PDA

View Full Version : How remove traffic outbrain, slow perfomance



bigabulk
2014-06-10, 17:36
Thanks for reading my message, first sorry for my bad English. This is my first post and I will try to follow all the instructions.

I'm using windows 7 and I'm having problems with my browser. When I open a new browser tab or new window I cannot connect, so it looks like I'm without internet connection. I have the same problem using google chrome, mozilla and internet explorer. After several attempts, I performed a search but it appears that address was revealed associated with traffic.outbrain (all searchs)

I did a scan using malwarebytes anti-malware and kaspersky internet security, but they didn't find any threats. My laptop is getting slower and it's more difficult to connect to internet.

Any info or help you can give me would be of great help

Good morning!

Hope that you ask me, however i had a problem with aswMBR, some few minutes after to start scan, i received a message: Avast Rootkit stop working, windows is looking for a solution. I closed kaspersky and Malwarebytes, and i tried scan again, but i couldn't complete scan.

Thanks


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.55.2
Run by Gabriela at 8:28:08 on 2014-06-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.52.3082.18.5941.2900 [GMT -5:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\ksm.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\smui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
C:\Program Files (x86)\BlueStacks\HD-Service.exe
C:\Program Files (x86)\BlueStacks\HD-Network.exe
C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com (http://www.google.com)
mStart Page = about:blank
uURLSearchHooks: {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - <orphaned>
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mWinlogon: Userinit = userinit.exe,
BHO: Content Blocker Plugin: {245ED308-F160-4979-BFF9-08F6F0B931B6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Safe Money Plugin: {33E45E2D-241C-4351-8724-B9859C9AE662} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Virtual Keyboard Plugin: {FE0FD95C-E1E0-42D8-A747-84CC575FC9A8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Enviar a OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Agregar a Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportar a Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Enviar imagen al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\14D616A7F6E69616 : DHCPNameServer = 192.168.30.253
TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\84F64756C60265562716362757A70205143594C4C4F4 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\84F64756C60265562716362757A70223 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\C494E44414026594354514 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\E454454505C45535D294E4455425E45425A4D4 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{652DC0DE-A8BF-4378-BDDC-3EC811E10D69} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Handler: WSIEChrome - <Clsid value has no data>
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Content Blocker Plugin: {245ED308-F160-4979-BFF9-08F6F0B931B6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Safe Money Plugin: {33E45E2D-241C-4351-8724-B9859C9AE662} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-BHO: Virtual Keyboard Plugin: {FE0FD95C-E1E0-42D8-A747-84CC575FC9A8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Handler: WSIEChrome - <Clsid value has no data>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\etp2zg0r.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\content_blocker_sm@kaspersky.com\npcontentblocker.dll
FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\online_banking_sm@kaspersky.com\nponlinebanking.dll
FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\virtual_keyboard_sm@kaspersky.com\npvkplugin.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\Gabriela\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.irmysearch.aflt - ir_14_17_ch
FF - user.js: extensions.irmysearch.instlRef - 140305_a
FF - user.js: extensions.irmysearch.cr - 1603295462
FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q
FF - user.js: extensions.mysearchdial.hmpg - true
FF - user.js: extensions.mysearchdial.hmpgUrl - hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q&cr=1603295462&ir=
FF - user.js: extensions.mysearchdial.dfltSrch - true
FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
FF - user.js: extensions.mysearchdial.dnsErr - true
FF - user.js: extensions.mysearchdial_i.newTab - false
FF - user.js: extensions.mysearchdial.newTabUrl - hxxp://start.mysearchdial.com/?f=2&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q&cr=1603295462&ir=
FF - user.js: extensions.mysearchdial.tlbrSrchUrl - hxxp://start.mysearchdial.com/?f=3&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q&cr=1603295462&ir=&q=
FF - user.js: extensions.mysearchdial.id - B8AC6F5210BBC9D7
FF - user.js: extensions.mysearchdial.instlDay - 16184
FF - user.js: extensions.mysearchdial.vrsn - 1.8.29.0
FF - user.js: extensions.mysearchdial.vrsni - 1.8.29.0
FF - user.js: extensions.mysearchdial_i.vrsnTs - 1.8.29.09:51:51
FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
FF - user.js: extensions.mysearchdial.prdct - mysearchdial
FF - user.js: extensions.mysearchdial.aflt - ir_14_17_ch
FF - user.js: extensions.mysearchdial_i.smplGrp - none
FF - user.js: extensions.mysearchdial.tlbrId - base
FF - user.js: extensions.mysearchdial.instlRef - 140305_a
FF - user.js: extensions.mysearchdial.dfltLng -
FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
FF - user.js: extensions.mysearchdial.excTlbr - false
FF - user.js: extensions.mysearchdial.cr - 1603295462
FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q
FF - user.js: extensions.mysearchdial.AL - 2
.
FF - user.js: plugin.state.npcontentblocker - 2
.
FF - user.js: plugin.state.nponlinebanking - 2
.
FF - user.js: plugin.state.npvkplugin - 2
.
============= SERVICES / DRIVERS ===============
.
R0 kl1sm;kl1sm;C:\Windows\System32\drivers\kl1sm.sys [2013-9-5 7717984]
R0 PCTCore;PCTools KDS;C:\Windows\System32\drivers\PCTCore64.sys [2012-7-9 426616]
R0 pctDS;PC Tools Data Store;C:\Windows\System32\drivers\pctDS64.sys [2012-7-9 453896]
R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\System32\drivers\pctEFA64.sys [2012-7-9 1096176]
R1 KLIFSM;Kaspersky Lab SafeMoney Driver;C:\Windows\System32\drivers\klifsm.sys [2014-4-23 692832]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 29792]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54368]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]
R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\System32\drivers\PCTSD64.sys [2012-7-9 251528]
R2 AVP;Servicio Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-8-17 356128]
R2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-5-1 402192]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-5-1 123152]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-5-1 385808]
R2 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-5-1 774928]
R2 KSM;Servicio Kaspersky Fraud Prevention for Endpoint;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\ksm.exe [2013-12-19 233040]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-1 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-1 701512]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-3-6 39056]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2011-11-22 60416]
R2 risdpcie;risdpcie;C:\Windows\System32\drivers\risdpe64.sys [2011-11-22 80896]
R2 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2011-11-22 55808]
R2 Sentinel64;Sentinel64;C:\Windows\System32\drivers\Sentinel64.sys [2006-4-20 142888]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-6-4 2143072]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-22 2320920]
R2 WMCoreService;Mobile Broadband Service;C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode --> C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-11-22 35104]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-5-25 29280]
R3 klkbdfltsm;Kaspersky Lab KLKBDFLTSM;C:\Windows\System32\drivers\klkbdfltsm.sys [2014-3-14 28768]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-7-25 29280]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-1 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-5-8 11856]
S1 klhk;klhk;C:\Windows\System32\drivers\klhk.sys [2014-4-23 228448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-21 111616]
S3 klfltsm;Kaspersky Lab SafeMoney Kernel DLL;C:\Windows\System32\drivers\klfltsm.sys [2014-4-23 118368]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-5 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-14 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Servicio de tecnologías de activación de Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-21 1255736]
S4 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2011-11-21 89600]
S4 ArcGIS License Manager;ArcGIS License Manager;C:\PROGRA~2\ESRI\License\arcgis9x\lmgrd.exe [2013-1-12 1431440]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=Notepad.exe "%1"
FileExt: .ini: inifile=Notepad.exe "%1"
FileExt: .inf: inffile=Notepad.exe "%1"
.
=============== Created Last 30 ================
.
2014-06-06 23:58:03 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FCE8AE18-CCCF-47AB-B725-1898F7B0D392}\mpengine.dll
2014-05-28 11:51:34 -------- d-----w- C:\Windows\AutoKMS
2014-05-19 22:15:01 -------- d-----w- C:\ProgramData\BlueStacks
2014-05-19 22:15:01 -------- d-----w- C:\Program Files (x86)\BlueStacks
2014-05-19 22:13:33 -------- d-----w- C:\Users\Gabriela\AppData\Local\Bluestacks
2014-05-15 02:59:33 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-15 02:59:33 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-15 01:51:25 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-15 01:51:24 424448 ----a-w- C:\Windows\System32\aeinv.dll
.
==================== Find3M ====================
.
2014-05-20 15:20:03 91008 ----a-w- C:\Windows\System32\drivers\klflt.sys
2014-05-07 04:58:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-03-31 14:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-03-14 21:12:44 692832 ----a-w- C:\Windows\System32\drivers\klifsm.sys
2014-03-14 21:12:44 28768 ----a-w- C:\Windows\System32\drivers\klkbdfltsm.sys
2014-03-14 21:12:44 118368 ----a-w- C:\Windows\System32\drivers\klfltsm.sys
2014-03-14 21:12:42 228448 ----a-w- C:\Windows\System32\drivers\klhk.sys
2013-11-12 00:00:12 50053120 ----a-w- C:\Program Files (x86)\GUT64BD.tmp
2013-11-11 23:35:10 4188160 ----a-w- C:\Program Files (x86)\GUT9D79.tmp
2013-11-11 23:09:07 50053120 ----a-w- C:\Program Files (x86)\GUT784C.tmp
.
============= FINISH: 8:29:44.89 ===============

