Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: How remove traffic outbrain, slow perfomance

  1. #1
    Junior Member
    Join Date
    Jun 2014
    Posts
    27

    Default How remove traffic outbrain, slow perfomance

    Thanks for reading my message, first sorry for my bad English. This is my first post and I will try to follow all the instructions.

    I'm using windows 7 and I'm having problems with my browser. When I open a new browser tab or new window I cannot connect, so it looks like I'm without internet connection. I have the same problem using google chrome, mozilla and internet explorer. After several attempts, I performed a search but it appears that address was revealed associated with traffic.outbrain (all searchs)

    I did a scan using malwarebytes anti-malware and kaspersky internet security, but they didn't find any threats. My laptop is getting slower and it's more difficult to connect to internet.

    Any info or help you can give me would be of great help

    Good morning!

    Hope that you ask me, however i had a problem with aswMBR, some few minutes after to start scan, i received a message: Avast Rootkit stop working, windows is looking for a solution. I closed kaspersky and Malwarebytes, and i tried scan again, but i couldn't complete scan.

    Thanks


    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.55.2
    Run by Gabriela at 8:28:08 on 2014-06-10
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.52.3082.18.5941.2900 [GMT -5:00]
    .
    AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
    SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\WLANExt.exe
    C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
    C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\svchost.exe -k apphost
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\ksm.exe
    C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\smui.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
    C:\Windows\system32\svchost.exe -k iissvcs
    C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
    C:\Program Files (x86)\BlueStacks\HD-Service.exe
    C:\Program Files (x86)\BlueStacks\HD-Network.exe
    C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
    C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\svchost.exe -k WindowsMobile
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = www.google.com
    mStart Page = about:blank
    uURLSearchHooks: {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - <orphaned>
    uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
    mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
    mWinlogon: Userinit = userinit.exe,
    BHO: Content Blocker Plugin: {245ED308-F160-4979-BFF9-08F6F0B931B6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    BHO: Safe Money Plugin: {33E45E2D-241C-4351-8724-B9859C9AE662} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\IEExt\OnlineBanking\online_banking_bho.dll
    BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
    BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: Virtual Keyboard Plugin: {FE0FD95C-E1E0-42D8-A747-84CC575FC9A8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: &Enviar a OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    IE: Agregar a Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
    IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xportar a Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Enviar imagen al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Enviar página al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 192.168.0.1
    TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD} : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\14D616A7F6E69616 : DHCPNameServer = 192.168.30.253
    TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\84F64756C60265562716362757A70205143594C4C4F4 : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\84F64756C60265562716362757A70223 : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\C494E44414026594354514 : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{47FC265D-8B2D-487E-83F5-B7525A531FAD}\E454454505C45535D294E4455425E45425A4D4 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{652DC0DE-A8BF-4378-BDDC-3EC811E10D69} : DHCPNameServer = 192.168.0.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Handler: WSIEChrome - <Clsid value has no data>
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-mStart Page = about:blank
    x64-BHO: Content Blocker Plugin: {245ED308-F160-4979-BFF9-08F6F0B931B6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
    x64-BHO: Safe Money Plugin: {33E45E2D-241C-4351-8724-B9859C9AE662} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\x64\IEExt\OnlineBanking\online_banking_bho.dll
    x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
    x64-BHO: Virtual Keyboard Plugin: {FE0FD95C-E1E0-42D8-A747-84CC575FC9A8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
    x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Handler: WSIEChrome - <Clsid value has no data>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\etp2zg0r.default\
    FF - prefs.js: browser.search.defaulturl -
    FF - prefs.js: browser.startup.homepage - about:home
    FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\content_blocker_sm@kaspersky.com\npcontentblocker.dll
    FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\online_banking_sm@kaspersky.com\nponlinebanking.dll
    FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\virtual_keyboard_sm@kaspersky.com\npvkplugin.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
    FF - plugin: C:\Users\Gabriela\AppData\Local\Citrix\Plugins\104\npappdetector.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extensions.irmysearch.aflt - ir_14_17_ch
    FF - user.js: extensions.irmysearch.instlRef - 140305_a
    FF - user.js: extensions.irmysearch.cr - 1603295462
    FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q
    FF - user.js: extensions.mysearchdial.hmpg - true
    FF - user.js: extensions.mysearchdial.hmpgUrl - hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q&cr=1603295462&ir=
    FF - user.js: extensions.mysearchdial.dfltSrch - true
    FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
    FF - user.js: extensions.mysearchdial.dnsErr - true
    FF - user.js: extensions.mysearchdial_i.newTab - false
    FF - user.js: extensions.mysearchdial.newTabUrl - hxxp://start.mysearchdial.com/?f=2&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q&cr=1603295462&ir=
    FF - user.js: extensions.mysearchdial.tlbrSrchUrl - hxxp://start.mysearchdial.com/?f=3&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q&cr=1603295462&ir=&q=
    FF - user.js: extensions.mysearchdial.id - B8AC6F5210BBC9D7
    FF - user.js: extensions.mysearchdial.instlDay - 16184
    FF - user.js: extensions.mysearchdial.vrsn - 1.8.29.0
    FF - user.js: extensions.mysearchdial.vrsni - 1.8.29.0
    FF - user.js: extensions.mysearchdial_i.vrsnTs - 1.8.29.09:51:51
    FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
    FF - user.js: extensions.mysearchdial.prdct - mysearchdial
    FF - user.js: extensions.mysearchdial.aflt - ir_14_17_ch
    FF - user.js: extensions.mysearchdial_i.smplGrp - none
    FF - user.js: extensions.mysearchdial.tlbrId - base
    FF - user.js: extensions.mysearchdial.instlRef - 140305_a
    FF - user.js: extensions.mysearchdial.dfltLng -
    FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
    FF - user.js: extensions.mysearchdial.excTlbr - false
    FF - user.js: extensions.mysearchdial.cr - 1603295462
    FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDtGtAyE0F0DtGtAtC0B0AtGtB0BzztD0EyEyE0Azz0BtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0A0A0BtCyEzytGyD0EtCyCtGyDyE0CyEtGtAyDzztAtGyDtD0F0EtAzz0B0E0DzzyC0A2Q
    FF - user.js: extensions.mysearchdial.AL - 2
    .
    FF - user.js: plugin.state.npcontentblocker - 2
    .
    FF - user.js: plugin.state.nponlinebanking - 2
    .
    FF - user.js: plugin.state.npvkplugin - 2
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 kl1sm;kl1sm;C:\Windows\System32\drivers\kl1sm.sys [2013-9-5 7717984]
    R0 PCTCore;PCTools KDS;C:\Windows\System32\drivers\PCTCore64.sys [2012-7-9 426616]
    R0 pctDS;PC Tools Data Store;C:\Windows\System32\drivers\pctDS64.sys [2012-7-9 453896]
    R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\System32\drivers\pctEFA64.sys [2012-7-9 1096176]
    R1 KLIFSM;Kaspersky Lab SafeMoney Driver;C:\Windows\System32\drivers\klifsm.sys [2014-4-23 692832]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 29792]
    R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54368]
    R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]
    R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\System32\drivers\PCTSD64.sys [2012-7-9 251528]
    R2 AVP;Servicio Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-8-17 356128]
    R2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-5-1 402192]
    R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-5-1 123152]
    R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-5-1 385808]
    R2 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-5-1 774928]
    R2 KSM;Servicio Kaspersky Fraud Prevention for Endpoint;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\ksm.exe [2013-12-19 233040]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-1 418376]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-1 701512]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-3-6 39056]
    R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2011-11-22 60416]
    R2 risdpcie;risdpcie;C:\Windows\System32\drivers\risdpe64.sys [2011-11-22 80896]
    R2 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2011-11-22 55808]
    R2 Sentinel64;Sentinel64;C:\Windows\System32\drivers\Sentinel64.sys [2006-4-20 142888]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-6-4 2143072]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-22 2320920]
    R2 WMCoreService;Mobile Broadband Service;C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode --> C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode [?]
    R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-11-22 35104]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
    R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-5-25 29280]
    R3 klkbdfltsm;Kaspersky Lab KLKBDFLTSM;C:\Windows\System32\drivers\klkbdfltsm.sys [2014-3-14 28768]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-7-25 29280]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-1 25928]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-5-8 11856]
    S1 klhk;klhk;C:\Windows\System32\drivers\klhk.sys [2014-4-23 228448]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-21 111616]
    S3 klfltsm;Kaspersky Lab SafeMoney Kernel DLL;C:\Windows\System32\drivers\klfltsm.sys [2014-4-23 118368]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-5 19456]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-14 56832]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
    S3 WatAdminSvc;Servicio de tecnologías de activación de Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-21 1255736]
    S4 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2011-11-21 89600]
    S4 ArcGIS License Manager;ArcGIS License Manager;C:\PROGRA~2\ESRI\License\arcgis9x\lmgrd.exe [2013-1-12 1431440]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: txtfile=Notepad.exe "%1"
    FileExt: .ini: inifile=Notepad.exe "%1"
    FileExt: .inf: inffile=Notepad.exe "%1"
    .
    =============== Created Last 30 ================
    .
    2014-06-06 23:58:03 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FCE8AE18-CCCF-47AB-B725-1898F7B0D392}\mpengine.dll
    2014-05-28 11:51:34 -------- d-----w- C:\Windows\AutoKMS
    2014-05-19 22:15:01 -------- d-----w- C:\ProgramData\BlueStacks
    2014-05-19 22:15:01 -------- d-----w- C:\Program Files (x86)\BlueStacks
    2014-05-19 22:13:33 -------- d-----w- C:\Users\Gabriela\AppData\Local\Bluestacks
    2014-05-15 02:59:33 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2014-05-15 02:59:33 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2014-05-15 01:51:25 477184 ----a-w- C:\Windows\System32\aepdu.dll
    2014-05-15 01:51:24 424448 ----a-w- C:\Windows\System32\aeinv.dll
    .
    ==================== Find3M ====================
    .
    2014-05-20 15:20:03 91008 ----a-w- C:\Windows\System32\drivers\klflt.sys
    2014-05-07 04:58:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
    2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
    2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
    2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
    2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
    2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2014-03-31 14:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
    2014-03-14 21:12:44 692832 ----a-w- C:\Windows\System32\drivers\klifsm.sys
    2014-03-14 21:12:44 28768 ----a-w- C:\Windows\System32\drivers\klkbdfltsm.sys
    2014-03-14 21:12:44 118368 ----a-w- C:\Windows\System32\drivers\klfltsm.sys
    2014-03-14 21:12:42 228448 ----a-w- C:\Windows\System32\drivers\klhk.sys
    2013-11-12 00:00:12 50053120 ----a-w- C:\Program Files (x86)\GUT64BD.tmp
    2013-11-11 23:35:10 4188160 ----a-w- C:\Program Files (x86)\GUT9D79.tmp
    2013-11-11 23:09:07 50053120 ----a-w- C:\Program Files (x86)\GUT784C.tmp
    .
    ============= FINISH: 8:29:44.89 ===============
    Attached Files Attached Files
    Last edited by tashi; 2014-06-10 at 17:55. Reason: Merged posts

