Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

trojan virus werid music playing in the background


  • Please log in to reply
7 replies to this topic

#1 cat0522

cat0522

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 09 August 2013 - 09:22 PM

hello

so couple days ago my laptop started to play random music in the background without any programm running.  it blowed up my cpu. i looked up at my volume mixer and the music apperas to be coming out from this thing called host process for windows service.  i then ran malwarebytes and it says my laptop has trojan virus. i tried malwarebytes and it did removed buch of virus but after i restarted it the same problem still occurs. i tried rkill too and it gives me a result saying no virus found. this morining someone told me to use combo fix right after rkill so i tried it but it won't scan nor run. can someone please help me and im really appericate it.



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:59 PM

Posted 10 August 2013 - 08:11 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

p22002970.gif Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

p22002970.gifDownload Malwarebytes Anti-Rootkit from HERE to your Desktop.
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt


p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 cat0522

cat0522
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 21 August 2013 - 07:26 PM

hey im sorry i replied late. this is the security check log

Results of screen317's Security Check version 0.99.72 
 Windows 7 Service Pack 1 x64 (UAC is disabled!) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java™ 6 Update 20 
 Java version out of Date!
 Adobe Flash Player 11.7.700.202 
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox 12.0 Firefox out of Date! 
 Google Chrome 12.0.742.100 
 Google Chrome 22.0.1229.79 
 Google Chrome plugins... 
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
 



#4 cat0522

cat0522
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 21 August 2013 - 07:31 PM

this is the FFS log

Farbar Service Scanner Version: 18-08-2013
Ran by admin (administrator) on 21-08-2013 at 17:30:17
Running from "C:\"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****



#5 cat0522

cat0522
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 21 August 2013 - 07:46 PM

this is the log for mini tool box

MiniToolBox by Farbar  Version: 13-07-2013
Ran by admin (administrator) on 21-08-2013 at 17:35:29
Running from "C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HDCU0223"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : nana1996-HP
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 4C-0F-6E-64-12-A5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5dd8:cfeb:59e7:41%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, August 21, 2013 5:13:29 PM
   Lease Expires . . . . . . . . . . : Thursday, August 22, 2013 5:13:29 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 306974574
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-35-99-01-1C-C1-DE-A8-55-C9
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 1C-C1-DE-A8-55-C9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C3CEA184-74B9-4783-9996-AEAFF9309940}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4002:c02::8b
      74.125.140.102
      74.125.140.100
      74.125.140.113
      74.125.140.139
      74.125.140.101
      74.125.140.138


Pinging google.com [74.125.139.101] with 32 bytes of data:
Reply from 74.125.139.101: bytes=32 time=26ms TTL=47
Reply from 74.125.139.101: bytes=32 time=24ms TTL=47

Ping statistics for 74.125.139.101:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 24ms, Maximum = 26ms, Average = 25ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=59ms TTL=48
Reply from 98.139.183.24: bytes=32 time=80ms TTL=48

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 59ms, Maximum = 80ms, Average = 69ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...4c 0f 6e 64 12 a5 ......Atheros AR9285 802.11b/g/n WiFi Adapter
 10...1c c1 de a8 55 c9 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.6     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.6    281
      192.168.1.6  255.255.255.255         On-link       192.168.1.6    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.6    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.6    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.6    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    281 fe80::/64                On-link
 12    281 fe80::5dd8:cfeb:59e7:41/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/21/2013 05:36:16 PM) (Source: CltMngSvc) (User: )
Description: CltMngSvcServiceInstall: Fail to Start serviceSearch Protect by Conduit Updater (Error: 1056)

Error: (08/21/2013 04:39:21 AM) (Source: VBRuntime) (User: )
Description: The VB Application identified by the event source logged this Application MSICUU: Thread ID: 5300 ,Logged:

Success:
F:\disktools\msizap.exe TW! {D649BF28-276C-44DE-9D0C-1F53D100EC7E}

Error: (08/21/2013 04:39:08 AM) (Source: VBRuntime) (User: )
Description: The VB Application identified by the event source logged this Application MSICUU: Thread ID: 5300 ,Logged:

Success:
F:\disktools\msizap.exe TW! {612C34C7-5E90-47D8-9B5C-0F717DD82726}

Error: (08/21/2013 04:38:58 AM) (Source: VBRuntime) (User: )
Description: The VB Application identified by the event source logged this Application MSICUU: Thread ID: 5300 ,Logged:

Failed:
F:\disktools\msizap.exe TW! {40BF1E83-20EB-11D8-97C5-0009C5020658}

Error: (08/21/2013 04:38:50 AM) (Source: VBRuntime) (User: )
Description: The VB Application identified by the event source logged this Application MSICUU: Thread ID: 5300 ,Logged:

Success:
F:\disktools\msizap.exe TW! {06E6E30D-B498-442F-A943-07DE41D7F785}

Error: (08/21/2013 04:38:34 AM) (Source: VBRuntime) (User: )
Description: The VB Application identified by the event source logged this Application MSICUU: Thread ID: 5300 ,Logged:

Failed:
F:\disktools\msizap.exe TW! {B5FC1E1B-E70D-45F1-8E40-A3C30698B323}

Error: (08/21/2013 04:38:27 AM) (Source: VBRuntime) (User: )
Description: The VB Application identified by the event source logged this Application MSICUU: Thread ID: 5300 ,Logged:

Success:
F:\disktools\msizap.exe TW! {B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}

Error: (08/21/2013 04:38:14 AM) (Source: VBRuntime) (User: )
Description: The VB Application identified by the event source logged this Application MSICUU: Thread ID: 5300 ,Logged:

Success:
F:\disktools\msizap.exe TW! {EE202411-2C26-49E8-9784-1BC1DBF7DE96}

Error: (08/21/2013 04:38:02 AM) (Source: VBRuntime) (User: )
Description: The VB Application identified by the event source logged this Application MSICUU: Thread ID: 5300 ,Logged:

Failed:
F:\disktools\msizap.exe TW! {394FA67A-FF0A-4356-BB77-D85E5A300BDE}

Error: (08/21/2013 04:37:55 AM) (Source: VBRuntime) (User: )
Description: The VB Application identified by the event source logged this Application MSICUU: Thread ID: 5300 ,Logged:

Failed:
F:\disktools\msizap.exe TW! {6A6A677A-3E1D-4A44-97FF-0EE3A8C1A862}


System errors:
=============
Error: (08/21/2013 05:15:20 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:
%%1056

Error: (08/21/2013 05:13:20 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/21/2013 05:13:20 PM) (Source: Service Control Manager) (User: )
Description: The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (08/21/2013 05:13:20 PM) (Source: Service Control Manager) (User: )
Description: The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/21/2013 05:13:20 PM) (Source: Service Control Manager) (User: )
Description: The Shell Hardware Detection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/21/2013 05:13:20 PM) (Source: Service Control Manager) (User: )
Description: The System Event Notification Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (08/21/2013 05:13:20 PM) (Source: Service Control Manager) (User: )
Description: The Task Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/21/2013 05:13:20 PM) (Source: Service Control Manager) (User: )
Description: The User Profile Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (08/21/2013 05:13:20 PM) (Source: Service Control Manager) (User: )
Description: The Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/21/2013 05:13:20 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (08/21/2013 05:36:16 PM) (Source: CltMngSvc)(User: )
Description: CltMngSvcServiceInstall: Fail to Start serviceSearch Protect by Conduit Updater (Error: 1056)

Error: (08/21/2013 04:39:21 AM) (Source: VBRuntime)(User: )
Description: Application MSICUU: Thread ID: 5300 ,Logged:

Success:
F:\disktools\msizap.exe TW! {D649BF28-276C-44DE-9D0C-1F53D100EC7E}

Error: (08/21/2013 04:39:08 AM) (Source: VBRuntime)(User: )
Description: Application MSICUU: Thread ID: 5300 ,Logged:

Success:
F:\disktools\msizap.exe TW! {612C34C7-5E90-47D8-9B5C-0F717DD82726}

Error: (08/21/2013 04:38:58 AM) (Source: VBRuntime)(User: )
Description: Application MSICUU: Thread ID: 5300 ,Logged:

Failed:
F:\disktools\msizap.exe TW! {40BF1E83-20EB-11D8-97C5-0009C5020658}

Error: (08/21/2013 04:38:50 AM) (Source: VBRuntime)(User: )
Description: Application MSICUU: Thread ID: 5300 ,Logged:

Success:
F:\disktools\msizap.exe TW! {06E6E30D-B498-442F-A943-07DE41D7F785}

Error: (08/21/2013 04:38:34 AM) (Source: VBRuntime)(User: )
Description: Application MSICUU: Thread ID: 5300 ,Logged:

Failed:
F:\disktools\msizap.exe TW! {B5FC1E1B-E70D-45F1-8E40-A3C30698B323}

Error: (08/21/2013 04:38:27 AM) (Source: VBRuntime)(User: )
Description: Application MSICUU: Thread ID: 5300 ,Logged:

Success:
F:\disktools\msizap.exe TW! {B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}

Error: (08/21/2013 04:38:14 AM) (Source: VBRuntime)(User: )
Description: Application MSICUU: Thread ID: 5300 ,Logged:

Success:
F:\disktools\msizap.exe TW! {EE202411-2C26-49E8-9784-1BC1DBF7DE96}

Error: (08/21/2013 04:38:02 AM) (Source: VBRuntime)(User: )
Description: Application MSICUU: Thread ID: 5300 ,Logged:

Failed:
F:\disktools\msizap.exe TW! {394FA67A-FF0A-4356-BB77-D85E5A300BDE}

Error: (08/21/2013 04:37:55 AM) (Source: VBRuntime)(User: )
Description: Application MSICUU: Thread ID: 5300 ,Logged:

Failed:
F:\disktools\msizap.exe TW! {6A6A677A-3E1D-4A44-97FF-0EE3A8C1A862}


CodeIntegrity Errors:
===================================
  Date: 2013-08-21 17:14:26.887
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-21 06:06:24.584
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-21 06:05:39.531
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\efimon.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-21 06:05:39.250
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\efimon.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-21 05:59:12.526
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\efimon.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-21 05:59:12.246
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\efimon.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-21 04:54:30.590
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-21 04:44:51.947
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-21 04:44:33.196
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\efimon.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-21 04:44:32.931
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\efimon.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

?? 5.10.134 (Version: 5.10.134)
360?? (Version: 2.6.0.2002)
360???? (Version: 2.0.0.2059)
360???? (Version: 9.1.0.2001)
360????? 3.6 ??? (Version: 3.6.1.5)
360°²È«ÎÀÊ¿ (Version: 7.7)
Acrobat.com (Version: 1.6.65)
ACT 3.0 (Version: 3.0)
Adobe AIR (Version: 3.7.0.2090)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader 9.3 MUI (Version: 9.3.0)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Alcor Micro USB Card Reader (Version: 1.2.517.35221)
Apple Application Support (Version: 1.5.0)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
Atheros Driver Installation Program (Version: 9.0)
BaiduPlayer1.19.0.137 (Version: 1.19.0)
Belkin Setup and Router Monitor
Belkin USB Print and Storage Center (Version: 1.1.2)
Bonjour (Version: 2.0.4.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0623.2149.37335)
Catalyst Control Center Graphics Full Existing (Version: 2010.0623.2149.37335)
Catalyst Control Center Graphics Full New (Version: 2010.0623.2149.37335)
Catalyst Control Center Graphics Light (Version: 2010.0623.2149.37335)
Catalyst Control Center Graphics Previews Common (Version: 2010.0623.2149.37335)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0623.2149.37335)
Catalyst Control Center InstallProxy (Version: 2010.0623.2149.37335)
Catalyst Control Center Localization All (Version: 2010.0623.2149.37335)
CCC Help Chinese Standard (Version: 2010.0623.2148.37335)
CCC Help Chinese Traditional (Version: 2010.0623.2148.37335)
CCC Help Czech (Version: 2010.0623.2148.37335)
CCC Help Danish (Version: 2010.0623.2148.37335)
CCC Help Dutch (Version: 2010.0623.2148.37335)
CCC Help English (Version: 2010.0623.2148.37335)
CCC Help Finnish (Version: 2010.0623.2148.37335)
CCC Help French (Version: 2010.0623.2148.37335)
CCC Help German (Version: 2010.0623.2148.37335)
CCC Help Greek (Version: 2010.0623.2148.37335)
CCC Help Hungarian (Version: 2010.0623.2148.37335)
CCC Help Italian (Version: 2010.0623.2148.37335)
CCC Help Japanese (Version: 2010.0623.2148.37335)
CCC Help Korean (Version: 2010.0623.2148.37335)
CCC Help Norwegian (Version: 2010.0623.2148.37335)
CCC Help Polish (Version: 2010.0623.2148.37335)
CCC Help Portuguese (Version: 2010.0623.2148.37335)
CCC Help Russian (Version: 2010.0623.2148.37335)
CCC Help Spanish (Version: 2010.0623.2148.37335)
CCC Help Swedish (Version: 2010.0623.2148.37335)
CCC Help Thai (Version: 2010.0623.2148.37335)
CCC Help Turkish (Version: 2010.0623.2148.37335)
ccc-core-static (Version: 2010.0623.2149.37335)
ccc-utility64 (Version: 2010.0623.2149.37335)
CinemaNow Media Manager (Version: 1.9.1.105)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Coupon Printer for Windows (Version: 5.0.0.0)
CyberLink DVD Suite (Version: 7.0.3003)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dreamtaskbar (Version: 1.0.0)
DVD Menu Pack for HP MediaSmart Video (Version: 4.1.4121)
Energy Star Digital Logo (Version: 1.0.1)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Google Chrome (Version: 22.0.1229.79)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.123)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.0.5.1)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Deskjet 1000 J110 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 1000 J110 series Help (Version: 140.0.65.65)
HP Documentation (Version: 1.1.1.0)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP MediaSmart DVD (Version: 4.1.4229)
HP MediaSmart Photo (Version: 4.1.4211)
HP MediaSmart Video (Version: 4.1.4214)
HP MediaSmart Webcam (Version: 4.1.3024)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.2.0)
HP Mouse Suite (Version: 1.1.2)
HP Photo Creations (Version: 1.0.0.3611)
HP Power Manager (Version: 1.0.3)
HP Quick Launch (Version: 2.1.4)
HP QuickWeb Installer (Version: 1.3.11.0)
HP Setup (Version: 8.1.4186.3400)
HP Software Framework (Version: 4.0.39.1)
HP Support Assistant (Version: 7.0.39.15)
HP Update (Version: 5.002.006.003)
Hulu Desktop (Version: 0.9.13)
IB Updater Service (Version: 3.0.5.3)
IDT Audio (Version: 1.0.6289.0)
Internet Explorer Toolbar 4.7 by SweetPacks (Version: 4.7.0008)
iTunes (Version: 10.2.1.1)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 20 (Version: 6.0.200)
Junk Mail filter update (Version: 15.4.3502.0922)
KeyBar 1.8 Toolbar (Version: 6.15.0.27)
LabelPrint (Version: 2.5.2907)
Malwarebytes' Anti-Malware
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Search Enhancement Pack (Version: 3.0.127.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Movie Theme Pack for HP MediaSmart Video (Version: 4.1.4030)
Mozilla Firefox 12.0 (x86 zh-CN) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
Norton Security Suite (Version: 5.2.2.3)
OtShot
PC Tools Registry Mechanic 11.0 (Version: 11.0)
PhotoNow! (Version: 1.1.6904)
Power2Go (Version: 6.1.4204)
PowerDirector (Version: 8.0.3003)
QuickTime (Version: 7.69.80.9)
RaySource 2.2.0.1 (Version: 2.2.0.1)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.17.304.2010)
Recovery Manager (Version: 5.5.3023)
Roxio CinemaNow 2.0 (Version: 1.0.284)
Screenshot It Enabler (Version: 1.02.0000)
Search Protect by conduit (Version: 1.5.0.71)
Skype™ 6.3 (Version: 6.3.107)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.1.6.64)
Times Reader (Version: 2.061)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Updater By SweetPacks 2.0.0.609 (Version: 2.0.0.609)
Video Mover
Wajam (Version: 1.86)
Windows Driver Package - Hewlett - Packard (HidUsb) HIDClass  (01/26/2010 1.12.7600.16385) (Version: 01/26/2010 1.12.7600.16385)
Windows Driver Package - Hewlett-Packard (HidUsb) HIDClass  (01/26/2010 1.12.7600.16385) (Version: 01/26/2010 1.12.7600.16385)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.00 (32 ?) (Version: 4.00.0)
WinRAR 4.01 (64 ?) (Version: 4.01.0)
Yontoo 2.051 (Version: 2.051)

========================= Devices: ================================

Name: Symantec Eraser Control driver
Description: Symantec Eraser Control driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: eeCtrl
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: IDSVia64
Description: IDSVia64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IDSVia64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Symantec Real Time Storage Protection (PEL) x64
Description: Symantec Real Time Storage Protection (PEL) x64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SRTSPX
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: BHDrvx64
Description: BHDrvx64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BHDrvx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Symantec Iron Driver
Description: Symantec Iron Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SymIRON
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Symantec Network Security WFP Driver
Description: Symantec Network Security WFP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SymNetS
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 68%
Total physical RAM: 3834.9 MB
Available physical RAM: 1207.76 MB
Total Pagefile: 7667.98 MB
Available Pagefile: 4893.29 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.88 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:447.41 GB) (Free:358.39 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:18.05 GB) (Free:2.05 GB) NTFS

========================= Users: ========================================

User accounts for \\NANA1996-HP

admin                    Administrator            Guest                    
nana1996                 


**** End of log ****
 



#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:59 PM

Posted 21 August 2013 - 08:59 PM

Go on....


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 cat0522

cat0522
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 21 August 2013 - 09:28 PM

this is the Malwarebytes' Anti-Malware log

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.21.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
admin :: NANA1996-HP [administrator]

8/21/2013 7:07:55 PM
mbam-log-2013-08-21 (19-07-55).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 252527
Time elapsed: 14 minute(s), 30 second(s)

Memory Processes Detected: 5
C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> 3248 -> Delete on reboot.
C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (PUP.Optional.Wajam.A) -> 3304 -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> 2332 -> Delete on reboot.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> 2176 -> Delete on reboot.
C:\Program Files (x86)\24x7Help\App24x7Svc.exe (PUP.Optional.24x7) -> 1628 -> Delete on reboot.

Memory Modules Detected: 8
C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\24x7Help\App24x7Hook.dll (PUP.Optional.24x7) -> Delete on reboot.

Registry Keys Detected: 44
HKLM\SYSTEM\CurrentControlSet\Services\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
HKCR\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
HKCR\wajam.WajamBHO.1 (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
HKCR\wajam.WajamBHO (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
HKCR\AppID\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\CLSID\{91878E42-FC03-4785-B513-1F9E613D1027} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\ASBarBroker.BDBroker.1 (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\ASBarBroker.BDBroker (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Extension.ExtensionHelperObject.1 (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Extension.ExtensionHelperObject (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Typelib\{87CA3845-37FE-414C-81CF-E08A7D0F6779} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\Interface\{988934A4-064B-11D3-BB80-00104B35E7F9} (Trojan.BHO) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A7F05EE4-0426-454F-8013-C41E3596E9E9} (Trojan.Cinmus) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E5D5D4A1-17F0-41D7-B1C6-0979F91E6F46} (Adware.BDSearch) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\24x7HelpSvc (PUP.Optional.24x7) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A957F04C-49F4-4375-8C8A-D04B769EFE47}_is1 (PUP.Optional.24x7) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\24x7HELP (PUP.Optional.24x7) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\24x7HELP (PUP.Optional.24x7) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Quarantined and deleted successfully.
HKCR\CLSID\{4ADBABBD-E1CA-4f11-BD01-73B0B6E4B5BA} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\TypeLib\{97DDF214-9B68-4caf-8F6F-4B4112912349} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\Interface\{162CC9EB-F1CE-4CED-84CE-F80AA5DD8130} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\BhoPlugin.FunshionOnIE.1 (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\BhoPlugin.FunshionOnIE (PUP.Funshion) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4ADBABBD-E1CA-4F11-BD01-73B0B6E4B5BA} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4ADBABBD-E1CA-4F11-BD01-73B0B6E4B5BA} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4ADBABBD-E1CA-4F11-BD01-73B0B6E4B5BA} (PUP.Funshion) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.

Registry Values Detected: 6
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Data: C:\Program Files\Updater By SweetPacks\Firefox -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Data:  -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtectAll (PUP.Optional.SearchProtect.A) -> Data: C:\Program Files (x86)\SearchProtect\bin\cltmng.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtect (PUP.Optional.SearchProtect.A) -> Data: C:\Users\admin\AppData\Roaming\SearchProtect\bin\cltmng.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|24x7HELP (PUP.Optional.24x7) -> Data: "C:\Program Files (x86)\24x7Help\App24x7Help.exe" /STARTUP -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ConduitFloatingPlugin_gpaiibklhaneknloaoccoidbaffjjlnb (Trojan.Agent) -> Data: "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Conduit\CT3286042\plugins\TBVerifier.dll",RunConduitFloatingPlugin gpaiibklhaneknloaoccoidbaffjjlnb -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 52
C:\Program Files (x86)\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 Help (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Program Files (x86)\24x7Help (PUP.Optional.24x7) -> Delete on reboot.
C:\Program Files (x86)\24x7Help\Update (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\download (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\funshionSs (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\FunshionSync (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\Shortcut (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\update (PUP.Funshion) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> Delete on reboot.
C:\Program Files\Updater By SweetPacks\Firefox (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\libraries (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\resources (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\defaults (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\defaults\preferences (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\libraries (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\resources (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Wajam (PUP.Optional.Wajam.A) -> Delete on reboot.
C:\Program Files (x86)\Wajam\Firefox (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Wajam\IE (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Wajam\Updater (PUP.Optional.Wajam.A) -> Delete on reboot.

Files Detected: 207
C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> Delete on reboot.
C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (PUP.Optional.Wajam.A) -> Delete on reboot.
C:\Program Files (x86)\Wajam\IE\priam_bho.dll (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Extension32.dll (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Local\Temp\ct3286042\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Local\Temp\ct3286042\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Local\Temp\ct3286042\ffLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Local\Temp\ct3286042\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Local\Temp\ct3286042\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Local\Temp\ct3286042\spff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Local\Temp\ct3286042\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\nana1996\Downloads\Cafe_Roma_1.exe (PUP.BundleInstaller.DW) -> Quarantined and deleted successfully.
C:\Users\nana1996\Downloads\setup_7.7.0.2001a.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\admin\Local Settings\Temporary Internet Files\Content.IE5\5JA45KHA\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\admin\Local Settings\Temporary Internet Files\Content.IE5\5JA45KHA\KeyBar_1_8_wpf[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\admin\Local Settings\Temporary Internet Files\Content.IE5\5JA45KHA\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\admin\Local Settings\Temporary Internet Files\Content.IE5\5JA45KHA\wajam_download[1].exe (PUP.Optional.Wajam) -> Quarantined and deleted successfully.
C:\Users\admin\Local Settings\Temporary Internet Files\Content.IE5\729IKQJ0\KeyBar_1.8[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\admin\Local Settings\Temporary Internet Files\Content.IE5\729IKQJ0\setup.exe (PUP.Optional.IBryte) -> Quarantined and deleted successfully.
C:\Users\admin\Local Settings\Temporary Internet Files\Content.IE5\HDCU0223\wajam_install[1].exe (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
C:\Windows\Installer\176eba3.msi (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Windows\System32\funshion.ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\funshion.ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion.ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\bin\rep.dat (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\rep.dat (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\popupTransparent.xul (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository\EN (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository\searchProtectorData (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\bubble.xml (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\24x7bubble_Left.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\24x7bubble_Right.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\24x7bubble_X00.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\24x7bubble_X01.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\24x7bubble_X02.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\24x7Dark001_SettingsActive.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\24x7Dark001_SettingsBack.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\24x7Dark001_SettingsHover.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\24x7Dark_NoTabs_Back00.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\24x7Dark_NoTabs_PhoneIcon.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\24x7logoNew_dark01.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\24x7man_dark01.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\24x7_UploaderDark01.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\ArrowSmall.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\ArrowSmallHot.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\Hardware_Icon.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\HotInactiveTabLeft.bmp (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\HotInactiveTabRight.bmp (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\MainImg_SettingsDark01.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\Navigation_HomeIcon00_Dark01.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\Navigation_HomeIcon01_Dark01.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\Navigation_SettingsIcon00_Dark01.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\Navigation_SettingsIcon01_Dark01.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\OK_IconGreen01.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\PeriodicSystemCheckBubble.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\Phones_Icon.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\PushedInactiveTabLeft.bmp (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\PushedInactiveTabRight.bmp (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\Security_Icon.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\skin.xml (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\Software_Icon.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\SupportCheck01_arrow00.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\SupportCheck01_arrow01.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\Warning_Icon01.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\Warning_IconOrange01.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\Warning_IconRed01.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\WhiteTabLeft.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\24x7 Help\skin\WhiteTabRight.png (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 Help\24x7 Help.lnk (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 Help\24x7Help.org.url (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 Help\Uninstall 24x7 Help.lnk (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Program Files (x86)\24x7Help\unins000.dat (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Program Files (x86)\24x7Help\24x7desk.64.dll (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Program Files (x86)\24x7Help\24x7desk.dll (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Program Files (x86)\24x7Help\App24x7Help.exe (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Program Files (x86)\24x7Help\App24x7Hook.dll (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Program Files (x86)\24x7Help\App24x7Hook.exe (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Program Files (x86)\24x7Help\App24x7Hook64.dll (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Program Files (x86)\24x7Help\App24x7Hook64.exe (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Program Files (x86)\24x7Help\App24x7Svc.exe (PUP.Optional.24x7) -> Delete on reboot.
C:\Program Files (x86)\24x7Help\unins000.exe (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Program Files (x86)\24x7Help\unins000.msg (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\Public\Desktop\24x7 Help.lnk (PUP.Optional.24x7) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\download\FunshionInstall2.6.1.25_kuwo.exe (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\DwelfDll.dll (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\DwelfDlltest.dll (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\ffext.ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\FsSvr.exe (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\FunctionDll.dll (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\FuniOSLoader.exe (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\FuniOSSync_mt.dll (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\FunLoader.exe (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\FunshionHelper.dll (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\FunshionSvr.dll (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\LuaInterface_mt.dll (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\funshionSs\PullFs.ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\FunshionSync\aapt.exe (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\FunshionSync\adb.exe (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\FunshionSync\AdbWinApi.dll (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\FunshionSync\AdbWinUsbApi.dll (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\funshiontools\FunshionSync\FunshionSync.exe (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\ini\httpfile.ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\ini\temp_config.ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\Shortcut\FunShortcut.ini (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\update\Pop Game.lnk (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Users\nana1996\funshion\update\Shopping Sites.lnk (PUP.Funshion) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\DGChrome.exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Extension64.dll (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\InstallerHelper.dll (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\unins000.exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome.manifest (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\main.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\libraries\DataExchangeScript.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\resources\localscript.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\defaults\preferences\defaults.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\libraries\DataExchangeScript.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\resources\localscript.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Wajam\uninstall.exe (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Wajam\IE\favicon.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Wajam\IE\wajamLogo.bmp (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Wajam\Updater\update.exe (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.

(end)
 



#8 CACHAMEX

CACHAMEX

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 24 May 2014 - 11:08 PM

Hello,   I just started to have the exact same problem, i followed the instructions and here are my results.  Please help, computer very slow!!!!

 

Results of screen317's Security Check version 0.99.83  
 Windows 7  x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Webroot SecureAnywhere   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 55  
 Adobe Reader XI  
 Google Chrome 35.0.1916.114  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 7% 
````````````````````End of Log`````````````````````` 
 
 
Farbar Service Scanner Version: 21-05-2014
Ran by Miguel (administrator) on 24-05-2014 at 18:24:27
Running from "C:\Users\Miguel\Downloads"
Microsoft Windows 7 Professional   (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2014-05-23 10:24] - [2013-01-03 22:41] - 1893224 ____A (Microsoft Corporation) 5CFB7AB8F9524D1A1E14369DE63B83CC
 
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 24/05/2014
Scan Time: 6:39:02 p.m.
Logfile: malwarebites Log.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.05.24.08
Rootkit Database: v2014.05.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7
CPU: x64
File System: NTFS
User: Miguel
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 305185
Time Elapsed: 19 min, 29 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 1
PUP.Optional.MultiPlug.A, C:\ProgramData\TopApp software\SN.Booster\SN.Booster.exe, 1832, , [cb6ddd7822592d09c0a586acfe037f81]
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 32
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\S-5796263543, , [cb6ddd7822592d09c0a586acfe037f81], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [9c9c34218af194a21d025d06cc363ac6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [9c9c34218af194a21d025d06cc363ac6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, , [d464441187f405319feb0162d82aab55], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, , [f741193cfc7fc76fe0ab7ee5d72b3ec2], 
PUP.Optional.Tarma.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\adaff236-16c0-4aae-a9be-29b65f32b0bf, , [3602262f38430234e6f835100cf4619f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, , [b6823e17de9dc96d03b2fda9ea18ae52], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\esrv.iminentESrvc, , [f2461f36671457df30395155ab5712ee], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\esrv.iminentESrvc.1, , [d6621e3793e81c1a71f8f5b1c53da759], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent, , [1721084de695ce6815e6c808cd369769], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [b97f9fb6cdae57df575e2383768c50b0], 
PUP.Optional.SNBoost.A, HKLM\SOFTWARE\WOW6432NODE\SN.Booster, , [81b784d1a3d89e9811bfb7d915edad53], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.iminentESrvc, , [ed4b9eb705761125c6a3dacc37cb01ff], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.iminentESrvc.1, , [5bddc1941a6120163039e5c100025fa1], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent, , [d068cd881467b77fec0f953b8b787888], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [1523e96c85f6cd69c79151431ce6a957], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{18D3395B-3B1D-0410-1C64-49815D22C817}, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{18D3395B-3B1D-0410-1C64-49815D22C817}, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\nEt, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\nEt.5.14, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\nEt, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\nEt.5.14, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{18D3395B-3B1D-0410-1C64-49815D22C817}, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{18D3395B-3B1D-0410-1C64-49815D22C817}, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
 
Registry Values: 2
PUP.Optional.Iminent.A, HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [9c9c34218af194a21d025d06cc363ac6], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [360266ef700b67cf0817b8ab19e96799], 
 
Registry Data: 0
(No malicious items detected)
 
Folders: 10
PUP.Optional.Iminent.A, C:\Program Files (x86)\IminentToolbar, , [6bcd33227a014ee8a395d89e966c28d8], 
PUP.Optional.Iminent.A, C:\Program Files (x86)\IminentToolbar\1.8.28.3, , [6bcd33227a014ee8a395d89e966c28d8], 
PUP.Optional.Iminent.A, C:\Users\Miguel\AppData\Local\Temp\Iminent, , [db5dbf963c3f42f476e4a2d40bf731cf], 
PUP.Optional.Iminent.A, C:\Users\Miguel\AppData\Roaming\IminentToolbar, , [bd7bcb8a2754f343f811e39551b150b0], 
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker, , [3bfde273e794bd79c89f9cde8280bd43], 
PUP.Optional.MultiPlug.A, C:\ProgramData\save nEt, , [290fb0a5cfac989e578a8af803fff60a], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\save nEt, , [57e1173e700bd95de2063b477092a060], 
PUP.Optional.SNBooster.A, C:\ProgramData\TopApp software\SN.Booster, , [1d1b79dc46350531fd83f89080828b75], 
PUP.Optional.SNBooster.A, C:\ProgramData\TopApp software\SN.Booster\5796263543, , [1d1b79dc46350531fd83f89080828b75], 
 
Files: 23
PUP.Optional.MultiPlug.A, C:\ProgramData\TopApp software\SN.Booster\SN.Booster.exe, , [cb6ddd7822592d09c0a586acfe037f81], 
PUP.Optional.Tarma.A, C:\ProgramData\InstallMate\{5195CB72-624A-455F-A7B4-2A688A76E984}\Setup.exe, , [3602262f38430234e6f835100cf4619f], 
PUP.RiskwareTool.CK, C:\$Recycle.Bin\S-1-5-21-294181575-2153068334-681311506-1000\$R3QH2OU.dll, , [0533e075413a4aec9133ebfe33ce6b95], 
PUP.RiskwareTool.CK, C:\$Recycle.Bin\S-1-5-21-294181575-2153068334-681311506-1000\$RXK5GXG.dll, , [4fe958fd27547fb70fb610d9a859dc24], 
PUP.Optional.GenericExt.A, C:\Users\Miguel\AppData\Local\Temp\igdhbblpcellaljokkpfhcjlagemhgjl1ce272\MinibarChrome.exe, , [e0588fc681fa6dc96ec66ecf57a9b14f], 
PUP.RiskwareTool.CK, C:\Users\Miguel\Downloads\CRACK PRODUCTOS ADOBE CS6 (1).rar, , [ed4b292cea917eb8764eedfc0af71ae6], 
PUP.RiskwareTool.CK, C:\Users\Miguel\Downloads\CRACK PRODUCTOS ADOBE CS6.rar, , [5bddba9b2d4e59dd992b55949e634bb5], 
PUP.Optional.Softonic.A, C:\Users\Miguel\Downloads\SoftonicDownloader_for_vlc-media-player-nightly.exe, , [fc3c57fe0972072fdcba849c0ef36d93], 
PUP.Optional.Superfish.A, C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [91a75302a2d9ad8973674c407c861be5], 
PUP.Optional.Superfish.A, C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [0434f4610d6e270f2dad2c602bd7e020], 
PUP.Optional.Iminent.A, C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, , [3afe4e07bcbf95a11298a3eb57ab31cf], 
PUP.Optional.SNBoost.A, C:\Windows\Tasks\SN.Booster-S-5796263543.job, , [93a50b4aec8f7db90ec33759e1215aa6], 
PUP.Optional.Iminent.A, C:\Users\Miguel\AppData\Roaming\IminentToolbar\sqlite3.dll, , [bd7bcb8a2754f343f811e39551b150b0], 
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker\RmJJ9OL.dat, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker\RmJJ9OL.dll, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker\RmJJ9OL.tlb, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker\UEiJsow7.dat, , [3bfde273e794bd79c89f9cde8280bd43], 
PUP.Optional.MultiPlug.A, C:\ProgramData\save nEt\Dn7fSPz.dat, , [290fb0a5cfac989e578a8af803fff60a], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\save nEt\kagPMV.dat, , [57e1173e700bd95de2063b477092a060], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\save nEt\kagPMV.dll, , [57e1173e700bd95de2063b477092a060], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\save nEt\kagPMV.tlb, , [57e1173e700bd95de2063b477092a060], 
PUP.Optional.SNBooster.A, C:\ProgramData\TopApp software\SN.Booster\5796263543.ini, , [1d1b79dc46350531fd83f89080828b75], 
PUP.Optional.Iminent.A, C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "https://google.com/", "http://mx.msn.com/?pc=UP97&ocid=UP97DHP", "http://start.iminent.com/?appId=A0CCC363-17F9-424D-98B7-66D99121D692" ],), ,[ff39ada894e741f5c99940446c98f30d]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/05/24 18:39:02 -0700</date>
<logfile>mbam-log-2014-05-24 (18-38-54).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.2.1012</version>
<malware-database>v2014.05.24.08</malware-database>
<rootkit-database>v2014.05.21.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7</osversion>
<arch>x64</arch>
<username>Miguel</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>305185</objects>
<time>1169</time>
<processes>1</processes>
<modules>0</modules>
<keys>32</keys>
<values>2</values>
<datas>0</datas>
<folders>10</folders>
<files>23</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<process><path>C:\ProgramData\TopApp software\SN.Booster\SN.Booster.exe</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><pid>1832</pid><hash>cb6ddd7822592d09c0a586acfe037f81</hash></process>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\S-5796263543</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>cb6ddd7822592d09c0a586acfe037f81</hash></key>
<key><path>HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>9c9c34218af194a21d025d06cc363ac6</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>9c9c34218af194a21d025d06cc363ac6</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>d464441187f405319feb0162d82aab55</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>f741193cfc7fc76fe0ab7ee5d72b3ec2</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\adaff236-16c0-4aae-a9be-29b65f32b0bf</path><vendor>PUP.Optional.Tarma.A</vendor><action></action><hash>3602262f38430234e6f835100cf4619f</hash></key>
<key><path>HKLM\SOFTWARE\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>b6823e17de9dc96d03b2fda9ea18ae52</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\esrv.iminentESrvc</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>f2461f36671457df30395155ab5712ee</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\esrv.iminentESrvc.1</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>d6621e3793e81c1a71f8f5b1c53da759</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>1721084de695ce6815e6c808cd369769</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>b97f9fb6cdae57df575e2383768c50b0</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\SN.Booster</path><vendor>PUP.Optional.SNBoost.A</vendor><action></action><hash>81b784d1a3d89e9811bfb7d915edad53</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.iminentESrvc</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>ed4b9eb705761125c6a3dacc37cb01ff</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.iminentESrvc.1</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>5bddc1941a6120163039e5c100025fa1</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>d068cd881467b77fec0f953b8b787888</hash></key>
<key><path>HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader</path><vendor>PUP.Optional.Softonic.A</vendor><action></action><hash>1523e96c85f6cd69c79151431ce6a957</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{18D3395B-3B1D-0410-1C64-49815D22C817}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{18D3395B-3B1D-0410-1C64-49815D22C817}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\nEt</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\nEt.5.14</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\nEt</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\nEt.5.14</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{18D3395B-3B1D-0410-1C64-49815D22C817}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{18D3395B-3B1D-0410-1C64-49815D22C817}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<value><path>HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS</path><valuename>{84FF7BD6-B47F-46F8-9130-01B2696B36CB}</valuename><vendor>PUP.Optional.Iminent.A</vendor><action></action><valuedata></valuedata><hash>9c9c34218af194a21d025d06cc363ac6</hash></value>
<value><path>HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}</path><valuename></valuename><vendor>PUP.Optional.Iminent.A</vendor><action></action><valuedata></valuedata><hash>360266ef700b67cf0817b8ab19e96799</hash></value>
<folder><path>C:\Program Files (x86)\IminentToolbar</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>6bcd33227a014ee8a395d89e966c28d8</hash></folder>
<folder><path>C:\Program Files (x86)\IminentToolbar\1.8.28.3</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>6bcd33227a014ee8a395d89e966c28d8</hash></folder>
<folder><path>C:\Users\Miguel\AppData\Local\Temp\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>db5dbf963c3f42f476e4a2d40bf731cf</hash></folder>
<folder><path>C:\Users\Miguel\AppData\Roaming\IminentToolbar</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>bd7bcb8a2754f343f811e39551b150b0</hash></folder>
<folder><path>C:\Program Files (x86)\YoutubeAdblocker</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></folder>
<folder><path>C:\ProgramData\YoutubeAdblocker</path><vendor>PUP.Optional.YoutubeAdblocker.A</vendor><action></action><hash>3bfde273e794bd79c89f9cde8280bd43</hash></folder>
<folder><path>C:\ProgramData\save nEt</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>290fb0a5cfac989e578a8af803fff60a</hash></folder>
<folder><path>C:\Program Files (x86)\save nEt</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>57e1173e700bd95de2063b477092a060</hash></folder>
<folder><path>C:\ProgramData\TopApp software\SN.Booster</path><vendor>PUP.Optional.SNBooster.A</vendor><action></action><hash>1d1b79dc46350531fd83f89080828b75</hash></folder>
<folder><path>C:\ProgramData\TopApp software\SN.Booster\5796263543</path><vendor>PUP.Optional.SNBooster.A</vendor><action></action><hash>1d1b79dc46350531fd83f89080828b75</hash></folder>
<file><path>C:\ProgramData\TopApp software\SN.Booster\SN.Booster.exe</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>cb6ddd7822592d09c0a586acfe037f81</hash></file>
<file><path>C:\ProgramData\InstallMate\{5195CB72-624A-455F-A7B4-2A688A76E984}\Setup.exe</path><vendor>PUP.Optional.Tarma.A</vendor><action></action><hash>3602262f38430234e6f835100cf4619f</hash></file>
<file><path>C:\$Recycle.Bin\S-1-5-21-294181575-2153068334-681311506-1000\$R3QH2OU.dll</path><vendor>PUP.RiskwareTool.CK</vendor><action></action><hash>0533e075413a4aec9133ebfe33ce6b95</hash></file>
<file><path>C:\$Recycle.Bin\S-1-5-21-294181575-2153068334-681311506-1000\$RXK5GXG.dll</path><vendor>PUP.RiskwareTool.CK</vendor><action></action><hash>4fe958fd27547fb70fb610d9a859dc24</hash></file>
<file><path>C:\Users\Miguel\AppData\Local\Temp\igdhbblpcellaljokkpfhcjlagemhgjl1ce272\MinibarChrome.exe</path><vendor>PUP.Optional.GenericExt.A</vendor><action></action><hash>e0588fc681fa6dc96ec66ecf57a9b14f</hash></file>
<file><path>C:\Users\Miguel\Downloads\CRACK PRODUCTOS ADOBE CS6 (1).rar</path><vendor>PUP.RiskwareTool.CK</vendor><action></action><hash>ed4b292cea917eb8764eedfc0af71ae6</hash></file>
<file><path>C:\Users\Miguel\Downloads\CRACK PRODUCTOS ADOBE CS6.rar</path><vendor>PUP.RiskwareTool.CK</vendor><action></action><hash>5bddba9b2d4e59dd992b55949e634bb5</hash></file>
<file><path>C:\Users\Miguel\Downloads\SoftonicDownloader_for_vlc-media-player-nightly.exe</path><vendor>PUP.Optional.Softonic.A</vendor><action></action><hash>fc3c57fe0972072fdcba849c0ef36d93</hash></file>
<file><path>C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage</path><vendor>PUP.Optional.Superfish.A</vendor><action></action><hash>91a75302a2d9ad8973674c407c861be5</hash></file>
<file><path>C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal</path><vendor>PUP.Optional.Superfish.A</vendor><action></action><hash>0434f4610d6e270f2dad2c602bd7e020</hash></file>
<file><path>C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>3afe4e07bcbf95a11298a3eb57ab31cf</hash></file>
<file><path>C:\Windows\Tasks\SN.Booster-S-5796263543.job</path><vendor>PUP.Optional.SNBoost.A</vendor><action></action><hash>93a50b4aec8f7db90ec33759e1215aa6</hash></file>
<file><path>C:\Users\Miguel\AppData\Roaming\IminentToolbar\sqlite3.dll</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>bd7bcb8a2754f343f811e39551b150b0</hash></file>
<file><path>C:\Program Files (x86)\YoutubeAdblocker\RmJJ9OL.dat</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></file>
<file><path>C:\Program Files (x86)\YoutubeAdblocker\RmJJ9OL.dll</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></file>
<file><path>C:\Program Files (x86)\YoutubeAdblocker\RmJJ9OL.tlb</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></file>
<file><path>C:\ProgramData\YoutubeAdblocker\UEiJsow7.dat</path><vendor>PUP.Optional.YoutubeAdblocker.A</vendor><action></action><hash>3bfde273e794bd79c89f9cde8280bd43</hash></file>
<file><path>C:\ProgramData\save nEt\Dn7fSPz.dat</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>290fb0a5cfac989e578a8af803fff60a</hash></file>
<file><path>C:\Program Files (x86)\save nEt\kagPMV.dat</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>57e1173e700bd95de2063b477092a060</hash></file>
<file><path>C:\Program Files (x86)\save nEt\kagPMV.dll</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>57e1173e700bd95de2063b477092a060</hash></file>
<file><path>C:\Program Files (x86)\save nEt\kagPMV.tlb</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>57e1173e700bd95de2063b477092a060</hash></file>
<file><path>C:\ProgramData\TopApp software\SN.Booster\5796263543.ini</path><vendor>PUP.Optional.SNBooster.A</vendor><action></action><hash>1d1b79dc46350531fd83f89080828b75</hash></file>
<file><path>C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Preferences</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><baddata>      &quot;startup_urls&quot;: [ &quot;https://google.com/&quot;, &quot;http://mx.msn.com/?pc=UP97&amp;ocid=UP97DHP&quot;, &quot;http://start.iminent.com/?appId=A0CCC363-17F9-424D-98B7-66D99121D692&quot; ],</baddata><gooddata></gooddata><hash>ff39ada894e741f5c99940446c98f30d</hash></file>
</items>
</mbam-log>
 
MiniToolBox by Farbar  Version: 23-01-2014
Ran by Miguel (administrator) on 24-05-2014 at 18:30:06
Running from "C:\Users\Miguel\Downloads"
Microsoft Windows 7 Professional   (X64)
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
========================= IP Configuration: ================================
 
Adaptador USB D-Link WUA-1340 = Conexión de red inalámbrica 2 (Connected)
Controladora de red NVIDIA nForce = Conexión de área local (Media disconnected)
 
 
# ----------------------------------
# Configuraci¢n de IPv4
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# Fin de la configuraci¢n de IPv4
 
 
 
Configuraci¢n IP de Windows
 
   Nombre de host. . . . . . . . . : MEDIACENTER
   Sufijo DNS principal  . . . . . : 
   Tipo de nodo. . . . . . . . . . : h¡brido
   Enrutamiento IP habilitado. . . : no
   Proxy WINS habilitado . . . . . : no
 
Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 2:
 
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : Adaptador USB D-Link WUA-1340 #2
   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-22-B0-EB-5A-EE
   DHCP habilitado . . . . . . . . . . . . . : s¡
   Configuraci¢n autom tica habilitada . . . : s¡
   V¡nculo: direcci¢n IPv6 local. . . : fe80::c90:54de:7875:17f4%16(Preferido) 
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.64(Preferido) 
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Concesi¢n obtenida. . . . . . . . . . . . : s bado, 24 de mayo de 2014 3:55:31 p.m.
   La concesi¢n expira . . . . . . . . . . . : domingo, 25 de mayo de 2014 4:54:26 p.m.
   Puerta de enlace predeterminada . . . . . : 192.168.1.254
   Servidor DHCP . . . . . . . . . . . . . . : 192.168.1.254
   IAID DHCPv6 . . . . . . . . . . . . . . . : 352330416
   DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-1B-10-0F-74-00-1D-92-63-02-A4
   Servidores DNS. . . . . . . . . . . . . . : 192.168.1.254
   NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado
 
Adaptador de Ethernet Conexi¢n de  rea local:
 
   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : Controladora de red NVIDIA nForce
   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-1D-92-63-02-A4
   DHCP habilitado . . . . . . . . . . . . . : s¡
   Configuraci¢n autom tica habilitada . . . : s¡
 
Adaptador de t£nel isatap.{F182F6C2-9D4A-4B5E-8192-6623AC04CF39}:
 
   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft
   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP habilitado . . . . . . . . . . . . . : no
   Configuraci¢n autom tica habilitada . . . : s¡
 
Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
 
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP habilitado . . . . . . . . . . . . . : no
   Configuraci¢n autom tica habilitada . . . : s¡
   Direcci¢n IPv6 . . . . . . . . . . : 2001:0:9d38:90d7:cbf:cc23:3670:c635(Preferido) 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::cbf:cc23:3670:c635%13(Preferido) 
   Puerta de enlace predeterminada . . . . . : ::
   NetBIOS sobre TCP/IP. . . . . . . . . . . : deshabilitado
Servidor:  UnKnown
Address:  192.168.1.254
 
DNS request timed out.
    timeout was 2 seconds.
Nombre:  google.com
Addresses:  74.125.224.200
 74.125.224.195
 74.125.224.192
 74.125.224.199
 74.125.224.197
 74.125.224.206
 74.125.224.198
 74.125.224.194
 74.125.224.196
 74.125.224.201
 74.125.224.193
 
 
Haciendo ping a google.com [74.125.224.197] con 32 bytes de datos:
Respuesta desde 74.125.224.197: bytes=32 tiempo=25ms TTL=58
Respuesta desde 74.125.224.197: bytes=32 tiempo=25ms TTL=58
 
Estad¡sticas de ping para 74.125.224.197:
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    M¡nimo = 25ms, M ximo = 25ms, Media = 25ms
Servidor:  UnKnown
Address:  192.168.1.254
 
Nombre:  yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Haciendo ping a yahoo.com [98.138.253.109] con 32 bytes de datos:
Respuesta desde 98.138.253.109: bytes=32 tiempo=71ms TTL=53
Respuesta desde 98.138.253.109: bytes=32 tiempo=71ms TTL=53
 
Estad¡sticas de ping para 98.138.253.109:
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    M¡nimo = 71ms, M ximo = 71ms, Media = 71ms
 
Haciendo ping a 127.0.0.1 con 32 bytes de datos:
Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128
Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128
 
Estad¡sticas de ping para 127.0.0.1:
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    M¡nimo = 0ms, M ximo = 0ms, Media = 0ms
===========================================================================
ILista de interfaces
 16...00 22 b0 eb 5a ee ......Adaptador USB D-Link WUA-1340 #2
 11...00 1d 92 63 02 a4 ......Controladora de red NVIDIA nForce
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Tabla de enrutamiento
===========================================================================
Rutas activas:
Destino de red        M scara de red   Puerta de enlace   Interfaz  M‚trica
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.64     30
        127.0.0.0        255.0.0.0      En v¡nculo         127.0.0.1    306
        127.0.0.1  255.255.255.255      En v¡nculo         127.0.0.1    306
  127.255.255.255  255.255.255.255      En v¡nculo         127.0.0.1    306
      192.168.1.0    255.255.255.0      En v¡nculo      192.168.1.64    286
     192.168.1.64  255.255.255.255      En v¡nculo      192.168.1.64    286
    192.168.1.255  255.255.255.255      En v¡nculo      192.168.1.64    286
        224.0.0.0        240.0.0.0      En v¡nculo         127.0.0.1    306
        224.0.0.0        240.0.0.0      En v¡nculo      192.168.1.64    286
  255.255.255.255  255.255.255.255      En v¡nculo         127.0.0.1    306
  255.255.255.255  255.255.255.255      En v¡nculo      192.168.1.64    286
===========================================================================
Rutas persistentes:
  Ninguno
 
IPv6 Tabla de enrutamiento
===========================================================================
Rutas activas:
 Cuando destino de red m‚trica      Puerta de enlace
 13     58 ::/0                     En v¡nculo
  1    306 ::1/128                  En v¡nculo
 13     58 2001::/32                En v¡nculo
 13    306 2001:0:9d38:90d7:cbf:cc23:3670:c635/128
                                    En v¡nculo
 16    286 fe80::/64                En v¡nculo
 13    306 fe80::/64                En v¡nculo
 16    286 fe80::c90:54de:7875:17f4/128
                                    En v¡nculo
 13    306 fe80::cbf:cc23:3670:c635/128
                                    En v¡nculo
  1    306 ff00::/8                 En v¡nculo
 13    306 ff00::/8                 En v¡nculo
 16    286 ff00::/8                 En v¡nculo
===========================================================================
Rutas persistentes:
  Ninguno
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/24/2014 03:40:22 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: TeamViewer_Service.exe, versión: 9.0.28223.0, marca de tiempo: 0x535a30e5
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x74376a64
Id. del proceso con errores: 0x4b8
Hora de inicio de la aplicación con errores: 0xTeamViewer_Service.exe0
Ruta de acceso de la aplicación con errores: TeamViewer_Service.exe1
Ruta de acceso del módulo con errores: TeamViewer_Service.exe2
Id. del informe: TeamViewer_Service.exe3
 
Error: (05/24/2014 03:40:20 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: MSI_LiveUpdate_Service.exe, versión: 1.0.0.2, marca de tiempo: 0x53341023
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x74376a64
Id. del proceso con errores: 0x7b8
Hora de inicio de la aplicación con errores: 0xMSI_LiveUpdate_Service.exe0
Ruta de acceso de la aplicación con errores: MSI_LiveUpdate_Service.exe1
Ruta de acceso del módulo con errores: MSI_LiveUpdate_Service.exe2
Id. del informe: MSI_LiveUpdate_Service.exe3
 
Error: (05/24/2014 03:40:19 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: SkypeC2CPNRSvc.exe, versión: 7.2.15747.10003, marca de tiempo: 0x53483655
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x74376a64
Id. del proceso con errores: 0x724
Hora de inicio de la aplicación con errores: 0xSkypeC2CPNRSvc.exe0
Ruta de acceso de la aplicación con errores: SkypeC2CPNRSvc.exe1
Ruta de acceso del módulo con errores: SkypeC2CPNRSvc.exe2
Id. del informe: SkypeC2CPNRSvc.exe3
 
Error: (05/24/2014 03:40:18 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: SkypeC2CAutoUpdateSvc.exe, versión: 7.2.15747.10003, marca de tiempo: 0x53483635
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x74376a64
Id. del proceso con errores: 0x704
Hora de inicio de la aplicación con errores: 0xSkypeC2CAutoUpdateSvc.exe0
Ruta de acceso de la aplicación con errores: SkypeC2CAutoUpdateSvc.exe1
Ruta de acceso del módulo con errores: SkypeC2CAutoUpdateSvc.exe2
Id. del informe: SkypeC2CAutoUpdateSvc.exe3
 
Error: (05/24/2014 03:40:16 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: armsvc.exe, versión: 1.701.3.3014, marca de tiempo: 0x528e3b17
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x74376a64
Id. del proceso con errores: 0x6ec
Hora de inicio de la aplicación con errores: 0xarmsvc.exe0
Ruta de acceso de la aplicación con errores: armsvc.exe1
Ruta de acceso del módulo con errores: armsvc.exe2
Id. del informe: armsvc.exe3
 
Error: (05/23/2014 06:25:40 PM) (Source: MsiInstaller) (User: MEDIACENTER)
Description: Product: Adobe Acrobat X Pro - English, Français, Deutsch -- Error 1310.Error writing to file: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Javascripts\debugger.js.  System error 5.  Verify that you have access to that directory.
 
Error: (05/23/2014 05:21:25 PM) (Source: MsiInstaller) (User: MEDIACENTER)
Description: Producto: Adobe Acrobat X Pro - English, Français, Deutsch - la actualización "Adobe Acrobat X (10.1.10)" no se pudo instalar. Código de error 1603. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error: (05/23/2014 05:21:09 PM) (Source: MsiInstaller) (User: MEDIACENTER)
Description: Product: Adobe Acrobat X Pro - English, Français, Deutsch -- Error 1310.Error writing to file: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AMT\AAM\AdobeID\ZS\zh_CN\StringTable.xml.  System error 5.  Verify that you have access to that directory.
 
Error: (05/23/2014 03:08:48 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 
Error: (05/22/2014 06:47:02 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 
 
System errors:
=============
Error: (05/24/2014 03:53:04 PM) (Source: Service Control Manager) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio SN.Sustainer.
 
Error: (05/24/2014 03:51:46 PM) (Source: TPM) (User: )
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.
 
Error: (05/24/2014 03:51:46 PM) (Source: TPM) (User: )
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.
 
Error: (05/24/2014 03:51:46 PM) (Source: TPM) (User: )
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.
 
Error: (05/24/2014 03:47:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80242016: Actualización para la lista de Vista de compatibilidad de Internet Explorer 8 para Windows 7 para sistemas basados en x64 (KB2598845).
 
Error: (05/24/2014 03:44:11 PM) (Source: Service Control Manager) (User: )
Description: El servicio Instalador de módulos de Windows se cerró con el siguiente error: 
%%16405
 
Error: (05/24/2014 03:42:42 PM) (Source: Service Control Manager) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio SN.Sustainer.
 
Error: (05/24/2014 03:41:22 PM) (Source: TPM) (User: )
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.
 
Error: (05/24/2014 03:41:22 PM) (Source: TPM) (User: )
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.
 
Error: (05/24/2014 03:41:22 PM) (Source: TPM) (User: )
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.
 
 
Microsoft Office Sessions:
=========================
Error: (05/24/2014 03:40:22 PM) (Source: Application Error)(User: )
Description: TeamViewer_Service.exe9.0.28223.0535a30e5unknown0.0.0.000000000c000000574376a644b801cf77a0db84dcc0C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exeunknown638f9ce0-e394-11e3-b1b8-001d926302a4
 
Error: (05/24/2014 03:40:20 PM) (Source: Application Error)(User: )
Description: MSI_LiveUpdate_Service.exe1.0.0.253341023unknown0.0.0.000000000c000000574376a647b801cf77a0db7b5740C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exeunknown62105f80-e394-11e3-b1b8-001d926302a4
 
Error: (05/24/2014 03:40:19 PM) (Source: Application Error)(User: )
Description: SkypeC2CPNRSvc.exe7.2.15747.1000353483655unknown0.0.0.000000000c000000574376a6472401cf77a0db684c40C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exeunknown61d01a60-e394-11e3-b1b8-001d926302a4
 
Error: (05/24/2014 03:40:18 PM) (Source: Application Error)(User: )
Description: SkypeC2CAutoUpdateSvc.exe7.2.15747.1000353483635unknown0.0.0.000000000c000000574376a6470401cf77a0db65eae0C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exeunknown60cf05e0-e394-11e3-b1b8-001d926302a4
 
Error: (05/24/2014 03:40:16 PM) (Source: Application Error)(User: )
Description: armsvc.exe1.701.3.3014528e3b17unknown0.0.0.000000000c000000574376a646ec01cf77a0db638980C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeunknown5ff40760-e394-11e3-b1b8-001d926302a4
 
Error: (05/23/2014 06:25:40 PM) (Source: MsiInstaller)(User: MEDIACENTER)
Description: Product: Adobe Acrobat X Pro - English, Français, Deutsch -- Error 1310.Error writing to file: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Javascripts\debugger.js.  System error 5.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (05/23/2014 05:21:25 PM) (Source: MsiInstaller)(User: MEDIACENTER)
Description: Adobe Acrobat X Pro - English, Français, DeutschAdobe Acrobat X (10.1.10)1603(NULL)(NULL)(NULL)
 
Error: (05/23/2014 05:21:09 PM) (Source: MsiInstaller)(User: MEDIACENTER)
Description: Product: Adobe Acrobat X Pro - English, Français, Deutsch -- Error 1310.Error writing to file: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AMT\AAM\AdobeID\ZS\zh_CN\StringTable.xml.  System error 5.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (05/23/2014 03:08:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Miguel\Downloads\SoftonicDownloader_for_vlc-media-player-nightly.exe
 
Error: (05/22/2014 06:47:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Miguel\Downloads\SoftonicDownloader_for_vlc-media-player-nightly.exe
 
 
=========================== Installed Programs ============================
 
Actualización de NVIDIA 1.10.8 (Version: 1.10.8)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.1)
Adobe AIR (Version: 13.0.0.111)
Adobe Creative Suite 6 Master Collection (Version: 6)
Adobe Flash Media Live Encoder 3.2 (Version: 3.2.0)
Adobe Help Manager (Version: 4.0.244)
Adobe Reader XI (11.0.07) - Español (Version: 11.0.07)
Adobe Widget Browser (Version: 2.0 Build 348)
Adobe Widget Browser (Version: 2.0.348)
Apple Software Update (Version: 2.1.3.127)
bl (Version: 1.0.0)
Compatibilidad con Aplicaciones de Apple (Version: 2.3.6)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DVD Shrink 3.2
FileZilla Client 3.8.0 (Version: 3.8.0)
Google Chrome (Version: 35.0.1916.114)
Google Update Helper (Version: 1.3.24.7)
iMON (Version: 8.04)
Java 7 Update 55 (Version: 7.0.550)
Java Auto Updater (Version: 2.1.9.8)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile ESN Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended ESN Language Pack (Version: 4.0.30319)
Microsoft Office Access MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Basque) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Catalan) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Galician) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Sync Framework Runtime v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MSI Live Update (Version: 6.0.005)
NewTek SpeedHQ Video Codec (Remove Only)
NVIDIA Controlador de gráficos 307.83 (Version: 307.83)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA Update Components (Version: 1.10.8)
Panel de control de NVIDIA 307.83 (Version: 307.83)
Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (Version: 4.0.30319)
Paquete de idioma de Microsoft .NET Framework 4 Extended ESN (Version: 4.0.30319)
PDF Settings CS6 (Version: 11.0)
ph (Version: 1.0.0)
QuickTime 7 (Version: 7.75.80.95)
Rocketfish USB 3.0 PCI Express Card Driver (Version: 3.0.20.0)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype Click to Call (Version: 7.2.15747.10003)
Skype™ 6.16 (Version: 6.16.105)
SN.Booster (Version: 2.2.0.1907)
TeamViewer 9 (Version: 9.0.28223)
TriCaster TCXD Codec Pack 2.0
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
VLC media player 2.1.3 (Version: 2.1.3)
VLC media player 2.2.0-git-20130801-0403 (Version: 2.2.0-git-20130801-0403)
Webroot SecureAnywhere (Version: 8.0.4.70)
WinRAR 5.01 (32-bit) (Version: 5.01.0)
Xilisoft Video Convertidor Ultimate (Version: 7.8.1.20140505)
 
========================= Devices: ================================
 
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Puerto paralelo PCI
Description: Puerto paralelo PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Coprocesador
Description: Coprocesador
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Controladora de vídeo multimedia
Description: Controladora de vídeo multimedia
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Módulo de plataforma segura 1.2
Description: Módulo de plataforma segura 1.2
Class Guid: {d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
Manufacturer: (Estándar)
Service: TPM
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Puerto serie PCI
Description: Puerto serie PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 89%
Total physical RAM: 1791.18 MB
Available physical RAM: 179.95 MB
Total Pagefile: 4316.36 MB
Available Pagefile: 395.69 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.52 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:698.54 GB) (Free:602.74 GB) NTFS
2 Drive d: (007.pt.23.dvdr.r1.ntsc.Latino-TV) (CDROM) (Total:4.37 GB) (Free:0 GB) UDF
3 Drive e: (My Passport) (Fixed) (Total:931.48 GB) (Free:505.8 GB) NTFS
 
========================= Users: ========================================
 
Cuentas de usuario de \\MEDIACENTER
 
Administrador            Invitado                 Miguel                   
UpdatusUser              
Se ha completado el comando correctamente.
 
 
**** End of log ****
 
Rkill 2.6.6 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 05/24/2014 08:43:36 PM in x64 mode.
Windows Version: Windows 7 Professional 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * c:\programdata\topapp software\sn.booster\SN.Booster.exe (PID: 1976) [AU-HEUR]
 
1 proccess terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
  * HKCU\SOFTWARE\Classes\.exe has been deleted!
  * HKCU\SOFTWARE\Classes\exefile has been deleted!
 
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 05/24/2014 08:45:57 PM
Execution time: 0 hours(s), 2 minute(s), and 21 seconds(s)
 
 
 
Thank You for your help
 
 
 
 
 
 

 

Hello,   I just started to have the exact same problem, i followed the instructions and here are my results.  Please help, computer very slow!!!!

 

Results of screen317's Security Check version 0.99.83  
 Windows 7  x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Webroot SecureAnywhere   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 55  
 Adobe Reader XI  
 Google Chrome 35.0.1916.114  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 7% 
````````````````````End of Log`````````````````````` 
 
 
Farbar Service Scanner Version: 21-05-2014
Ran by Miguel (administrator) on 24-05-2014 at 18:24:27
Running from "C:\Users\Miguel\Downloads"
Microsoft Windows 7 Professional   (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2014-05-23 10:24] - [2013-01-03 22:41] - 1893224 ____A (Microsoft Corporation) 5CFB7AB8F9524D1A1E14369DE63B83CC
 
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 24/05/2014
Scan Time: 6:39:02 p.m.
Logfile: malwarebites Log.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.05.24.08
Rootkit Database: v2014.05.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7
CPU: x64
File System: NTFS
User: Miguel
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 305185
Time Elapsed: 19 min, 29 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 1
PUP.Optional.MultiPlug.A, C:\ProgramData\TopApp software\SN.Booster\SN.Booster.exe, 1832, , [cb6ddd7822592d09c0a586acfe037f81]
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 32
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\S-5796263543, , [cb6ddd7822592d09c0a586acfe037f81], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [9c9c34218af194a21d025d06cc363ac6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [9c9c34218af194a21d025d06cc363ac6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, , [d464441187f405319feb0162d82aab55], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, , [f741193cfc7fc76fe0ab7ee5d72b3ec2], 
PUP.Optional.Tarma.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\adaff236-16c0-4aae-a9be-29b65f32b0bf, , [3602262f38430234e6f835100cf4619f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, , [b6823e17de9dc96d03b2fda9ea18ae52], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\esrv.iminentESrvc, , [f2461f36671457df30395155ab5712ee], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\esrv.iminentESrvc.1, , [d6621e3793e81c1a71f8f5b1c53da759], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent, , [1721084de695ce6815e6c808cd369769], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [b97f9fb6cdae57df575e2383768c50b0], 
PUP.Optional.SNBoost.A, HKLM\SOFTWARE\WOW6432NODE\SN.Booster, , [81b784d1a3d89e9811bfb7d915edad53], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.iminentESrvc, , [ed4b9eb705761125c6a3dacc37cb01ff], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.iminentESrvc.1, , [5bddc1941a6120163039e5c100025fa1], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent, , [d068cd881467b77fec0f953b8b787888], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [1523e96c85f6cd69c79151431ce6a957], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{18D3395B-3B1D-0410-1C64-49815D22C817}, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{18D3395B-3B1D-0410-1C64-49815D22C817}, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\nEt, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\nEt.5.14, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\nEt, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\nEt.5.14, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{18D3395B-3B1D-0410-1C64-49815D22C817}, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{18D3395B-3B1D-0410-1C64-49815D22C817}, , [ba7eec69ee8d2115ce8c7be0e91b847c], 
 
Registry Values: 2
PUP.Optional.Iminent.A, HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [9c9c34218af194a21d025d06cc363ac6], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [360266ef700b67cf0817b8ab19e96799], 
 
Registry Data: 0
(No malicious items detected)
 
Folders: 10
PUP.Optional.Iminent.A, C:\Program Files (x86)\IminentToolbar, , [6bcd33227a014ee8a395d89e966c28d8], 
PUP.Optional.Iminent.A, C:\Program Files (x86)\IminentToolbar\1.8.28.3, , [6bcd33227a014ee8a395d89e966c28d8], 
PUP.Optional.Iminent.A, C:\Users\Miguel\AppData\Local\Temp\Iminent, , [db5dbf963c3f42f476e4a2d40bf731cf], 
PUP.Optional.Iminent.A, C:\Users\Miguel\AppData\Roaming\IminentToolbar, , [bd7bcb8a2754f343f811e39551b150b0], 
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker, , [3bfde273e794bd79c89f9cde8280bd43], 
PUP.Optional.MultiPlug.A, C:\ProgramData\save nEt, , [290fb0a5cfac989e578a8af803fff60a], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\save nEt, , [57e1173e700bd95de2063b477092a060], 
PUP.Optional.SNBooster.A, C:\ProgramData\TopApp software\SN.Booster, , [1d1b79dc46350531fd83f89080828b75], 
PUP.Optional.SNBooster.A, C:\ProgramData\TopApp software\SN.Booster\5796263543, , [1d1b79dc46350531fd83f89080828b75], 
 
Files: 23
PUP.Optional.MultiPlug.A, C:\ProgramData\TopApp software\SN.Booster\SN.Booster.exe, , [cb6ddd7822592d09c0a586acfe037f81], 
PUP.Optional.Tarma.A, C:\ProgramData\InstallMate\{5195CB72-624A-455F-A7B4-2A688A76E984}\Setup.exe, , [3602262f38430234e6f835100cf4619f], 
PUP.RiskwareTool.CK, C:\$Recycle.Bin\S-1-5-21-294181575-2153068334-681311506-1000\$R3QH2OU.dll, , [0533e075413a4aec9133ebfe33ce6b95], 
PUP.RiskwareTool.CK, C:\$Recycle.Bin\S-1-5-21-294181575-2153068334-681311506-1000\$RXK5GXG.dll, , [4fe958fd27547fb70fb610d9a859dc24], 
PUP.Optional.GenericExt.A, C:\Users\Miguel\AppData\Local\Temp\igdhbblpcellaljokkpfhcjlagemhgjl1ce272\MinibarChrome.exe, , [e0588fc681fa6dc96ec66ecf57a9b14f], 
PUP.RiskwareTool.CK, C:\Users\Miguel\Downloads\CRACK PRODUCTOS ADOBE CS6 (1).rar, , [ed4b292cea917eb8764eedfc0af71ae6], 
PUP.RiskwareTool.CK, C:\Users\Miguel\Downloads\CRACK PRODUCTOS ADOBE CS6.rar, , [5bddba9b2d4e59dd992b55949e634bb5], 
PUP.Optional.Softonic.A, C:\Users\Miguel\Downloads\SoftonicDownloader_for_vlc-media-player-nightly.exe, , [fc3c57fe0972072fdcba849c0ef36d93], 
PUP.Optional.Superfish.A, C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [91a75302a2d9ad8973674c407c861be5], 
PUP.Optional.Superfish.A, C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [0434f4610d6e270f2dad2c602bd7e020], 
PUP.Optional.Iminent.A, C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, , [3afe4e07bcbf95a11298a3eb57ab31cf], 
PUP.Optional.SNBoost.A, C:\Windows\Tasks\SN.Booster-S-5796263543.job, , [93a50b4aec8f7db90ec33759e1215aa6], 
PUP.Optional.Iminent.A, C:\Users\Miguel\AppData\Roaming\IminentToolbar\sqlite3.dll, , [bd7bcb8a2754f343f811e39551b150b0], 
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker\RmJJ9OL.dat, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker\RmJJ9OL.dll, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker\RmJJ9OL.tlb, , [eb4dba9bb6c538fe83e13f3907fb619f], 
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker\UEiJsow7.dat, , [3bfde273e794bd79c89f9cde8280bd43], 
PUP.Optional.MultiPlug.A, C:\ProgramData\save nEt\Dn7fSPz.dat, , [290fb0a5cfac989e578a8af803fff60a], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\save nEt\kagPMV.dat, , [57e1173e700bd95de2063b477092a060], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\save nEt\kagPMV.dll, , [57e1173e700bd95de2063b477092a060], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\save nEt\kagPMV.tlb, , [57e1173e700bd95de2063b477092a060], 
PUP.Optional.SNBooster.A, C:\ProgramData\TopApp software\SN.Booster\5796263543.ini, , [1d1b79dc46350531fd83f89080828b75], 
PUP.Optional.Iminent.A, C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "https://google.com/", "http://mx.msn.com/?pc=UP97&ocid=UP97DHP", "http://start.iminent.com/?appId=A0CCC363-17F9-424D-98B7-66D99121D692" ],), ,[ff39ada894e741f5c99940446c98f30d]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/05/24 18:39:02 -0700</date>
<logfile>mbam-log-2014-05-24 (18-38-54).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.2.1012</version>
<malware-database>v2014.05.24.08</malware-database>
<rootkit-database>v2014.05.21.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7</osversion>
<arch>x64</arch>
<username>Miguel</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>305185</objects>
<time>1169</time>
<processes>1</processes>
<modules>0</modules>
<keys>32</keys>
<values>2</values>
<datas>0</datas>
<folders>10</folders>
<files>23</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<process><path>C:\ProgramData\TopApp software\SN.Booster\SN.Booster.exe</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><pid>1832</pid><hash>cb6ddd7822592d09c0a586acfe037f81</hash></process>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\S-5796263543</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>cb6ddd7822592d09c0a586acfe037f81</hash></key>
<key><path>HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>9c9c34218af194a21d025d06cc363ac6</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>9c9c34218af194a21d025d06cc363ac6</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>d464441187f405319feb0162d82aab55</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>f741193cfc7fc76fe0ab7ee5d72b3ec2</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\adaff236-16c0-4aae-a9be-29b65f32b0bf</path><vendor>PUP.Optional.Tarma.A</vendor><action></action><hash>3602262f38430234e6f835100cf4619f</hash></key>
<key><path>HKLM\SOFTWARE\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>b6823e17de9dc96d03b2fda9ea18ae52</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\esrv.iminentESrvc</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>f2461f36671457df30395155ab5712ee</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\esrv.iminentESrvc.1</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>d6621e3793e81c1a71f8f5b1c53da759</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>1721084de695ce6815e6c808cd369769</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>b97f9fb6cdae57df575e2383768c50b0</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\SN.Booster</path><vendor>PUP.Optional.SNBoost.A</vendor><action></action><hash>81b784d1a3d89e9811bfb7d915edad53</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.iminentESrvc</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>ed4b9eb705761125c6a3dacc37cb01ff</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.iminentESrvc.1</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>5bddc1941a6120163039e5c100025fa1</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>d068cd881467b77fec0f953b8b787888</hash></key>
<key><path>HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader</path><vendor>PUP.Optional.Softonic.A</vendor><action></action><hash>1523e96c85f6cd69c79151431ce6a957</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{18D3395B-3B1D-0410-1C64-49815D22C817}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{18D3395B-3B1D-0410-1C64-49815D22C817}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\nEt</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\nEt.5.14</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\nEt</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\nEt.5.14</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{18D3395B-3B1D-0410-1C64-49815D22C817}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{18D3395B-3B1D-0410-1C64-49815D22C817}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>ba7eec69ee8d2115ce8c7be0e91b847c</hash></key>
<value><path>HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS</path><valuename>{84FF7BD6-B47F-46F8-9130-01B2696B36CB}</valuename><vendor>PUP.Optional.Iminent.A</vendor><action></action><valuedata></valuedata><hash>9c9c34218af194a21d025d06cc363ac6</hash></value>
<value><path>HKU\S-1-5-21-294181575-2153068334-681311506-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}</path><valuename></valuename><vendor>PUP.Optional.Iminent.A</vendor><action></action><valuedata></valuedata><hash>360266ef700b67cf0817b8ab19e96799</hash></value>
<folder><path>C:\Program Files (x86)\IminentToolbar</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>6bcd33227a014ee8a395d89e966c28d8</hash></folder>
<folder><path>C:\Program Files (x86)\IminentToolbar\1.8.28.3</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>6bcd33227a014ee8a395d89e966c28d8</hash></folder>
<folder><path>C:\Users\Miguel\AppData\Local\Temp\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>db5dbf963c3f42f476e4a2d40bf731cf</hash></folder>
<folder><path>C:\Users\Miguel\AppData\Roaming\IminentToolbar</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>bd7bcb8a2754f343f811e39551b150b0</hash></folder>
<folder><path>C:\Program Files (x86)\YoutubeAdblocker</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></folder>
<folder><path>C:\ProgramData\YoutubeAdblocker</path><vendor>PUP.Optional.YoutubeAdblocker.A</vendor><action></action><hash>3bfde273e794bd79c89f9cde8280bd43</hash></folder>
<folder><path>C:\ProgramData\save nEt</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>290fb0a5cfac989e578a8af803fff60a</hash></folder>
<folder><path>C:\Program Files (x86)\save nEt</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>57e1173e700bd95de2063b477092a060</hash></folder>
<folder><path>C:\ProgramData\TopApp software\SN.Booster</path><vendor>PUP.Optional.SNBooster.A</vendor><action></action><hash>1d1b79dc46350531fd83f89080828b75</hash></folder>
<folder><path>C:\ProgramData\TopApp software\SN.Booster\5796263543</path><vendor>PUP.Optional.SNBooster.A</vendor><action></action><hash>1d1b79dc46350531fd83f89080828b75</hash></folder>
<file><path>C:\ProgramData\TopApp software\SN.Booster\SN.Booster.exe</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>cb6ddd7822592d09c0a586acfe037f81</hash></file>
<file><path>C:\ProgramData\InstallMate\{5195CB72-624A-455F-A7B4-2A688A76E984}\Setup.exe</path><vendor>PUP.Optional.Tarma.A</vendor><action></action><hash>3602262f38430234e6f835100cf4619f</hash></file>
<file><path>C:\$Recycle.Bin\S-1-5-21-294181575-2153068334-681311506-1000\$R3QH2OU.dll</path><vendor>PUP.RiskwareTool.CK</vendor><action></action><hash>0533e075413a4aec9133ebfe33ce6b95</hash></file>
<file><path>C:\$Recycle.Bin\S-1-5-21-294181575-2153068334-681311506-1000\$RXK5GXG.dll</path><vendor>PUP.RiskwareTool.CK</vendor><action></action><hash>4fe958fd27547fb70fb610d9a859dc24</hash></file>
<file><path>C:\Users\Miguel\AppData\Local\Temp\igdhbblpcellaljokkpfhcjlagemhgjl1ce272\MinibarChrome.exe</path><vendor>PUP.Optional.GenericExt.A</vendor><action></action><hash>e0588fc681fa6dc96ec66ecf57a9b14f</hash></file>
<file><path>C:\Users\Miguel\Downloads\CRACK PRODUCTOS ADOBE CS6 (1).rar</path><vendor>PUP.RiskwareTool.CK</vendor><action></action><hash>ed4b292cea917eb8764eedfc0af71ae6</hash></file>
<file><path>C:\Users\Miguel\Downloads\CRACK PRODUCTOS ADOBE CS6.rar</path><vendor>PUP.RiskwareTool.CK</vendor><action></action><hash>5bddba9b2d4e59dd992b55949e634bb5</hash></file>
<file><path>C:\Users\Miguel\Downloads\SoftonicDownloader_for_vlc-media-player-nightly.exe</path><vendor>PUP.Optional.Softonic.A</vendor><action></action><hash>fc3c57fe0972072fdcba849c0ef36d93</hash></file>
<file><path>C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage</path><vendor>PUP.Optional.Superfish.A</vendor><action></action><hash>91a75302a2d9ad8973674c407c861be5</hash></file>
<file><path>C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal</path><vendor>PUP.Optional.Superfish.A</vendor><action></action><hash>0434f4610d6e270f2dad2c602bd7e020</hash></file>
<file><path>C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>3afe4e07bcbf95a11298a3eb57ab31cf</hash></file>
<file><path>C:\Windows\Tasks\SN.Booster-S-5796263543.job</path><vendor>PUP.Optional.SNBoost.A</vendor><action></action><hash>93a50b4aec8f7db90ec33759e1215aa6</hash></file>
<file><path>C:\Users\Miguel\AppData\Roaming\IminentToolbar\sqlite3.dll</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><hash>bd7bcb8a2754f343f811e39551b150b0</hash></file>
<file><path>C:\Program Files (x86)\YoutubeAdblocker\RmJJ9OL.dat</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></file>
<file><path>C:\Program Files (x86)\YoutubeAdblocker\RmJJ9OL.dll</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></file>
<file><path>C:\Program Files (x86)\YoutubeAdblocker\RmJJ9OL.tlb</path><vendor>PUP.Optional.Multiplug</vendor><action></action><hash>eb4dba9bb6c538fe83e13f3907fb619f</hash></file>
<file><path>C:\ProgramData\YoutubeAdblocker\UEiJsow7.dat</path><vendor>PUP.Optional.YoutubeAdblocker.A</vendor><action></action><hash>3bfde273e794bd79c89f9cde8280bd43</hash></file>
<file><path>C:\ProgramData\save nEt\Dn7fSPz.dat</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>290fb0a5cfac989e578a8af803fff60a</hash></file>
<file><path>C:\Program Files (x86)\save nEt\kagPMV.dat</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>57e1173e700bd95de2063b477092a060</hash></file>
<file><path>C:\Program Files (x86)\save nEt\kagPMV.dll</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>57e1173e700bd95de2063b477092a060</hash></file>
<file><path>C:\Program Files (x86)\save nEt\kagPMV.tlb</path><vendor>PUP.Optional.MultiPlug.A</vendor><action></action><hash>57e1173e700bd95de2063b477092a060</hash></file>
<file><path>C:\ProgramData\TopApp software\SN.Booster\5796263543.ini</path><vendor>PUP.Optional.SNBooster.A</vendor><action></action><hash>1d1b79dc46350531fd83f89080828b75</hash></file>
<file><path>C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Preferences</path><vendor>PUP.Optional.Iminent.A</vendor><action></action><baddata>      &quot;startup_urls&quot;: [ &quot;https://google.com/&quot;, &quot;http://mx.msn.com/?pc=UP97&amp;ocid=UP97DHP&quot;, &quot;http://start.iminent.com/?appId=A0CCC363-17F9-424D-98B7-66D99121D692&quot; ],</baddata><gooddata></gooddata><hash>ff39ada894e741f5c99940446c98f30d</hash></file>
</items>
</mbam-log>
 
MiniToolBox by Farbar  Version: 23-01-2014
Ran by Miguel (administrator) on 24-05-2014 at 18:30:06
Running from "C:\Users\Miguel\Downloads"
Microsoft Windows 7 Professional   (X64)
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
========================= IP Configuration: ================================
 
Adaptador USB D-Link WUA-1340 = Conexión de red inalámbrica 2 (Connected)
Controladora de red NVIDIA nForce = Conexión de área local (Media disconnected)
 
 
# ----------------------------------
# Configuraci¢n de IPv4
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# Fin de la configuraci¢n de IPv4
 
 
 
Configuraci¢n IP de Windows
 
   Nombre de host. . . . . . . . . : MEDIACENTER
   Sufijo DNS principal  . . . . . : 
   Tipo de nodo. . . . . . . . . . : h¡brido
   Enrutamiento IP habilitado. . . : no
   Proxy WINS habilitado . . . . . : no
 
Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 2:
 
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : Adaptador USB D-Link WUA-1340 #2
   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-22-B0-EB-5A-EE
   DHCP habilitado . . . . . . . . . . . . . : s¡
   Configuraci¢n autom tica habilitada . . . : s¡
   V¡nculo: direcci¢n IPv6 local. . . : fe80::c90:54de:7875:17f4%16(Preferido) 
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.64(Preferido) 
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Concesi¢n obtenida. . . . . . . . . . . . : s bado, 24 de mayo de 2014 3:55:31 p.m.
   La concesi¢n expira . . . . . . . . . . . : domingo, 25 de mayo de 2014 4:54:26 p.m.
   Puerta de enlace predeterminada . . . . . : 192.168.1.254
   Servidor DHCP . . . . . . . . . . . . . . : 192.168.1.254
   IAID DHCPv6 . . . . . . . . . . . . . . . : 352330416
   DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-1B-10-0F-74-00-1D-92-63-02-A4
   Servidores DNS. . . . . . . . . . . . . . : 192.168.1.254
   NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado
 
Adaptador de Ethernet Conexi¢n de  rea local:
 
   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : Controladora de red NVIDIA nForce
   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-1D-92-63-02-A4
   DHCP habilitado . . . . . . . . . . . . . : s¡
   Configuraci¢n autom tica habilitada . . . : s¡
 
Adaptador de t£nel isatap.{F182F6C2-9D4A-4B5E-8192-6623AC04CF39}:
 
   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft
   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP habilitado . . . . . . . . . . . . . : no
   Configuraci¢n autom tica habilitada . . . : s¡
 
Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
 
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP habilitado . . . . . . . . . . . . . : no
   Configuraci¢n autom tica habilitada . . . : s¡
   Direcci¢n IPv6 . . . . . . . . . . : 2001:0:9d38:90d7:cbf:cc23:3670:c635(Preferido) 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::cbf:cc23:3670:c635%13(Preferido) 
   Puerta de enlace predeterminada . . . . . : ::
   NetBIOS sobre TCP/IP. . . . . . . . . . . : deshabilitado
Servidor:  UnKnown
Address:  192.168.1.254
 
DNS request timed out.
    timeout was 2 seconds.
Nombre:  google.com
Addresses:  74.125.224.200
 74.125.224.195
 74.125.224.192
 74.125.224.199
 74.125.224.197
 74.125.224.206
 74.125.224.198
 74.125.224.194
 74.125.224.196
 74.125.224.201
 74.125.224.193
 
 
Haciendo ping a google.com [74.125.224.197] con 32 bytes de datos:
Respuesta desde 74.125.224.197: bytes=32 tiempo=25ms TTL=58
Respuesta desde 74.125.224.197: bytes=32 tiempo=25ms TTL=58
 
Estad¡sticas de ping para 74.125.224.197:
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    M¡nimo = 25ms, M ximo = 25ms, Media = 25ms
Servidor:  UnKnown
Address:  192.168.1.254
 
Nombre:  yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Haciendo ping a yahoo.com [98.138.253.109] con 32 bytes de datos:
Respuesta desde 98.138.253.109: bytes=32 tiempo=71ms TTL=53
Respuesta desde 98.138.253.109: bytes=32 tiempo=71ms TTL=53
 
Estad¡sticas de ping para 98.138.253.109:
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    M¡nimo = 71ms, M ximo = 71ms, Media = 71ms
 
Haciendo ping a 127.0.0.1 con 32 bytes de datos:
Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128
Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128
 
Estad¡sticas de ping para 127.0.0.1:
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    M¡nimo = 0ms, M ximo = 0ms, Media = 0ms
===========================================================================
ILista de interfaces
 16...00 22 b0 eb 5a ee ......Adaptador USB D-Link WUA-1340 #2
 11...00 1d 92 63 02 a4 ......Controladora de red NVIDIA nForce
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Tabla de enrutamiento
===========================================================================
Rutas activas:
Destino de red        M scara de red   Puerta de enlace   Interfaz  M‚trica
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.64     30
        127.0.0.0        255.0.0.0      En v¡nculo         127.0.0.1    306
        127.0.0.1  255.255.255.255      En v¡nculo         127.0.0.1    306
  127.255.255.255  255.255.255.255      En v¡nculo         127.0.0.1    306
      192.168.1.0    255.255.255.0      En v¡nculo      192.168.1.64    286
     192.168.1.64  255.255.255.255      En v¡nculo      192.168.1.64    286
    192.168.1.255  255.255.255.255      En v¡nculo      192.168.1.64    286
        224.0.0.0        240.0.0.0      En v¡nculo         127.0.0.1    306
        224.0.0.0        240.0.0.0      En v¡nculo      192.168.1.64    286
  255.255.255.255  255.255.255.255      En v¡nculo         127.0.0.1    306
  255.255.255.255  255.255.255.255      En v¡nculo      192.168.1.64    286
===========================================================================
Rutas persistentes:
  Ninguno
 
IPv6 Tabla de enrutamiento
===========================================================================
Rutas activas:
 Cuando destino de red m‚trica      Puerta de enlace
 13     58 ::/0                     En v¡nculo
  1    306 ::1/128                  En v¡nculo
 13     58 2001::/32                En v¡nculo
 13    306 2001:0:9d38:90d7:cbf:cc23:3670:c635/128
                                    En v¡nculo
 16    286 fe80::/64                En v¡nculo
 13    306 fe80::/64                En v¡nculo
 16    286 fe80::c90:54de:7875:17f4/128
                                    En v¡nculo
 13    306 fe80::cbf:cc23:3670:c635/128
                                    En v¡nculo
  1    306 ff00::/8                 En v¡nculo
 13    306 ff00::/8                 En v¡nculo
 16    286 ff00::/8                 En v¡nculo
===========================================================================
Rutas persistentes:
  Ninguno
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/24/2014 03:40:22 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: TeamViewer_Service.exe, versión: 9.0.28223.0, marca de tiempo: 0x535a30e5
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x74376a64
Id. del proceso con errores: 0x4b8
Hora de inicio de la aplicación con errores: 0xTeamViewer_Service.exe0
Ruta de acceso de la aplicación con errores: TeamViewer_Service.exe1
Ruta de acceso del módulo con errores: TeamViewer_Service.exe2
Id. del informe: TeamViewer_Service.exe3
 
Error: (05/24/2014 03:40:20 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: MSI_LiveUpdate_Service.exe, versión: 1.0.0.2, marca de tiempo: 0x53341023
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x74376a64
Id. del proceso con errores: 0x7b8
Hora de inicio de la aplicación con errores: 0xMSI_LiveUpdate_Service.exe0
Ruta de acceso de la aplicación con errores: MSI_LiveUpdate_Service.exe1
Ruta de acceso del módulo con errores: MSI_LiveUpdate_Service.exe2
Id. del informe: MSI_LiveUpdate_Service.exe3
 
Error: (05/24/2014 03:40:19 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: SkypeC2CPNRSvc.exe, versión: 7.2.15747.10003, marca de tiempo: 0x53483655
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x74376a64
Id. del proceso con errores: 0x724
Hora de inicio de la aplicación con errores: 0xSkypeC2CPNRSvc.exe0
Ruta de acceso de la aplicación con errores: SkypeC2CPNRSvc.exe1
Ruta de acceso del módulo con errores: SkypeC2CPNRSvc.exe2
Id. del informe: SkypeC2CPNRSvc.exe3
 
Error: (05/24/2014 03:40:18 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: SkypeC2CAutoUpdateSvc.exe, versión: 7.2.15747.10003, marca de tiempo: 0x53483635
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x74376a64
Id. del proceso con errores: 0x704
Hora de inicio de la aplicación con errores: 0xSkypeC2CAutoUpdateSvc.exe0
Ruta de acceso de la aplicación con errores: SkypeC2CAutoUpdateSvc.exe1
Ruta de acceso del módulo con errores: SkypeC2CAutoUpdateSvc.exe2
Id. del informe: SkypeC2CAutoUpdateSvc.exe3
 
Error: (05/24/2014 03:40:16 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: armsvc.exe, versión: 1.701.3.3014, marca de tiempo: 0x528e3b17
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x74376a64
Id. del proceso con errores: 0x6ec
Hora de inicio de la aplicación con errores: 0xarmsvc.exe0
Ruta de acceso de la aplicación con errores: armsvc.exe1
Ruta de acceso del módulo con errores: armsvc.exe2
Id. del informe: armsvc.exe3
 
Error: (05/23/2014 06:25:40 PM) (Source: MsiInstaller) (User: MEDIACENTER)
Description: Product: Adobe Acrobat X Pro - English, Français, Deutsch -- Error 1310.Error writing to file: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Javascripts\debugger.js.  System error 5.  Verify that you have access to that directory.
 
Error: (05/23/2014 05:21:25 PM) (Source: MsiInstaller) (User: MEDIACENTER)
Description: Producto: Adobe Acrobat X Pro - English, Français, Deutsch - la actualización "Adobe Acrobat X (10.1.10)" no se pudo instalar. Código de error 1603. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error: (05/23/2014 05:21:09 PM) (Source: MsiInstaller) (User: MEDIACENTER)
Description: Product: Adobe Acrobat X Pro - English, Français, Deutsch -- Error 1310.Error writing to file: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AMT\AAM\AdobeID\ZS\zh_CN\StringTable.xml.  System error 5.  Verify that you have access to that directory.
 
Error: (05/23/2014 03:08:48 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 
Error: (05/22/2014 06:47:02 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 
 
System errors:
=============
Error: (05/24/2014 03:53:04 PM) (Source: Service Control Manager) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio SN.Sustainer.
 
Error: (05/24/2014 03:51:46 PM) (Source: TPM) (User: )
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.
 
Error: (05/24/2014 03:51:46 PM) (Source: TPM) (User: )
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.
 
Error: (05/24/2014 03:51:46 PM) (Source: TPM) (User: )
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.
 
Error: (05/24/2014 03:47:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80242016: Actualización para la lista de Vista de compatibilidad de Internet Explorer 8 para Windows 7 para sistemas basados en x64 (KB2598845).
 
Error: (05/24/2014 03:44:11 PM) (Source: Service Control Manager) (User: )
Description: El servicio Instalador de módulos de Windows se cerró con el siguiente error: 
%%16405
 
Error: (05/24/2014 03:42:42 PM) (Source: Service Control Manager) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio SN.Sustainer.
 
Error: (05/24/2014 03:41:22 PM) (Source: TPM) (User: )
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.
 
Error: (05/24/2014 03:41:22 PM) (Source: TPM) (User: )
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.
 
Error: (05/24/2014 03:41:22 PM) (Source: TPM) (User: )
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.
 
 
Microsoft Office Sessions:
=========================
Error: (05/24/2014 03:40:22 PM) (Source: Application Error)(User: )
Description: TeamViewer_Service.exe9.0.28223.0535a30e5unknown0.0.0.000000000c000000574376a644b801cf77a0db84dcc0C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exeunknown638f9ce0-e394-11e3-b1b8-001d926302a4
 
Error: (05/24/2014 03:40:20 PM) (Source: Application Error)(User: )
Description: MSI_LiveUpdate_Service.exe1.0.0.253341023unknown0.0.0.000000000c000000574376a647b801cf77a0db7b5740C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exeunknown62105f80-e394-11e3-b1b8-001d926302a4
 
Error: (05/24/2014 03:40:19 PM) (Source: Application Error)(User: )
Description: SkypeC2CPNRSvc.exe7.2.15747.1000353483655unknown0.0.0.000000000c000000574376a6472401cf77a0db684c40C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exeunknown61d01a60-e394-11e3-b1b8-001d926302a4
 
Error: (05/24/2014 03:40:18 PM) (Source: Application Error)(User: )
Description: SkypeC2CAutoUpdateSvc.exe7.2.15747.1000353483635unknown0.0.0.000000000c000000574376a6470401cf77a0db65eae0C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exeunknown60cf05e0-e394-11e3-b1b8-001d926302a4
 
Error: (05/24/2014 03:40:16 PM) (Source: Application Error)(User: )
Description: armsvc.exe1.701.3.3014528e3b17unknown0.0.0.000000000c000000574376a646ec01cf77a0db638980C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeunknown5ff40760-e394-11e3-b1b8-001d926302a4
 
Error: (05/23/2014 06:25:40 PM) (Source: MsiInstaller)(User: MEDIACENTER)
Description: Product: Adobe Acrobat X Pro - English, Français, Deutsch -- Error 1310.Error writing to file: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Javascripts\debugger.js.  System error 5.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (05/23/2014 05:21:25 PM) (Source: MsiInstaller)(User: MEDIACENTER)
Description: Adobe Acrobat X Pro - English, Français, DeutschAdobe Acrobat X (10.1.10)1603(NULL)(NULL)(NULL)
 
Error: (05/23/2014 05:21:09 PM) (Source: MsiInstaller)(User: MEDIACENTER)
Description: Product: Adobe Acrobat X Pro - English, Français, Deutsch -- Error 1310.Error writing to file: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AMT\AAM\AdobeID\ZS\zh_CN\StringTable.xml.  System error 5.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (05/23/2014 03:08:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Miguel\Downloads\SoftonicDownloader_for_vlc-media-player-nightly.exe
 
Error: (05/22/2014 06:47:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Miguel\Downloads\SoftonicDownloader_for_vlc-media-player-nightly.exe
 
 
=========================== Installed Programs ============================
 
Actualización de NVIDIA 1.10.8 (Version: 1.10.8)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.1)
Adobe AIR (Version: 13.0.0.111)
Adobe Creative Suite 6 Master Collection (Version: 6)
Adobe Flash Media Live Encoder 3.2 (Version: 3.2.0)
Adobe Help Manager (Version: 4.0.244)
Adobe Reader XI (11.0.07) - Español (Version: 11.0.07)
Adobe Widget Browser (Version: 2.0 Build 348)
Adobe Widget Browser (Version: 2.0.348)
Apple Software Update (Version: 2.1.3.127)
bl (Version: 1.0.0)
Compatibilidad con Aplicaciones de Apple (Version: 2.3.6)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DVD Shrink 3.2
FileZilla Client 3.8.0 (Version: 3.8.0)
Google Chrome (Version: 35.0.1916.114)
Google Update Helper (Version: 1.3.24.7)
iMON (Version: 8.04)
Java 7 Update 55 (Version: 7.0.550)
Java Auto Updater (Version: 2.1.9.8)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile ESN Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended ESN Language Pack (Version: 4.0.30319)
Microsoft Office Access MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Basque) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Catalan) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Galician) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Sync Framework Runtime v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MSI Live Update (Version: 6.0.005)
NewTek SpeedHQ Video Codec (Remove Only)
NVIDIA Controlador de gráficos 307.83 (Version: 307.83)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA Update Components (Version: 1.10.8)
Panel de control de NVIDIA 307.83 (Version: 307.83)
Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (Version: 4.0.30319)
Paquete de idioma de Microsoft .NET Framework 4 Extended ESN (Version: 4.0.30319)
PDF Settings CS6 (Version: 11.0)
ph (Version: 1.0.0)
QuickTime 7 (Version: 7.75.80.95)
Rocketfish USB 3.0 PCI Express Card Driver (Version: 3.0.20.0)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype Click to Call (Version: 7.2.15747.10003)
Skype™ 6.16 (Version: 6.16.105)
SN.Booster (Version: 2.2.0.1907)
TeamViewer 9 (Version: 9.0.28223)
TriCaster TCXD Codec Pack 2.0
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
VLC media player 2.1.3 (Version: 2.1.3)
VLC media player 2.2.0-git-20130801-0403 (Version: 2.2.0-git-20130801-0403)
Webroot SecureAnywhere (Version: 8.0.4.70)
WinRAR 5.01 (32-bit) (Version: 5.01.0)
Xilisoft Video Convertidor Ultimate (Version: 7.8.1.20140505)
 
========================= Devices: ================================
 
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Puerto paralelo PCI
Description: Puerto paralelo PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Coprocesador
Description: Coprocesador
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Controladora de vídeo multimedia
Description: Controladora de vídeo multimedia
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Módulo de plataforma segura 1.2
Description: Módulo de plataforma segura 1.2
Class Guid: {d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
Manufacturer: (Estándar)
Service: TPM
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Puerto serie PCI
Description: Puerto serie PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 89%
Total physical RAM: 1791.18 MB
Available physical RAM: 179.95 MB
Total Pagefile: 4316.36 MB
Available Pagefile: 395.69 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.52 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:698.54 GB) (Free:602.74 GB) NTFS
2 Drive d: (007.pt.23.dvdr.r1.ntsc.Latino-TV) (CDROM) (Total:4.37 GB) (Free:0 GB) UDF
3 Drive e: (My Passport) (Fixed) (Total:931.48 GB) (Free:505.8 GB) NTFS
 
========================= Users: ========================================
 
Cuentas de usuario de \\MEDIACENTER
 
Administrador            Invitado                 Miguel                   
UpdatusUser              
Se ha completado el comando correctamente.
 
 
**** End of log ****
 
Rkill 2.6.6 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 05/24/2014 08:43:36 PM in x64 mode.
Windows Version: Windows 7 Professional 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * c:\programdata\topapp software\sn.booster\SN.Booster.exe (PID: 1976) [AU-HEUR]
 
1 proccess terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
  * HKCU\SOFTWARE\Classes\.exe has been deleted!
  * HKCU\SOFTWARE\Classes\exefile has been deleted!
 
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 05/24/2014 08:45:57 PM
Execution time: 0 hours(s), 2 minute(s), and 21 seconds(s)
 
 
 
Thank You for your help
 
 
 
 
 
 

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users