Dakeyras
2014-06-10, 21:38
Hi and welcome to Safer Networking. :)

Lets proceed as follows shall we...

Before we start:

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.


Please download the installer for Registry Backup from here (http://www.bleepingcomputer.com/download/registry-backup/) or here (http://www.tweaking.com/files/setups/tweaking.com_registry_backup_setup.exe) and save to your desktop.
Right-click on tweaking.com_registry_backup_setup.exe and select Run as Administrator >> Follow the prompts for a default installation
Ensure the option Open "Tweaking.com - Registry Backup" When Install Completes is selected >> Next > >> Finish
Once the GUI(graphical user interface) has appeared/loaded:-

http://i280.photobucket.com/albums/kk173/Dakeyras_album2/TCRB-1.jpg


Click on Backup Now >> once the process is complete, similar to the below will displayed in the GUI:-

http://i280.photobucket.com/albums/kk173/Dakeyras_album2/TBRB-2.jpg (http://s280.photobucket.com/user/Dakeyras_album2/media/TBRB-2.jpg.html)


Close Tweaking.com - Registry Backup

Note: There will now be a folder at the root of the Hard-Drive named C:\RegBackup, do not delete this as it is the actual backup just created.

A tutorial for Registry Backup explaining the various features can be viewed here (http://www.malwareremoval.com/forum/viewtopic.php?f=4&t=61325).

Scan with AdwCleaner:

Please download adwcleaner from here (http://www.bleepingcomputer.com/download/adwcleaner/) and save to your desktop.

Alternate downloads are here (http://www.softpedia.com/get/Antivirus/Removal-Tools/AdwCleaner.shtml) or here (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner).


Right-click on adwcleaner.exe and select Run as Administrator to launch the application.
Now click on the Scan tab >> once the scan is complete click on the Clean tab and follow the prompts.
Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

Note: The log can also be located at C: >> AdwCleaner >> AdwCleaner[S0].txt

Scan with JRT:

Please download Junkware Removal Tool (http://www.bleepingcomputer.com/download/junkware-removal-tool/) to your desktop.

Alternate download is here (http://thisisudax.org/downloads/JRT.exe).

Note: Temp' disable/shut down your protection software now to avoid potential conflicts, how to do so can be read here (http://www.bleepingcomputer.com/forums/topic114351.html).


Right-click on on JRT.exe and select Run as Administrator to launch the application >> follow the on-screen prompt.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Note: Reboot your machine and ensure all disabled security software is now enabled etc.

Next:

When completed the above, please post back the following in the order asked for:


How is your computer performing now, any further symptoms and or problems encountered?
AdwCleaner Log.
Junkware Removal Tool Log.

bigabulk
2014-06-11, 01:31
Done.

1. When I do a search, traffic Outbrain finally disappeared, but is still somewhat slow performance, especially when I do a search, slow show results

But now I have a little problem. Wireless broadband was working perfectly, now appears: Not connected, no connections available (but symbol showing CONNECTED, yes i'm; my computer is able to detect and connect to my home wireless network) however not allowed me to see the connections available. Now, it's not a problem (i'm home), but it will be when i need to use other networks


2. Logs AdwCleaner, and Junkware Removal Tool Log (attached)

Thanks for your help and patience


# AdwCleaner v3.212 - Reporte Creado 10/06/2014 en 15:57:25
# Actualizado 05/06/2014 por Xplode
# Sistema Operativo : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nombre de usuario : Gabriela - A
# Ejecutado desde : C:\Users\Gabriela\Downloads\adwcleaner_3.212.exe
# Opción : Limpiar

***** [ Servicios ] *****


***** [ Archivos / Carpetas ] *****

Carpeta Borrar : C:\Users\Gabriela\AppData\Local\iLivid
Carpeta Borrar : C:\Users\Gabriela\AppData\Roaming\eCyber
Archivo Borrar : C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\etp2zg0r.default\searchplugins\Mysearchdial.xml
Archivo Borrar : C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\etp2zg0r.default\user.js

***** [ Accesos directos ] *****


***** [ Registro ] *****

Clave Borrar : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (es-MX)

[ Archivo : C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\etp2zg0r.default\prefs.js ]

Linea borrada : user_pref("extensions.irmysearch.aflt", "ir_14_17_ch");
Linea borrada : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDt[...]
Linea borrada : user_pref("extensions.irmysearch.cr", "1603295462");
Linea borrada : user_pref("extensions.irmysearch.instlRef", "140305_a");
Linea borrada : user_pref("extensions.mysearchdial.AL", 2);
Linea borrada : user_pref("extensions.mysearchdial.aflt", "ir_14_17_ch");
Linea borrada : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Linea borrada : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzy[...]
Linea borrada : user_pref("extensions.mysearchdial.cr", "1603295462");
Linea borrada : user_pref("extensions.mysearchdial.dfltLng", "");
Linea borrada : user_pref("extensions.mysearchdial.dfltSrch", true);
Linea borrada : user_pref("extensions.mysearchdial.dnsErr", true);
Linea borrada : user_pref("extensions.mysearchdial.excTlbr", false);
Linea borrada : user_pref("extensions.mysearchdial.hmpg", true);
Linea borrada : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtD[...]
Linea borrada : user_pref("extensions.mysearchdial.id", "B8AC6F5210BBC9D7");
Linea borrada : user_pref("extensions.mysearchdial.instlDay", "16184");
Linea borrada : user_pref("extensions.mysearchdial.instlRef", "140305_a");
Linea borrada : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyE[...]
Linea borrada : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Linea borrada : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Linea borrada : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Linea borrada : user_pref("extensions.mysearchdial.tlbrId", "base");
Linea borrada : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutC[...]
Linea borrada : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
Linea borrada : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
Linea borrada : user_pref("extensions.mysearchdial_i.newTab", false);
Linea borrada : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Linea borrada : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.09:51:51");