  2. #2
    Security Expert-Emeritus Dakeyras's Avatar
    Join Date
    Sep 2008
    Location
    The Tundra
    Posts
    1,167

    Default

    Hi and welcome to Safer Networking.

    Lets proceed as follows shall we...

    Before we start:

    Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

    Because of this, I advise you to backup any personal files and folders before you start.

    Backup the Registry:

    Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

    • Please download the installer for Registry Backup from here or here and save to your desktop.
    • Right-click on tweaking.com_registry_backup_setup.exe and select Run as Administrator >> Follow the prompts for a default installation
    • Ensure the option Open "Tweaking.com - Registry Backup" When Install Completes is selected >> Next > >> Finish
    • Once the GUI(graphical user interface) has appeared/loaded:-



    • Click on Backup Now >> once the process is complete, similar to the below will displayed in the GUI:-



    • Close Tweaking.com - Registry Backup

    Note: There will now be a folder at the root of the Hard-Drive named C:\RegBackup, do not delete this as it is the actual backup just created.

    A tutorial for Registry Backup explaining the various features can be viewed here.

    Scan with AdwCleaner:

    Please download adwcleaner from here and save to your desktop.

    Alternate downloads are here or here.

    • Right-click on adwcleaner.exe and select Run as Administrator to launch the application.
    • Now click on the Scan tab >> once the scan is complete click on the Clean tab and follow the prompts.
    • Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

    Note: The log can also be located at C: >> AdwCleaner >> AdwCleaner[S0].txt

    Scan with JRT:

    Please download Junkware Removal Tool to your desktop.

    Alternate download is here.

    Note: Temp' disable/shut down your protection software now to avoid potential conflicts, how to do so can be read here.

    • Right-click on on JRT.exe and select Run as Administrator to launch the application >> follow the on-screen prompt.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.

    Note: Reboot your machine and ensure all disabled security software is now enabled etc.

