [2012-11-8 924320]

R3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1309000.009\ironx86.sys [2012-11-8 149624]

R3 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\nis\1309000.009\symnets.sys [2012-11-8 318584]

R4 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\RegFilter.sys [2012-12-30 30600]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 EsgScanner;EsgScanner;c:\windows\system32\drivers\EsgScanner.sys [2012-6-22 19984]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-8 14848]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-8 49664]

S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-11-8 27136]

S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\iobit\game booster 3\driver\WinRing0.sys [2012-11-9 14416]

.

=============== Created Last 30 ================

.

2012-12-30 18:51:35 -------- d-----w- c:\users\joel\appdata\roaming\Malwarebytes

2012-12-30 18:51:15 -------- d-----w- c:\programdata\Malwarebytes

2012-12-30 18:51:11 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-30 18:51:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-12-30 18:50:54 -------- d-----w- c:\users\joel\appdata\local\Programs

2012-12-30 18:44:24 60872 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{2739f9db-4ba5-4ced-88c8-4cb4036e95f4}\offreg.dll

2012-12-30 18:02:27 -------- d-----w- c:\users\joel\appdata\local\{5CF0D52F-9058-409E-A61F-58014F5536B7}

2012-12-30 09:20:32 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{2739f9db-4ba5-4ced-88c8-4cb4036e95f4}\MpKsl1d3ce6e5.sys

2012-12-30 04:55:08 740840 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{717240bd-d965-47af-aa23-08f7d5c2d7df}\gapaengine.dll

2012-12-30 04:55:02 6812136 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{2739f9db-4ba5-4ced-88c8-4cb4036e95f4}\mpengine.dll

2012-12-30 04:50:41 -------- d-----w- c:\program files\Microsoft Security Client

2012-12-30 04:45:25 -------- d-----w- c:\users\joel\appdata\local\{F51F20A3-BCD1-4E44-87B1-4AEA43A56199}

2012-12-30 04:45:25 -------- d-----w- c:\users\joel\appdata\local\{1A6175B3-BD3C-44E4-9222-DEB082C14A3E}

2012-12-30 03:05:03 -------- d-----w- c:\windows\en

2012-12-30 02:59:34 -------- d-----w- c:\users\joel\appdata\local\Windows Live

2012-12-29 23:50:40 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys

2012-12-29 23:50:39 -------- d-----w- c:\users\joel\appdata\roaming\Spyware Terminator

2012-12-29 23:50:39 -------- d-----w- c:\programdata\Spyware Terminator

2012-12-29 23:50:33 -------- d-----w- c:\program files\Spyware Terminator

2012-12-29 22:58:55 110080 ----a-r- c:\users\joel\appdata\roaming\microsoft\installer\{ddabc667-56b3-4122-82b0-2f5782ea2f9a}\IconF7A21AF7.exe

2012-12-29 22:58:55 110080 ----a-r- c:\users\joel\appdata\roaming\microsoft\installer\{ddabc667-56b3-4122-82b0-2f5782ea2f9a}\IconD7F16134.exe

2012-12-29 22:58:55 110080 ----a-r- c:\users\joel\appdata\roaming\microsoft\installer\{ddabc667-56b3-4122-82b0-2f5782ea2f9a}\IconCF33A0CE.exe

2012-12-29 22:58:54 -------- d-----w- C:\sh4ldr

2012-12-29 22:58:54 -------- d-----w- c:\program files\Enigma Software Group

2012-12-29 22:58:12 -------- d-----w- c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP

2012-12-29 22:58:10 -------- d-----w- c:\program files\common files\Wise Installation Wizard

2012-12-29 18:32:17 -------- d-----w- c:\program files\EMET

2012-12-29 16:44:46 -------- d-----w- c:\users\joel\appdata\local\{19C56753-EE39-4C1D-B6DD-07D527FF8B5B}

2012-12-29 07:11:01 -------- d-----w- c:\users\joel\appdata\roaming\Unity

2012-12-29 05:45:34 -------- d-----w- c:\users\joel\appdata\local\Unity

2012-12-29 04:44:08 -------- d-----w- c:\users\joel\appdata\local\{BD5546B8-A477-427C-9511-F48DBBF7AA68}

2012-12-28 20:33:03 -------- d-----w- C:\miprimeracompu

2012-12-28 16:43:32 -------- d-----w- c:\users\joel\appdata\local\{057198CC-9C9D-4AA3-830B-0AFF398CD9C1}

2012-12-28 05:06:07 -------- d-----w- c:\users\joel\appdata\roaming\PC Cleaners

2012-12-28 05:06:00 4728712 ----a-w- c:\windows\uninst.exe

2012-12-28 05:05:58 -------- d-----w- c:\users\joel\appdata\roaming\PCPro

2012-12-28 05:05:58 -------- d-----w- c:\programdata\PC1Data

2012-12-28 04:43:05 -------- d-----w- c:\users\joel\appdata\local\{663A5FB0-1667-4CED-B5D0-640E6D607A42}

2012-12-28 02:58:23 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-28 02:58:23 295424 ----a-w- c:\windows\system32\atmfd.dll

2012-12-28 02:52:02 -------- d-----w- c:\users\joel\appdata\roaming\sMedio

2012-12-28 01:09:38 -------- d-----w- c:\program files\Application Updater

2012-12-28 01:09:37 -------- d-----w- c:\program files\IObit Toolbar

2012-12-27 20:01:13 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{146fd1cf-1c27-4da3-b878-a7360a677ce5}\mpengine.dll

2012-12-27 16:11:30 -------- d-----w- c:\users\joel\appdata\local\{644747AC-4BB6-4799-B2A2-3755DE26F07B}

2012-12-27 02:53:09 -------- d-----w- c:\users\joel\appdata\local\{31B8F2DB-7F47-456F-9046-409B1F9A14D4}

2012-12-27 00:58:35 -------- d-----w- c:\users\joel\fontconfig

2012-12-26 18:57:47 -------- d-----w- c:\users\joel\appdata\roaming\Windows Live Writer

2012-12-26 18:57:41 -------- d-----w- c:\users\joel\appdata\local\Windows Live Writer

2012-12-26 18:45:54 -------- d-----w- c:\program files\ParetoLogic

2012-12-26 18:45:54 -------- d-----w- c:\program files\common files\ParetoLogic

2012-12-26 14:52:32 -------- d-----w- c:\users\joel\appdata\local\{F6F3BB58-EFF0-4573-AC51-608A41891D56}

2012-12-26 01:38:57 -------- d-----w- c:\users\joel\appdata\local\{A031D403-E808-4D77-8C63-2239878DEB32}

2012-12-25 21:00:24 -------- d-----w- c:\users\joel\appdata\local\ElevatedDiagnostics

2012-12-25 18:17:23 -------- d-----w- c:\users\joel\appdata\roaming\HoolappforAndroid

2012-12-25 12:09:35 -------- d-----w- c:\users\joel\appdata\local\{1B135AE7-6DFA-41D1-B5CA-FEA8891FC103}