-\\ Google Chrome v35.0.1916.114

[ Archivo : C:\Users\Gabriela\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Borrar [Extension] : iagcajndpnfncplednpbnkahadegklfa

*************************

AdwCleaner[R0].txt - [16671 octets] - [18/12/2013 19:58:26]
AdwCleaner[R1].txt - [937 octets] - [19/12/2013 09:19:04]
AdwCleaner[R2].txt - [1053 octets] - [28/12/2013 19:52:16]
AdwCleaner[R3].txt - [1427 octets] - [29/01/2014 21:35:49]
AdwCleaner[R4].txt - [1428 octets] - [03/02/2014 12:07:43]
AdwCleaner[R5].txt - [5048 octets] - [10/06/2014 15:54:14]
AdwCleaner[S0].txt - [15487 octets] - [18/12/2013 20:02:11]
AdwCleaner[S1].txt - [995 octets] - [19/12/2013 09:19:41]
AdwCleaner[S2].txt - [1113 octets] - [28/12/2013 19:53:04]
AdwCleaner[S3].txt - [1482 octets] - [29/01/2014 21:37:45]
AdwCleaner[S4].txt - [1487 octets] - [03/02/2014 12:08:20]
AdwCleaner[S5].txt - [4852 octets] - [10/06/2014 15:57:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [4912 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dakeyras
2014-06-11, 10:36
Added JRT zip to this post as was having problems downloading from prior post.

@bigabulk, please ignore this post. It is merely so I am able to download the zip file you attached correctly. Not a cause for concern nor did you do anything wrong I assure you.

Dakeyras
2014-06-11, 11:03
Hi. :)


1. When I do a search, traffic Outbrain finally disappeared, but is still somewhat slow performance, especially when I do a search, slow show results

But now I have a little problem. Wireless broadband was working perfectly, now appears: Not connected, no connections available (but symbol showing CONNECTED, yes i'm; my computer is able to detect and connect to my home wireless network) however not allowed me to see the connections available. Now, it's not a problem (i'm home), but it will be when i need to use other networks

Acknowledged and thanks for the update. Be some way to go as of yet to complete the malware removal process and in turn remedy the other issues your machine has. I see AdwCleaner has been ran a fair few times in the past, have you been experiencing malware related problems for quite some time then ?


Thanks for your help and patience

You're welcome!

Java Advice

There has been a recent severe exploitation of this software. Even though this exploit has been reportedly fixed there is still a vulnerability with the software, the below is currently all that it is installed Java related:-

Java 7 Update 13 (64-bit)
Java 7 Update 55

So you need to uninstall all(if still present via Uninstall a program or Programs and Features located in the Control Panel)...Your choice if you wish to go ahead and reinstall but as mentioned I advise against it and for the present I do not even have anything Java related installed on my machines.

Please let myself know what you wish to do about this in your next reply please and if you opt to re-install I will provide both the appropriate instructions and safety advice etc.

P2P Advice:

I advise you consider uninstalling the below:-

µTorrent via Uninstall a program or Programs and Features located in the Control Panel.

Please read this for further information:-

File Sharing, otherwise known as Peer To Peer. (P2P) (http://forums.spybot.info/showthread.php?282-File-Sharing-otherwise-known-as-Peer-To-Peer-(P2P))

To be honest I have lost count of the number of machines I have dealt with over the years that became infected due to the use of P2P software. However if you opt not to...please refrain from using µTorrent for the duration of the malware removal process, thank you.

Uninstall Software

I also strongly advise you consider uninstalling the below:-

TuneUp Utilities 2012
TuneUp Utilities Language Pack (es-MX)

Via Uninstall a program or Programs and Features located in the Control Panel.

Such software rarely if ever makes any improvements and actually has the potential to leave your machine little more than a expensive doorstop!

Scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 64-Bit (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/) to your Desktop.


Right-click on FRST.exe and select Run as Administrator to start FRST >> follow the prompt/click on Yes
Under Optional Scan ensure both Drivers MD5 and Addition.txt are selected.
Now click on the Scan button/radio tab >> at the Scan completed prompt click on OK
At the next prompt denoting Addition.txt is saved in the same location FRST tool is run >> click on OK
There will now be two logs on your desktop, Addition.txt and FRST.txt. Post the contents of both in your next reply.

Next:

When completed the above, please post back the following in the order asked for:


Answer to my questions regarding AdwCleaner and Java.
Both FRST logs. <-- Post them individually please, IE: one Log per post/reply.

bigabulk
2014-06-11, 17:12
Morning!

About Adwcleaner: In the past I had a problem with malware and used adwcleaner apparently solved everything. About 6 months ago I started having problems with the internet connection (suddenly could not open any page from the browser especially using google chrome, but internet connection worked well, even skype worked fine), but this problem appeared and disappeared quickly (the problem did not last more than a day) but now is constant. For example right now I had to refresh the page several times to write this message.

Java uninstalled, but I need to reinstall it ('cause I need it for my work: accounting software)

uTorrent uninstalled

TuneUp uninstalled

bigabulk
2014-06-11, 17:13
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-06-2014 01
Ran by Gabriela at 2014-06-11 09:04:46
Running from C:\Users\Gabriela\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.3 - Adobe Systems)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcGIS Desktop (HKLM-x32\...\ArcGIS Desktop) (Version: 9.3.1770 - Environmental Systems Research Institute, Inc.)
ArcGIS Desktop (x32 Version: 9.3.1770 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS License Manager (HKLM-x32\...\ArcGIS License Manager) (Version: - )
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{4C02AFA8-074D-44FE-B0E1-A73D4AA65390}) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Centro de dispositivos de Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{2A16B95F-7377-410A-B961-EFD9394E1AF3}) (Version: - Microsoft)
Dell Wireless HSPA Mini-Card Drivers (HKLM-x32\...\{9D583F01-A973-4B04-90BD-FB7886779090}) (Version: 6.1.13.8 - Dell)
Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
DIMM (HKLM-x32\...\DIMM) (Version: 1.0.1 - Servicio de Rentas Internas)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
gvSIG desktop (HKLM-x32\...\5C7663A6-181A-61C1-6C25-D2B427D68E1B) (Version: 1.12.0 - gvSIG Association)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6217.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
J2SE Runtime Environment 5.0 Update 10 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150100}) (Version: 1.5.0.100 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Fraud Prevention for Endpoint (HKLM-x32\...\InstallWIX_{5287F0F9-D316-4CD7-BE02-5B0D25D27B36}) (Version: 14.0.1.610 - Kaspersky Lab)
Kaspersky Fraud Prevention for Endpoint (x32 Version: 14.0.1.610 - Kaspersky Lab) Hidden
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware versión 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (ESN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 es-MX) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 es-MX)) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.1 - pdfforge)
Python 2.5 numpy-1.0.3 (HKLM-x32\...\Python 2.5 numpy-1.0.3) (Version: - )
Python 2.5.1 (HKLM-x32\...\Python 2.5.1) (Version: - )
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.21 - Dell Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealDownloader (x32 Version: 1.3.1 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Sentinel System Driver Installer 7.4.2 (HKLM-x32\...\{A58F2B4A-ABAC-479E-83CE-F3AF284C9737}) (Version: 7.4.2 - SafeNet, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{09959E11-AD5D-408E-96AF-E3346954D6B8}) (Version: 1.0.0 - Microsoft)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
SigmaPlot 11.0 (HKLM-x32\...\{B1A88375-BAB9-4081-B58F-A137FC6ED2A4}) (Version: 11.0 - Systat Software, Inc.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{E84E9B25-BEB6-4F2F-84BB-755CDA8E89C0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{B5906CD5-0E44-44AE-80EB-BA3AAC1FD6AC}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{2A1D7D25-BF6B-4E32-AF61-AEB0E859C322}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version: - Microsoft)
Viber (HKCU\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
Visual Basic for Applications (R) Core - English (x32 Version: 6.5.10.32 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.5.10.32 - Microsoft Corporation) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Restore Points =========================