    Next:

    When completed the above, please post back the following in the order asked for:

    • How is your computer performing now, any further symptoms and or problems encountered?
    • AdwCleaner Log.
    • Junkware Removal Tool Log.
    Mammuthus Hibernian Scouserus, member of ASAP and UNITE.

  3. #3
    Junior Member
    Join Date
    Jun 2014
    Posts
    27

    Default

    Done.

    1. When I do a search, traffic Outbrain finally disappeared, but is still somewhat slow performance, especially when I do a search, slow show results

    But now I have a little problem. Wireless broadband was working perfectly, now appears: Not connected, no connections available (but symbol showing CONNECTED, yes i'm; my computer is able to detect and connect to my home wireless network) however not allowed me to see the connections available. Now, it's not a problem (i'm home), but it will be when i need to use other networks


    2. Logs AdwCleaner, and Junkware Removal Tool Log (attached)

    Thanks for your help and patience


    # AdwCleaner v3.212 - Reporte Creado 10/06/2014 en 15:57:25
    # Actualizado 05/06/2014 por Xplode
    # Sistema Operativo : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Nombre de usuario : Gabriela - A
    # Ejecutado desde : C:\Users\Gabriela\Downloads\adwcleaner_3.212.exe
    # Opción : Limpiar

    ***** [ Servicios ] *****


    ***** [ Archivos / Carpetas ] *****

    Carpeta Borrar : C:\Users\Gabriela\AppData\Local\iLivid
    Carpeta Borrar : C:\Users\Gabriela\AppData\Roaming\eCyber
    Archivo Borrar : C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\etp2zg0r.default\searchplugins\Mysearchdial.xml
    Archivo Borrar : C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\etp2zg0r.default\user.js

    ***** [ Accesos directos ] *****


    ***** [ Registro ] *****

    Clave Borrar : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

    ***** [ Navegadores ] *****

    -\\ Internet Explorer v11.0.9600.17041


    -\\ Mozilla Firefox v29.0.1 (es-MX)

    [ Archivo : C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\etp2zg0r.default\prefs.js ]

    Linea borrada : user_pref("extensions.irmysearch.aflt", "ir_14_17_ch");
    Linea borrada : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzyDt[...]
    Linea borrada : user_pref("extensions.irmysearch.cr", "1603295462");
    Linea borrada : user_pref("extensions.irmysearch.instlRef", "140305_a");
    Linea borrada : user_pref("extensions.mysearchdial.AL", 2);
    Linea borrada : user_pref("extensions.mysearchdial.aflt", "ir_14_17_ch");
    Linea borrada : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
    Linea borrada : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0F0D0ByDyDtDyEtGyCyCzzy[...]
    Linea borrada : user_pref("extensions.mysearchdial.cr", "1603295462");
    Linea borrada : user_pref("extensions.mysearchdial.dfltLng", "");
    Linea borrada : user_pref("extensions.mysearchdial.dfltSrch", true);
    Linea borrada : user_pref("extensions.mysearchdial.dnsErr", true);
    Linea borrada : user_pref("extensions.mysearchdial.excTlbr", false);
    Linea borrada : user_pref("extensions.mysearchdial.hmpg", true);
    Linea borrada : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtD[...]
    Linea borrada : user_pref("extensions.mysearchdial.id", "B8AC6F5210BBC9D7");
    Linea borrada : user_pref("extensions.mysearchdial.instlDay", "16184");
    Linea borrada : user_pref("extensions.mysearchdial.instlRef", "140305_a");
    Linea borrada : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyE[...]
    Linea borrada : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
    Linea borrada : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
    Linea borrada : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
    Linea borrada : user_pref("extensions.mysearchdial.tlbrId", "base");
    Linea borrada : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyDtBtCtD0B0B0Czy0DyBtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutC[...]
    Linea borrada : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
    Linea borrada : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
    Linea borrada : user_pref("extensions.mysearchdial_i.newTab", false);
    Linea borrada : user_pref("extensions.mysearchdial_i.smplGrp", "none");
    Linea borrada : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.09:51:51");

    -\\ Google Chrome v35.0.1916.114

    [ Archivo : C:\Users\Gabriela\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Borrar [Extension] : iagcajndpnfncplednpbnkahadegklfa

    *************************

    AdwCleaner[R0].txt - [16671 octets] - [18/12/2013 19:58:26]
    AdwCleaner[R1].txt - [937 octets] - [19/12/2013 09:19:04]
    AdwCleaner[R2].txt - [1053 octets] - [28/12/2013 19:52:16]
    AdwCleaner[R3].txt - [1427 octets] - [29/01/2014 21:35:49]
    AdwCleaner[R4].txt - [1428 octets] - [03/02/2014 12:07:43]
    AdwCleaner[R5].txt - [5048 octets] - [10/06/2014 15:54:14]
    AdwCleaner[S0].txt - [15487 octets] - [18/12/2013 20:02:11]
    AdwCleaner[S1].txt - [995 octets] - [19/12/2013 09:19:41]
    AdwCleaner[S2].txt - [1113 octets] - [28/12/2013 19:53:04]
    AdwCleaner[S3].txt - [1482 octets] - [29/01/2014 21:37:45]
    AdwCleaner[S4].txt - [1487 octets] - [03/02/2014 12:08:20]
    AdwCleaner[S5].txt - [4852 octets] - [10/06/2014 15:57:25]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [4912 octets] ##########

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Last edited by Dakeyras; 2014-06-11 at 10:29.

  4. #4
    Security Expert-Emeritus Dakeyras's Avatar
    Join Date
    Sep 2008
    Location
    The Tundra
    Posts
    1,167

    Default

    Added JRT zip to this post as was having problems downloading from prior post.

    @bigabulk, please ignore this post. It is merely so I am able to download the zip file you attached correctly. Not a cause for concern nor did you do anything wrong I assure you.
    Mammuthus Hibernian Scouserus, member of ASAP and UNITE.

  5. #5
    Security Expert-Emeritus Dakeyras's Avatar
    Join Date
    Sep 2008
    Location
    The Tundra
    Posts
    1,167

    Default

    Hi.

    1. When I do a search, traffic Outbrain finally disappeared, but is still somewhat slow performance, especially when I do a search, slow show results

    But now I have a little problem. Wireless broadband was working perfectly, now appears: Not connected, no connections available (but symbol showing CONNECTED, yes i'm; my computer is able to detect and connect to my home wireless network) however not allowed me to see the connections available. Now, it's not a problem (i'm home), but it will be when i need to use other networks
    Acknowledged and thanks for the update. Be some way to go as of yet to complete the malware removal process and in turn remedy the other issues your machine has. I see AdwCleaner has been ran a fair few times in the past, have you been experiencing malware related problems for quite some time then ?