2012-12-25 00:08:58 -------- d-----w- c:\users\joel\appdata\local\{29476957-B118-4144-B185-A1BC9F9A2A11}

2012-12-24 12:08:32 -------- d-----w- c:\users\joel\appdata\local\{74733ADA-41DA-4C04-9768-03BD6470D08F}

2012-12-24 08:41:32 -------- d-----w- c:\programdata\Free Online TV

2012-12-24 08:37:51 -------- d-----w- c:\users\joel\.smplayer

2012-12-24 08:33:38 -------- d-----w- c:\program files\SMPlayer

2012-12-24 08:20:00 -------- d-----w- c:\users\joel\Tracing

2012-12-24 08:16:31 -------- d-----w- c:\users\joel\appdata\roaming\Fighters

2012-12-24 08:16:31 -------- d-----w- c:\program files\Fighters

2012-12-24 08:16:28 -------- d-----w- c:\programdata\Fighters

2012-12-24 08:11:50 -------- d-----w- c:\windows\system32\Adobe

2012-12-24 07:14:17 632656 ----a-w- c:\windows\system32\msvcr80.dll

2012-12-24 07:14:17 554832 ----a-w- c:\windows\system32\msvcp80.dll

2012-12-24 07:14:17 479232 ----a-w- c:\windows\system32\msvcm80.dll

2012-12-24 05:30:25 -------- d-----w- c:\users\joel\appdata\roaming\ParetoLogic

2012-12-24 05:30:25 -------- d-----w- c:\users\joel\appdata\roaming\DriverCure

2012-12-24 05:30:04 -------- d-----w- c:\programdata\ParetoLogic

2012-12-23 22:55:34 -------- d-----w- c:\users\joel\appdata\local\{E73134E1-BCC6-4727-8486-BFBDF39C3F57}

2012-12-23 22:44:04 -------- d-----w- c:\program files\Free YouTube Downloader

2012-12-23 22:43:10 -------- d-----w- c:\program files\AddLyrics

2012-12-23 12:50:45 -------- d-----w- c:\users\joel\appdata\roaming\Nitro

2012-12-23 12:50:45 -------- d-----w- c:\users\joel\appdata\roaming\FileOpen

2012-12-23 12:50:45 -------- d-----w- c:\programdata\FileOpen

2012-12-23 12:50:14 -------- d-----w- c:\programdata\Nitro

2012-12-13 05:15:49 -------- d-----w- c:\users\joel\appdata\local\Apps

2012-12-12 18:57:48 -------- d-----w- C:\UnknownFolder30635

2012-12-12 18:21:20 670120 ----a-w- c:\windows\system32\WibuCm32.dll

2012-12-12 18:21:19 -------- d-----w- c:\program files\CodeMeter

2012-12-12 11:13:52 -------- d-----w- c:\users\joel\appdata\local\IsolatedStorage

2012-12-12 09:19:55 -------- d-----w- c:\windows\Migration

2012-12-12 06:02:40 -------- d-----w- C:\Log

2012-12-12 05:37:45 2048 ----a-w- c:\windows\system32\tzres.dll

2012-12-08 08:42:23 -------- d-----w- c:\program files\common files\Steam

2012-12-08 07:04:34 -------- d-----w- c:\program files\Pando Networks

2012-12-08 05:44:07 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-12-05 08:33:52 340624 ----a-w- c:\windows\system32\drivers\trufos.sys

2012-12-05 08:33:51 353096 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys

2012-12-05 08:33:49 -------- d-----w- c:\programdata\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}

2012-12-05 01:32:23 -------- d-----w- c:\users\joel\appdata\local\Macromedia

2012-12-04 06:37:51 -------- d-----w- c:\users\joel\appdata\local\Microsoft Games

2012-12-04 06:25:48 -------- d-----w- C:\Intel

.

==================== Find3M ====================

.

2012-12-24 05:54:45 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-24 05:54:45 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-12 05:37:18 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-12-12 05:37:18 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-12-12 05:37:18 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-12-12 05:37:18 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-12-12 05:37:18 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-12-12 05:37:18 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-11-27 20:32:31 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-11-08 23:14:28 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2012-11-08 21:01:27 514560 ----a-w- c:\windows\system32\qdvd.dll

2012-11-08 01:04:22 13 --sh--r- c:\windows\system32\drivers\fbd.sys

2012-10-15 15:54:02 22912 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe

2012-10-09 17:40:31 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-10-09 17:40:31 193536 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-10-03 16:58:30 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-10-03 16:42:26 52224 ----a-w- c:\windows\system32\nlaapi.dll

2012-10-03 16:42:26 242176 ----a-w- c:\windows\system32\nlasvc.dll

2012-10-03 16:42:24 18944 ----a-w- c:\windows\system32\netevent.dll

2012-10-03 16:42:24 175104 ----a-w- c:\windows\system32\netcorehc.dll

2012-10-03 16:42:23 156672 ----a-w- c:\windows\system32\ncsi.dll

2012-10-03 16:40:35 499712 ----a-w- c:\windows\system32\iphlpsvc.dll

2012-10-03 15:21:38 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

.

============= FINISH: 15:44:32.69 ===============

.

Link to comment
Share on other sites

attach.txt: note block

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Starter

Boot Device: \Device\HarddiskVolume1

Install Date: 11/7/2012 8:02:56 PM

System Uptime: 12/30/2012 9:56:57 AM (6 hours ago)

.

Motherboard: Type2 - Board Vendor Name1 | | Type2 - Board Product Name1

Processor: Intel® Celeron® CPU B820 @ 1.70GHz | U3E1 | 799/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 453 GiB total, 411.754 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP79: 12/25/2012 1:40:40 PM - IObit Uninstaller restore point

RP81: 12/25/2012 1:41:52 PM - IObit Uninstaller restore point

RP83: 12/25/2012 1:42:53 PM - IObit Uninstaller restore point

RP85: 12/25/2012 1:44:15 PM - IObit Uninstaller restore point

RP86: 12/27/2012 3:00:54 PM - Windows Update

RP87: 12/27/2012 9:57:53 PM - Instalador de Módulos de Windows

RP89: 12/28/2012 12:08:04 AM - IObit Uninstaller restore point

RP90: 12/28/2012 2:54:01 AM - Removed IObit Toolbar v6.6.

RP91: 12/28/2012 3:18:34 PM - Installed MiPrimeraCompuV2.0

RP92: 12/28/2012 3:29:10 PM - Installed MiPrimeraCompuV2.0

RP93: 12/29/2012 1:31:49 PM - Installed EMET

RP94: 12/29/2012 5:58:19 PM - Installed SpyHunter

RP96: 12/29/2012 9:59:15 PM - Windows Live Essentials

RP98: 12/29/2012 10:03:29 PM - Se ha instalado DirectX

RP100: 12/29/2012 10:04:02 PM - Se ha instalado DirectX

RP101: 12/29/2012 10:04:19 PM - WLSetup

RP102: 12/30/2012 3:00:19 AM - Windows Update

.