30-05-2014 21:24:09 Removed Apple Mobile Device Support
03-06-2014 23:15:12 Windows Update
06-06-2014 23:57:19 Windows Update
10-06-2014 15:22:50 Windows Update
11-06-2014 01:46:04 Windows Update
11-06-2014 03:10:06 Windows Update
11-06-2014 03:28:29 Windows Update
11-06-2014 13:47:49 Removed Java 7 Update 13 (64-bit)
11-06-2014 13:52:36 Removed Java 7 Update 55
11-06-2014 13:59:54 Quitado TuneUp Utilities 2012
11-06-2014 14:02:08 Quitado TuneUp Utilities Language Pack (es-MX)

==================== Hosts content: ==========================

2009-07-13 21:34 - 2013-12-25 13:56 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1408BEA1-6D9F-4D15-866F-358AE56777A0} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {1C681426-96E0-4B30-95C6-79714EC6EC87} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3489625639-3933507195-490321652-1000UA => C:\Users\Gabriela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-26] (Facebook Inc.)
Task: {282D883D-EB9F-46BD-875D-97C02CFDC874} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13] (Adobe Systems Incorporated)
Task: {2986AABA-AF47-4562-B281-55B7DB0AA4F9} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3489625639-3933507195-490321652-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {35CD5B2B-D7F1-4610-BDD6-954099BB4DAB} - System32\Tasks\Programa de actualización online de Real Player => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2013-03-24] (RealNetworks, Inc.)
Task: {53F72881-8AE6-4CE6-9C5C-7984CEBDA6BF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5CAD906F-DE06-4F73-91FF-16DD172557A4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3489625639-3933507195-490321652-1000
Task: {83BE3868-4813-434D-951A-DDEABDE0B005} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {BBFFCE78-33BF-465E-9DF7-D7A165ACF38A} - System32\Tasks\Google Updater and Installer => C:\Users\Gabriela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {D05CB7DC-FA4B-420F-9FDB-24C844E8AF96} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-26] (Google Inc.)
Task: {E8831253-CDC5-4D4D-9FC9-D3B571DF882A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-26] (Google Inc.)
Task: {F1C64197-0B76-4D3C-862C-B3CAC9C06ACD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3489625639-3933507195-490321652-1000Core => C:\Users\Gabriela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-26] (Facebook Inc.)
Task: {FBC7CF2A-DF04-4B4E-812F-E6C0B69FB0E1} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3489625639-3933507195-490321652-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3489625639-3933507195-490321652-1000Core.job => C:\Users\Gabriela\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3489625639-3933507195-490321652-1000UA.job => C:\Users\Gabriela\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-11-21 21:23 - 2009-07-17 10:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
2011-11-21 21:23 - 2009-07-17 10:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2013-03-06 03:21 - 2013-03-06 03:21 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2012-05-07 16:25 - 2009-11-26 11:53 - 00447488 ____R () C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-11-21 22:09 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-01-12 23:07 - 2008-08-02 11:57 - 01757184 _____ () C:\Program Files (x86)\ESRI\License\arcgis9x\ARCGIS.EXE
2012-08-17 21:39 - 2013-08-01 10:15 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2014-03-14 16:12 - 2014-03-14 16:12 - 03212992 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\bl_sm.ppl
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\kpcengine.2.3.dll
2012-05-07 16:25 - 2009-03-25 20:08 - 00058880 ____R () C:\Program Files (x86)\Dell\Dell WWAN\WMCore\MBMDebug.dll
2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-21 16:31 - 2014-05-13 18:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-21 16:31 - 2014-05-13 18:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-21 16:31 - 2014-05-13 18:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-21 16:31 - 2014-05-13 18:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-21 16:31 - 2014-05-13 18:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-04-23 12:09 - 2013-12-19 00:16 - 00469696 _____ () C:\Users\Gabriela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcmfooedeofbldmijiigfkokhgejeodf\4.0.5.28_0\plugin\npContentBlocker.dll
2014-04-23 12:09 - 2014-02-21 04:18 - 00735424 _____ () C:\Users\Gabriela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdookbfkgaoclbpklgdocahfmgmhdpbj\4.0.5.95_0\plugin\npVKPlugin.dll
2014-04-23 12:09 - 2013-12-19 00:16 - 00353472 _____ () C:\Users\Gabriela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhkcblffmahigmkakfgobkpgochkmdjf\4.0.5.28_0\plugin\npOnlineBanking.dll
2013-04-11 17:11 - 2014-05-27 22:11 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-18 23:16 - 2013-12-18 23:16 - 00469696 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\content_blocker_sm@kaspersky.com\npcontentblocker.dll
2014-03-14 16:12 - 2014-03-14 16:12 - 00735424 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\virtual_keyboard_sm@kaspersky.com\npvkplugin.dll
2013-12-18 23:16 - 2013-12-18 23:16 - 00353472 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\online_banking_sm@kaspersky.com\nponlinebanking.dll
2013-12-13 11:21 - 2013-12-13 11:21 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: FDResPub => 2
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: RESTART_STICKY_NOTES => C:\Windows\System32\StikyNot.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: klhk
Description: klhk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: klhk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/11/2014 09:01:32 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: A)
Description: No se pudo cerrar la aplicación o el servicio 'Explorador de Windows'.

Error: (06/11/2014 08:46:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Explorer.EXE, versión: 6.1.7601.17567, marca de tiempo: 0x4d672ee4
Nombre del módulo con errores: msi.dll, versión: 5.0.7601.17807, marca de tiempo: 0x4f80321a
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000001ec1e6
Id. del proceso con errores: 0xebc
Hora de inicio de la aplicación con errores: 0xExplorer.EXE0
Ruta de acceso de la aplicación con errores: Explorer.EXE1
Ruta de acceso del módulo con errores: Explorer.EXE2
Id. del informe: Explorer.EXE3

Error: (06/10/2014 08:56:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: TuneUpUtilitiesApp64.exe, versión: 12.0.3600.112, marca de tiempo: 0x4fccaeb9
Nombre del módulo con errores: TuneUpUtilitiesApp64.exe, versión: 12.0.3600.112, marca de tiempo: 0x4fccaeb9
Código de excepción: 0xc0000417
Desplazamiento de errores: 0x0000000000038f60
Id. del proceso con errores: 0xc70
Hora de inicio de la aplicación con errores: 0xTuneUpUtilitiesApp64.exe0
Ruta de acceso de la aplicación con errores: TuneUpUtilitiesApp64.exe1
Ruta de acceso del módulo con errores: TuneUpUtilitiesApp64.exe2
Id. del informe: TuneUpUtilitiesApp64.exe3


System errors:
=============
Error: (06/11/2014 07:47:59 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (06/11/2014 07:45:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
klhk

Error: (06/11/2014 07:45:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Adquisición de imágenes de Windows (WIA) depende del servicio Detección de hardware shell, el cual no pudo iniciarse debido al siguiente error:
%%1058

Error: (06/11/2014 07:45:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio KMService no pudo iniciarse debido al siguiente error:
%%2

Error: (06/10/2014 10:16:07 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (06/10/2014 10:15:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio MBAMService.