    Thanks for your help and patience
    You're welcome!

    Java Advice

    There has been a recent severe exploitation of this software. Even though this exploit has been reportedly fixed there is still a vulnerability with the software, the below is currently all that it is installed Java related:-

    Java 7 Update 13 (64-bit)
    Java 7 Update 55


    So you need to uninstall all(if still present via Uninstall a program or Programs and Features located in the Control Panel)...Your choice if you wish to go ahead and reinstall but as mentioned I advise against it and for the present I do not even have anything Java related installed on my machines.

    Please let myself know what you wish to do about this in your next reply please and if you opt to re-install I will provide both the appropriate instructions and safety advice etc.

    P2P Advice:

    I advise you consider uninstalling the below:-

    µTorrent via Uninstall a program or Programs and Features located in the Control Panel.

    Please read this for further information:-

    File Sharing, otherwise known as Peer To Peer. (P2P)

    To be honest I have lost count of the number of machines I have dealt with over the years that became infected due to the use of P2P software. However if you opt not to...please refrain from using µTorrent for the duration of the malware removal process, thank you.

    Uninstall Software

    I also strongly advise you consider uninstalling the below:-

    TuneUp Utilities 2012
    TuneUp Utilities Language Pack (es-MX)


    Via Uninstall a program or Programs and Features located in the Control Panel.

    Such software rarely if ever makes any improvements and actually has the potential to leave your machine little more than a expensive doorstop!

    Scan with Farbar Recovery Scan Tool:

    Please download and save Farbar Recovery Scan Tool 64-Bit to your Desktop.

    • Right-click on FRST.exe and select Run as Administrator to start FRST >> follow the prompt/click on Yes
    • Under Optional Scan ensure both Drivers MD5 and Addition.txt are selected.
    • Now click on the Scan button/radio tab >> at the Scan completed prompt click on OK
    • At the next prompt denoting Addition.txt is saved in the same location FRST tool is run >> click on OK
    • There will now be two logs on your desktop, Addition.txt and FRST.txt. Post the contents of both in your next reply.

    Next:

    When completed the above, please post back the following in the order asked for:

    • Answer to my questions regarding AdwCleaner and Java.
    • Both FRST logs. <-- Post them individually please, IE: one Log per post/reply.
    Mammuthus Hibernian Scouserus, member of ASAP and UNITE.

  6. #6
    Junior Member
    Join Date
    Jun 2014
    Posts
    27

    Default

    Morning!

    About Adwcleaner: In the past I had a problem with malware and used adwcleaner apparently solved everything. About 6 months ago I started having problems with the internet connection (suddenly could not open any page from the browser especially using google chrome, but internet connection worked well, even skype worked fine), but this problem appeared and disappeared quickly (the problem did not last more than a day) but now is constant. For example right now I had to refresh the page several times to write this message.

    Java uninstalled, but I need to reinstall it ('cause I need it for my work: accounting software)

    uTorrent uninstalled

    TuneUp uninstalled

  7. #7
    Junior Member
    Join Date
    Jun 2014
    Posts
    27

    Default

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-06-2014 01
    Ran by Gabriela at 2014-06-11 09:04:46
    Running from C:\Users\Gabriela\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
    AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

    ==================== Installed Programs ======================

    Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.3 - Adobe Systems)
    Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
    Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
    Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.07) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ArcGIS Desktop (HKLM-x32\...\ArcGIS Desktop) (Version: 9.3.1770 - Environmental Systems Research Institute, Inc.)
    ArcGIS Desktop (x32 Version: 9.3.1770 - Environmental Systems Research Institute, Inc.) Hidden
    ArcGIS License Manager (HKLM-x32\...\ArcGIS License Manager) (Version: - )
    BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
    BlueStacks Notification Center (HKLM-x32\...\{4C02AFA8-074D-44FE-B0E1-A73D4AA65390}) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Centro de dispositivos de Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
    Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{2A16B95F-7377-410A-B961-EFD9394E1AF3}) (Version: - Microsoft)
    Dell Wireless HSPA Mini-Card Drivers (HKLM-x32\...\{9D583F01-A973-4B04-90BD-FB7886779090}) (Version: 6.1.13.8 - Dell)
    Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
    DIMM (HKLM-x32\...\DIMM) (Version: 1.0.1 - Servicio de Rentas Internas)
    Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    gvSIG desktop (HKLM-x32\...\5C7663A6-181A-61C1-6C25-D2B427D68E1B) (Version: 1.12.0 - gvSIG Association)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6217.0 - IDT)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    J2SE Runtime Environment 5.0 Update 10 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150100}) (Version: 1.5.0.100 - Sun Microsystems, Inc.)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Kaspersky Fraud Prevention for Endpoint (HKLM-x32\...\InstallWIX_{5287F0F9-D316-4CD7-BE02-5B0D25D27B36}) (Version: 14.0.1.610 - Kaspersky Lab)
    Kaspersky Fraud Prevention for Endpoint (x32 Version: 14.0.1.610 - Kaspersky Lab) Hidden
    Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
    Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
    Malwarebytes Anti-Malware versión 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
    Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (ESN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft Office Access MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Groove MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office InfoPath MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Basque) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Catalan) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Galician) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Publisher MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 32-bit MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Word MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Mozilla Firefox 29.0.1 (x86 es-MX) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 es-MX)) (Version: 29.0.1 - Mozilla)
    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.1 - pdfforge)
    Python 2.5 numpy-1.0.3 (HKLM-x32\...\Python 2.5 numpy-1.0.3) (Version: - )
    Python 2.5.1 (HKLM-x32\...\Python 2.5.1) (Version: - )
    Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.21 - Dell Inc.)
    QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
    RealDownloader (x32 Version: 1.3.1 - RealNetworks, Inc.) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
    RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
    Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
    RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Sentinel System Driver Installer 7.4.2 (HKLM-x32\...\{A58F2B4A-ABAC-479E-83CE-F3AF284C9737}) (Version: 7.4.2 - SafeNet, Inc.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
    Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{09959E11-AD5D-408E-96AF-E3346954D6B8}) (Version: 1.0.0 - Microsoft)
    Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
    SigmaPlot 11.0 (HKLM-x32\...\{B1A88375-BAB9-4081-B58F-A137FC6ED2A4}) (Version: 11.0 - Systat Software, Inc.)
    Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
    Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft)
    Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version: - Microsoft)
    Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft)
    Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{E84E9B25-BEB6-4F2F-84BB-755CDA8E89C0}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)
    Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
    Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
    Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft)
    Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{B5906CD5-0E44-44AE-80EB-BA3AAC1FD6AC}) (Version: - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{2A1D7D25-BF6B-4E32-AF61-AEB0E859C322}) (Version: - Microsoft)
    Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
    Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
    Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version: - Microsoft)
    Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version: - Microsoft)
    Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version: - Microsoft)
    Viber (HKCU\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
    Visual Basic for Applications (R) Core - English (x32 Version: 6.5.10.32 - Microsoft Corporation) Hidden
    Visual Basic for Applications (R) Core (x32 Version: 6.5.10.32 - Microsoft Corporation) Hidden
    VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
    WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
    Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
    Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