==== Installed Programs ======================

.

AddLyrics

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4) MUI

Adobe Shockwave Player 11.6

Advanced SystemCare Ultimate 6

Alcor Micro USB Card Reader

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

Bejeweled 3

Chuzzle Deluxe

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Conexant HD Audio

Control ActiveX de Windows Live Mesh para conexiones remotas

D3DX10

EMET

Farm Frenzy

FATE

Free YouTube Downloader 3.5.134

FULL-DISKfighter

Galería fotográfica de Windows Live

Game Booster 3

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Intel® Manageability Engine Firmware Recovery Agent

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Intel® USB 3.0 eXtensible Host Controller Driver

Intel® Trusted Connect Service Client

Internet Explorer (Enable DEP)

IObit Malware Fighter

IObit Security 360

IObit Toolbar v6.6

Java Auto Updater

Java 6 Update 25

Jewel Quest II

Juegos WildTangent

Junk Mail filter update

Malwarebytes Anti-Malware version 1.70.0.1100

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MiPrimeraCompuV2.0

Mozilla Firefox 17.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

Norton Internet Security

ParetoLogic PC Health Advisor

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime x86

Polar Bowler

Premium Sound HD

Realtek WLAN Driver

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Skype Click to Call

Skype™ 6.0

Smart Defrag 2

SMPlayer 0.6.9

SpyHunter

Spyware Terminator 2012

swMSM

Synaptics Pointing Device Driver

TOSHIBA Application and Driver Installer

TOSHIBA Assist

Toshiba Book Place

TOSHIBA Bulletin Board

TOSHIBA Disc Creator

TOSHIBA eco Utility

TOSHIBA Face Recognition

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

TOSHIBA Manual del Usuario

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

TOSHIBA PC Health Monitor

TOSHIBA Quality Application

TOSHIBA Recovery Media Creator

TOSHIBA ReelTime

Toshiba Security Dashboard

TOSHIBA Service Station

TOSHIBA Sleep Utility

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TOSHIBA VIDEO PLAYER

TOSHIBA Web Camera Application

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update Installer for WildTangent Games App

Veetle TV

Wedding Dash 2 - Rings Around the World

WildTangent Games App (Toshiba Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

.

==== Event Viewer Messages From Past Week ========

.

12/30/2012 4:28:43 AM, Error: Service Control Manager [7034] - El servicio IS360service se terminó de manera inesperada. Esto ha sucedido 1 veces.

12/30/2012 4:10:56 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 4:08:08 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 4:05:02 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 4:04:15 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 4:04:15 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 4:04:11 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 4:04:01 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 4:04:01 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 4:03:58 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 4:01:56 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 4:01:56 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 4:01:51 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:56:56 AM, Error: Service Control Manager [7001] - El servicio Identidad de aplicación depende del servicio Controlador de AppId, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:56:07 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:56:07 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:56:07 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:56:07 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:56:07 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:56:07 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:56:01 AM, Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor: {9E175B6D-F52A-11D8-B9A5-505054503030}

12/30/2012 3:56:01 AM, Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

12/30/2012 3:56:00 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:56:00 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:56:00 AM, Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1068" al intentar iniciar el servicio netprofm con argumentos "" para ejecutar el servidor: {A47979D2-C419-11D9-A5B4-001185AD2B89}

12/30/2012 3:56:00 AM, Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1068" al intentar iniciar el servicio netman con argumentos "" para ejecutar el servidor: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

12/30/2012 3:55:59 AM, Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1084" al intentar iniciar el servicio EventSystem con argumentos "" para ejecutar el servidor: {1BE1F766-5536-11D1-B726-00C04FB926AF}

12/30/2012 3:55:52 AM, Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC}

12/30/2012 3:55:43 AM, Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr sp_rsdrv2 tdx vwififlt Wanarpv6 WfpLwf

12/30/2012 3:55:40 AM, Error: Service Control Manager [7001] - El servicio Reconocimiento de ubicación de red depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:55:40 AM, Error: Service Control Manager [7001] - El servicio Minirredirector SMB 2.0 depende del servicio Contenedor y motor de minirredirector SMB, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:55:40 AM, Error: Service Control Manager [7001] - El servicio Minirredirector SMB 1.x depende del servicio Contenedor y motor de minirredirector SMB, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:55:40 AM, Error: Service Control Manager [7001] - El servicio Estación de trabajo depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:55:40 AM, Error: Service Control Manager [7001] - El servicio Contenedor y motor de minirredirector SMB depende del servicio Subsistema de almacenamiento en búfer redirigido, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.

12/30/2012 3:55:40 AM, Error: Service Control Manager [7001] - El servicio Conexant Audio Message Service depende del servicio Audio de Windows, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/30/2012 3:55:38 AM, Error: Service Control Manager [7001] - El servicio Servicio Interfaz de almacenamiento en red depende del servicio NSI proxy service driver., el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.

12/30/2012 3:55:38 AM, Error: Service Control Manager [7001] - El servicio Cliente DNS depende del servicio Controlador de soporte TDI heredado NetIO, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.

12/30/2012 3:55:38 AM, Error: Service Control Manager [7001] - El servicio Cliente DHCP depende del servicio Ancillary Function Driver for Winsock, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.

12/30/2012 3:55:38 AM, Error: Service Control Manager [7001] - El servicio Aplicación auxiliar de NetBIOS sobre TCP/IP depende del servicio Ancillary Function Driver for Winsock, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.

12/29/2012 11:28:16 PM, Error: Microsoft-Windows-DistributedCOM [10016] - La configuración de permisos establecido de forma predeterminada en el equipo no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} y APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} al usuario joel-PC\joel con SID (S-1-5-21-4275308219-4099615184-1972521571-1000) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

12/29/2012 11:24:17 PM, Error: Microsoft-Windows-DistributedCOM [10016] - La configuración de permisos establecido de forma predeterminada en el equipo no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} y APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} al usuario joel-PC\joel con SID (S-1-5-21-4275308219-4099615184-1972521571-1000) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

12/29/2012 10:41:49 PM, Error: Microsoft-Windows-DistributedCOM [10016] - La configuración de permisos establecido de forma predeterminada en el equipo no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} y APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} al usuario joel-PC\joel con SID (S-1-5-21-4275308219-4099615184-1972521571-1000) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

12/29/2012 10:39:24 PM, Error: Microsoft-Windows-DistributedCOM [10016] - La configuración de permisos establecido de forma predeterminada en el equipo no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} y APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} al usuario joel-PC\joel con SID (S-1-5-21-4275308219-4099615184-1972521571-1000) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

12/29/2012 10:38:46 PM, Error: Microsoft-Windows-DistributedCOM [10016] - La configuración de permisos establecido de forma predeterminada en el equipo no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} y APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} al usuario joel-PC\joel con SID (S-1-5-21-4275308219-4099615184-1972521571-1000) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

12/28/2012 12:42:36 AM, Error: Service Control Manager [7034] - El servicio IMF Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

12/28/2012 12:32:46 AM, Error: Service Control Manager [7034] - El servicio IS360service se terminó de manera inesperada. Esto ha sucedido 1 veces.