Error: (06/10/2014 10:14:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
klhk

Error: (06/10/2014 10:14:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Adaptador de escucha Net.Tcp depende del servicio Servicio de uso compartido de puertos Net.Tcp, el cual no pudo iniciarse debido al siguiente error:
%%1053

Error: (06/10/2014 10:13:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Adquisición de imágenes de Windows (WIA) depende del servicio Detección de hardware shell, el cual no pudo iniciarse debido al siguiente error:
%%1058

Error: (06/10/2014 10:13:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de uso compartido de puertos Net.Tcp no pudo iniciarse debido al siguiente error:
%%1053


Microsoft Office Sessions:
=========================
Error: (06/11/2014 09:01:32 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: A)
Description: 1C:\Windows\explorer.exeExplorador de Windows0411713720

Error: (06/11/2014 08:46:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4msi.dll5.0.7601.178074f80321ac000000500000000001ec1e6ebc01cf8573338ab5acC:\Windows\Explorer.EXEC:\Windows\system32\msi.dlld171a850-f16e-11e3-afa8-b8ac6f5210bb

Error: (06/10/2014 08:56:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TuneUpUtilitiesApp64.exe12.0.3600.1124fccaeb9TuneUpUtilitiesApp64.exe12.0.3600.1124fccaeb9c00004170000000000038f60c7001cf85185c06e3efC:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exeC:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exea3687bb3-f10b-11e3-b8a4-b8ac6f5210bb


CodeIntegrity Errors:
===================================
Date: 2014-06-11 07:56:51.107
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-06-11 07:56:51.105
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-06-11 07:56:51.087
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-06-11 07:56:51.083
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-06-11 07:54:17.568
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-06-11 07:54:17.517
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-06-11 07:54:17.508
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-06-11 07:54:17.504
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-06-11 07:54:17.476
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-06-09 12:54:49.161
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


==================== Memory info ===========================

Percentage of memory in use: 64%
Total physical RAM: 5940.52 MB
Available physical RAM: 2123.25 MB
Total Pagefile: 11879.23 MB
Available Pagefile: 7352.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (BIGUITA-BULQUI) (Fixed) (Total:451.07 GB) (Free:340.21 GB) NTFS
Drive e: (BIGUITA) (Removable) (Total:3.6 GB) (Free:3.6 GB) FAT32
Drive f: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:9.53 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: BD59BAD5)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 4D5950A0)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================

bigabulk
2014-06-11, 17:17
I can't post here FRST log, is too long, i have to attach it.

Hope this is what you ask me.

Thanks again.

Dakeyras
2014-06-11, 23:08
Hi. :)


About Adwcleaner: In the past I had a problem with malware and used adwcleaner apparently solved everything. About 6 months ago I started having problems with the internet connection (suddenly could not open any page from the browser especially using google chrome, but internet connection worked well, even skype worked fine), but this problem appeared and disappeared quickly (the problem did not last more than a day) but now is constant. For example right now I had to refresh the page several times to write this message.

Thank you for the clarification.


Java uninstalled, but I need to reinstall it ('cause I need it for my work: accounting software)

uTorrent uninstalled

TuneUp uninstalled

Acknowledged...

With regard to Java, also uninstall this if still present:-

J2SE Runtime Environment 5.0 Update 10

We will actually reinstall Java in due course per your request.


I can't post here FRST log, is too long, i have to attach it.

Not a problem.

Windows Defender Advice:

Windows Defender at present is active in system memory and there is a chance it will cause a conflict with the installed Kaspersky Internet Security.

Plus the possibility it may lesson overall online protection. However it cannot be uninstalled because it is a integral part of the Windows 7 Operating System.

My best advice would be to disable this completely. A graphical tutorial explaining how to correctly can be viewed here (http://www.sevenforums.com/tutorials/6397-windows-defender-turn-off.html).

TFC(Temp File Cleaner):


Please download TFC (http://oldtimer.geekstogo.com/TFC.exe) to the desktop,
Right-click on TFC.exe and select Run as Administrator to run the program.
Click the Start button in the bottom left of the GUI(graphical user interface)'
If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.

Custom FRST Script:

Please download the attached fixlist.txt(see below) and save to your Downloads folder.

11555


Now right-click on FRST.exe and select Run as Administrator to start FRST.
Then click on the Fix button/radio tab >> at the Fix completed prompt click on OK
Reboot your machine(ensure you do this) when prompted to do so and post the contents of the newly created Fixlog in your next reply.

Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.

Next:

When completed the above, please post back the following in the order asked for:


How is your computer performing now, any further symptoms and or problems encountered ?
Fixlog from the Custom FRST Script.

bigabulk
2014-06-12, 01:44
Hi
My computer is going better, browser is working well (today I didn’t have connection problems), and searches are more faster (although still delayed a few seconds).
I followed your advices.
Windows Defender disabled
J2SE Runtime Environment 5.0 Update uninstalled

:thanks:


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-06-2014 01
Ran by Gabriela at 2014-06-11 16:22:57 Run:1
Running from C:\Users\Gabriela\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6EA0217CB0A8CC01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - Default Value = {3B81079D-2AC9-425f-A494-A1C7D93AFA3C}
URLSearchHook: HKCU - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
URLSearchHook: HKCU - (No Name) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: WSIEChrome - No CLSID Value -
Handler-x32: WSIEChrome - No CLSID Value -
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 KMService; C:\Windows\system32\srvany.exe [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
C:\Users\Gabriela\AppData\Local\Temp\TUUUninstallHelper.exe
2014-06-09 06:31 - 2014-06-09 06:31 - 00034240 _____ () C:\Users\Gabriela\Downloads\Game of Thrones 4x09 - The Watchers on the Wall (Español (Latinoamérica)).srt
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Task: {1408BEA1-6D9F-4D15-866F-358AE56777A0} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
HKU\S-1-5-21-3489625639-3933507195-490321652-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-3489625639-3933507195-490321652-1000\...\MountPoints2: {0739283f-1576-11e1-abb7-904ce5d6fa6c} - E:\AutoRun.exe
HKU\S-1-5-21-3489625639-3933507195-490321652-1000\...\MountPoints2: {8ccdfbc9-1509-11e1-8bcf-b8ac6f5210bb} - E:\AutoRun.exe
HKU\S-1-5-21-3489625639-3933507195-490321652-1000\...\MountPoints2: {8ccdfbd8-1509-11e1-8bcf-b8ac6f5210bb} - E:\AutoRun.exe
HKU\S-1-5-21-3489625639-3933507195-490321652-1000\...\MountPoints2: {e7f6c6b6-1586-11e1-b730-b8ac6f5210bb} - E:\AutoRun.exe
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state off
cmd: ipconfig /release
cmd: ipconfig /renew
cmd: ipconfig /flushdns
cmd: netsh winsock reset all
cmd: netsh int ip reset all
Reboot:
*****************

HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
'HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}'=> Key not found.
'HKCR\PROTOCOLS\Handler\Handler: WSIEChrome - No CLSID Value -'=> Key not found.
'HKCR\Wow6432Node\PROTOCOLS\Handler\Handler-x32: WSIEChrome - No CLSID Value -'=> Key not found.
'HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File'=> Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
'HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File'=> Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
KMService => Service deleted successfully.
ewusbmbb => Service deleted successfully.
ew_hwusbdev => Service deleted successfully.
huawei_enumerator => Service deleted successfully.
hwdatacard => Service deleted successfully.
"C:\Users\Gabriela\AppData\Local\Temp\TUUUninstallHelper.exe" => File/Directory not found.
C:\Users\Gabriela\Downloads\Game of Thrones 4x09 - The Watchers on the Wall (Español (Latinoamérica)).srt => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1408BEA1-6D9F-4D15-866F-358AE56777A0}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1408BEA1-6D9F-4D15-866F-358AE56777A0}' => Key deleted successfully.
C:\Windows\System32\Tasks\Java Update Scheduler => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Update Scheduler' => Key deleted successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
'HKU\S-1-5-21-3489625639-3933507195-490321652-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3489625639-3933507195-490321652-1000'=> Key not found.
'HKU\S-1-5-21-3489625639-3933507195-490321652-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0739283f-1576-11e1-abb7-904ce5d6fa6c}' => Key deleted successfully.
'HKCR\CLSID\{0739283f-1576-11e1-abb7-904ce5d6fa6c}'=> Key not found.
'HKU\S-1-5-21-3489625639-3933507195-490321652-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ccdfbc9-1509-11e1-8bcf-b8ac6f5210bb}' => Key deleted successfully.
'HKCR\CLSID\{8ccdfbc9-1509-11e1-8bcf-b8ac6f5210bb}'=> Key not found.
'HKU\S-1-5-21-3489625639-3933507195-490321652-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ccdfbd8-1509-11e1-8bcf-b8ac6f5210bb}' => Key deleted successfully.
'HKCR\CLSID\{8ccdfbd8-1509-11e1-8bcf-b8ac6f5210bb}'=> Key not found.
'HKU\S-1-5-21-3489625639-3933507195-490321652-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7f6c6b6-1586-11e1-b730-b8ac6f5210bb}' => Key deleted successfully.
'HKCR\CLSID\{e7f6c6b6-1586-11e1-b730-b8ac6f5210bb}'=> Key not found.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.

========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F =========

La operaci¢n se complet¢ correctamente.



========= End of Reg: =========


========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F =========

La operaci¢n se complet¢ correctamente.



========= End of Reg: =========


========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========

La operaci¢n se complet¢ correctamente.



========= End of Reg: =========


========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========

La operaci¢n se complet¢ correctamente.



========= End of Reg: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state off =========

Aceptar


========= End of CMD: =========


========= ipconfig /release =========


Configuraci�n IP de Windows

No se puede realizar ninguna operaci�n en Conexi�n de red Bluetooth mientras los medios
est�n desconectados.
No se puede realizar ninguna operaci�n en Conexi�n de red inal�mbrica 2 mientras los medios
est�n desconectados.
No se puede realizar ninguna operaci�n en Conexi�n de �rea local mientras los medios
est�n desconectados.

Adaptador de Ethernet Conexi�n de red Bluetooth:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec�fico para la conexi�n. . :

Adaptador de LAN inal�mbrica Conexi�n de red inal�mbrica 2:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec�fico para la conexi�n. . :

Adaptador de LAN inal�mbrica Conexi�n de red inal�mbrica:

Sufijo DNS espec�fico para la conexi�n. . :
V�nculo: direcci�n IPv6 local. . . : fe80::6d85:d4b0:eaa1:53d%11
Puerta de enlace predeterminada . . . . . :

Adaptador de Ethernet Conexi�n de �rea local:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec�fico para la conexi�n. . :

Adaptador de t�nel Conexi�n de �rea local* 26:

Sufijo DNS espec�fico para la conexi�n. . :
Direcci�n IPv6 . . . . . . . . . . : 2001:0:9d38:90d7:2cb4:28ae:3f57:ff9a
V�nculo: direcci�n IPv6 local. . . : fe80::2cb4:28ae:3f57:ff9a%33
Puerta de enlace predeterminada . . . . . : ::

Adaptador de t�nel isatap.{47FC265D-8B2D-487E-83F5-B7525A531FAD}:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec�fico para la conexi�n. . :

Adaptador de t�nel isatap.{F6DD4AEA-E8C6-4F71-9D79-DEA1685FF516}:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec�fico para la conexi�n. . :

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci�n IP de Windows

No se puede realizar ninguna operaci�n en Conexi�n de red Bluetooth mientras los medios
est�n desconectados.
No se puede realizar ninguna operaci�n en Conexi�n de red inal�mbrica 2 mientras los medios
est�n desconectados.
No se puede realizar ninguna operaci�n en Conexi�n de �rea local mientras los medios
est�n desconectados.

Adaptador de Ethernet Conexi�n de red Bluetooth:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec�fico para la conexi�n. . :

Adaptador de LAN inal�mbrica Conexi�n de red inal�mbrica 2:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec�fico para la conexi�n. . :

Adaptador de LAN inal�mbrica Conexi�n de red inal�mbrica:

Sufijo DNS espec�fico para la conexi�n. . :
V�nculo: direcci�n IPv6 local. . . : fe80::6d85:d4b0:eaa1:53d%11
Direcci�n IPv4. . . . . . . . . . . . . . : 192.168.0.101
M�scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.0.1

Adaptador de Ethernet Conexi�n de �rea local:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec�fico para la conexi�n. . :

Adaptador de t�nel Conexi�n de �rea local* 26:

Sufijo DNS espec�fico para la conexi�n. . :
Direcci�n IPv6 . . . . . . . . . . : 2001:0:9d38:90d7:1c28:48b:3f57:ff9a
V�nculo: direcci�n IPv6 local. . . : fe80::1c28:48b:3f57:ff9a%33
Puerta de enlace predeterminada . . . . . : ::

Adaptador de t�nel isatap.{47FC265D-8B2D-487E-83F5-B7525A531FAD}:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec�fico para la conexi�n. . :

Adaptador de t�nel isatap.{F6DD4AEA-E8C6-4F71-9D79-DEA1685FF516}:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec�fico para la conexi�n. . :

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci�n IP de Windows

Se vaci� correctamente la cach� de resoluci�n de DNS.

========= End of CMD: =========


========= netsh winsock reset all =========


El cat�logo Winsock se restableci� correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh int ip reset all =========

Global se restableci� correctamente.
Interfaz se restableci� correctamente.
Direcci�n de unidifusi�n se restableci� correctamente.
Ruta se restableci� correctamente.
Reinicie el equipo para completar esta acci�n.


========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog ====

Dakeyras
2014-06-12, 12:24
Hi. :)


My computer is going better, browser is working well (today I didn’t have connection problems), and searches are more faster (although still delayed a few seconds).
I followed your advices.
Windows Defender disabled
J2SE Runtime Environment 5.0 Update uninstalled

:thanks:

Acknowledged and you're welcome! Lets proceed as follows shall we...

Custom Batch File:

Download the attached multibat.zip below and save to your Desktop >> then extract the contents to your Desktop.

11557

Note: The batch file does need to be on your Desktop so it will be processed correctly.

Then temp' disable Kaspersky Internet Security 2013, how to do so can be read here (http://support.kaspersky.co.uk/8601).