    ==================== Restore Points =========================

    30-05-2014 21:24:09 Removed Apple Mobile Device Support
    03-06-2014 23:15:12 Windows Update
    06-06-2014 23:57:19 Windows Update
    10-06-2014 15:22:50 Windows Update
    11-06-2014 01:46:04 Windows Update
    11-06-2014 03:10:06 Windows Update
    11-06-2014 03:28:29 Windows Update
    11-06-2014 13:47:49 Removed Java 7 Update 13 (64-bit)
    11-06-2014 13:52:36 Removed Java 7 Update 55
    11-06-2014 13:59:54 Quitado TuneUp Utilities 2012
    11-06-2014 14:02:08 Quitado TuneUp Utilities Language Pack (es-MX)

    ==================== Hosts content: ==========================

    2009-07-13 21:34 - 2013-12-25 13:56 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {1408BEA1-6D9F-4D15-866F-358AE56777A0} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    Task: {1C681426-96E0-4B30-95C6-79714EC6EC87} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3489625639-3933507195-490321652-1000UA => C:\Users\Gabriela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-26] (Facebook Inc.)
    Task: {282D883D-EB9F-46BD-875D-97C02CFDC874} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13] (Adobe Systems Incorporated)
    Task: {2986AABA-AF47-4562-B281-55B7DB0AA4F9} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3489625639-3933507195-490321652-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
    Task: {35CD5B2B-D7F1-4610-BDD6-954099BB4DAB} - System32\Tasks\Programa de actualización online de Real Player => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2013-03-24] (RealNetworks, Inc.)
    Task: {53F72881-8AE6-4CE6-9C5C-7984CEBDA6BF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {5CAD906F-DE06-4F73-91FF-16DD172557A4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3489625639-3933507195-490321652-1000
    Task: {83BE3868-4813-434D-951A-DDEABDE0B005} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
    Task: {BBFFCE78-33BF-465E-9DF7-D7A165ACF38A} - System32\Tasks\Google Updater and Installer => C:\Users\Gabriela\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: {D05CB7DC-FA4B-420F-9FDB-24C844E8AF96} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-26] (Google Inc.)
    Task: {E8831253-CDC5-4D4D-9FC9-D3B571DF882A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-26] (Google Inc.)
    Task: {F1C64197-0B76-4D3C-862C-B3CAC9C06ACD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3489625639-3933507195-490321652-1000Core => C:\Users\Gabriela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-26] (Facebook Inc.)
    Task: {FBC7CF2A-DF04-4B4E-812F-E6C0B69FB0E1} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3489625639-3933507195-490321652-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3489625639-3933507195-490321652-1000Core.job => C:\Users\Gabriela\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3489625639-3933507195-490321652-1000UA.job => C:\Users\Gabriela\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2011-11-21 21:23 - 2009-07-17 10:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
    2011-11-21 21:23 - 2009-07-17 10:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
    2013-03-06 03:21 - 2013-03-06 03:21 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    2012-05-07 16:25 - 2009-11-26 11:53 - 00447488 ____R () C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
    2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
    2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2011-11-21 22:09 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
    2013-01-12 23:07 - 2008-08-02 11:57 - 01757184 _____ () C:\Program Files (x86)\ESRI\License\arcgis9x\ARCGIS.EXE
    2012-08-17 21:39 - 2013-08-01 10:15 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
    2014-03-14 16:12 - 2014-03-14 16:12 - 03212992 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\bl_sm.ppl
    2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\kpcengine.2.3.dll
    2012-05-07 16:25 - 2009-03-25 20:08 - 00058880 ____R () C:\Program Files (x86)\Dell\Dell WWAN\WMCore\MBMDebug.dll
    2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
    2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2014-05-21 16:31 - 2014-05-13 18:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
    2014-05-21 16:31 - 2014-05-13 18:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
    2014-05-21 16:31 - 2014-05-13 18:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
    2014-05-21 16:31 - 2014-05-13 18:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
    2014-05-21 16:31 - 2014-05-13 18:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
    2014-04-23 12:09 - 2013-12-19 00:16 - 00469696 _____ () C:\Users\Gabriela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcmfooedeofbldmijiigfkokhgejeodf\4.0.5.28_0\plugin\npContentBlocker.dll
    2014-04-23 12:09 - 2014-02-21 04:18 - 00735424 _____ () C:\Users\Gabriela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdookbfkgaoclbpklgdocahfmgmhdpbj\4.0.5.95_0\plugin\npVKPlugin.dll
    2014-04-23 12:09 - 2013-12-19 00:16 - 00353472 _____ () C:\Users\Gabriela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhkcblffmahigmkakfgobkpgochkmdjf\4.0.5.28_0\plugin\npOnlineBanking.dll
    2013-04-11 17:11 - 2014-05-27 22:11 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    2013-12-18 23:16 - 2013-12-18 23:16 - 00469696 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\content_blocker_sm@kaspersky.com\npcontentblocker.dll
    2014-03-14 16:12 - 2014-03-14 16:12 - 00735424 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\virtual_keyboard_sm@kaspersky.com\npvkplugin.dll
    2013-12-18 23:16 - 2013-12-18 23:16 - 00353472 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint\FFExt\online_banking_sm@kaspersky.com\nponlinebanking.dll
    2013-12-13 11:21 - 2013-12-13 11:21 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:\ProgramData\TEMP:373E1720
    AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

    ==================== Safe Mode (whitelisted) ===================


    ==================== EXE Association (whitelisted) =============


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AESTFilters => 2
    MSCONFIG\Services: FDResPub => 2
    MSCONFIG\Services: FontCache => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: MBAMScheduler => 2
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    MSCONFIG\startupreg: RESTART_STICKY_NOTES => C:\Windows\System32\StikyNot.exe
    MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe

    ==================== Faulty Device Manager Devices =============

    Name:
    Description:
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: klhk
    Description: klhk
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: klhk
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/11/2014 09:01:32 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: A)
    Description: No se pudo cerrar la aplicación o el servicio 'Explorador de Windows'.

