Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Recommended for you ads and pop ups


  • Please log in to reply
25 replies to this topic

#1 ladyluna

ladyluna

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:44 PM

Posted 14 May 2012 - 06:28 PM

Hi!

I'm new to this forum and I have a big problem to start off....I got infected with the "recommended for you" ad/pop-up/annoying little whatever it is that won't go away combined with being redirected to a malware site from time to time.

I'm working with Windows 7 Ultimate (64 bits).

What do I do?

Edited by ladyluna, 14 May 2012 - 06:29 PM.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:44 PM

Posted 14 May 2012 - 07:31 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 ladyluna

ladyluna
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:44 PM

Posted 15 May 2012 - 05:43 PM

Here are the results:

Security check:


Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is disabled!)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Avira AntiVir Personal - Free Antivirus
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 26
Java™ 6 Update 22
Out of date Java installed!
Adobe Flash Player ( 10.1.82.76) Flash Player Out of Date!
Mozilla Firefox (x86 es-ES..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````End of Log````````````


Farbar Service Scanner

Farbar Service Scanner Version: 11-05-2012
Ran by Raquel (administrator) on 15-05-2012 at 23:38:19
Running from "C:\Users\Raquel\Downloads"
Microsoft Windows 7 Ultimate (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2009-07-14 01:25] - [2009-07-14 03:45] - 1898576 ____A (Microsoft Corporation) 912107716BAB424C7870E8E6AF5E07E1

C:\Windows\System32\dnsrslvr.dll
[2009-07-14 01:21] - [2009-07-14 03:40] - 0182272 ____A (Microsoft Corporation) 676108C4E3AA6F6B34633748BD0BEBD9

C:\Windows\System32\mpssvc.dll
[2009-07-14 02:09] - [2009-07-14 03:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-14 01:36] - [2009-07-14 03:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2009-07-14 02:36] - [2009-07-14 03:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


Minitoolbox




MiniToolBox by Farbar Version: 18-01-2012
Ran by Raquel (administrator) on 15-05-2012 at 23:39:46
Microsoft Windows 7 Ultimate (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0
========================= Hosts content: =================================

::1 localhost








































































































































































































67.215.245.19 www.google-analytics.com.
67.215.245.19 ad-emea.doubleclick.net.
67.215.245.19 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Conexión de red Intel® PRO/Wireless 3945ABG = Conexión de red inalámbrica (Connected)
Controladora Fast Ethernet Marvell Yukon 88E8039 PCI-E = Conexión de área local (Media disconnected)


# ----------------------------------
# Configuraci¢n de IPv4
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# Fin de la configuraci¢n de IPv4



Configuraci¢n IP de Windows

Nombre de host. . . . . . . . . : Raquel-PC
Sufijo DNS principal . . . . . :
Tipo de nodo. . . . . . . . . . : h¡brido
Enrutamiento IP habilitado. . . : no
Proxy WINS habilitado . . . . . : no
Lista de b£squeda de sufijos DNS: home

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

Sufijo DNS espec¡fico para la conexi¢n. . : home
Descripci¢n . . . . . . . . . . . . . . . : Conexi¢n de red Intel® PRO/Wireless 3945ABG
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-1C-BF-0C-AE-CA
DHCP habilitado . . . . . . . . . . . . . : s¡
Configuraci¢n autom tica habilitada . . . : s¡
V¡nculo: direcci¢n IPv6 local. . . : fe80::a0c6:7a8d:6b77:8923%12(Preferido)
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.12(Preferido)
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Concesi¢n obtenida. . . . . . . . . . . . : martes, 15 de mayo de 2012 23:29:31
La concesi¢n expira . . . . . . . . . . . : mi‚rcoles, 16 de mayo de 2012 23:29:30
Puerta de enlace predeterminada . . . . . : 192.168.1.1
Servidor DHCP . . . . . . . . . . . . . . : 192.168.1.1
IAID DHCPv6 . . . . . . . . . . . . . . . : 218111167
DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-13-CE-51-5B-00-16-D3-F5-B1-44
Servidores DNS. . . . . . . . . . . . . . : 192.168.1.1
NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado

Adaptador de Ethernet Conexi¢n de rea local:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Controladora Fast Ethernet Marvell Yukon 88E8039 PCI-E
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-16-D3-F5-B1-44
DHCP habilitado . . . . . . . . . . . . . : s¡
Configuraci¢n autom tica habilitada . . . : s¡

Adaptador de t£nel isatap.home:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . : home
Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP habilitado . . . . . . . . . . . . . : no
Configuraci¢n autom tica habilitada . . . : s¡

Adaptador de t£nel Conexi¢n de rea local*:

Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP habilitado . . . . . . . . . . . . . : no
Configuraci¢n autom tica habilitada . . . : s¡
Direcci¢n IPv6 . . . . . . . . . . : 2001:0:5ef5:73b8:3000:3a2:a55c:140e(Preferido)
V¡nculo: direcci¢n IPv6 local. . . : fe80::3000:3a2:a55c:140e%14(Preferido)
Puerta de enlace predeterminada . . . . . : ::
NetBIOS sobre TCP/IP. . . . . . . . . . . : deshabilitado
Servidor: livebox.home
Address: 192.168.1.1

Nombre: google.com
Addresses: 173.194.34.198
173.194.34.192
173.194.34.195
173.194.34.194
173.194.34.206
173.194.34.197
173.194.34.199
173.194.34.196
173.194.34.200
173.194.34.201
173.194.34.193


Haciendo ping a google.com [173.194.34.198] con 32 bytes de datos:
Respuesta desde 173.194.34.198: bytes=32 tiempo=49ms TTL=53
Respuesta desde 173.194.34.198: bytes=32 tiempo=48ms TTL=53

Estad¡sticas de ping para 173.194.34.198:
Paquetes: enviados = 2, recibidos = 2, perdidos = 0
(0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
M¡nimo = 48ms, M ximo = 49ms, Media = 48ms
Servidor: livebox.home
Address: 192.168.1.1

Nombre: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Haciendo ping a yahoo.com [209.191.122.70] con 32 bytes de datos:
Respuesta desde 209.191.122.70: bytes=32 tiempo=177ms TTL=47
Respuesta desde 209.191.122.70: bytes=32 tiempo=177ms TTL=47

Estad¡sticas de ping para 209.191.122.70:
Paquetes: enviados = 2, recibidos = 2, perdidos = 0
(0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
M¡nimo = 177ms, M ximo = 177ms, Media = 177ms
Servidor: livebox.home
Address: 192.168.1.1

Nombre: bleepingcomputer.com
Address: 208.43.87.2


Haciendo ping a bleepingcomputer.com [208.43.87.2] con 32 bytes de datos:
Respuesta desde 208.43.87.2: Host de destino inaccesible.
Respuesta desde 208.43.87.2: Host de destino inaccesible.

Estad¡sticas de ping para 208.43.87.2:
Paquetes: enviados = 2, recibidos = 2, perdidos = 0
(0% perdidos),

Haciendo ping a 127.0.0.1 con 32 bytes de datos:
Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128
Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128

Estad¡sticas de ping para 127.0.0.1:
Paquetes: enviados = 2, recibidos = 2, perdidos = 0
(0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
M¡nimo = 0ms, M ximo = 0ms, Media = 0ms
===========================================================================
ILista de interfaces
12...00 1c bf 0c ae ca ......Conexi¢n de red Intel® PRO/Wireless 3945ABG
11...00 16 d3 f5 b1 44 ......Controladora Fast Ethernet Marvell Yukon 88E8039 PCI-E
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Tabla de enrutamiento
===========================================================================
Rutas activas:
Destino de red M scara de red Puerta de enlace Interfaz M‚trica
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.12 25
127.0.0.0 255.0.0.0 En v¡nculo 127.0.0.1 306
127.0.0.1 255.255.255.255 En v¡nculo 127.0.0.1 306
127.255.255.255 255.255.255.255 En v¡nculo 127.0.0.1 306
192.168.1.0 255.255.255.0 En v¡nculo 192.168.1.12 281
192.168.1.12 255.255.255.255 En v¡nculo 192.168.1.12 281
192.168.1.255 255.255.255.255 En v¡nculo 192.168.1.12 281
224.0.0.0 240.0.0.0 En v¡nculo 127.0.0.1 306
224.0.0.0 240.0.0.0 En v¡nculo 192.168.1.12 281
255.255.255.255 255.255.255.255 En v¡nculo 127.0.0.1 306
255.255.255.255 255.255.255.255 En v¡nculo 192.168.1.12 281
===========================================================================
Rutas persistentes:
Ninguno

IPv6 Tabla de enrutamiento
===========================================================================
Rutas activas:
Cuando destino de red m‚trica Puerta de enlace
14 58 ::/0 En v¡nculo
1 306 ::1/128 En v¡nculo
14 58 2001::/32 En v¡nculo
14 306 2001:0:5ef5:73b8:3000:3a2:a55c:140e/128
En v¡nculo
12 281 fe80::/64 En v¡nculo
14 306 fe80::/64 En v¡nculo
14 306 fe80::3000:3a2:a55c:140e/128
En v¡nculo
12 281 fe80::a0c6:7a8d:6b77:8923/128
En v¡nculo
1 306 ff00::/8 En v¡nculo
14 306 ff00::/8 En v¡nculo
12 281 ff00::/8 En v¡nculo
===========================================================================
Rutas persistentes:
Ninguno
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/14/2012 00:35:56 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Error en el archivo de manifiesto o directiva "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" en la línea WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
La definición es WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (05/14/2012 00:33:47 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "assemblyIdentity1". Error en el archivo de manifiesto o directiva "assemblyIdentity2" en la línea assemblyIdentity3.
El valor "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" del atributo "version" del elemento "assemblyIdentity" no es válido.

Error: (05/09/2012 11:31:34 PM) (Source: Avira AntiVir) (User: SYSTEM)SYSTEM
Description: El fichero de licencia no contiene una licencia válida. El servicio finalizará!

Error: (05/09/2012 11:31:34 PM) (Source: Avira AntiVir) (User: SYSTEM)SYSTEM
Description: Error desconocido al inicializar el motor de análisis.
Código de error: 0x35

Error: (05/09/2012 00:13:48 AM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Error en el archivo de manifiesto o directiva "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" en la línea WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
La definición es WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (05/09/2012 00:12:55 AM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "assemblyIdentity1". Error en el archivo de manifiesto o directiva "assemblyIdentity2" en la línea assemblyIdentity3.
El valor "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" del atributo "version" del elemento "assemblyIdentity" no es válido.

Error: (05/08/2012 11:25:31 PM) (Source: Avira AntiVir) (User: SYSTEM)SYSTEM
Description: El fichero de licencia no contiene una licencia válida. El servicio finalizará!

Error: (05/08/2012 11:25:31 PM) (Source: Avira AntiVir) (User: SYSTEM)SYSTEM
Description: Error desconocido al inicializar el motor de análisis.
Código de error: 0x35

Error: (05/08/2012 01:15:37 PM) (Source: Avira AntiVir) (User: SYSTEM)SYSTEM
Description: El fichero de licencia no contiene una licencia válida. El servicio finalizará!

Error: (05/08/2012 01:15:37 PM) (Source: Avira AntiVir) (User: SYSTEM)SYSTEM
Description: Error desconocido al inicializar el motor de análisis.
Código de error: 0x35


System errors:
=============
Error: (05/14/2012 11:33:33 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/14/2012 00:50:37 AM) (Source: ACPI) (User: )
Description: : la controladora integrada (EC) no respondió en el período de tiempo de espera especificado. Puede deberse a un error en el firmware o hardware de EC, o a un acceso incorrecto a la EC por parte del BIOS. Pregunte al fabricante del equipo si dispone de un BIOS actualizado. En algunas situaciones, este error puede provocar el funcionamiento incorrecto del equipo.

Error: (05/14/2012 00:39:56 AM) (Source: ACPI) (User: )
Description: : la controladora integrada (EC) no respondió en el período de tiempo de espera especificado. Puede deberse a un error en el firmware o hardware de EC, o a un acceso incorrecto a la EC por parte del BIOS. Pregunte al fabricante del equipo si dispone de un BIOS actualizado. En algunas situaciones, este error puede provocar el funcionamiento incorrecto del equipo.

Error: (05/14/2012 00:39:01 AM) (Source: ACPI) (User: )
Description: : la controladora integrada (EC) no respondió en el período de tiempo de espera especificado. Puede deberse a un error en el firmware o hardware de EC, o a un acceso incorrecto a la EC por parte del BIOS. Pregunte al fabricante del equipo si dispone de un BIOS actualizado. En algunas situaciones, este error puede provocar el funcionamiento incorrecto del equipo.

Error: (05/14/2012 00:38:10 AM) (Source: ACPI) (User: )
Description: : la controladora integrada (EC) no respondió en el período de tiempo de espera especificado. Puede deberse a un error en el firmware o hardware de EC, o a un acceso incorrecto a la EC por parte del BIOS. Pregunte al fabricante del equipo si dispone de un BIOS actualizado. En algunas situaciones, este error puede provocar el funcionamiento incorrecto del equipo.

Error: (05/14/2012 00:37:20 AM) (Source: ACPI) (User: )
Description: : la controladora integrada (EC) no respondió en el período de tiempo de espera especificado. Puede deberse a un error en el firmware o hardware de EC, o a un acceso incorrecto a la EC por parte del BIOS. Pregunte al fabricante del equipo si dispone de un BIOS actualizado. En algunas situaciones, este error puede provocar el funcionamiento incorrecto del equipo.

Error: (05/14/2012 00:36:20 AM) (Source: ACPI) (User: )
Description: : la controladora integrada (EC) no respondió en el período de tiempo de espera especificado. Puede deberse a un error en el firmware o hardware de EC, o a un acceso incorrecto a la EC por parte del BIOS. Pregunte al fabricante del equipo si dispone de un BIOS actualizado. En algunas situaciones, este error puede provocar el funcionamiento incorrecto del equipo.

Error: (05/14/2012 00:35:11 AM) (Source: ACPI) (User: )
Description: : la controladora integrada (EC) no respondió en el período de tiempo de espera especificado. Puede deberse a un error en el firmware o hardware de EC, o a un acceso incorrecto a la EC por parte del BIOS. Pregunte al fabricante del equipo si dispone de un BIOS actualizado. En algunas situaciones, este error puede provocar el funcionamiento incorrecto del equipo.

Error: (05/14/2012 00:35:03 AM) (Source: ACPI) (User: )
Description: : la controladora integrada (EC) no respondió en el período de tiempo de espera especificado. Puede deberse a un error en el firmware o hardware de EC, o a un acceso incorrecto a la EC por parte del BIOS. Pregunte al fabricante del equipo si dispone de un BIOS actualizado. En algunas situaciones, este error puede provocar el funcionamiento incorrecto del equipo.

Error: (05/14/2012 00:34:40 AM) (Source: ACPI) (User: )
Description: : la controladora integrada (EC) no respondió en el período de tiempo de espera especificado. Puede deberse a un error en el firmware o hardware de EC, o a un acceso incorrecto a la EC por parte del BIOS. Pregunte al fabricante del equipo si dispone de un BIOS actualizado. En algunas situaciones, este error puede provocar el funcionamiento incorrecto del equipo.


Microsoft Office Sessions:
=========================
Error: (02/27/2012 00:37:34 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 17742 seconds with 240 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 6.2.1)
Adobe AIR (Version: 1.5.3.9120)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.14)
Adobe Flash Player 10 Plugin (Version: 10.1.82.76)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader 9.5.0 - Español (Version: 9.5.0)
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.3.127)
Ares 2.1.6 (Version: 2.1.6-Build#3040)
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.99)
BlackBerry Desktop Software 6.0.2 (Version: 6.0.2.44)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
CCleaner (Version: 3.18)
Complemento para explorador de BlackBerry App World (Version: 3.0.0.17)
Compresor WinRAR
Copy (Version: 130.0.428.000)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
Dropbox (Version: 1.2.52)
F300 (Version: 130.0.365.000)
F300_Help (Version: 82.0.242.000)
F300Trb (Version: 82.0.242.000)
Fax (Version: 130.0.418.000)
FormatFactory 2.60 (Version: 2.60)
Foto-Mosaik-Edda Standard V5.6.2
FotoPrix ReveladoOnline (Version: 1.17.0017)
Galería fotográfica de Windows Live (Version: 14.0.8117.416)
GIMP 2.6.11 (Version: 2.6.11)
GPBaseService2 (Version: 130.0.371.000)
Herramienta de carga de Windows Live (Version: 14.0.8014.1029)
High-Definition Video Playback 10 (Version: 7.0.11400.29.0)
Hofmann 7.7 (Version: 7.7)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Product Detection (Version: 10.7.4.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.002.006.003)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
IrfanView (remove only)
iTunes (Version: 10.2.2.14)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 26 (Version: 6.0.260)
JDownloader 0.9 (Version: 0.9)
LightScribe System Software (Version: 1.18.6.1)
Malwarebytes Anti-Malware versión 1.61.0.1400 (Version: 1.61.0.1400)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office Access MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Basque) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Catalan) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Galician) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
MobileMe Control Panel (Version: 3.1.6.0)
Mozilla Firefox 12.0 (x86 es-ES) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MP3 Cutter Plus 1.0
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVCRT (Version: 14.0.1468.721)
MyFreeCodec
Nero 10 Menu TemplatePack Basic (Version: 10.0.10600.6.0)
Nero 10 Movie ThemePack Basic (Version: 10.0.10600.6.0)
Nero BackItUp 10 (Version: 5.4.11600.19.100)
Nero BackItUp 10 Help (CHM) (Version: 1.0.10700)
Nero Burning ROM 10 (Version: 10.0.11100.10.100)
Nero BurningROM 10 Help (CHM) (Version: 1.0.10700)
Nero BurnRights 10 (Version: 4.0.11000.12.100)
Nero BurnRights 10 Help (CHM) (Version: 1.0.10600)
Nero Control Center 10 (Version: 10.0.12000.1.4)
Nero ControlCenter 10 Help (CHM) (Version: 1.0.10700)
Nero Core Components 10 (Version: 2.0.13700.0.1)
Nero CoverDesigner 10 (Version: 5.0.10900.11.100)
Nero CoverDesigner 10 Help (CHM) (Version: 1.0.10600)
Nero DiscSpeed 10 (Version: 6.0.10800.7.100)
Nero DiscSpeed 10 Help (CHM) (Version: 1.0.10600)
Nero Dolby Files 10 (Version: 2.0.11000.0.10)
Nero Express 10 (Version: 10.0.11000.10.100)
Nero Express 10 Help (CHM) (Version: 1.0.10700)
Nero InfoTool 10 (Version: 7.0.10800.8.100)
Nero InfoTool 10 Help (CHM) (Version: 1.0.10600)
Nero MediaHub 10 (Version: 1.0.13400.11.100)
Nero MediaHub 10 Help (CHM) (Version: 1.0.10700)
Nero Multimedia Suite 10 (Version: 10.0.13100)
Nero Recode 10 (Version: 4.6.10900.4.100)
Nero Recode 10 Help (CHM) (Version: 1.0.10600)
Nero RescueAgent 10 (Version: 3.0.10900.9.100)
Nero RescueAgent 10 Help (CHM) (Version: 1.0.10700)
Nero SoundTrax 10 (Version: 4.6.10600.2.100)
Nero SoundTrax 10 Help (CHM) (Version: 1.0.10600)
Nero StartSmart 10 (Version: 10.0.11200.12.100)
Nero StartSmart 10 Help (CHM) (Version: 1.0.10700)
Nero Update (Version: 1.0.0017)
Nero Vision 10 (Version: 7.0.11100.8.100)
Nero Vision 10 Help (CHM) (Version: 1.0.10600)
Nero WaveEditor 10 (Version: 5.6.10600.2.100)
Nero WaveEditor 10 Help (CHM) (Version: 1.0.10600)
Network64 (Version: 130.0.572.000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
OpenOffice.org 3.3 (Version: 3.3.9567)
Paquete de controladores de Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
PC Connectivity Solution (Version: 10.24.0.0)
PDF Settings CS5 (Version: 10.0)
PhotoScape
QuickTime (Version: 7.69.80.9)
Scan (Version: 13.0.0.0)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.469.000)
Tango
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
VLC media player 1.1.0 (Version: 1.1.0)
WebReg (Version: 130.0.132.017)
Windows Live Asistente para el inicio de sesión (Version: 5.000.818.5)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)

========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 2038.37 MB
Available physical RAM: 1021.3 MB
Total Pagefile: 4076.73 MB
Available Pagefile: 2748.17 MB
Total Virtual: 4095.88 MB
Available Virtual: 3955.08 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:141.73 GB) (Free:36.81 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:7.32 GB) (Free:2.43 GB) NTFS

========================= Users: ========================================

Cuentas de usuario de \\RAQUEL-PC

Administrador ASPNET Invitado
Raquel
Se ha completado el comando correctamente.


**** End of log ****

MBAM (I didn't remove anything because it didn't report any malware/errors)



Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Versión de la Base de Datos: v2012.05.15.06

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Raquel :: RAQUEL-PC [administrador]

15/05/2012 23:45:35
mbam-log-2012-05-15 (23-45-35).txt

Tipos de Análisis: Análisis Rápido
Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opciones de análisis desactivados: P2P
Objetos examinados: 200783
Tiempo transcurrido: 5 minuto(s), 22 segundo(s)

Procesos en Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Módulos de Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Claves del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Valores del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Carpetas Detectadas: 0
(No se han detectado elementos maliciosos)

Archivos Detectados: 0
(No se han detectado elementos maliciosos)

fin)

aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-16 00:00:38
-----------------------------
00:00:38.366 OS Version: Windows x64 6.1.7600
00:00:38.366 Number of processors: 2 586 0xF0D
00:00:38.366 ComputerName: RAQUEL-PC UserName: Raquel
00:00:39.614 Initialize success
00:10:26.480 AVAST engine defs: 12051501
00:12:07.771 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
00:12:07.779 Disk 0 Vendor: Hitachi_HTS541616J9SA00 SB4OC7BP Size: 152627MB BusType: 11
00:12:07.793 Disk 0 MBR read successfully
00:12:07.799 Disk 0 MBR scan
00:12:07.836 Disk 0 Windows 7 default MBR code
00:12:07.843 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 145134 MB offset 63
00:12:07.882 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 7491 MB offset 297234630
00:12:07.933 Disk 0 scanning C:\Windows\system32\drivers
00:12:24.933 Service scanning
00:13:09.077 Modules scanning
00:13:09.093 Disk 0 trace - called modules:
00:13:09.120 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
00:13:09.130 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80027e4060]
00:13:09.189 3 CLASSPNP.SYS[fffff8800193943f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa8002284680]
00:13:10.844 AVAST engine scan C:\Windows
00:13:13.678 AVAST engine scan C:\Windows\system32
00:18:52.629 AVAST engine scan C:\Windows\system32\drivers
00:19:11.841 AVAST engine scan C:\Users\Raquel
00:29:12.437 AVAST engine scan C:\ProgramData
00:32:38.724 Scan finished successfully
00:33:23.593 Disk 0 MBR has been saved successfully to "C:\Users\Raquel\Desktop\MBR.dat"
00:33:23.603 The log file has been saved successfully to "C:\Users\Raquel\Desktop\aswMBR.txt"




*** I'm sorry there are some logs in Spanish...it didn't give me the choice to report in English. Also, the add is still there...annoying as ever, lol.

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:44 PM

Posted 15 May 2012 - 06:59 PM

Your "hosts" file has been hijacked.

Restart computer in Safe Mode.
Open Windows Explorer. Go Tools>Folder Options>View tab, put a checkmark next to Show hidden files, and folders, UN-check Hide protected operating system files.
NOTE. Make sure to reverse the above changes, when done with this step.
Navigate to C:\WINDOWS\SYSTEM32\DRIVERS\ETC folder.
Delete hosts file.
NOTE. If you can't delete "hosts" file (access denied) take ownership of "ETC" folder first and then try again: http://www.howtogeek.com/howto/windows-vista/add-take-ownership-to-explorer-right-click-menu-in-vista/

Restart in normal mode.
Please, go here: http://support.microsoft.com/kb/972034#FixItForMeAlways and click on "Fix it" button to reset your "hosts" file.
Follow all prompts.

Please download MiniToolBox and run it.

Checkmark following boxes:
  • List content of Hosts
Click Go and post the result.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 ladyluna

ladyluna
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:44 PM

Posted 16 May 2012 - 03:21 AM

I'm stuck. I had to take ownership of the etc folder and I did so following the steps of your link. The option is there in my right-click menu but it sort of does nothing when I click on it. A little black windows tries to pop-up but it doesn't quite work...and then when I try to delete the hosts file I still get access denied. (By the way, whenever I can make it work, do I have to delate the hosts text file as well?).

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:44 PM

Posted 16 May 2012 - 10:58 AM

Are you in safe mode when trying to take ownership?

do I have to delate the hosts text file as well?

I'm not sure what text file are you referring to.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 ladyluna

ladyluna
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:44 PM

Posted 16 May 2012 - 11:12 AM

Are you in safe mode when trying to take ownership?

do I have to delate the hosts text file as well?

I'm not sure what text file are you referring to.



Yes, I'm in safe mode when trying to take ownership but still won't let me. I saw that the link you provided me with was for Vista and I'm working with 7...could that be it?

As for the hosts text file, besides the hosts file, there is also a text file called that way. If you want to, later today (I'm not home right now), I can print what it says.

Edited by ladyluna, 16 May 2012 - 11:14 AM.


#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:44 PM

Posted 16 May 2012 - 11:15 AM

I saw that the link you provided me with was for Vista and I'm working with 7

Which link would that be?

As for the hosts text file, besides the hosts file, there is also a text file called that way

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

64-bit users go HERE
  • Double-click SystemLook.exe to run it.
  • Vista users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following box and paste it into the main textfield:
    :dir
    C:\WINDOWS\SYSTEM32\DRIVERS\ETC
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#9 ladyluna

ladyluna
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:44 PM

Posted 16 May 2012 - 11:20 AM

I saw that the link you provided me with was for Vista and I'm working with 7

Which link would that be?

As for the hosts text file, besides the hosts file, there is also a text file called that way

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

64-bit users go HERE
  • Double-click SystemLook.exe to run it.
  • Vista users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following box and paste it into the main textfield:
    :dir
    C:\WINDOWS\SYSTEM32\DRIVERS\ETC
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt



This is the link I'm referring to: http://www.howtogeek.com/howto/windows-vista/add-take-ownership-to-explorer-right-click-menu-in-vista/

I followed those steps...

Also, I will so the rest later tonight and I'll post it then.

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:44 PM

Posted 16 May 2012 - 11:25 AM

That link says:

Add "Take Ownership" to Explorer Right-Click Menu in Win 7 or Vista

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 ladyluna

ladyluna
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:44 PM

Posted 16 May 2012 - 11:34 AM

That link says:

Add "Take Ownership" to Explorer Right-Click Menu in Win 7 or Vista


Sorry, I just saw what it said in the link I pasted. I'll try again tonight and see if it works. Thanks again.

Edited by ladyluna, 16 May 2012 - 11:34 AM.


#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:44 PM

Posted 16 May 2012 - 11:34 AM

No problem :)

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#13 ladyluna

ladyluna
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:44 PM

Posted 16 May 2012 - 06:39 PM

So I managed to delete the hosts file (on normal mode...it was impossible on safe mode, even being the only user and have full administrator priviledges) and I ran Fix it on microsoft to reset. The annoying pop ups seem to be gone BUT....below are the results of the Minitoolbox, which look pretty much the same as before...

MiniToolBox by Farbar Version: 18-01-2012
Ran by Raquel (administrator) on 17-05-2012 at 01:30:52
Microsoft Windows 7 Ultimate (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

::1 localhost








































































































































































































67.215.245.19 www.google-analytics.com.
67.215.245.19 ad-emea.doubleclick.net.
67.215.245.19 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.

127.0.0.1 localhost


**** End of log ****


ALso these are the results for the Security Look scan:

SystemLook 30.07.11 by jpshortstuff
Log created at 01:36 on 17/05/2012 by Raquel
Administrator - Elevation successful

========== dir ==========

C:\WINDOWS\SYSTEM32\DRIVERS\ETC - Parameters: "(none)"

---Files---
hosts -rahs-- 1398 bytes [21:55 03/09/2010] [10:51 25/02/2012]
hosts.txt --a---- 7390 bytes [22:13 03/09/2010] [22:13 03/09/2010]
lmhosts.sam --a---- 3683 bytes [02:35 14/07/2009] [21:00 10/06/2009]
networks --a---- 407 bytes [02:34 14/07/2009] [21:00 10/06/2009]
protocol --a---- 1358 bytes [02:34 14/07/2009] [21:00 10/06/2009]
services --a---- 17463 bytes [02:34 14/07/2009] [21:00 10/06/2009]

---Folders---
None found.

-= EOF =-


So, Am I clean or is there something else I can do?

#14 ladyluna

ladyluna
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:44 PM

Posted 16 May 2012 - 06:44 PM

Nevermind...they are still there...*sighs*

#15 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:44 PM

Posted 16 May 2012 - 07:21 PM

"hosts" file looks the same as before.

You said you were able to delete "hosts" file.
Are you sure you deleted "hosts" file not "hosts.txt" file?

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users