Now right-click on mulitbat.bat and select Run as Administrator to run the batch file. A blank command window will open on your desktop, then close in a few minutes. This is normal, then your machine should automatically reboot. If it does not, reboot your machine manually and the batch file itself also will self-delete when completed.

A file icon named checkhd.txt should appear on your Desktop. Please post the contents of this file in your next reply.

Note: After your machine reboots re-enable Kaspersky Internet Security 2013.

Malwarebytes Anti-Malware:

Please uninstall the version presently installed as it is out of date now:-

Malwarebytes Anti-Malware versión 1.75.0.1300

Also delete this out of date installer in your downloads folder if still present:-

mbam-setup-2.0.2.1012.exe >> empty the Recycle Bin.

The please download a new installer for Malwarebytes' Anti-Malware (http://data-cdn.mbamupdates.com/v2/mbam/consumer/data/mbam-setup-2.0.2.1012.exe) to your desktop.


Right-click on mbam-setup-2.0.2.1012.exe and select Run as Administrator, then follow the prompts to install the program.
Select the language and click OK >> Accept the agreement.
Deselect the check-mark next to Enable the Free Trial as otherwise this will cause a security conflict with Kaspersky Internet Security and then ensure Launch Malwarebytes' Anti-Malware is selected, then click on finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Scan Now".
The scan may take some time to finish, so please be patient.
When the scan is complete, click on Quarantine All
When disinfection is completed, a dialogue will open and you may be prompted to Restart.(See Extra Note)
Upon restart, launch Malwarebytes Antimalware and select History >> Application Logs.
Double click on the last scan done, then on Copy to Clipboard.
To submit your reply, click on Add Reply, then right click on the window and select Paste.
Submit your reply.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Next:

When completed the above, please post back the following in the order asked for:


The contents of checkhd.txt.
Malwarebytes Anti-Malware Log.

bigabulk
2014-06-14, 07:16
Morning!

My machine is going better, i sent you the logs

Thanks

Dakeyras
2014-06-14, 10:52
My machine is going better, i sent you the logs

Good, with regard to the requested logs...

Actually you neglected to post them for my review. Not a problem however and merely post them in your next reply please and we will then go from there, thank you. :)

bigabulk
2014-06-17, 17:24
Sorry, i forgot to post logs.

Thanks for your time:bigthumb:

My machine is going better.


El tipo del sistema de archivos es NTFS.
La etiqueta de volumen es BIGUITA-BULQUI.

Advertencia: par*metro /F no especificado.
Ejecutando CHKDSK en modo de s¢lo lectura.

CHKDSK est* comprobando archivos (etapa 1 de 3)...
0% completado. (0 de 404992 registros de archivos procesados)
0% completado. (5795 de 404992 registros de archivos procesados)
0% completado. (25746 de 404992 registros de archivos procesados)
1% completado. (40500 de 404992 registros de archivos procesados)
1% completado. (62938 de 404992 registros de archivos procesados)
2% completado. (80999 de 404992 registros de archivos procesados)
2% completado. (114945 de 404992 registros de archivos procesados)
3% completado. (121498 de 404992 registros de archivos procesados)
3% completado. (134913 de 404992 registros de archivos procesados)
3% completado. (140289 de 404992 registros de archivos procesados)
3% completado. (145921 de 404992 registros de archivos procesados)
3% completado. (152065 de 404992 registros de archivos procesados)
3% completado. (161281 de 404992 registros de archivos procesados)
4% completado. (161997 de 404992 registros de archivos procesados)
4% completado. (165377 de 404992 registros de archivos procesados)
4% completado. (197377 de 404992 registros de archivos procesados)
5% completado. (202496 de 404992 registros de archivos procesados)
5% completado. (230001 de 404992 registros de archivos procesados)
5% completado. (234497 de 404992 registros de archivos procesados)
5% completado. (239857 de 404992 registros de archivos procesados)
6% completado. (242996 de 404992 registros de archivos procesados)
6% completado. (254977 de 404992 registros de archivos procesados)
6% completado. (283137 de 404992 registros de archivos procesados)
7% completado. (283495 de 404992 registros de archivos procesados)
8% completado. (323994 de 404992 registros de archivos procesados)
9% completado. (364493 de 404992 registros de archivos procesados)
404992 registros de archivos procesados.

Comprobaci¢n de archivos completada.
1466 registros de archivos grandes procesados.

0 registros de archivos no v*lidos procesados.

0 registros de EA procesados.

123 registros de an*lisis procesados.

CHKDSK est* comprobando ¡ndices (etapa 2 de 3)...
11% completado. (20042 de 478222 entradas de ¡ndice procesadas)
12% completado. (40613 de 478222 entradas de ¡ndice procesadas)
13% completado. (61185 de 478222 entradas de ¡ndice procesadas)
14% completado. (81756 de 478222 entradas de ¡ndice procesadas)
15% completado. (102327 de 478222 entradas de ¡ndice procesadas)
16% completado. (122898 de 478222 entradas de ¡ndice procesadas)
17% completado. (143469 de 478222 entradas de ¡ndice procesadas)
18% completado. (164041 de 478222 entradas de ¡ndice procesadas)
19% completado. (184612 de 478222 entradas de ¡ndice procesadas)
20% completado. (205183 de 478222 entradas de ¡ndice procesadas)
21% completado. (225754 de 478222 entradas de ¡ndice procesadas)
22% completado. (246326 de 478222 entradas de ¡ndice procesadas)
23% completado. (266897 de 478222 entradas de ¡ndice procesadas)
24% completado. (287468 de 478222 entradas de ¡ndice procesadas)
25% completado. (308039 de 478222 entradas de ¡ndice procesadas)
26% completado. (328611 de 478222 entradas de ¡ndice procesadas)
27% completado. (349182 de 478222 entradas de ¡ndice procesadas)
28% completado. (369753 de 478222 entradas de ¡ndice procesadas)
29% completado. (390324 de 478222 entradas de ¡ndice procesadas)
29% completado. (405066 de 478222 entradas de ¡ndice procesadas)
29% completado. (405304 de 478222 entradas de ¡ndice procesadas)
29% completado. (405494 de 478222 entradas de ¡ndice procesadas)
29% completado. (405705 de 478222 entradas de ¡ndice procesadas)
29% completado. (405942 de 478222 entradas de ¡ndice procesadas)
29% completado. (406188 de 478222 entradas de ¡ndice procesadas)
29% completado. (406652 de 478222 entradas de ¡ndice procesadas)
29% completado. (407322 de 478222 entradas de ¡ndice procesadas)
29% completado. (407746 de 478222 entradas de ¡ndice procesadas)
29% completado. (408366 de 478222 entradas de ¡ndice procesadas)
29% completado. (408889 de 478222 entradas de ¡ndice procesadas)
29% completado. (409391 de 478222 entradas de ¡ndice procesadas)
29% completado. (409844 de 478222 entradas de ¡ndice procesadas)
29% completado. (410467 de 478222 entradas de ¡ndice procesadas)
29% completado. (410582 de 478222 entradas de ¡ndice procesadas)
30% completado. (410896 de 478222 entradas de ¡ndice procesadas)
30% completado. (411573 de 478222 entradas de ¡ndice procesadas)
30% completado. (412198 de 478222 entradas de ¡ndice procesadas)
30% completado. (412619 de 478222 entradas de ¡ndice procesadas)
30% completado. (412795 de 478222 entradas de ¡ndice procesadas)
30% completado. (413318 de 478222 entradas de ¡ndice procesadas)
30% completado. (413590 de 478222 entradas de ¡ndice procesadas)
30% completado. (414000 de 478222 entradas de ¡ndice procesadas)
30% completado. (414398 de 478222 entradas de ¡ndice procesadas)
30% completado. (414924 de 478222 entradas de ¡ndice procesadas)
30% completado. (415125 de 478222 entradas de ¡ndice procesadas)
30% completado. (415515 de 478222 entradas de ¡ndice procesadas)
30% completado. (415759 de 478222 entradas de ¡ndice procesadas)
30% completado. (416017 de 478222 entradas de ¡ndice procesadas)
30% completado. (416303 de 478222 entradas de ¡ndice procesadas)
30% completado. (416407 de 478222 entradas de ¡ndice procesadas)
30% completado. (416850 de 478222 entradas de ¡ndComprobaci¢n de ¡ndices completada.
0 archivos no indizados examinados.