    Error: (06/11/2014 08:46:42 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: Explorer.EXE, versión: 6.1.7601.17567, marca de tiempo: 0x4d672ee4
    Nombre del módulo con errores: msi.dll, versión: 5.0.7601.17807, marca de tiempo: 0x4f80321a
    Código de excepción: 0xc0000005
    Desplazamiento de errores: 0x00000000001ec1e6
    Id. del proceso con errores: 0xebc
    Hora de inicio de la aplicación con errores: 0xExplorer.EXE0
    Ruta de acceso de la aplicación con errores: Explorer.EXE1
    Ruta de acceso del módulo con errores: Explorer.EXE2
    Id. del informe: Explorer.EXE3

    Error: (06/10/2014 08:56:44 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: TuneUpUtilitiesApp64.exe, versión: 12.0.3600.112, marca de tiempo: 0x4fccaeb9
    Nombre del módulo con errores: TuneUpUtilitiesApp64.exe, versión: 12.0.3600.112, marca de tiempo: 0x4fccaeb9
    Código de excepción: 0xc0000417
    Desplazamiento de errores: 0x0000000000038f60
    Id. del proceso con errores: 0xc70
    Hora de inicio de la aplicación con errores: 0xTuneUpUtilitiesApp64.exe0
    Ruta de acceso de la aplicación con errores: TuneUpUtilitiesApp64.exe1
    Ruta de acceso del módulo con errores: TuneUpUtilitiesApp64.exe2
    Id. del informe: TuneUpUtilitiesApp64.exe3


    System errors:
    =============
    Error: (06/11/2014 07:47:59 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
    Description: WMPNetworkSvc0x80070422

    Error: (06/11/2014 07:45:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
    klhk

    Error: (06/11/2014 07:45:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: El servicio Adquisición de imágenes de Windows (WIA) depende del servicio Detección de hardware shell, el cual no pudo iniciarse debido al siguiente error:
    %%1058

    Error: (06/11/2014 07:45:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: El servicio KMService no pudo iniciarse debido al siguiente error:
    %%2

    Error: (06/10/2014 10:16:07 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
    Description: WMPNetworkSvc0x80070422

    Error: (06/10/2014 10:15:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio MBAMService.

    Error: (06/10/2014 10:14:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
    klhk

    Error: (06/10/2014 10:14:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: El servicio Adaptador de escucha Net.Tcp depende del servicio Servicio de uso compartido de puertos Net.Tcp, el cual no pudo iniciarse debido al siguiente error:
    %%1053

    Error: (06/10/2014 10:13:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: El servicio Adquisición de imágenes de Windows (WIA) depende del servicio Detección de hardware shell, el cual no pudo iniciarse debido al siguiente error:
    %%1058

    Error: (06/10/2014 10:13:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: El servicio Servicio de uso compartido de puertos Net.Tcp no pudo iniciarse debido al siguiente error:
    %%1053


    Microsoft Office Sessions:
    =========================
    Error: (06/11/2014 09:01:32 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: A)
    Description: 1C:\Windows\explorer.exeExplorador de Windows0411713720

    Error: (06/11/2014 08:46:42 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Explorer.EXE6.1.7601.175674d672ee4msi.dll5.0.7601.178074f80321ac000000500000000001ec1e6ebc01cf8573338ab5acC:\Windows\Explorer.EXEC:\Windows\system32\msi.dlld171a850-f16e-11e3-afa8-b8ac6f5210bb

    Error: (06/10/2014 08:56:44 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: TuneUpUtilitiesApp64.exe12.0.3600.1124fccaeb9TuneUpUtilitiesApp64.exe12.0.3600.1124fccaeb9c00004170000000000038f60c7001cf85185c06e3efC:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exeC:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exea3687bb3-f10b-11e3-b8a4-b8ac6f5210bb


    CodeIntegrity Errors:
    ===================================
    Date: 2014-06-11 07:56:51.107
    Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

    Date: 2014-06-11 07:56:51.105
    Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

    Date: 2014-06-11 07:56:51.087
    Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

    Date: 2014-06-11 07:56:51.083
    Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

    Date: 2014-06-11 07:54:17.568
    Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

    Date: 2014-06-11 07:54:17.517
    Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

    Date: 2014-06-11 07:54:17.508
    Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

    Date: 2014-06-11 07:54:17.504
    Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

    Date: 2014-06-11 07:54:17.476
    Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

    Date: 2014-06-09 12:54:49.161
    Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


    ==================== Memory info ===========================

    Percentage of memory in use: 64%
    Total physical RAM: 5940.52 MB
    Available physical RAM: 2123.25 MB
    Total Pagefile: 11879.23 MB
    Available Pagefile: 7352.98 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.86 MB

    ==================== Drives ================================

    Drive c: (BIGUITA-BULQUI) (Fixed) (Total:451.07 GB) (Free:340.21 GB) NTFS
    Drive e: (BIGUITA) (Removable) (Total:3.6 GB) (Free:3.6 GB) FAT32
    Drive f: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:9.53 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: BD59BAD5)
    Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
    Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (Size: 4 GB) (Disk ID: 4D5950A0)
    Partition 1: (Active) - (Size=4 GB) - (Type=0B)

    ==================== End Of Log ============================

  8. #8
    Junior Member
    Join Date
    Jun 2014
    Posts
    27

    Default

    I can't post here FRST log, is too long, i have to attach it.

    Hope this is what you ask me.

    Thanks again.
    Attached Files Attached Files

  9. #9
    Security Expert-Emeritus Dakeyras's Avatar
    Join Date
    Sep 2008
    Location
    The Tundra
    Posts
    1,167

    Default

    Hi.

    About Adwcleaner: In the past I had a problem with malware and used adwcleaner apparently solved everything. About 6 months ago I started having problems with the internet connection (suddenly could not open any page from the browser especially using google chrome, but internet connection worked well, even skype worked fine), but this problem appeared and disappeared quickly (the problem did not last more than a day) but now is constant. For example right now I had to refresh the page several times to write this message.
    Thank you for the clarification.

    Java uninstalled, but I need to reinstall it ('cause I need it for my work: accounting software)

    uTorrent uninstalled

    TuneUp uninstalled
    Acknowledged...

    With regard to Java, also uninstall this if still present:-

    J2SE Runtime Environment 5.0 Update 10

    We will actually reinstall Java in due course per your request.

    I can't post here FRST log, is too long, i have to attach it.
    Not a problem.

    Windows Defender Advice:

    Windows Defender at present is active in system memory and there is a chance it will cause a conflict with the installed Kaspersky Internet Security.