12/28/2012 10:34:02 PM, Error: Service Control Manager [7038] - El servicio upnphost no se pudo iniciarse como NT AUTHORITY\LocalService con la contraseña configurada actualmente debido al siguiente error: Solicitud no compatible. Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).

12/28/2012 10:34:02 PM, Error: Service Control Manager [7000] - El servicio Dispositivo host de UPnP no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio debido a un error en el inicio de sesión.

12/28/2012 10:34:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1069" al intentar iniciar el servicio upnphost con argumentos "" para ejecutar el servidor: {204810B9-73B2-11D4-BF42-00B0D0118B56}

12/27/2012 5:22:44 PM, Error: Microsoft-Windows-Application-Experience [205] - El Servicio de compatibilidad de programas no pudo realizar la inicialización de la fase dos.

12/27/2012 1:50:06 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/27/2012 1:50:06 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/27/2012 1:50:06 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/27/2012 1:50:06 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/27/2012 1:50:06 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/27/2012 1:50:06 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/27/2012 1:50:05 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/27/2012 1:50:05 AM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/27/2012 1:49:49 AM, Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf

12/27/2012 1:49:49 AM, Error: Service Control Manager [7001] - El servicio Reconocimiento de ubicación de red depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/27/2012 1:49:49 AM, Error: Service Control Manager [7001] - El servicio Estación de trabajo depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/27/2012 1:49:49 AM, Error: Service Control Manager [7001] - El servicio Contenedor y motor de minirredirector SMB depende del servicio Subsistema de almacenamiento en búfer redirigido, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.

12/27/2012 1:49:49 AM, Error: Service Control Manager [7001] - El servicio Aplicación auxiliar de NetBIOS sobre TCP/IP depende del servicio Ancillary Function Driver for Winsock, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.

12/27/2012 1:48:30 PM, Error: Microsoft-Windows-DistributedCOM [10016] - La configuración de permisos establecido de forma predeterminada en el equipo no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} y APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} al usuario joel-PC\joel con SID (S-1-5-21-4275308219-4099615184-1972521571-1000) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

12/25/2012 2:51:01 PM, Error: Service Control Manager [7038] - El servicio upnphost no se pudo iniciarse como NT AUTHORITY\LocalService con la contraseña configurada actualmente debido al siguiente error: Solicitud no compatible. Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).

12/25/2012 2:51:01 PM, Error: Service Control Manager [7000] - El servicio Dispositivo host de UPnP no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio debido a un error en el inicio de sesión.

12/24/2012 6:22:55 PM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/24/2012 6:22:55 PM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/24/2012 6:22:55 PM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/24/2012 6:22:55 PM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/24/2012 6:22:55 PM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/24/2012 6:22:55 PM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/24/2012 6:22:55 PM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/24/2012 6:22:55 PM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/24/2012 6:22:43 PM, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/24/2012 6:22:40 PM, Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf

12/24/2012 6:22:40 PM, Error: Service Control Manager [7001] - El servicio Reconocimiento de ubicación de red depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/24/2012 6:22:40 PM, Error: Service Control Manager [7001] - El servicio Estación de trabajo depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.

12/24/2012 6:22:40 PM, Error: Service Control Manager [7001] - El servicio Contenedor y motor de minirredirector SMB depende del servicio Subsistema de almacenamiento en búfer redirigido, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.

12/24/2012 6:22:40 PM, Error: Service Control Manager [7001] - El servicio Aplicación auxiliar de NetBIOS sobre TCP/IP depende del servicio Ancillary Function Driver for Winsock, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.

12/24/2012 5:46:40 PM, Error: Service Control Manager [7023] - El servicio Servidor se cerró con el siguiente error: Datos no válidos.

12/24/2012 4:27:42 AM, Error: Microsoft-Windows-DistributedCOM [10000] - No se puede iniciar un servidor DCOM: {73C9DFA0-750D-11E1-B0C4-0800200C9A66}. Error "5" al iniciar este comando: C:\windows\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -Embedding

12/23/2012 5:50:44 PM, Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

12/23/2012 5:50:43 PM, Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

12/23/2012 5:50:43 PM, Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

12/23/2012 5:50:42 PM, Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

12/23/2012 5:50:42 PM, Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

.

==== End Of File ===========================

Link to comment
Share on other sites

The log shows that you have two Anti-viruses enabled on your computer which is a no-no. Either Microsoft Security Essentials or Advanced SystemCare Ultimate will have to be disabled/uninstalled.

 

Download Security Check by screen317 from one of the following links and save it to your desktop.

 

Link 1

Link 2

 

* Double-click Security Check.bat

* Follow the on-screen instructions inside of the black box.

* A Notepad document should open automatically called checkup.txt

* Post the contents of that document in your next reply.

 

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

******************************************************

Download Combofix from any of the links below, and save it to your DESKTOP.

 

Link 1

Link 2

Link 3

 

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.
     
    You will see the following image:

http://i424.photobucket.com/albums/pp322/digistar/NSIS_disclaimer_ENG.png

 

Click I Agree to start the program.

 

ComboFix will then extract the necessary files and you will see this:

 

http://i424.photobucket.com/albums/pp322/digistar/NSIS_extraction.png

 

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

 

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

 

If you did not have it installed, you will see the prompt below. Choose YES.

 

http://i424.photobucket.com/albums/pp322/digistar/RcAuto1.gif

 

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

 

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

 

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

 

http://i424.photobucket.com/albums/pp322/digistar/whatnext.png

 

Click on Yes, to continue scanning for malware.

 

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

 

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

 

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Link to comment
Share on other sites

security check

 

Results of screen317's Security Check version 0.99.56

Windows 7 Service Pack 1 x86 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Microsoft Security Essentials

Norton Internet Security

Advanced SystemCare Ultimate

(On Access scanning disabled!)

Error obtaining update status for antivirus!

`````````Anti-malware/Other Utilities Check:`````````

Spyware Terminator 2012

SpyHunter

Malwarebytes Anti-Malware version 1.70.0.1100

Java 6 Update 25

Java version out of Date!

Adobe Flash Player 11.5.502.135

Adobe Reader 10.1.4 Adobe Reader out of Date!

Mozilla Firefox (17.0.1)

Google Chrome 12.0.742.100

Google Chrome 23.0.1271.64

Google Chrome 23.0.1271.91

Google Chrome 23.0.1271.95

Google Chrome 23.0.1271.97

````````Process Check: objlist.exe by Laurent````````

Norton ccSvcHst.exe

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

IObit IObit Malware Fighter IMFsrv.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:

````````````````````End of Log``````````````````````

Link to comment
Share on other sites

combo fix log.txt.

 

ComboFix 12-12-31.01 - joel 12/31/2012 12:15:23.1.2 - x86

Microsoft Windows 7 Starter 6.1.7601.1.1252.52.3082.18.1942.1113 [GMT -5:00]

Running from: c:\users\joel\Downloads\ComboFix.exe

AV: Advanced SystemCare Ultimate *Enabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}

AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: IObit Malware Fighter *Disabled/Outdated* {A751AC20-3B48-5237-898A-78C4436BB78D}

SP: IObit Security 360 *Disabled/Updated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}

SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Amazon.ico

c:\windows\host32.exe

c:\windows\system32\ntos.exe

c:\windows\system32\sdra64.exe

c:\windows\system32\twext.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-11-28 to 2012-12-31 )))))))))))))))))))))))))))))))

.

.

2012-12-31 15:56 . 2012-11-08 15:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5D0EA8E9-8B98-4CE2-A1D0-EFD363821167}\mpengine.dll

2012-12-30 18:51 . 2012-12-30 18:51 -------- d-----w- c:\users\joel\AppData\Roaming\Malwarebytes

2012-12-30 18:51 . 2012-12-30 18:51 -------- d-----w- c:\programdata\Malwarebytes

2012-12-30 18:51 . 2012-12-30 18:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-12-30 18:51 . 2012-12-14 21:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-30 18:50 . 2012-12-30 18:50 -------- d-----w- c:\users\joel\AppData\Local\Programs

2012-12-30 04:55 . 2012-12-30 04:54 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{717240BD-D965-47AF-AA23-08F7D5C2D7DF}\gapaengine.dll

2012-12-30 04:55 . 2012-11-08 15:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-12-30 04:50 . 2012-12-30 04:51 -------- d-----w- c:\program files\Microsoft Security Client

2012-12-30 03:05 . 2012-12-30 03:05 -------- d-----w- c:\windows\en

2012-12-30 02:59 . 2012-12-30 04:45 -------- d-----w- c:\users\joel\AppData\Local\Windows Live

2012-12-29 23:50 . 2011-06-21 16:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys

2012-12-29 23:50 . 2012-12-31 15:43 -------- d-----w- c:\programdata\Spyware Terminator

2012-12-29 23:50 . 2012-12-29 23:50 -------- d-----w- c:\users\joel\AppData\Roaming\Spyware Terminator

2012-12-29 23:50 . 2012-12-29 23:51 -------- d-----w- c:\program files\Spyware Terminator

2012-12-29 22:58 . 2012-12-29 22:58 110080 ----a-r- c:\users\joel\AppData\Roaming\Microsoft\Installer\{DDABC667-56B3-4122-82B0-2F5782EA2F9A}\IconF7A21AF7.exe

2012-12-29 22:58 . 2012-12-29 22:58 110080 ----a-r- c:\users\joel\AppData\Roaming\Microsoft\Installer\{DDABC667-56B3-4122-82B0-2F5782EA2F9A}\IconD7F16134.exe

2012-12-29 22:58 . 2012-12-29 22:58 110080 ----a-r- c:\users\joel\AppData\Roaming\Microsoft\Installer\{DDABC667-56B3-4122-82B0-2F5782EA2F9A}\IconCF33A0CE.exe

2012-12-29 22:58 . 2012-12-29 22:59 -------- d-----w- C:\sh4ldr

2012-12-29 22:58 . 2012-12-29 22:58 -------- d-----w- c:\program files\Enigma Software Group

2012-12-29 22:58 . 2012-12-29 22:58 -------- d-----w- c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP

2012-12-29 22:58 . 2012-12-29 22:58 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2012-12-29 18:32 . 2012-12-29 18:32 -------- d-----w- c:\program files\EMET

2012-12-29 07:11 . 2012-12-29 07:11 -------- d-----w- c:\users\joel\AppData\Roaming\Unity

2012-12-29 05:45 . 2012-12-29 05:45 -------- d-----w- c:\users\joel\AppData\Local\Unity

2012-12-28 20:33 . 2012-12-28 20:34 -------- d-----w- C:\miprimeracompu

2012-12-28 05:06 . 2012-12-28 05:06 -------- d-----w- c:\users\joel\AppData\Roaming\PC Cleaners

2012-12-28 05:06 . 2012-12-28 05:05 4728712 ----a-w- c:\windows\uninst.exe

2012-12-28 05:05 . 2012-12-28 05:06 -------- d-----w- c:\users\joel\AppData\Roaming\PCPro

2012-12-28 05:05 . 2012-12-28 05:06 -------- d-----w- c:\programdata\PC1Data

2012-12-28 02:58 . 2012-12-28 02:58 295424 ----a-w- c:\windows\system32\atmfd.dll

2012-12-28 02:58 . 2012-12-28 02:58 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-28 02:52 . 2012-12-28 02:52 -------- d-----w- c:\users\joel\AppData\Roaming\sMedio

2012-12-28 01:09 . 2012-12-28 01:09 -------- d-----w- c:\program files\Application Updater

2012-12-28 01:09 . 2012-12-28 01:09 -------- d-----w- c:\program files\IObit Toolbar

2012-12-27 20:01 . 2012-11-19 06:04 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{146FD1CF-1C27-4DA3-B878-A7360A677CE5}\mpengine.dll

2012-12-27 00:58 . 2012-12-27 00:58 -------- d-----w- c:\users\joel\fontconfig

2012-12-26 18:57 . 2012-12-26 18:57 -------- d-----w- c:\users\joel\AppData\Roaming\Windows Live Writer

2012-12-26 18:57 . 2012-12-26 18:57 -------- d-----w- c:\users\joel\AppData\Local\Windows Live Writer

2012-12-26 18:45 . 2012-12-26 18:45 -------- d-----w- c:\program files\ParetoLogic

2012-12-26 18:45 . 2012-12-26 18:45 -------- d-----w- c:\program files\Common Files\ParetoLogic

2012-12-25 21:00 . 2012-12-30 09:11 -------- d-----w- c:\users\joel\AppData\Local\ElevatedDiagnostics

2012-12-25 18:17 . 2012-12-25 18:46 -------- d-----w- c:\users\joel\AppData\Roaming\HoolappforAndroid

2012-12-24 19:27 . 2012-12-24 19:27 -------- d-----w- c:\users\joel\AppData\Roaming\vlc

2012-12-24 08:41 . 2012-12-25 18:43 -------- d-----w- c:\programdata\Free Online TV

2012-12-24 08:37 . 2012-12-30 21:25 -------- d-----w- c:\users\joel\.smplayer

2012-12-24 08:33 . 2012-12-24 08:33 -------- d-----w- c:\program files\SMPlayer

2012-12-24 08:20 . 2012-12-30 23:22 -------- d-----w- c:\users\joel\Tracing

2012-12-24 08:16 . 2012-12-24 08:17 -------- d-----w- c:\users\joel\AppData\Roaming\Fighters

2012-12-24 08:16 . 2012-12-24 08:16 -------- d-----w- c:\program files\Fighters

2012-12-24 08:16 . 2012-12-24 08:16 -------- d-----w- c:\programdata\Fighters

2012-12-24 08:11 . 2012-12-24 08:11 -------- d-----w- c:\windows\system32\Adobe

2012-12-24 07:14 . 2012-12-24 07:14 457 ----a-w- C:\user.js

2012-12-24 07:14 . 2011-05-13 23:17 632656 ----a-w- c:\windows\system32\msvcr80.dll

2012-12-24 07:14 . 2011-05-13 23:17 479232 ----a-w- c:\windows\system32\msvcm80.dll

2012-12-24 07:14 . 2011-05-13 23:17 554832 ----a-w- c:\windows\system32\msvcp80.dll

2012-12-24 05:54 . 2012-12-24 05:54 -------- d-----w- c:\programdata\McAfee

2012-12-24 05:30 . 2012-12-26 18:46 -------- d-----w- c:\users\joel\AppData\Roaming\ParetoLogic

2012-12-24 05:30 . 2012-12-24 05:30 -------- d-----w- c:\users\joel\AppData\Roaming\DriverCure

2012-12-24 05:30 . 2012-12-26 18:45 -------- d-----w- c:\programdata\ParetoLogic

2012-12-23 22:44 . 2012-12-23 22:44 -------- d-----w- c:\program files\Free YouTube Downloader

2012-12-23 22:43 . 2012-12-30 01:51 -------- d-----w- c:\program files\AddLyrics

2012-12-23 12:50 . 2012-12-23 12:50 -------- d-----w- c:\users\joel\AppData\Roaming\Nitro

2012-12-23 12:50 . 2012-12-23 12:50 -------- d-----w- c:\users\joel\AppData\Roaming\FileOpen

2012-12-23 12:50 . 2012-12-23 12:50 -------- d-----w- c:\programdata\FileOpen

2012-12-23 12:50 . 2012-12-23 12:50 -------- d-----w- c:\programdata\Nitro

2012-12-13 05:15 . 2012-12-13 05:15 -------- d-----w- c:\users\joel\AppData\Local\Apps

2012-12-12 18:57 . 2012-12-12 18:57 -------- d-----w- C:\UnknownFolder30635

2012-12-12 18:21 . 2012-12-03 19:49 670120 ----a-w- c:\windows\system32\WibuCm32.dll

2012-12-12 18:21 . 2012-12-12 18:21 -------- d-----w- c:\program files\CodeMeter

2012-12-12 11:13 . 2012-12-12 11:13 -------- d-----w- c:\users\joel\AppData\Local\IsolatedStorage

2012-12-12 09:19 . 2012-12-12 09:19 -------- d-----w- c:\windows\Migration

2012-12-12 06:02 . 2012-12-12 06:02 -------- d-----w- C:\Log

2012-12-12 05:37 . 2012-12-12 05:37 2048 ----a-w- c:\windows\system32\tzres.dll

2012-12-08 09:24 . 2012-12-08 09:24 -------- d-----w- c:\users\Public\Games

2012-12-08 08:42 . 2012-12-08 09:43 -------- d-----w- c:\program files\Common Files\Steam

2012-12-08 07:04 . 2012-12-09 02:18 -------- d-----w- c:\program files\Pando Networks

2012-12-08 05:44 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-12-06 20:24 . 2012-12-06 20:24 -------- d-----w- c:\program files\Common Files\Skype

2012-12-05 08:33 . 2011-11-21 23:58 340624 ----a-w- c:\windows\system32\drivers\trufos.sys

2012-12-05 08:33 . 2012-03-15 19:16 353096 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys

2012-12-05 08:33 . 2012-12-05 08:33 -------- d-----w- c:\users\joel\AppData\Roaming\Apple Computer

2012-12-05 08:33 . 2012-12-05 08:33 -------- d-----w- c:\programdata\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}

2012-12-05 01:32 . 2012-12-05 01:32 -------- d-----w- c:\users\joel\AppData\Local\Macromedia

2012-12-05 01:14 . 2012-12-05 01:14 -------- d-----w- c:\users\joel\AppData\Local\Mozilla

2012-12-05 01:14 . 2012-12-05 01:14 -------- d-----w- c:\program files\Mozilla Maintenance Service

2012-12-04 06:37 . 2012-12-30 22:25 -------- d-----w- c:\users\joel\AppData\Local\Microsoft Games

2012-12-04 06:25 . 2012-12-04 06:25 -------- d-----w- C:\Intel

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-24 05:54 . 2012-04-19 03:47 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-24 05:54 . 2012-04-19 03:47 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-11-27 20:32 . 2012-11-27 20:32 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-11-08 23:14 . 2012-08-06 08:34 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2012-11-08 21:02 . 2012-11-08 21:02 56320 ----a-w- c:\windows\system32\TSWbPrxy.exe

2012-11-08 21:02 . 2012-11-08 21:02 49664 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys

2012-11-08 21:02 . 2012-11-08 21:02 4916224 ----a-w- c:\windows\system32\mstscax.dll

2012-11-08 21:02 . 2012-11-08 21:02 46592 ----a-w- c:\windows\system32\MsRdpWebAccess.dll

2012-11-08 21:02 . 2012-11-08 21:02 37376 ----a-w- c:\windows\system32\tsgqec.dll

2012-11-08 21:02 . 2012-11-08 21:02 3584 ----a-w- c:\windows\system32\drivers\es-ES\tsusbflt.sys.mui

2012-11-08 21:02 . 2012-11-08 21:02 32768 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll

2012-11-08 21:02 . 2012-11-08 21:02 317440 ----a-w- c:\windows\system32\wksprt.exe

2012-11-08 21:02 . 2012-11-08 21:02 2739712 ----a-w- c:\windows\system32\rdpcorets.dll

2012-11-08 21:02 . 2012-11-08 21:02 27136 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys

2012-11-08 21:02 . 2012-11-08 21:02 269312 ----a-w- c:\windows\system32\aaclient.dll

2012-11-08 21:02 . 2012-11-08 21:02 221184 ----a-w- c:\windows\system32\rdpudd.dll

2012-11-08 21:02 . 2012-11-08 21:02 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll

2012-11-08 21:02 . 2012-11-08 21:02 16896 ----a-w- c:\windows\system32\wksprtPS.dll

2012-11-08 21:02 . 2012-11-08 21:02 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys

2012-11-08 21:02 . 2012-11-08 21:02 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2012-11-08 21:02 . 2012-11-08 21:02 12800 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll

2012-11-08 21:02 . 2012-11-08 21:02 12288 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2012-11-08 21:02 . 2012-11-08 21:02 1048064 ----a-w- c:\windows\system32\mstsc.exe

2012-11-08 21:02 . 2012-11-08 21:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys

2012-11-08 21:02 . 2012-11-08 21:02 247808 ----a-w- c:\windows\system32\schannel.dll

2012-11-08 21:02 . 2012-11-08 21:02 220160 ----a-w- c:\windows\system32\ncrypt.dll

2012-11-08 21:02 . 2012-11-08 21:02 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-11-08 21:02 . 2012-11-08 21:02 1039360 ----a-w- c:\windows\system32\lsasrv.dll

2012-11-08 21:01 . 2012-11-08 21:01 514560 ----a-w- c:\windows\system32\qdvd.dll

2012-11-08 01:04 . 2012-11-08 01:04 13 --sh--r- c:\windows\system32\drivers\fbd.sys

2012-11-08 01:03 . 2011-03-29 01:36 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-10-15 15:54 . 2012-11-08 20:58 22912 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe

2012-10-09 17:40 . 2012-11-16 16:01 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-16 16:01 193536 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-10-03 16:58 . 2012-11-16 16:01 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-10-03 16:42 . 2012-11-16 16:01 52224 ----a-w- c:\windows\system32\nlaapi.dll

2012-10-03 16:42 . 2012-11-16 16:01 242176 ----a-w- c:\windows\system32\nlasvc.dll

2012-10-03 16:42 . 2012-11-16 16:01 18944 ----a-w- c:\windows\system32\netevent.dll

2012-10-03 16:42 . 2012-11-16 16:01 175104 ----a-w- c:\windows\system32\netcorehc.dll

2012-10-03 16:42 . 2012-11-16 16:01 156672 ----a-w- c:\windows\system32\ncsi.dll

2012-10-03 16:40 . 2012-11-16 16:01 499712 ----a-w- c:\windows\system32\iphlpsvc.dll

2012-10-03 15:21 . 2012-11-16 16:01 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2012-11-29 08:27 . 2012-12-05 01:14 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Advanced SystemCare Ultimate"="c:\program files\IObit\Advanced SystemCare Ultimate\ASCTray.exe" [2012-11-07 512384]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-11-09 17877168]

"FDPRO-516"="c:\program files\Fighters\FighterLauncher.exe" [2012-05-10 832576]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-08-06 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-02-22 1654400]

"SRS Premium Sound HD"="c:\program files\SRS Labs\SRS Control Panel\SRSPanel.exe" [2012-03-22 1558392]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-12-23 2321680]

"USB3MON"="c:\program files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]

"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2011-12-21 272984]

"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2011-09-23 542640]

"TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2011-12-14 854400]

"TosWaitSrv"="c:\program files\TOSHIBA\TPHM\TosWaitSrv.exe" [2011-12-14 612256]

"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-07-12 1298816]

"Teco"="c:\program files\TOSHIBA\TECO\Teco.exe" [2011-11-24 1370032]

"TSleepSrv"="c:\program files\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe" [2011-11-21 253312]

"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 22840]

"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2011-11-26 612256]

"TosNC"="c:\program files\Toshiba\BulletinBoard\TosNcCore.exe" [2011-07-27 468912]

"TosReelTimeMonitor"="c:\program files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [2011-06-28 32168]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-05-10 144664]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-05-10 180504]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-05-10 188184]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"CommonToolkitTray"="c:\program files\Fighters\Tray\FightersTray.exe" [2012-01-18 1452680]

"EMET Notifier"="c:\program files\EMET\EMET_notifier.exe" [2012-05-09 152152]

"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2012-11-09 2777296]

"SpywareTerminatorUpdater"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-11-09 3673808]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]

"IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2010-06-11 1280344]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]

R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys [x]

R3 GamesAppService;GamesAppService;c:\program files\WildTangent Games\App\GamesAppService.exe [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 iusb3hcs;Controlador del conmutador de la controladora de host Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [x]

S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]

S1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [x]

S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare Ultimate\ascsvc.exe [x]

S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [x]

S2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;c:\program files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [x]

S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\CodeMeter\Runtime\bin\CodeMeter.exe [x]

S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg32.exe [x]

S2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [x]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 Intel® ME Service;Intel® ME Service;c:\program files\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]

S2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\IS360srv.exe [x]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe [x]

S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]

S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]

S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [x]

S2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [x]

S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [x]

S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20121130.005\BHDrvx86.sys [x]

S3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1309000.009\ccSetx86.sys [x]

S3 Common Toolkit Tools;Common Toolkit Tools;c:\program files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [x]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]

S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

S3 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121205.001\IDSvix86.sys [x]

S3 IntcDAud;Sonido Intel® para pantallas;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 iusb3hub;Controlador del concentrador Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [x]

S3 iusb3xhc;Controlador de la controladora de host Intel® USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 MEI;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [x]

S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]

S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [x]

S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [x]

S3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys [x]

S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1309000.009\SYMDS.SYS [x]

S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1309000.009\SYMEFA.SYS [x]

S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1309000.009\Ironx86.SYS [x]

S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NIS\1309000.009\SYMNETS.SYS [x]

S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]

S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc

GPSvcGroup REG_MULTI_SZ GPSvc

.

Contents of the 'Scheduled Tasks' folder

.

2012-12-31 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-19 05:54]

.

2012-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-08-06 08:34]

.

2012-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-08-06 08:34]

.

2012-12-31 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job

- c:\program files\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]

.

2012-12-30 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

- c:\program files\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]

.

2012-12-30 c:\windows\Tasks\ParetoLogic Registration3.job

- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2012-06-27 21:07]

.

2012-12-31 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job

- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2012-06-27 21:07]

.

2012-12-27 c:\windows\Tasks\ParetoLogic Update Version3.job

- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2012-06-27 21:07]

.

2012-12-27 c:\windows\Tasks\PC Health Advisor Defrag.job

- c:\program files\ParetoLogic\PCHA\PCHA.exe [2012-06-25 23:02]

.

2012-12-30 c:\windows\Tasks\PC Health Advisor.job

- c:\program files\ParetoLogic\PCHA\PCHA.exe [2012-06-25 23:02]

.

.

------- Supplementary Scan -------

.

uInternet Settings,ProxyOverride = <local>

TCP: DhcpNameServer = 10.1.2.253 10.1.2.254 10.1.2.8

FF - ProfilePath - c:\users\joel\AppData\Roaming\Mozilla\Firefox\Profiles\1xzwrqfa.default\

FF - ExtSQL: 2012-12-03 17:38; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn

FF - ExtSQL: 2012-12-13 00:14; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn

FF - ExtSQL: 2012-12-17 12:05; ascsurfingprotection@iobit.com; c:\users\joel\AppData\Roaming\Mozilla\Firefox\Profiles\1xzwrqfa.default\extensions\ascsurfingprotection@iobit.com

FF - ExtSQL: 2012-12-23 17:43; addlyrics@addlyrics.net; c:\program files\AddLyrics\FF

FF - ExtSQL: 2012-12-24 03:22; {EEE6C361-6118-11DC-9C72-001320C79847}; c:\users\joel\AppData\Roaming\Mozilla\Firefox\Profiles\1xzwrqfa.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]

"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.9.0.9\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Microsoft Security Client\MsMpEng.exe

c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\windows\system32\TODDSrv.exe

c:\program files\Toshiba\Power Saver\TosCoSrv.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\taskhost.exe

c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

c:\program files\IObit\Advanced SystemCare Ultimate\Monitor.exe

c:\program files\Enigma Software Group\SpyHunter\Spyhunter4.exe

c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe

c:\windows\system32\conhost.exe

c:\program files\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

c:\program files\Windows Media Player\wmpnetwk.exe

c:\program files\Internet Explorer\IELowutil.exe

c:\program files\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\windows\system32\sppsvc.exe

c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

c:\program files\TOSHIBA\TPHM\TPCHWMsg.exe

.

**************************************************************************

.

Completion time: 2012-12-31 13:01:46 - machine was rebooted

ComboFix-quarantined-files.txt 2012-12-31 18:01

.

Pre-Run: 448,492,650,496 bytes libres

Post-Run: 448,294,182,912 bytes libres

.

- - End Of File - - B93663337FF827F48A3115CFF1D7AE77

Link to comment
Share on other sites

spyhunter

 

i have a box popped up from spyhunter that reads:

'c:\windows\system32\drivers\etc\hosts' has been modified as follows:then has added 127.0.0.1 localhost and removed abut 15 items.then ask to accept; restore or remind me later.what should i do?

Link to comment
Share on other sites

Update Your Java (JRE)

 

Old versions of Java have vulnerabilities that malware can use to infect your system.

 

First Verify your Java Version

 

If there are any other version(s) installed then update now.

 

Get the new version (if needed)

 

If your version is out of date install the newest version of the Sun Java Runtime Environment.

 

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

 

Be sure to close ALL open web browsers before starting the installation.

 

Remove any old versions

 

1. Download JavaRa and unzip the file to your Desktop.

2. Open JavaRA.exe and choose Remove Older Versions

3. Once complete exit JavaRA.

 

Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.

*************************************************

Update your Adobe Reader. get.adobe.com/reader.

 

Be sure to uncheck the Free McAfee Security Scan so it isn't installed.

 

*************************************************

i have a box popped up from spyhunter that reads:

'c:\windows\system32\drivers\etc\hosts' has been modified as follows:then has added 127.0.0.1 localhost and removed abut 15 items.then ask to accept; restore or remind me later.what should i do?

Just leave it be for now.

can i run my defrag and advance care 6 ultimate during this process.

Yes.

 

SysProt Antirootkit

 

Download

SysProt Antirootkit from the link below (you will find it at the bottom

of the page under attachments, or you can get it from one of the

mirrors).

 

http://sites.google.com/site/sysprotantirootkit/

 

Unzip it into a folder on your desktop.

  • Double click Sysprot.exe to start the program.
  • Click on the Log tab.
  • In the Write to log box select the following items.
    • Process << Selected
    • Kernel Modules << Selected
    • SSDT << Selected
    • Kernel Hooks << Selected
    • IRP Hooks << NOT Selected
    • Ports << NOT Selected
    • Hidden Files << Selected

    [*]At the bottom of the page

    • Hidden Objects Only << Selected

    [*]Click on the Create Log button on the bottom right.

    [*]After a few seconds a new window should appear.

    [*]Select Scan Root Drive. Click on the Start button.

    [*]When it is complete a new window will appear to indicate that the scan is finished.

    [*]The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

Link to comment
Share on other sites

java

 

verify your java version.the 1st link.I can uninstall older version there,can I reinstall the newer version from this website.Also I am having problems w/ the 2nd link@ majorgeek.com?I cant find the download for java but is for version 6 update 38.So what version do I install. srry for different post.thanks.8-)

Link to comment
Share on other sites

advance system care utimate6

 

thanks guys. I ran adv sys care the 2nd time & only had a privacy sweep to fix everything else was great.not even the junk files.1 thing i accepted the change in the drive that you posted, "to go for now", hope it doesnt cause a problem.I check in about everyday.:razz::-P:-D:grin::lol::smile:

Link to comment
Share on other sites

1/6/13 I tried to upgrade java & it says I have a corrupt file c:\User\joel\AppData\LocalLow\Sun\Java\jre1.7.0_10 \java_sp.dll is corrupt.What should I do?

Just leave that for the moment. There appears to be a problem with the site. Try it another day. Just click on "Verify your Java version". If it finds it newer version it will suggest that you download and install the latest version. It will then install the new version and remove the older version.

Can you please run the SysProt AntiRootkit scan?

Link to comment
Share on other sites

not sure if this what u r looking4

 

SysProt AntiRootkit v1.0.1.0

by swatkat

 

******************************************************************************************

******************************************************************************************

 

No Hidden Processes found

 

******************************************************************************************

******************************************************************************************

No Hidden Kernel Modules found

 

******************************************************************************************

******************************************************************************************

No SSDT Hooks found

 

******************************************************************************************

******************************************************************************************

No hidden files/folders found

Link to comment
Share on other sites

How's your computer running now?

ESET Online Scan

 

Scan your computer with the ESET FREE Online Virus Scan

 

* Click the ESET Online Scanner button.

 

* For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

* Click on the esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop

* Double click on the esetsmartinstaller_enu.exe icon on your desktop.

* Place a check mark next to YES, I accept the Terms of Use.

 

* Click the Start button.

* Accept any security warnings from your browser.

* Leave the check mark next to Remove found threats and place a check next to Scan archives.

* Click the Start button.

* ESET will then download updates, install, and begin scanning your computer. Please be patient as this can take some time.

* When the scan completes, click List of found threats.

* Next click Export to text file and save the file to your desktop using a name such as ESETScan. Include the contents of this report in your next reply.

* Click the Back button then click Finish.

 

In your next reply please include the ESET Online Scan Log

Link to comment
Share on other sites

SuperDave's question:

How's your computer running now?

 

 

From your reply.

but i still get pop ups.i have a few more comments to post
Please completely describe "pop ups"... what is "popping up" and what does it look like... if it contains text, what does it say? Can you attach a screenshot please?

 

Thanks,

-Mel

Live long and prosper!

Link to comment
Share on other sites

pop ups

 

1st of all thanks.the pop up looks like a ipad & a cell phone. with writing either in spanish or english.it pops up really fast enbetween pages or when i click on a link.also the adds cover original adds,as i just found out. i went to a pg tht had an add for target & came back later to find out an add from ad.adserverpus,extendmedia or ad.yieldmanager replaced the add.I.E is performing better,but not as gd as 1st.I have a plug in missing.tht is how this started.youtube had adobe flash plug in missing.dnld.my adobe crashes regularly.i play alot of online games that use java & adobe.i dnlded java v6 updt 38 from majorgeeks.com w/no older versions found. chrome also shows a blank pg for hotmail.it started when hotmail live popped up due to this infection.i am trying to learn as much about computer as possible through google.srry 4 being a dummy.what else needs to be done.i am afraid to click on anything rt now.there was 4 c drive files that i wrote dwn from friday proceedings.thanks fr any help or advice.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...