0 archivos no indizados recuperados.

CHKDSK est* comprobando descriptores de seguridad (etapa 3 de 3)...
34 por ciento completado. (44875 de 404992 SD/SID de archivo procesados)
35 por ciento completado. (106588 de 404992 SD/SID de archivo procesados)
36 por ciento completado. (168302 de 404992 SD/SID de archivo procesados)
37 por ciento completado. (230016 de 404992 SD/SID de archivo procesados)
38 por ciento completado. (291729 de 404992 SD/SID de archivo procesados)
39 por ciento completado. (353443 de 404992 SD/SID de archivo procesados)
404992 SD/SID de archivo procesados.

Comprobaci¢n de descriptores de seguridad completada.
36616 archivos de datos procesados.

CHKDSK est* comprobando el diario USN...
99% completado. (0 de 34236864 bytes de USN procesados)
100% completado. (34234368 de 34236864 bytes de USN procesados)
34236864 bytes de USN procesados.

Se ha completado la comprobaci¢n del diario USN.
Windows ha comprobado el sistema de archivos y no encontr¢ problemas.

472985397 KB de espacio total en disco.
103165080 KB en 186130 archivos.
124028 KB en 36617 ¡ndices.
12 KB en sectores defectuosos.
520865 KB en uso por el sistema.
El archivo de registro ha ocupado 65536 kilobytes.
369175412 KB disponibles en disco.

4096 bytes en cada unidad de asignaci¢n.
118246349 unidades de asignaci¢n en disco en total.
92293853 unidades de asignaci¢n disponibles en disco.




Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 17/06/2014
Scan Time: 08:42:31 a.m.
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.17.05
Rootkit Database: v2014.06.02.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Gabriela

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 351591
Time Elapsed: 16 min, 55 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Dakeyras
2014-06-17, 22:33
Hi. :)


Sorry, i forgot to post logs.

Not a problem.


Thanks for your time:bigthumb:

You're welcome!


My machine is going better.

Good.

I see you actually opted for the below with the new Malwarebytes Anti-Malware installation:


Malware Protection: Enabled
Malicious Website Protection: Enabled

Fair play it is only a trial period but actually best to deactivate for the reasons I mentioned prior and just keep as a on demand scanner only.

Next:

Re-run TFC(Temp File Cleaner) again as outlined in post # 9 (http://forums.spybot.info/showthread.php?70652-How-remove-traffic-outbrain-slow-perfomance&p=453829&viewfull=1#post453829).

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your currently installed Kaspersky Internet Security 2013 for the duration of the sacn. How to do so can be read here (http://support.kaspersky.co.uk/8601).

Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.


Please go here (http://www.eset.com/online-scanner-popup/) to run the scan...

Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then right click on it and select Run as Administrator to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox. Select the option YES, I accept the Terms of Use then click on: http://i280.photobucket.com/albums/kk173/Dakeyras_album2/EOLS2.gif
When prompted allow the Add-On/Active X to install.
Make sure that the option Remove found threats is Not checked, and the option Scan archives is checked.
Now click on Advanced Settings and select the following:
Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology


Now click on: http://i280.photobucket.com/albums/kk173/Dakeyras_album2/EOLS3.gif
The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
When completed the Online Scan will begin automatically.
Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
Now click on: http://i280.photobucket.com/albums/kk173/Dakeyras_album2/EOLS4.gif
Use notepad to open the logfile located at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt.
Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable Kaspersky Internet Security 2013 after running the above scan!

bigabulk
2014-06-19, 20:27
Thanks

I sent you logs (hope that you ask me, i'm not sure).

C:\AdwCleaner\Quarantine\C\Users\Gabriela\AppData\Local\Conduit\Chrome\CT2851619\CHUninstaller.exe.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Gabriela\AppData\Local\NativeMessaging\CT2851619\1_0_0_4\TBMessagingHost.exe.vir Win32/Toolbar.Conduit.AH potentially unwanted application
C:\instladores\aresregular215_installer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\ksm\S-1-5-21-3489625639-3933507195-490321652-1000\Chrome\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.30.1.502_1\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\ksm\S-1-5-21-3489625639-3933507195-490321652-1000\Chrome\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.30.1.502_1\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\ksm\S-1-5-21-3489625639-3933507195-490321652-1000\Chrome\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.30.1.502_1\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\ksm\S-1-5-21-3489625639-3933507195-490321652-1000\Chrome\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.31.0.526_0\APISupport\APISupport.dll Win32/Conduit.SearchProtect potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\ksm\S-1-5-21-3489625639-3933507195-490321652-1000\Chrome\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.31.0.526_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\ksm\S-1-5-21-3489625639-3933507195-490321652-1000\Chrome\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.31.0.526_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-3489625639-3933507195-490321652-1000\Chrome\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.16.100.4_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\ksm\S-1-5-21-3489625639-3933507195-490321652-1000\Chrome\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.30.1.502_1\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\ksm\S-1-5-21-3489625639-3933507195-490321652-1000\Chrome\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.30.1.502_1\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\ksm\S-1-5-21-3489625639-3933507195-490321652-1000\Chrome\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.30.1.502_1\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\ksm\S-1-5-21-3489625639-3933507195-490321652-1000\Chrome\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.31.0.526_0\APISupport\APISupport.dll Win32/Conduit.SearchProtect potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\ksm\S-1-5-21-3489625639-3933507195-490321652-1000\Chrome\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.31.0.526_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\ksm\S-1-5-21-3489625639-3933507195-490321652-1000\Chrome\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.31.0.526_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-3489625639-3933507195-490321652-1000\Chrome\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.16.100.4_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Gabriela\AppData\Local\CRE\npiecjlhkngdinoeekmccdbjdgclmnbk.crx a variant of Win32/Toolbar.Conduit.AA potentially unwanted application
C:\Users\Gabriela\AppData\Local\Viber\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application
C:\Users\Gabriela\Downloads\ccsetup409.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

Dakeyras
2014-06-19, 22:50
Hi. :)



I sent you logs (hope that you ask me, i'm not sure).

Not quite complete, nor the actual variation of the log I was requesting. So please check again via:-

Click on Start(Windows 7 Orb) >> Run..., (or depress the Windows Key & R together to launch the Run... box) then copy/paste the following command into the box and click on OK:

C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt

If a notepad file named log appears/opens up, post the contents in your next reply please. If not, fair play and merely inform myself and please do not be concerned either ok.

Dakeyras
2014-06-23, 10:35
Due to the lack of feedback this Topic is closed.

If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh set of DDS logs and a link to your previous thread.

If it has been less than three days since your last response and you need the thread re-opened, please send a private message (pm). A valid, working link to the closed topic is required.