    Plus the possibility it may lesson overall online protection. However it cannot be uninstalled because it is a integral part of the Windows 7 Operating System.

    My best advice would be to disable this completely. A graphical tutorial explaining how to correctly can be viewed here.

    TFC(Temp File Cleaner):

    • Please download TFC to the desktop,
    • Right-click on TFC.exe and select Run as Administrator to run the program.
    • Click the Start button in the bottom left of the GUI(graphical user interface)'
    • If prompted, click "Yes" to reboot.

    Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.

    Custom FRST Script:

    Please download the attached fixlist.txt(see below) and save to your Downloads folder.

    Attachment 11555

    • Now right-click on FRST.exe and select Run as Administrator to start FRST.
    • Then click on the Fix button/radio tab >> at the Fix completed prompt click on OK
    • Reboot your machine(ensure you do this) when prompted to do so and post the contents of the newly created Fixlog in your next reply.

    Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.

    Next:

    When completed the above, please post back the following in the order asked for:

    • How is your computer performing now, any further symptoms and or problems encountered ?
    • Fixlog from the Custom FRST Script.
    Last edited by Dakeyras; 2014-06-11 at 23:09. Reason: Punctuation.
    Mammuthus Hibernian Scouserus, member of ASAP and UNITE.

  10. #10
    Junior Member
    Join Date
    Jun 2014
    Posts
    27

    Default

    Hi
    My computer is going better, browser is working well (today I didn’t have connection problems), and searches are more faster (although still delayed a few seconds).
    I followed your advices.
    Windows Defender disabled
    J2SE Runtime Environment 5.0 Update uninstalled




    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-06-2014 01
    Ran by Gabriela at 2014-06-11 16:22:57 Run:1
    Running from C:\Users\Gabriela\Downloads
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6EA0217CB0A8CC01
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    URLSearchHook: HKLM-x32 - Default Value = {3B81079D-2AC9-425f-A494-A1C7D93AFA3C}
    URLSearchHook: HKCU - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
    URLSearchHook: HKCU - (No Name) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No File
    Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
    Handler: WSIEChrome - No CLSID Value -
    Handler-x32: WSIEChrome - No CLSID Value -
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    S2 KMService; C:\Windows\system32\srvany.exe [X]
    S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
    S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
    S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
    S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
    C:\Users\Gabriela\AppData\Local\Temp\TUUUninstallHelper.exe
    2014-06-09 06:31 - 2014-06-09 06:31 - 00034240 _____ () C:\Users\Gabriela\Downloads\Game of Thrones 4x09 - The Watchers on the Wall (Español (Latinoamérica)).srt
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    Task: {1408BEA1-6D9F-4D15-866F-358AE56777A0} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    AlternateDataStreams: C:\ProgramData\TEMP:373E1720
    AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
    HKU\S-1-5-21-3489625639-3933507195-490321652-1000\...\MountPoints2: G - G:\AutoRun.exe
    HKU\S-1-5-21-3489625639-3933507195-490321652-1000\...\MountPoints2: {0739283f-1576-11e1-abb7-904ce5d6fa6c} - E:\AutoRun.exe
    HKU\S-1-5-21-3489625639-3933507195-490321652-1000\...\MountPoints2: {8ccdfbc9-1509-11e1-8bcf-b8ac6f5210bb} - E:\AutoRun.exe
    HKU\S-1-5-21-3489625639-3933507195-490321652-1000\...\MountPoints2: {8ccdfbd8-1509-11e1-8bcf-b8ac6f5210bb} - E:\AutoRun.exe
    HKU\S-1-5-21-3489625639-3933507195-490321652-1000\...\MountPoints2: {e7f6c6b6-1586-11e1-b730-b8ac6f5210bb} - E:\AutoRun.exe
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F
    Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F
    Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
    Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
    cmd: netsh advfirewall reset
    cmd: netsh advfirewall set allprofiles state off
    cmd: ipconfig /release
    cmd: ipconfig /renew
    cmd: ipconfig /flushdns
    cmd: netsh winsock reset all
    cmd: netsh int ip reset all
    Reboot:
    *****************

    HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
    HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => value deleted successfully.
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
    HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
    HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} => value deleted successfully.
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
    'HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}'=> Key not found.
    'HKCR\PROTOCOLS\Handler\Handler: WSIEChrome - No CLSID Value -'=> Key not found.
    'HKCR\Wow6432Node\PROTOCOLS\Handler\Handler-x32: WSIEChrome - No CLSID Value -'=> Key not found.
    'HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File'=> Key not found.
    "FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
    'HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File'=> Key not found.
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
    'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
    KMService => Service deleted successfully.
    ewusbmbb => Service deleted successfully.
    ew_hwusbdev => Service deleted successfully.
    huawei_enumerator => Service deleted successfully.
    hwdatacard => Service deleted successfully.
    "C:\Users\Gabriela\AppData\Local\Temp\TUUUninstallHelper.exe" => File/Directory not found.
    C:\Users\Gabriela\Downloads\Game of Thrones 4x09 - The Watchers on the Wall (Español (Latinoamérica)).srt => Moved successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
    'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1408BEA1-6D9F-4D15-866F-358AE56777A0}' => Key deleted successfully.
    'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1408BEA1-6D9F-4D15-866F-358AE56777A0}' => Key deleted successfully.
    C:\Windows\System32\Tasks\Java Update Scheduler => Moved successfully.
    'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Update Scheduler' => Key deleted successfully.
    C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
    C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
    'HKU\S-1-5-21-3489625639-3933507195-490321652-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3489625639-3933507195-490321652-1000'=> Key not found.
    'HKU\S-1-5-21-3489625639-3933507195-490321652-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0739283f-1576-11e1-abb7-904ce5d6fa6c}' => Key deleted successfully.
    'HKCR\CLSID\{0739283f-1576-11e1-abb7-904ce5d6fa6c}'=> Key not found.
    'HKU\S-1-5-21-3489625639-3933507195-490321652-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ccdfbc9-1509-11e1-8bcf-b8ac6f5210bb}' => Key deleted successfully.
    'HKCR\CLSID\{8ccdfbc9-1509-11e1-8bcf-b8ac6f5210bb}'=> Key not found.
    'HKU\S-1-5-21-3489625639-3933507195-490321652-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ccdfbd8-1509-11e1-8bcf-b8ac6f5210bb}' => Key deleted successfully.
    'HKCR\CLSID\{8ccdfbd8-1509-11e1-8bcf-b8ac6f5210bb}'=> Key not found.
    'HKU\S-1-5-21-3489625639-3933507195-490321652-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7f6c6b6-1586-11e1-b730-b8ac6f5210bb}' => Key deleted successfully.
    'HKCR\CLSID\{e7f6c6b6-1586-11e1-b730-b8ac6f5210bb}'=> Key not found.
    "C:\Windows\System32\Drivers\etc\hosts" => Could not move.
    Could not reset Hosts.

    ========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F =========

    La operaci¢n se complet¢ correctamente.



    ========= End of Reg: =========


    ========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F =========

    La operaci¢n se complet¢ correctamente.



    ========= End of Reg: =========


    ========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========

    La operaci¢n se complet¢ correctamente.



    ========= End of Reg: =========


    ========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========

    La operaci¢n se complet¢ correctamente.



    ========= End of Reg: =========


    ========= netsh advfirewall reset =========

    Aceptar


    ========= End of CMD: =========


    ========= netsh advfirewall set allprofiles state off =========

    Aceptar


    ========= End of CMD: =========


    ========= ipconfig /release =========


    Configuraci�n IP de Windows

    No se puede realizar ninguna operaci�n en Conexi�n de red Bluetooth mientras los medios
    est�n desconectados.
    No se puede realizar ninguna operaci�n en Conexi�n de red inal�mbrica 2 mientras los medios
    est�n desconectados.
    No se puede realizar ninguna operaci�n en Conexi�n de �rea local mientras los medios
    est�n desconectados.

    Adaptador de Ethernet Conexi�n de red Bluetooth:

    Estado de los medios. . . . . . . . . . . : medios desconectados
    Sufijo DNS espec�fico para la conexi�n. . :

    Adaptador de LAN inal�mbrica Conexi�n de red inal�mbrica 2:

    Estado de los medios. . . . . . . . . . . : medios desconectados
    Sufijo DNS espec�fico para la conexi�n. . :

    Adaptador de LAN inal�mbrica Conexi�n de red inal�mbrica:

    Sufijo DNS espec�fico para la conexi�n. . :
    V�nculo: direcci�n IPv6 local. . . : fe80::6d85:d4b0:eaa1:53d%11
    Puerta de enlace predeterminada . . . . . :

    Adaptador de Ethernet Conexi�n de �rea local:

    Estado de los medios. . . . . . . . . . . : medios desconectados
    Sufijo DNS espec�fico para la conexi�n. . :

    Adaptador de t�nel Conexi�n de �rea local* 26:

    Sufijo DNS espec�fico para la conexi�n. . :
    Direcci�n IPv6 . . . . . . . . . . : 2001:0:9d38:90d7:2cb4:28ae:3f57:ff9a
    V�nculo: direcci�n IPv6 local. . . : fe80::2cb4:28ae:3f57:ff9a%33
    Puerta de enlace predeterminada . . . . . : ::

    Adaptador de t�nel isatap.{47FC265D-8B2D-487E-83F5-B7525A531FAD}:

    Estado de los medios. . . . . . . . . . . : medios desconectados
    Sufijo DNS espec�fico para la conexi�n. . :

    Adaptador de t�nel isatap.{F6DD4AEA-E8C6-4F71-9D79-DEA1685FF516}:

    Estado de los medios. . . . . . . . . . . : medios desconectados
    Sufijo DNS espec�fico para la conexi�n. . :

    ========= End of CMD: =========


    ========= ipconfig /renew =========


    Configuraci�n IP de Windows

    No se puede realizar ninguna operaci�n en Conexi�n de red Bluetooth mientras los medios
    est�n desconectados.
    No se puede realizar ninguna operaci�n en Conexi�n de red inal�mbrica 2 mientras los medios
    est�n desconectados.
    No se puede realizar ninguna operaci�n en Conexi�n de �rea local mientras los medios
    est�n desconectados.

    Adaptador de Ethernet Conexi�n de red Bluetooth:

    Estado de los medios. . . . . . . . . . . : medios desconectados
    Sufijo DNS espec�fico para la conexi�n. . :

    Adaptador de LAN inal�mbrica Conexi�n de red inal�mbrica 2:

    Estado de los medios. . . . . . . . . . . : medios desconectados
    Sufijo DNS espec�fico para la conexi�n. . :

    Adaptador de LAN inal�mbrica Conexi�n de red inal�mbrica:

    Sufijo DNS espec�fico para la conexi�n. . :
    V�nculo: direcci�n IPv6 local. . . : fe80::6d85:d4b0:eaa1:53d%11
    Direcci�n IPv4. . . . . . . . . . . . . . : 192.168.0.101
    M�scara de subred . . . . . . . . . . . . : 255.255.255.0
    Puerta de enlace predeterminada . . . . . : 192.168.0.1

    Adaptador de Ethernet Conexi�n de �rea local:

    Estado de los medios. . . . . . . . . . . : medios desconectados
    Sufijo DNS espec�fico para la conexi�n. . :

    Adaptador de t�nel Conexi�n de �rea local* 26:

    Sufijo DNS espec�fico para la conexi�n. . :
    Direcci�n IPv6 . . . . . . . . . . : 2001:0:9d38:90d7:1c28:48b:3f57:ff9a
    V�nculo: direcci�n IPv6 local. . . : fe80::1c28:48b:3f57:ff9a%33
    Puerta de enlace predeterminada . . . . . : ::

    Adaptador de t�nel isatap.{47FC265D-8B2D-487E-83F5-B7525A531FAD}:

    Estado de los medios. . . . . . . . . . . : medios desconectados
    Sufijo DNS espec�fico para la conexi�n. . :

    Adaptador de t�nel isatap.{F6DD4AEA-E8C6-4F71-9D79-DEA1685FF516}:

    Estado de los medios. . . . . . . . . . . : medios desconectados
    Sufijo DNS espec�fico para la conexi�n. . :

    ========= End of CMD: =========


    ========= ipconfig /flushdns =========


    Configuraci�n IP de Windows

    Se vaci� correctamente la cach� de resoluci�n de DNS.

    ========= End of CMD: =========


    ========= netsh winsock reset all =========


    El cat�logo Winsock se restableci� correctamente.
    Debe reiniciar el equipo para completar el restablecimiento.


    ========= End of CMD: =========


    ========= netsh int ip reset all =========

    Global se restableci� correctamente.
    Interfaz se restableci� correctamente.
    Direcci�n de unidifusi�n se restableci� correctamente.
    Ruta se restableci� correctamente.
    Reinicie el equipo para completar esta acci�n.


    ========= End of CMD: =========



    The system needed a reboot.

    ==== End of Fixlog ====

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •