Strange things

[f0kvs]

Hello, I'm new.

Today has happened several things, maybe casualities, maybe not. One, my graphic card has dead. Yesterday I saw the temp and it was 80ºC, the pc crashed several times, and the card has 4 years. I shutdowned the pc, but today the card is not responding at all. ok, its likely my fault. Well, after that, I restarted with another old card. All running fine. But suddenly I see a file called Putty.rnd, with modification date about 2011, after google about it, it says it is some random file created by a program to remoting access servers, obviously I have never used that program . After that, I try to access my router and I cant, because my user and password doesnt work. ?! Maybe my girlfriend who is able to confuse the router with a radio has changed the password and hasnt told me, or maybe I have alzheimer, but the password was written down in a sheet, and it wasnt the default password at all. I have had to reset my router. So everything is working fine, but the videocard.

Then, I have passed ComboFix. I dont have idea what it says, but if someone can tell me if I have been hacked or something, Ill be eternally thankful, otherwise you can call me paranoid. (I have deleted putty.rnd without problem)

ComboFix 12-06-28.03 - f0kvs 01/07/2012 11:29:49.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.34.3082.18.4095.2691 [GMT 2:00]
Running from: I:\ComboFix.exe
FW: PC Tools Firewall Plus *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\f0kvs\AppData\Local\assembly\tmp
c:\users\f0kvs\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
C:\Windows 7 Activador.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-06-01 to 2012-07-01 )))))))))))))))))))))))))))))))
.
.
2012-07-01 09:39 . 2012-07-01 09:39--------d-----w-c:\users\UpdatusUser\AppData\Local\temp
2012-07-01 09:39 . 2012-07-01 09:39--------d-----w-c:\users\Default\AppData\Local\temp
2012-07-01 09:39 . 2012-07-01 09:39--------d-----w-c:\users\Administrador\AppData\Local\temp
2012-07-01 07:50 . 2012-07-01 07:500----a-w-c:\windows\ativpsrm.bin
2012-06-30 21:47 . 2012-06-30 21:47--------d-----w-c:\program files (x86)\Linksys Wireless-G PCI Wireless Network Monitor
2012-06-28 16:10 . 2012-06-28 16:10--------d-----w-c:\users\f0kvs\AppData\Roaming\PCToolsFirewallPlus
2012-06-28 16:08 . 2010-03-29 09:06233488----a-w-c:\windows\system32\drivers\PCTCore64.sys
2012-06-28 16:08 . 2011-03-24 10:39140800----a-w-c:\windows\system32\drivers\pctwfpfilter64.sys
2012-06-28 16:08 . 2011-01-17 07:09334976----a-w-c:\windows\system32\drivers\pctgntdi64.sys
2012-06-28 16:06 . 2012-06-28 16:08--------d-----w-c:\program files (x86)\Common Files\PC Tools
2012-06-28 16:06 . 2011-01-12 08:35119688----a-w-c:\windows\system32\drivers\pctNdis-PacketFilter64.sys
2012-06-28 16:06 . 2010-07-08 06:4979000----a-w-c:\windows\system32\drivers\pctNdis64.sys
2012-06-28 16:06 . 2010-02-05 06:2642968----a-w-c:\windows\system32\drivers\pctNdis-DNS64.sys
2012-06-28 16:06 . 2011-01-17 06:11179976----a-w-c:\windows\system32\drivers\pctplfw64.sys
2012-06-28 16:06 . 2012-06-28 16:10--------d-----w-c:\program files (x86)\PC Tools Firewall Plus
2012-06-24 14:17 . 2012-06-24 14:17--------d-----w-c:\programdata\MySQL
2012-06-24 14:17 . 2012-06-24 14:17--------d-----w-c:\program files\MySQL
2012-06-23 21:04 . 2007-09-07 15:33135168----a-w-c:\windows\SysWow64\EEBAPI.dll
2012-06-23 21:04 . 2007-03-28 16:2665536----a-w-c:\windows\SysWow64\EEBUtil.dll
2012-06-23 21:04 . 2006-12-19 16:31110592----a-w-c:\windows\SysWow64\EEBDSCVR.dll
2012-06-23 21:04 . 2006-12-19 16:2077824----a-w-c:\windows\SysWow64\EBAPI.dll
2012-06-23 20:54 . 2007-04-10 19:0610752----a-w-c:\windows\system32\E_GCINST.DLL
2012-06-23 20:54 . 2008-11-12 21:00118784----a-w-c:\windows\system32\E_ILMHRE.DLL
2012-06-23 20:54 . 2009-10-01 21:0188064----a-w-c:\windows\system32\E_IBCBHRE.DLL
2012-06-23 20:54 . 2012-06-23 21:16--------d-----w-c:\programdata\EPSON
2012-06-23 20:53 . 2011-08-09 22:00464384----a-w-c:\windows\system32\esxw2ud.dll
2012-06-23 20:53 . 2012-06-23 20:53--------d-----w-c:\program files (x86)\epson
2012-06-23 13:11 . 2012-06-26 05:58--------d-----w-c:\users\f0kvs\AppData\Roaming\SanDisk
2012-06-23 13:09 . 2012-06-23 13:09--------d-----w-c:\users\f0kvs\AppData\Roaming\SanDisk SecureAccess
2012-06-23 13:08 . 2012-06-23 13:08--------d-----w-c:\users\f0kvs\AppData\Local\Proxure
2012-06-23 13:07 . 2012-06-23 13:07--------d-----w-c:\programdata\ClubSanDisk
2012-06-21 16:24 . 2012-06-29 06:11--------d-----w-c:\users\f0kvs\AppData\Roaming\Skype
2012-06-21 16:24 . 2012-06-21 16:25--------d-----r-c:\program files (x86)\Skype
2012-06-21 16:24 . 2012-06-21 16:24--------d-----w-c:\program files (x86)\Common Files\Skype
2012-06-21 16:24 . 2012-06-21 16:25--------d-----w-c:\programdata\Skype
2012-06-19 21:20 . 2012-06-19 21:20--------d-----w-c:\program files (x86)\Paradox Interactive
2012-06-19 19:30 . 2012-06-19 19:35--------d-----w-c:\program files (x86)\HOI2 Doomsday Armageddon
2012-06-19 17:59 . 2012-06-19 17:59--------d-----w-c:\program files (x86)\Alcohol Soft
2012-06-19 17:52 . 2012-06-19 22:12--------d-----w-c:\users\f0kvs\AppData\Roaming\Vso
2012-06-19 17:52 . 2012-06-19 17:5299384----a-w-c:\users\f0kvs\AppData\Roaming\inst.exe
2012-06-19 17:52 . 2012-06-19 17:52118400----a-w-c:\windows\system32\drivers\ezplay.sys
2012-06-19 17:52 . 2012-06-19 17:52118400----a-w-c:\users\f0kvs\AppData\Roaming\ezplay.sys
2012-06-19 17:52 . 2012-06-19 17:52--------d-----w-c:\program files (x86)\VSO
2012-06-19 17:17 . 2012-06-19 17:17871408----a-w-c:\windows\system32\drivers\sptd.sys
2012-06-19 17:03 . 2012-06-19 17:03--------d-----w-c:\users\f0kvs\AppData\Roaming\Canneverbe Limited
2012-06-19 17:03 . 2012-06-19 17:03--------d-----w-c:\programdata\Canneverbe Limited
2012-06-19 17:03 . 2012-06-19 17:03--------d-----w-c:\program files (x86)\CDBurnerXP
2012-06-19 16:44 . 1999-09-10 11:065600----a-w-c:\windows\system\winaspi.dll
2012-06-19 16:44 . 1999-09-10 11:064672----a-w-c:\windows\system\wowpost.exe
2012-06-19 16:44 . 1999-09-10 11:0645056----a-w-c:\windows\SysWow64\wnaspi32.dll
2012-06-19 16:07 . 2012-06-19 16:07--------d-----w-c:\programdata\SlySoft
2012-06-19 16:05 . 2012-06-19 17:54--------d-----w-c:\program files (x86)\SlySoft
2012-06-19 15:35 . 2012-06-19 15:354967624----a-w-c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-06-19 06:00 . 2012-06-19 06:00--------d-----w-c:\users\f0kvs\AppData\Local\Macromedia
2012-06-18 16:12 . 2012-06-18 16:13--------d-----w-c:\program files\iTunes
2012-06-18 16:12 . 2012-06-18 16:13--------d-----w-c:\program files (x86)\iTunes
2012-06-18 16:12 . 2012-06-18 16:12--------d-----w-c:\program files\iPod
2012-06-17 10:49 . 2012-06-17 10:49476936----a-w-c:\windows\SysWow64\npdeployJava1.dll
2012-06-10 14:09 . 2012-06-10 14:09770384----a-w-c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-10 14:09 . 2012-06-10 14:09421200----a-w-c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-05 19:45 . 2012-06-19 18:57--------d-----w-c:\users\f0kvs\AppData\Local\PokerStars.ES
2012-06-05 19:44 . 2012-06-05 19:45--------d-----w-c:\program files (x86)\PokerStars.ES
2012-06-03 15:26 . 2012-06-03 16:33--------d-----w-c:\program files (x86)\Ardamax Keylogger Removal Tool
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-23 16:13 . 2012-04-01 12:26426184----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-23 16:13 . 2011-08-03 21:4770344----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-17 10:49 . 2011-02-22 15:45472840----a-w-c:\windows\SysWow64\deployJava1.dll
2012-05-05 14:36 . 2012-05-05 14:3651496----a-w-c:\windows\system32\drivers\stflt.sys
2012-04-18 18:56 . 2012-04-18 18:5694208----a-w-c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-18 18:56 . 2012-04-18 18:5669632----a-w-c:\windows\SysWow64\QuickTime.qts
2012-04-04 13:56 . 2011-06-26 08:0224904----a-w-c:\windows\system32\drivers\mbam.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-07-14 01:41 . 488637971582135BB5A7C7313A4C151B . 848384 . . [------] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll
.
c:\windows\system32\qmgr.dll ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-09-29 20880]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-06-05 1310720]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"RegistrarUsrDNIeCertStoreDLL"="c:\program files (x86)\DNIe\udcs.exe" [2009-03-02 39424]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-09-29 929680]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-09-29 3508112]
"FileServe Manager Task"="c:\program files (x86)\FileServe Manager\FSStarter.exe" [2011-09-21 954648]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"00PCTFW"="c:\program files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" [2011-04-07 2672600]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\f0kvs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-6-13 1014112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Servicio de Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-28 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 gupdatem;Servicio de Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-28 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis64.sys [2010-07-08 79000]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
R3 rt61x64;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr6164.sys [2009-06-02 438784]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\RpcAgentSrv.exe [2008-12-12 95896]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2011-11-04 117040]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-06-19 871408]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-21 254528]
S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [2011-01-17 334976]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 224048]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 130864]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-02-20 140672]
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-01 169624]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 KinectManagement;Kinect Management;c:\program files\Microsoft Research KinectSDK\Service\KinectManagementService.exe [2011-07-20 125440]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-06-19 3048136]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [2012-05-05 51496]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2012-03-28 1148632]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter64.sys [2011-01-12 119688]
S3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis64.sys [2010-07-08 79000]
S3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw64.sys [2011-01-17 179976]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 146736]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 165680]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - pctESPInject
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 16:13]
.
2012-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-28 01:43]
.
2012-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-28 01:43]
.
2012-06-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-660138542-3048796690-3408885898-1000Core.job
- c:\users\f0kvs\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-03 18:51]
.
2012-07-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-660138542-3048796690-3408885898-1000UA.job
- c:\users\f0kvs\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-03 18:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAX"="c:\program files (x86)\Analog Devices\SoundMAX\soundmax.exe" [2009-05-18 3866624]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.es/
mStart Page = hxxp://www.bigseekpro.com/video2down/{5108F26F-D9A8-42B6-9A62-638B5494074C}
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local;*.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Download with FileServe Manager - c:\program files (x86)\FileServe Manager\GetUrl.htm
IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{CC0FC7CF-E588-4b33-B148-C657708AB9C4} - c:\program files (x86)\PokerStars.ES\PokerStarsUpdate.exe
TCP: Interfaces\{23689CC1-B044-4CD3-9CAB-C88E91900707}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{42B98BBB-5874-48CB-B1EC-DDCCEB9684F9}: NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{97EE9867-4FC1-4790-9271-0743B82E467B}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\f0kvs\AppData\Roaming\Mozilla\Firefox\Profiles\p056etsd.default\
FF - prefs.js: browser.startup.homepage - www.google.es
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-PlayNC Launcher - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-PokerStars - c:\program files (x86)\PokerStars\PokerStarsUninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SysWOW64\brsvc01a.exe
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\PC Tools Firewall Plus\FWService.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\SysWOW64\brss01a.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
.
**************************************************************************
.
Completion time: 2012-07-01 11:46:31 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-01 09:46
.
Pre-Run: 21.693.558.784 bytes libres
Post-Run: 22.319.104.000 bytes libres
.
- - End Of File - - 50F13C9EDF62EF7EDA868863CB3C5380

 

[Bobbye]

There are some issues with the system.We do not encourage running Combofix unless instructed by a helper. But since you did it anyway, we will discuss it.

Combofix removed some Trojan Processes. One is an entry for Activator.exe. This is a Trojan that may log user information and possibly block access to certain security related sites.

The Start page has been taken over by malware.

some random file created by a program to remoting access servers, obviously I have never used that program

No, not obviously. Are you synching any mobile devices? Maybe this> SAMSUNG Android?

An unsigned file for BITS was downloaded in 2009. The system is missing a valid system file> BITS.
=========================================
I am not comfortable with the following- please explain:

Maybe my girlfriend who is able to confuse the router with a radio

How is the router being manipulated>
====================================
If you would like us to check the system for malware, please follow these steps: Preliminary Virus and Malware Removal.

NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links. This includes the current Malwarebytes you now have on the system

When you have finished, leave the logs for review in your next reply .
NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
======================================
I see processes for a firewall and antimalware, but I don't see any for an antivirus program. Adviser you install an AV: Suggestions:

Antivirus Software(only one):
[o]Microsoft Security Essentials
[o]Comodo AV
[o]Avast! Free Antivirus
--------------------------
Please leave the logs in your next reply.

 

[f0kvs]

Ok, here we go.

Yes, I am using Kies to synching a Samsung device. And thinking about putty, it is strange, because it appears on the side of the client who is accesing the server, not on the side accessed.

What I meant with that of my girlfriend, is that she cant change the password because she doesnt know how. So that is the only thing I cant explain.

And the logs, one ny one:

===========================================================================================
===========================================================================================

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Versión de la Base de Datos: v2012.07.02.05

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
f0kvs :: F0KVS-PC [administrador]

03/07/2012 6:24:50
mbam-log-2012-07-03 (06-24-50).txt

Tipos de Análisis: Análisis Rápido
Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM | P2P
Opciones de análisis desactivados:
Objetos examinados: 274713
Tiempo transcurrido: 1 minuto(s), 56 segundo(s)

Procesos en Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Módulos de Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Claves del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Valores del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Carpetas Detectadas: 0
(No se han detectado elementos maliciosos)

Archivos Detectados: 4
C:\Users\f0kvs\Downloads\SoftonicDownloader_para_cdburnerxp-pro.exe (PUP.ToolbarDownloader) -> En cuarentena y eliminado con éxito.
C:\Users\f0kvs\Downloads\SoftonicDownloader_para_daemon-tools.exe (PUP.ToolbarDownloader) -> En cuarentena y eliminado con éxito.
C:\Users\f0kvs\Downloads\SoftonicDownloader_para_msi-afterburner.exe (PUP.ToolbarDownloader) -> En cuarentena y eliminado con éxito.
C:\Users\f0kvs\Downloads\SoftonicDownloader_para_pc-tools-firewall-plus.exe (PUP.ToolbarDownloader) -> En cuarentena y eliminado con éxito.

fin)









=========================================================================================
=========================================================================================
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_33
Run by f0kvs at 6:33:50 on 2012-07-03
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.34.3082.18.4095.2248 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
FW: PC Tools Firewall Plus *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SysWOW64\brsvc01a.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AEADISRV.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Research KinectSDK\Service\KinectManagementService.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\SysWOW64\brss01a.exe
C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\FileServe Manager\FSStarter.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\WUDFHost.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\f0kvs\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.es/
mStart Page = hxxp://www.bigseekpro.com/video2down/{5108F26F-D9A8-42B6-9A62-638B5494074C}
uInternet Settings,ProxyOverride = local;*.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live Aplicación auxiliar de inicio de sesión: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
mRun: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [RegistrarUsrDNIeCertStoreDLL] "C:\Program Files (x86)\DNIe\udcs.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [FileServe Manager Task] "C:\Program Files (x86)\FileServe Manager\FSStarter.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [00PCTFW] "C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" -s
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
StartupFolder: C:\Users\f0kvs\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Download with FileServe Manager - C:\Program Files (x86)\FileServe Manager\GetUrl.htm
IE: E&xportar a Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {CC0FC7CF-E588-4b33-B148-C657708AB9C4} - C:\Program Files (x86)\PokerStars.ES\PokerStarsUpdate.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
TCP: DhcpNameServer = 62.42.230.24 62.42.63.52
TCP: Interfaces\{23689CC1-B044-4CD3-9CAB-C88E91900707} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{880E6BAE-BFE8-4BE3-92FB-27AA5303F55D} : DhcpNameServer = 62.42.230.24 62.42.63.52
TCP: Interfaces\{880E6BAE-BFE8-4BE3-92FB-27AA5303F55D}\4516C696369616 : DhcpNameServer = 62.42.230.24 62.42.63.52
TCP: Interfaces\{97EE9867-4FC1-4790-9271-0743B82E467B} : NameServer = 8.26.56.26,156.154.70.22
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{326E768D-4182-46FD-9C16-1449A49795F4}
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
TB-X64: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
mRun-x64: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [RegistrarUsrDNIeCertStoreDLL] "C:\Program Files (x86)\DNIe\udcs.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
mRun-x64: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun-x64: [FileServe Manager Task] "C:\Program Files (x86)\FileServe Manager\FSStarter.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [00PCTFW] "C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" -s
mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE-X64: {CC0FC7CF-E588-4b33-B148-C657708AB9C4} - C:\Program Files (x86)\PokerStars.ES\PokerStarsUpdate.exe
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\f0kvs\AppData\Roaming\Mozilla\Firefox\Profiles\p056etsd.default\
FF - prefs.js: browser.startup.homepage - www.google.es
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll
FF - plugin: C:\Users\f0kvs\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\f0kvs\AppData\Roaming\Mozilla\Firefox\Profiles\p056etsd.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 pctgntdi;pctgntdi;\??\C:\Windows\System32\drivers\pctgntdi64.sys --> C:\Windows\System32\drivers\pctgntdi64.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-19 140672]
R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 KinectManagement;Kinect Management;C:\Program Files\Microsoft Research KinectSDK\Service\KinectManagementService.exe [2011-7-20 125440]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-3-14 2348352]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-4-19 399416]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-6-19 3048136]
R2 sp_rsdrv2;Spyware Terminator Driver Filter;C:\Windows\system32\DRIVERS\stflt.sys --> C:\Windows\system32\DRIVERS\stflt.sys [?]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2012-5-5 1148632]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-5-28 275968]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;\??\C:\Windows\system32\drivers\pctNdis-PacketFilter64.sys --> C:\Windows\system32\drivers\pctNdis-PacketFilter64.sys [?]
R3 pctNdisMP;PC Tools Driver;C:\Windows\system32\DRIVERS\pctNdis64.sys --> C:\Windows\system32\DRIVERS\pctNdis64.sys [?]
R3 rt61x64;RT61 Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr6164.sys --> C:\Windows\system32\DRIVERS\netr6164.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Servicio de Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-28 136176]
S2 PCToolsFirewallPlus;PC Tools Firewall Plus;C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe [2012-6-28 286000]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-1 250056]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]
S3 gupdatem;Servicio de Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-28 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-3 113120]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 pctNdis;PC Tools Firewall Intermediate Filter Service;C:\Windows\system32\DRIVERS\pctNdis64.sys --> C:\Windows\system32\DRIVERS\pctNdis64.sys [?]
S3 pctplfw;pctplfw;\??\C:\Windows\System32\drivers\pctplfw64.sys --> C:\Windows\System32\drivers\pctplfw64.sys [?]
S3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\RpcAgentSrv.exe [2012-1-21 95896]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-4-19 993848]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 VBoxUSB;VirtualBox USB;C:\Windows\system32\Drivers\VBoxUSB.sys --> C:\Windows\system32\Drivers\VBoxUSB.sys [?]
.
=============== Created Last 30 ================
.
2012-07-03 04:33:039013136----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F5BCCC84-D5DC-4FDF-93CD-6415F9FC1273}\mpengine.dll
2012-07-02 20:56:47110592----a-w-C:\Windows\System32\rtvcvfw32.dll
2012-07-02 20:56:34--------d-----w-C:\Program Files (x86)\MSI Afterburner
2012-07-02 20:56:11--------d-----w-C:\Program Files (x86)\MSI Kombustor
2012-07-02 20:53:1024904----a-w-C:\Windows\System32\drivers\mbam.sys
2012-07-02 20:53:09--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-02 20:42:02927800----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{697ED994-4567-4575-8A1B-B6988D9F85B6}\gapaengine.dll
2012-07-02 20:19:572622464----a-w-C:\Windows\System32\wucltux.dll
2012-07-02 20:19:5099840----a-w-C:\Windows\System32\wudriver.dll
2012-07-02 20:19:4036864----a-w-C:\Windows\System32\wuapp.exe
2012-07-02 20:19:40186752----a-w-C:\Windows\System32\wuwebv.dll
2012-07-02 20:16:22--------d-----w-C:\Program Files (x86)\Microsoft Security Client
2012-07-02 20:16:18--------d-----w-C:\Program Files\Microsoft Security Client
2012-07-01 11:09:49--------d-sh--w-C:\$RECYCLE.BIN
2012-07-01 09:50:52303616----a-w-C:\Windows\System32\RaCoInstx.dll
2012-07-01 09:27:0798816----a-w-C:\Windows\sed.exe
2012-07-01 09:27:07518144----a-w-C:\Windows\SWREG.exe
2012-07-01 09:27:07256000----a-w-C:\Windows\PEV.exe
2012-07-01 09:27:07208896----a-w-C:\Windows\MBR.exe
2012-07-01 07:50:160----a-w-C:\Windows\ativpsrm.bin
2012-06-30 21:47:16--------d-----w-C:\Program Files (x86)\Linksys Wireless-G PCI Wireless Network Monitor
2012-06-28 16:10:09--------d-----w-C:\Users\f0kvs\AppData\Roaming\PCToolsFirewallPlus
2012-06-28 16:08:16233488----a-w-C:\Windows\System32\drivers\PCTCore64.sys
2012-06-28 16:08:15334976----a-w-C:\Windows\System32\drivers\pctgntdi64.sys
2012-06-28 16:08:15140800----a-w-C:\Windows\System32\drivers\pctwfpfilter64.sys
2012-06-28 16:06:5079000----a-w-C:\Windows\System32\drivers\pctNdis64.sys
2012-06-28 16:06:5042968----a-w-C:\Windows\System32\drivers\pctNdis-DNS64.sys
2012-06-28 16:06:50119688----a-w-C:\Windows\System32\drivers\pctNdis-PacketFilter64.sys
2012-06-28 16:06:50--------d-----w-C:\Program Files (x86)\Common Files\PC Tools
2012-06-28 16:06:49179976----a-w-C:\Windows\System32\drivers\pctplfw64.sys
2012-06-28 16:06:48--------d-----w-C:\Program Files (x86)\PC Tools Firewall Plus
2012-06-24 14:17:10--------d-----w-C:\ProgramData\MySQL
2012-06-24 14:17:10--------d-----w-C:\Program Files\MySQL
2012-06-23 21:04:0577824----a-w-C:\Windows\SysWow64\EBAPI.dll
2012-06-23 21:04:0565536----a-w-C:\Windows\SysWow64\EEBUtil.dll
2012-06-23 21:04:0555808----a-w-C:\Windows\SysWow64\EEBSDKIF.dll
2012-06-23 21:04:05135168----a-w-C:\Windows\SysWow64\EEBAPI.dll
2012-06-23 21:04:05110592----a-w-C:\Windows\SysWow64\EEBDSCVR.dll
2012-06-23 21:03:58--------d-----w-C:\Program Files\Common Files\EPSON
2012-06-23 20:57:44--------d-----w-C:\ProgramData\UDL
2012-06-23 20:55:15--------d-----w-C:\Program Files (x86)\Epson Software
2012-06-23 20:54:38558592----a-w-C:\Windows\System32\ensppmon.dll
2012-06-23 20:54:38558592----a-w-C:\Windows\System32\enppmon.dll
2012-06-23 20:54:38538112----a-w-C:\Windows\System32\ensppui.dll
2012-06-23 20:54:38538112----a-w-C:\Windows\System32\enppui.dll
2012-06-23 20:54:38250880----a-w-C:\Windows\System32\enspres.dll
2012-06-23 20:54:38250880----a-w-C:\Windows\System32\enpres.dll
2012-06-23 20:54:38--------d-----w-C:\Program Files\EpsonNet
2012-06-23 20:54:32--------d-----w-C:\Program Files (x86)\Common Files\EPSON
2012-06-23 20:54:2310752----a-w-C:\Windows\System32\E_GCINST.DLL
2012-06-23 20:54:16118784----a-w-C:\Windows\System32\E_ILMHRE.DLL
2012-06-23 20:54:1488064----a-w-C:\Windows\System32\E_IBCBHRE.DLL
2012-06-23 20:54:07--------d-----w-C:\ProgramData\EPSON
2012-06-23 20:53:57464384----a-w-C:\Windows\System32\esxw2ud.dll
2012-06-23 20:53:53--------d-----w-C:\Program Files (x86)\epson
2012-06-23 13:11:06--------d-----w-C:\Users\f0kvs\AppData\Roaming\SanDisk
2012-06-23 13:09:19--------d-----w-C:\Users\f0kvs\AppData\Roaming\SanDisk SecureAccess
2012-06-23 13:08:09--------d-----w-C:\Users\f0kvs\AppData\Local\Proxure
2012-06-23 13:07:33--------d-----w-C:\ProgramData\ClubSanDisk
2012-06-21 16:24:30--------d-----r-C:\Program Files (x86)\Skype
2012-06-19 21:20:47--------d-----w-C:\Program Files (x86)\Paradox Interactive
2012-06-19 19:30:23--------d-----w-C:\Program Files (x86)\HOI2 Doomsday Armageddon
2012-06-19 17:59:15--------d-----w-C:\Program Files (x86)\Alcohol Soft
2012-06-19 17:52:2499384----a-w-C:\Users\f0kvs\AppData\Roaming\inst.exe
2012-06-19 17:52:24118400----a-w-C:\Windows\System32\drivers\ezplay.sys
2012-06-19 17:52:24118400----a-w-C:\Users\f0kvs\AppData\Roaming\ezplay.sys
2012-06-19 17:52:18--------d-----w-C:\Program Files (x86)\VSO
2012-06-19 17:17:29871408----a-w-C:\Windows\System32\drivers\sptd.sys
2012-06-19 17:03:53--------d-----w-C:\Users\f0kvs\AppData\Roaming\Canneverbe Limited
2012-06-19 17:03:53--------d-----w-C:\ProgramData\Canneverbe Limited
2012-06-19 16:44:075600----a-w-C:\Windows\system\winaspi.dll
2012-06-19 16:44:074672----a-w-C:\Windows\system\wowpost.exe
2012-06-19 16:44:0745056----a-w-C:\Windows\SysWow64\wnaspi32.dll
2012-06-19 16:05:19--------d-----w-C:\Program Files (x86)\SlySoft
2012-06-19 15:35:144967624----a-w-C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-06-19 06:00:51--------d-----w-C:\Users\f0kvs\AppData\Local\Macromedia
2012-06-18 16:12:43--------d-----w-C:\Program Files\iTunes
2012-06-18 16:12:43--------d-----w-C:\Program Files\iPod
2012-06-18 16:12:43--------d-----w-C:\Program Files (x86)\iTunes
2012-06-17 10:49:50476936----a-w-C:\Windows\SysWow64\npdeployJava1.dll
2012-06-10 14:09:07770384----a-w-C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-10 14:09:07421200----a-w-C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-05 19:45:14--------d-----w-C:\Users\f0kvs\AppData\Local\PokerStars.ES
2012-06-05 19:44:55--------d-----w-C:\Program Files (x86)\PokerStars.ES
2012-06-03 15:26:58--------d-----w-C:\Program Files (x86)\Ardamax Keylogger Removal Tool
.
==================== Find3M ====================
.
2012-06-23 16:13:1970344----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-23 16:13:19426184----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-17 10:49:43472840----a-w-C:\Windows\SysWow64\deployJava1.dll
2012-05-05 14:36:2451496----a-w-C:\Windows\System32\drivers\stflt.sys
2012-04-18 18:56:3094208----a-w-C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-18 18:56:3069632----a-w-C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH: 6:34:38,47 ===============

 

[f0kvs]

======================================================================================================================================================================================
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 19/02/2011 1:44:57
System Uptime: 03/07/2012 5:47:33 (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | STRIKER II EXTREME
Processor: Intel(R) Core(TM)2 Quad CPU Q9450 @ 2.66GHz | Socket 775 | 2333/333mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 301 GiB total, 18,445 GiB free.
D: is CDROM (CDFS)
F: is CDROM ()
G: is FIXED (NTFS) - 932 GiB total, 802,134 GiB free.
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\ATK0110\1010110
Manufacturer:
Name:
PNP Device ID: ACPI\ATK0110\1010110
Service:
.
==== System Restore Points ===================
.
RP174: 02/07/2012 22:19:19 - Windows Update
.
==== Installed Programs ======================
.
"Minimal SYStem 1.0.11"
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 10
Adobe Reader X (10.1.3) - Español
Adobe Shockwave Player 11.5
Aion (North America)
Apple Application Support
Apple Software Update
Arachnophilia 5.4
Ares 2.1.7
µTorrent
Bitcoin
BlindWrite 6
BlueJ 3.0.4
CambioPIN
CDBurnerXP
CDisplayEx 1.7
CloneCD
CrystalDiskInfo 4.6.1
DAEMON Tools Lite
Dialang V1 Beta
Elements 10 Organizer
eMule
Epson Easy Photo Print 2
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
Epson FAX Utility
Epson PC-FAX Driver
EPSON Scan
EpsonNet Print
EVE Online (remove only)
Evernote v. 4.5.7
FileServe Manager 1.0.0.3466
FrameDemo
GesTurn
GlassPaneDemo
Google Chrome
Google Earth
Google Update Helper
GridLayoutDemo
Hearts of Iron III
Heroes of Might and Magic V
Herramienta de carga de Windows Live
HOI2 Doomsday Armageddon
Host OpenAL (ADI)
Instalable módulo criptográfico DNIe
Instalación de DivX
J2SE Development Kit 5.0 Update 6
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 33
Java(TM) SE Development Kit 6 Update 24
Java(TM) SE Development Kit 6 Update 25
Junk Mail filter update
K-Lite Codec Pack 7.0.0 (Full)
Kodu Game Lab
Linksys Wireless-G PCI Adapter
Malwarebytes Anti-Malware versión 1.61.0.1400
Messenger Plus! 5
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft CCR and DSS Runtime 2008 R3
Microsoft Choice Guard
Microsoft Expression Blend 3 SDK
Microsoft Expression Blend 4
Microsoft Expression Blend 4 Add-in for Adobe FXG Import
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Expression Blend SDK for Windows Phone 7
Microsoft Expression Design 4
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Expression Studio 4
Microsoft Expression Web 4
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office Access MUI (Spanish) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Spanish) 2007
Microsoft Office Groove MUI (Spanish) 2007
Microsoft Office InfoPath MUI (Spanish) 2007 (Beta)
Microsoft Office OneNote MUI (Spanish) 2007
Microsoft Office Outlook MUI (Spanish) 2007
Microsoft Office PowerPoint MUI (Spanish) 2007
Microsoft Office Proof (Basque) 2007
Microsoft Office Proof (Catalan) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Galician) 2007
Microsoft Office Proof (Portuguese (Brazil)) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (Spanish) 2007
Microsoft Office Publisher MUI (Spanish) 2007
Microsoft Office Shared MUI (Spanish) 2007
Microsoft Office Word MUI (Spanish) 2007
Microsoft Robotics Developer Studio 2008 R3
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft Silverlight Tools for Visual Studio 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual Studio 2010 Express for Windows Phone - ENU
Microsoft Windows Phone 7 Developer Resources
Microsoft Windows Phone Developer Tools - ENU
Microsoft XNA Framework Redistributable 2.0
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Microsoft XNA Game Studio 4.0
Microsoft XNA Game Studio 4.0 (ARP entry)
Microsoft XNA Game Studio 4.0 (Redists)
Microsoft XNA Game Studio 4.0 (Shared Components)
Microsoft XNA Game Studio 4.0 (Visual Studio)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
Microsoft XNA Game Studio 4.0 Documentation
Microsoft XNA Game Studio 4.0 Windows Phone Extensions
Microsoft XNA Game Studio Platform Tools
MinGW-Get version 0.4-alpha-1
Mozilla Firefox 13.0.1 (x86 es-ES)
Mozilla Maintenance Service
MSI Afterburner 2.1.0
MSI Kombustor 2.0.0
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MyPDFConverter
NCsoft Launcher
Neverwinter Nights 2
Nokia Connectivity Cable Driver
Nokia Ovi Suite
Nokia Ovi Suite Software Updater
Nokia PC Suite
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Ovi Desktop Sync Engine
OviMPlatform
Pando Media Booster
PC Connectivity Solution
PC Tools Firewall Plus 7.0
PDF Editor 3
PokerStars
PokerStars.es
PowerISO
PSE10 STI Installer
QuickTime
R-UCA-2.12.1
Ralink RT6x Wireless LAN Card
RootLayeredPaneDemo
Samsung Kies
SanDiskSecureAccess_Manager.exe
Secunia PSI (2.0.0.3003)
Simple Table Demo Application
Skype Click to Call
Skype™ 5.10
SMRecorder 1.2.0
SoundMAX
Spotify
Spyware Terminator 2012
StarCraft II
Steam
Sun Java Runtime Environment and JMF
SWI-Prolog (remove only)
Toolbar Uninstaller 1.0.0.0
Total War: SHOGUN 2
Tropical Island Landscapes Screensaver 1.0
TVUPlayer 2.5.3.1
VC 9.0 Runtime
VC80CRTRedist - 8.0.50727.6195
VideoPad Video Editor
VLC media player 1.1.7
WampServer 2.2
WavePad Sound Editor
Windows Live Asistente para el inicio de sesión
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Writer
Windows Media Player Firefox Plugin
Windows Phone 7 Add-in for Visual Studio 2010 - ENU
World of Warcraft
WPF Toolkit February 2010 (Version 3.5.50211.1)
.
==== Event Viewer Messages From Past Week ========
.
30/06/2012 23:23:41, Error: RT2500 [5003] - 802.11b/g Wireless Adapter : no se pudo encontrar un adaptador de red.
30/06/2012 23:14:40, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
30/06/2012 23:14:40, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
30/06/2012 23:14:40, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
30/06/2012 23:14:40, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
30/06/2012 17:01:38, Error: Microsoft-Windows-Eventlog [106] - Se detectó que el registro del canal Microsoft-Windows-Windows Defender/WHC está dañado. Algunos datos se borraron.
30/06/2012 16:58:17, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
30/06/2012 16:58:17, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
30/06/2012 16:58:17, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
30/06/2012 16:58:17, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
30/06/2012 15:15:35, Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: AFD CSC DfsC discache ElbyCDIO NetBIOS NetBT nsiproxy pctgntdi Psched rdbss SASDIFSV SASKUTIL SCDEmu spldr tdx VBoxDrv VBoxUSBMon vmm vwififlt Wanarpv6 WfpLwf
30/06/2012 15:15:35, Error: Service Control Manager [7001] - El servicio Reconocimiento de ubicación de red depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
30/06/2012 15:15:35, Error: Service Control Manager [7001] - El servicio Contenedor y motor de minirredirector SMB depende del servicio Subsistema de almacenamiento en búfer redirigido, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
30/06/2012 15:15:35, Error: Service Control Manager [7001] - El servicio Aplicación auxiliar IP depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
30/06/2012 15:15:33, Error: Service Control Manager [7001] - El servicio Estación de trabajo depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
30/06/2012 15:15:33, Error: Service Control Manager [7001] - El servicio Aplicación auxiliar de NetBIOS sobre TCP/IP depende del servicio Ancillary Function Driver for Winsock, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
30/06/2012 14:51:52, Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: AFD CSC DfsC discache ElbyCDIO NetBIOS NetBT nsiproxy pctgntdi Psched rdbss SASDIFSV SASKUTIL SCDEmu spldr tdx VBoxDrv VBoxUSBMon vmm vwififlt Wanarpv6 WfpLwf
30/06/2012 14:51:50, Error: Service Control Manager [7001] - El servicio Reconocimiento de ubicación de red depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
30/06/2012 14:51:50, Error: Service Control Manager [7001] - El servicio Estación de trabajo depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
30/06/2012 14:51:50, Error: Service Control Manager [7001] - El servicio Contenedor y motor de minirredirector SMB depende del servicio Subsistema de almacenamiento en búfer redirigido, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
30/06/2012 14:51:50, Error: Service Control Manager [7001] - El servicio Aplicación auxiliar IP depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
30/06/2012 14:51:50, Error: Service Control Manager [7001] - El servicio Aplicación auxiliar de NetBIOS sobre TCP/IP depende del servicio Ancillary Function Driver for Winsock, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
30/06/2012 10:43:04, Error: Service Control Manager [7023] - El servicio Publicación de recurso de detección de función se cerró con el siguiente error: %%-2147014847
30/06/2012 10:42:46, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
30/06/2012 10:42:46, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
30/06/2012 10:42:46, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
30/06/2012 10:42:46, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
29/06/2012 8:00:23, Error: Service Control Manager [7023] - El servicio Publicación de recurso de detección de función se cerró con el siguiente error: %%-2147014847
29/06/2012 8:00:03, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
29/06/2012 8:00:03, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
29/06/2012 8:00:03, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
29/06/2012 8:00:03, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
29/06/2012 23:55:53, Error: Service Control Manager [7023] - El servicio Publicación de recurso de detección de función se cerró con el siguiente error: %%-2147014847
29/06/2012 23:55:32, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
29/06/2012 23:55:32, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
29/06/2012 23:55:32, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
29/06/2012 23:55:32, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
29/06/2012 23:47:09, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
29/06/2012 23:47:09, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
29/06/2012 23:47:09, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
29/06/2012 23:47:09, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
27/06/2012 19:00:21, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
27/06/2012 19:00:21, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
27/06/2012 19:00:21, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
27/06/2012 19:00:21, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
26/06/2012 7:39:03, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
26/06/2012 7:39:03, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
26/06/2012 7:39:03, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
26/06/2012 7:39:03, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
03/07/2012 5:48:02, Error: Service Control Manager [7000] - El servicio Aspi32 no pudo iniciarse debido al siguiente error: El sistema no puede encontrar el archivo especificado.
02/07/2012 7:22:46, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
02/07/2012 7:22:46, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
02/07/2012 7:22:46, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
02/07/2012 7:22:46, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
02/07/2012 22:46:16, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.857.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
02/07/2012 22:46:16, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.857.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
02/07/2012 22:45:28, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.857.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
02/07/2012 22:45:28, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.857.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
02/07/2012 22:44:30, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.857.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
02/07/2012 22:44:30, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.857.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
02/07/2012 22:20:54, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
02/07/2012 22:20:54, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
02/07/2012 15:46:13, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
02/07/2012 15:46:13, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
02/07/2012 15:46:13, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
02/07/2012 15:46:13, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 9:54:22, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 9:54:22, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 9:54:22, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 9:54:22, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 9:50:27, Error: Microsoft-Windows-Directory-Services-SAM [12291] - SAM no ha podido iniciar el TCP/IP o el subproceso de escucha
01/07/2012 9:50:03, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 9:50:03, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 9:50:03, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 9:50:03, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 9:46:39, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 9:46:39, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 9:46:39, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 9:46:39, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 23:19:05, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 23:19:05, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 23:19:05, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 23:19:05, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 17:18:58, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 17:18:58, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 17:18:58, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 17:18:58, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 17:16:43, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 17:16:43, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 17:16:43, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 17:16:43, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 13:09:08, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 13:09:08, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 13:09:08, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 13:09:08, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 11:41:55, Error: Service Control Manager [7000] - El servicio Windows Presentation Foundation Font Cache 3.0.0.0 no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
01/07/2012 11:41:22, Error: Service Control Manager [7023] - El servicio Windows Defender se cerró con el siguiente error: No se puede encontrar el módulo especificado.
01/07/2012 11:41:05, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 11:41:05, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 11:41:05, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 11:41:05, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 11:39:57, Error: Service Control Manager [7030] - El servicio PEVSystemStart ha sido marcado como servicio interactivo. Sin embargo, el sistema está configurado para no permitir servicios interactivos. Este servicio puede tener un funcionamiento incorrecto.
01/07/2012 11:38:58, Error: Application Popup [1060] - Se bloqueó la carga de \??\C:\ComboFix\catchme.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.
01/07/2012 11:35:50, Error: Service Control Manager [7030] - El servicio PEVSystemStart ha sido marcado como servicio interactivo. Sin embargo, el sistema está configurado para no permitir servicios interactivos. Este servicio puede tener un funcionamiento incorrecto.
01/07/2012 11:26:46, Error: Service Control Manager [7034] - El servicio Skype C2C Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
01/07/2012 11:24:02, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 11:24:02, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 11:24:02, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 11:24:02, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 0:43:50, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 0:43:50, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 0:43:50, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 0:43:50, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 0:32:13, Error: Service Control Manager [7023] - El servicio Publicación de recurso de detección de función se cerró con el siguiente error: %%-2147014847
01/07/2012 0:31:52, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 3 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 0:31:52, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 2 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 0:31:52, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 1 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 0:31:52, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador 0 del grupo 0 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
01/07/2012 0:13:53, Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
01/07/2012 0:13:53, Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1068" al intentar iniciar el servicio netprofm con argumentos "" para ejecutar el servidor: {A47979D2-C419-11D9-A5B4-001185AD2B89}
01/07/2012 0:13:48, Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: AFD CSC DfsC discache ElbyCDIO NetBIOS NetBT nsiproxy pctgntdi Psched rdbss SASDIFSV SASKUTIL SCDEmu spldr tdx VBoxDrv VBoxUSBMon vmm vwififlt Wanarpv6 WfpLwf
01/07/2012 0:13:47, Error: Service Control Manager [7001] - El servicio Servicio Interfaz de almacenamiento en red depende del servicio NSI proxy service driver., el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
01/07/2012 0:13:47, Error: Service Control Manager [7001] - El servicio Reconocimiento de ubicación de red depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
01/07/2012 0:13:47, Error: Service Control Manager [7001] - El servicio Minirredirector SMB 2.0 depende del servicio Contenedor y motor de minirredirector SMB, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
01/07/2012 0:13:47, Error: Service Control Manager [7001] - El servicio Minirredirector SMB 1.x depende del servicio Contenedor y motor de minirredirector SMB, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
01/07/2012 0:13:47, Error: Service Control Manager [7001] - El servicio Kinect Management depende del servicio Audio de Windows, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
01/07/2012 0:13:47, Error: Service Control Manager [7001] - El servicio Estación de trabajo depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
01/07/2012 0:13:47, Error: Service Control Manager [7001] - El servicio Contenedor y motor de minirredirector SMB depende del servicio Subsistema de almacenamiento en búfer redirigido, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
01/07/2012 0:13:47, Error: Service Control Manager [7001] - El servicio Cliente DNS depende del servicio Controlador de soporte TDI heredado NetIO, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
01/07/2012 0:13:47, Error: Service Control Manager [7001] - El servicio Cliente DHCP depende del servicio Ancillary Function Driver for Winsock, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
01/07/2012 0:13:47, Error: Service Control Manager [7001] - El servicio Aplicación auxiliar IP depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
01/07/2012 0:13:47, Error: Service Control Manager [7001] - El servicio Aplicación auxiliar de NetBIOS sobre TCP/IP depende del servicio Ancillary Function Driver for Winsock, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
.
==== End Of File ===========================
GMER's Log was empty. Thanks for the response.

 

[Bobbye]

I translated one of the many errors for this:

06 30, 2012 16: 58: 17, Error: Microsoft-Windows - Kernel-Processor-Power [35] - disabled features of power management on State performance in the processor 3 of group 0 due to a problem with the firmware. Consult the computer manufacturer if there is updated firmware.

The time span showing is 6/30-7/2, but note that only a week of Errors show in this log. Errors also include to processor 0, processor 1, processor 2, processor 3

This is out of my area of expertise, but it appears that this could occur in a deliberate attempt to overclock.

Re:What does "Kernel-processor-power" error mean?
Means you have speedsetp and/or CxE disabled in the bios.
Doesn't hurt anything, lot of folks prefer to have them disabled, but will result in that error message you see in event viewer. Usually there will be one for each core/thread.

This can cause system crashes.

This is for your system:

Motherboard: ASUSTeK Computer INC. | | STRIKER II EXTREME
Processor: Intel(R) Core(TM)2 Quad CPU Q9450 @ 2.66GHz | Socket 775 | 2333/333mhz

I don't know whether this is responsible for any of the "strange things."
=============================================
Please consider unchecking this in the Startup Menu:
RegistrarUsrDNIeCertStoreDLL>> it may shows as uces.exe. It allows the Spanish DNIe application to be pre-loaded for immediate use. I thin this is what is making log entries a combination of English/Spanish.
==============================
P2P programs are a major source of Malware infections.
From your log I see you have these file sharing programs:
Ares 2.1.7
µTorrent
Bitcoin
eMule
PLEASE NOTE:
Even if you are using a P2P program that is deemed safe, it is only the program that is safe. Any files that you receive using a "safe" P2P program may be infected with Malware. The malware writers use P2P file-sharing as a major conduit to spread infected files.

I suggest that you uninstall these programs for the following reasons:

• As long as you are using file sharing networks and programs which are from sources that are not documented, you cannot verity that a download is legitimate.
• Malware writers use these program to include malicious content.
• File sharing is usually unmonitored and there is a danger that your private files might be accessed.
• The 'sharing' also includes malware that the shared system has on it.
• Files that are illegal can be spread through file sharing.

Please read the information on P2P Warningto help you better understand these dangers.
----------------------------
If you decide to keep the program(s), please disable them and do not use them while I am helping you clean the system.
---------------------------
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

For 64bit: http://jpshortstuff.247fixes.com/SystemLook_x64.exe

• Double-click SystemLook.exe to run it.
• Copy the content of the following codebox into the main textfield:
  

  :filefind
  qmgr.*

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt
================================
There are several programs running that may use the 'putty.rnd' process. I think you may have misunderstood the meaning of the 'remote' reference.
===============================
You should not have all of the following on the system> they are vulnerabilities:
Please refer to this Java site for what you need and what is the current version.

J2SE Development Kit 5.0 Update 6
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 33
Java(TM) SE Development Kit 6 Update 24
Java(TM) SE Development Kit 6 Update 25

Be sure to check all download screens for any pre-check toolbars or BHO> if found, remove the check before the download..
==============================
***COMBOFIX SCRIPT REMOVED ~DMJ***
====================
Did you think you have a keylogger and install this?>>
2012-06-03 15:26 . 2012-06-03 16:33--------d-----w-c:\program files (x86)\Ardamax Keylogger Removal Tool

Please leave the new Combofix log in your next rely.
.

 

[f0kvs]

Yes, I thought I had a keylogger, and I thought I had been hacked, because I have been threatened with that. First I laughed at that, but now I dont know what to think . Because if you say that kind of errors occurs when overclocking, well, I have NEVER overclocked any part of my PC. But, I must remind, that the day the card failed, it was at high temp. So, my question is, can someone overclock remotely my CPU and do that? Because I didnt disabled any tweaker feature in my BIOS. Or maybe simply my system after four years without errors, now there is some part probably CPU that is causing problems and my card died of mere overheating? And, yes, I have forgotten the putty.rnd thing.

The unused java is deleted, and no, I dont use any p2p program while doing this.

Here is the logs:

==========================================================================================================================================================================================
ComboFix 12-07-04.01 - f0kvs 04/07/2012 15:22:19.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.34.3082.18.4095.2341 [GMT 2:00]
Running from: c:\users\f0kvs\Downloads\ComboFix\ComboFix.exe
Command switches used :: c:\users\f0kvs\Downloads\ComboFix\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
FW: PC Tools Firewall Plus *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\f0kvs\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-06-04 to 2012-07-04 )))))))))))))))))))))))))))))))
.
.
2012-07-04 13:57 . 2012-07-04 13:57--------d-----w-c:\users\UpdatusUser\AppData\Local\temp
2012-07-04 13:57 . 2012-07-04 13:57--------d-----w-c:\users\Default\AppData\Local\temp
2012-07-04 13:57 . 2012-07-04 13:57--------d-----w-c:\users\Administrador\AppData\Local\temp
2012-07-04 13:57 . 2012-07-04 13:57--------d-----w-c:\users\Admin\AppData\Local\temp
2012-07-04 13:08 . 2012-07-04 13:083584----a-r-c:\users\f0kvs\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2012-07-04 13:08 . 2012-07-04 13:08--------d-----w-c:\program files (x86)\Windows Installer Clean Up
2012-07-04 13:05 . 2012-07-04 13:08--------d-----w-c:\program files (x86)\MSECACHE
2012-07-04 12:55 . 2012-07-04 12:55--------d-----w-c:\users\f0kvs\AppData\Local\VS Revo Group
2012-07-03 14:20 . 2012-07-04 06:19--------d-----w-c:\program files (x86)\Motherboard Monitor 5
2012-07-03 14:15 . 2012-06-18 01:129013136----a-w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0EA42FF6-74B1-4CB1-843A-08BBD42FF20C}\mpengine.dll
2012-07-02 20:56 . 2010-10-27 01:43110592----a-w-c:\windows\system32\rtvcvfw32.dll
2012-07-02 20:56 . 2012-07-02 20:56--------d-----w-c:\program files (x86)\MSI Afterburner
2012-07-02 20:56 . 2012-07-02 20:56--------d-----w-c:\program files (x86)\MSI Kombustor
2012-07-02 20:53 . 2012-04-04 13:5624904----a-w-c:\windows\system32\drivers\mbam.sys
2012-07-02 20:53 . 2012-07-02 20:53--------d-----w-c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-02 20:42 . 2012-02-09 12:17927800----a-w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{697ED994-4567-4575-8A1B-B6988D9F85B6}\gapaengine.dll
2012-07-02 20:19 . 2012-06-02 22:192428952----a-w-c:\windows\system32\wuaueng.dll
2012-07-02 20:19 . 2012-06-02 22:1957880----a-w-c:\windows\system32\wuauclt.exe
2012-07-02 20:19 . 2012-06-02 22:1944056----a-w-c:\windows\system32\wups2.dll
2012-07-02 20:19 . 2012-06-02 22:152622464----a-w-c:\windows\system32\wucltux.dll
2012-07-02 20:19 . 2012-06-02 22:1938424----a-w-c:\windows\system32\wups.dll
2012-07-02 20:19 . 2012-06-02 22:19701976----a-w-c:\windows\system32\wuapi.dll
2012-07-02 20:19 . 2012-06-02 22:1599840----a-w-c:\windows\system32\wudriver.dll
2012-07-02 20:19 . 2012-06-02 13:19186752----a-w-c:\windows\system32\wuwebv.dll
2012-07-02 20:19 . 2012-06-02 13:1536864----a-w-c:\windows\system32\wuapp.exe
2012-07-02 20:16 . 2012-07-02 20:16--------d-----w-c:\program files (x86)\Microsoft Security Client
2012-07-02 20:16 . 2012-07-02 20:16--------d-----w-c:\program files\Microsoft Security Client
2012-07-01 09:50 . 2009-06-02 15:31303616----a-w-c:\windows\system32\RaCoInstx.dll
2012-07-01 07:50 . 2012-07-01 07:500----a-w-c:\windows\ativpsrm.bin
2012-06-30 21:47 . 2012-06-30 21:47--------d-----w-c:\program files (x86)\Linksys Wireless-G PCI Wireless Network Monitor
2012-06-28 16:10 . 2012-06-28 16:10--------d-----w-c:\users\f0kvs\AppData\Roaming\PCToolsFirewallPlus
2012-06-28 16:08 . 2010-03-29 09:06233488----a-w-c:\windows\system32\drivers\PCTCore64.sys
2012-06-28 16:08 . 2011-03-24 10:39140800----a-w-c:\windows\system32\drivers\pctwfpfilter64.sys
2012-06-28 16:08 . 2011-01-17 07:09334976----a-w-c:\windows\system32\drivers\pctgntdi64.sys
2012-06-28 16:06 . 2012-06-28 16:08--------d-----w-c:\program files (x86)\Common Files\PC Tools
2012-06-28 16:06 . 2011-01-12 08:35119688----a-w-c:\windows\system32\drivers\pctNdis-PacketFilter64.sys
2012-06-28 16:06 . 2010-07-08 06:4979000----a-w-c:\windows\system32\drivers\pctNdis64.sys
2012-06-28 16:06 . 2010-02-05 06:2642968----a-w-c:\windows\system32\drivers\pctNdis-DNS64.sys
2012-06-28 16:06 . 2011-01-17 06:11179976----a-w-c:\windows\system32\drivers\pctplfw64.sys
2012-06-28 16:06 . 2012-06-28 16:10--------d-----w-c:\program files (x86)\PC Tools Firewall Plus
2012-06-24 14:17 . 2012-06-24 14:17--------d-----w-c:\programdata\MySQL
2012-06-24 14:17 . 2012-06-24 14:17--------d-----w-c:\program files\MySQL
2012-06-23 21:04 . 2007-09-07 15:33135168----a-w-c:\windows\SysWow64\EEBAPI.dll
2012-06-23 21:04 . 2007-03-28 16:2665536----a-w-c:\windows\SysWow64\EEBUtil.dll
2012-06-23 21:04 . 2006-12-19 16:31110592----a-w-c:\windows\SysWow64\EEBDSCVR.dll
2012-06-23 21:04 . 2006-12-19 16:2077824----a-w-c:\windows\SysWow64\EBAPI.dll
2012-06-23 20:54 . 2007-04-10 19:0610752----a-w-c:\windows\system32\E_GCINST.DLL
2012-06-23 20:54 . 2008-11-12 21:00118784----a-w-c:\windows\system32\E_ILMHRE.DLL
2012-06-23 20:54 . 2009-10-01 21:0188064----a-w-c:\windows\system32\E_IBCBHRE.DLL
2012-06-23 20:54 . 2012-06-23 21:16--------d-----w-c:\programdata\EPSON
2012-06-23 20:53 . 2011-08-09 22:00464384----a-w-c:\windows\system32\esxw2ud.dll
2012-06-23 20:53 . 2012-06-23 20:53--------d-----w-c:\program files (x86)\epson
2012-06-23 13:11 . 2012-06-26 05:58--------d-----w-c:\users\f0kvs\AppData\Roaming\SanDisk
2012-06-23 13:09 . 2012-06-23 13:09--------d-----w-c:\users\f0kvs\AppData\Roaming\SanDisk SecureAccess
2012-06-23 13:08 . 2012-06-23 13:08--------d-----w-c:\users\f0kvs\AppData\Local\Proxure
2012-06-23 13:07 . 2012-06-23 13:07--------d-----w-c:\programdata\ClubSanDisk
2012-06-21 16:24 . 2012-06-29 06:11--------d-----w-c:\users\f0kvs\AppData\Roaming\Skype
2012-06-21 16:24 . 2012-06-21 16:25--------d-----r-c:\program files (x86)\Skype
2012-06-21 16:24 . 2012-06-21 16:24--------d-----w-c:\program files (x86)\Common Files\Skype
2012-06-21 16:24 . 2012-06-21 16:25--------d-----w-c:\programdata\Skype
2012-06-19 21:20 . 2012-06-19 21:20--------d-----w-c:\program files (x86)\Paradox Interactive
2012-06-19 19:30 . 2012-06-19 19:35--------d-----w-c:\program files (x86)\HOI2 Doomsday Armageddon
2012-06-19 17:59 . 2012-06-19 17:59--------d-----w-c:\program files (x86)\Alcohol Soft
2012-06-19 17:52 . 2012-06-19 22:12--------d-----w-c:\users\f0kvs\AppData\Roaming\Vso
2012-06-19 17:52 . 2012-06-19 17:5299384----a-w-c:\users\f0kvs\AppData\Roaming\inst.exe
2012-06-19 17:52 . 2012-06-19 17:52118400----a-w-c:\windows\system32\drivers\ezplay.sys
2012-06-19 17:52 . 2012-06-19 17:52118400----a-w-c:\users\f0kvs\AppData\Roaming\ezplay.sys
2012-06-19 17:52 . 2012-06-19 17:52--------d-----w-c:\program files (x86)\VSO
2012-06-19 17:17 . 2012-06-19 17:17871408----a-w-c:\windows\system32\drivers\sptd.sys
2012-06-19 17:03 . 2012-06-19 17:03--------d-----w-c:\users\f0kvs\AppData\Roaming\Canneverbe Limited
2012-06-19 17:03 . 2012-06-19 17:03--------d-----w-c:\programdata\Canneverbe Limited
2012-06-19 17:03 . 2012-06-19 17:03--------d-----w-c:\program files (x86)\CDBurnerXP
2012-06-19 16:44 . 1999-09-10 11:065600----a-w-c:\windows\system\winaspi.dll
2012-06-19 16:44 . 1999-09-10 11:064672----a-w-c:\windows\system\wowpost.exe
2012-06-19 16:44 . 1999-09-10 11:0645056----a-w-c:\windows\SysWow64\wnaspi32.dll
2012-06-19 16:07 . 2012-06-19 16:07--------d-----w-c:\programdata\SlySoft
2012-06-19 16:05 . 2012-06-19 17:54--------d-----w-c:\program files (x86)\SlySoft
2012-06-19 15:35 . 2012-06-19 15:354967624----a-w-c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-06-19 06:00 . 2012-06-19 06:00--------d-----w-c:\users\f0kvs\AppData\Local\Macromedia
2012-06-18 16:12 . 2012-06-18 16:13--------d-----w-c:\program files\iTunes
2012-06-18 16:12 . 2012-06-18 16:13--------d-----w-c:\program files (x86)\iTunes
2012-06-18 16:12 . 2012-06-18 16:12--------d-----w-c:\program files\iPod
2012-06-17 10:49 . 2012-07-04 13:02772592----a-w-c:\windows\SysWow64\npdeployJava1.dll
2012-06-10 14:09 . 2012-06-10 14:09770384----a-w-c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-10 14:09 . 2012-06-10 14:09421200----a-w-c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-05 19:45 . 2012-06-19 18:57--------d-----w-c:\users\f0kvs\AppData\Local\PokerStars.ES
2012-06-05 19:44 . 2012-06-05 19:45--------d-----w-c:\program files (x86)\PokerStars.ES
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-04 13:02 . 2011-02-22 15:45687600----a-w-c:\windows\SysWow64\deployJava1.dll
2012-06-23 16:13 . 2012-04-01 12:26426184----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-23 16:13 . 2011-08-03 21:4770344----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-15 10:48 . 2012-03-14 16:3868928----a-w-c:\windows\system32\OpenCL.dll
2012-05-15 10:48 . 2012-03-14 16:3861248----a-w-c:\windows\SysWow64\OpenCL.dll
2012-05-15 10:48 . 2011-11-01 00:541738048----a-w-c:\windows\system32\nvdispco64.dll
2012-05-15 10:48 . 2011-11-01 00:541468224----a-w-c:\windows\system32\nvgenco64.dll
2012-05-15 09:29 . 2011-01-07 19:49889664----a-w-c:\windows\system32\nvvsvc.exe
2012-05-15 09:29 . 2011-01-07 19:49118080----a-w-c:\windows\system32\nvmctray.dll
2012-05-15 09:29 . 2011-01-07 19:4963296----a-w-c:\windows\system32\nvshext.dll
2012-05-15 09:29 . 2011-01-07 19:492561856----a-w-c:\windows\system32\nvsvcr.dll
2012-05-15 09:29 . 2011-01-07 19:493149632----a-w-c:\windows\system32\nvsvc64.dll
2012-05-15 09:28 . 2011-01-07 19:506151488----a-w-c:\windows\system32\nvcpl.dll
2012-05-15 00:21 . 2012-05-15 00:21423744----a-w-c:\windows\SysWow64\nvStreaming.exe
2012-05-05 14:36 . 2012-05-05 14:3651496----a-w-c:\windows\system32\drivers\stflt.sys
2012-04-18 18:56 . 2012-04-18 18:5694208----a-w-c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-18 18:56 . 2012-04-18 18:5669632----a-w-c:\windows\SysWow64\QuickTime.qts
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-01_09.41.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2012-07-03 06:1716384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-06-30 20:5316384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-06-30 20:5332768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-03 06:1732768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-30 20:5316384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-03 06:1716384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-19 18:22 . 2012-07-04 12:3053152 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-04 12:3036030 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-02-19 07:44 . 2012-07-04 12:3014190 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-660138542-3048796690-3408885898-1000_UserData.bin
+ 2009-07-14 05:30 . 2012-07-03 06:2486016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2012-07-01 09:0486016 c:\windows\system32\DriverStore\infpub.dat
+ 2012-07-03 06:22 . 2012-05-15 10:4868928 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\OpenCL64.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4861248 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\OpenCL.dll
+ 2012-03-20 18:44 . 2012-03-20 18:4498688 c:\windows\system32\drivers\NisDrvWFP.sys
- 2011-02-19 00:43 . 2012-06-28 14:0216384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-19 00:43 . 2012-07-04 06:1016384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-19 00:43 . 2012-07-04 06:1049152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-02-19 00:43 . 2012-06-28 14:0249152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-04 06:1032768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-28 14:0232768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-03-27 07:33 . 2012-07-01 09:2616384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-03-27 07:33 . 2012-07-04 14:0016384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2012-07-03 13:1472888 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-03-27 07:33 . 2012-07-04 14:0032768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-03-27 07:33 . 2012-07-01 09:2632768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-03-27 07:33 . 2012-07-01 09:2616384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-03-27 07:33 . 2012-07-04 14:0016384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-02-19 21:06 . 2012-07-01 09:2516384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-19 21:06 . 2012-07-04 14:0016384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-19 21:06 . 2012-07-04 14:0016384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-02-19 21:06 . 2012-07-01 09:2516384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-07-01 12:00 . 2012-07-01 12:009560 c:\windows\system32\NetworkList\Icons\{F2111495-778B-42AF-B706-EB78818E9E8B}_48.bin
+ 2012-07-01 12:00 . 2012-07-01 12:004280 c:\windows\system32\NetworkList\Icons\{F2111495-778B-42AF-B706-EB78818E9E8B}_32.bin
+ 2012-07-01 12:00 . 2012-07-01 12:002456 c:\windows\system32\NetworkList\Icons\{F2111495-778B-42AF-B706-EB78818E9E8B}_24.bin
+ 2012-07-03 06:22 . 2012-05-15 10:484096 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvdetx.dll
+ 2012-07-03 06:22 . 2012-05-15 10:484096 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvdet.dll
- 2012-07-01 09:41 . 2012-07-01 09:412048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-04 13:59 . 2012-07-04 13:592048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-04 13:59 . 2012-07-04 13:592048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-01 09:41 . 2012-07-01 09:412048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 09:31 . 2012-07-04 12:33748524 c:\windows\system32\perfh00A.dat
+ 2009-07-14 02:36 . 2012-07-04 12:33654224 c:\windows\system32\perfh009.dat
+ 2009-07-14 09:31 . 2012-07-04 12:33158964 c:\windows\system32\perfc00A.dat
+ 2009-07-14 02:36 . 2012-07-04 12:33122056 c:\windows\system32\perfc009.dat
+ 2009-07-14 05:30 . 2012-07-03 06:24239616 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-07-01 09:04239616 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-07-01 09:04143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2012-07-03 06:24143360 c:\windows\system32\DriverStore\infstor.dat
+ 2012-07-03 06:22 . 2012-05-15 12:55398656 c:\windows\system32\DriverStore\FileRepository\nvstusb.inf_amd64_neutral_9040728c38bb13af\nvstusb64.sys
+ 2012-07-03 06:22 . 2012-05-15 10:48949056 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvumdshimx.dll
+ 2012-07-03 06:22 . 2012-05-15 10:48818496 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvumdshim.dll
+ 2012-07-03 06:22 . 2012-05-15 10:48313664 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvml.dll
+ 2012-07-03 06:22 . 2012-05-15 10:48246592 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvinitx.dll
+ 2012-07-03 06:22 . 2012-05-15 10:48202048 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvinit.dll
+ 2012-07-03 06:22 . 2012-05-15 10:48202560 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvidia-smi.exe
+ 2012-07-03 06:22 . 2012-05-15 10:48333120 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvEncodeAPI64.dll
+ 2012-07-03 06:22 . 2012-05-15 10:48282432 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvEncodeAPI.dll
+ 2012-07-03 06:22 . 2012-05-15 10:48249856 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvdxgiwrapx.dll
+ 2012-07-03 06:22 . 2012-05-15 10:48220480 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvdxgiwrap.dll
+ 2012-07-03 06:22 . 2012-05-15 10:48301376 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvdecodemft32.dll
+ 2012-07-03 06:22 . 2012-05-15 10:48364352 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvdecodemft.dll
+ 2012-07-03 06:22 . 2012-05-15 10:48316928 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\Nvd3d9wrapx.dll
+ 2012-07-03 06:22 . 2012-05-15 10:48285504 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\Nvd3d9wrap.dll
+ 2012-07-03 06:22 . 2012-05-15 10:48232768 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\dbInstaller.exe
+ 2012-07-01 09:50 . 2009-06-02 15:31303616 c:\windows\system32\DriverStore\FileRepository\netr6164.inf_amd64_neutral_c134e8ce486305d7\RaCoInstx.dll
+ 2012-07-01 09:50 . 2009-06-02 15:35438784 c:\windows\system32\DriverStore\FileRepository\netr6164.inf_amd64_neutral_c134e8ce486305d7\netr6164.sys
+ 2012-03-20 18:44 . 2012-03-20 18:44203888 c:\windows\system32\drivers\MpFilter.sys
- 2009-07-14 05:12 . 2012-05-03 22:15245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2012-07-01 13:27245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-08-04 21:29 . 2012-07-01 09:40796192 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-08-04 21:29 . 2012-07-04 13:57796192 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-07-01 09:40425844 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-04 13:57425844 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2006-09-06 16:09 . 2006-09-06 16:09472064 c:\windows\Installer\e16f0.msi
+ 2012-07-02 20:16 . 2012-07-02 20:16109563 c:\windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\SCEP.exe
+ 2012-07-02 20:16 . 2012-07-02 20:16123352 c:\windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\MSE.exe
+ 2012-07-02 20:16 . 2012-07-02 20:16109563 c:\windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\INTUNE.exe
+ 2012-07-02 20:16 . 2012-07-02 20:16109563 c:\windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\FEP.exe
+ 2012-07-02 20:16 . 2012-07-02 20:16109563 c:\windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\EPP.exe
+ 2012-07-03 06:22 . 2012-05-15 10:488105280 c:\windows\SysWOW64\nvwgf2um.dll
+ 2012-07-03 06:22 . 2012-05-15 10:482524992 c:\windows\SysWOW64\nvcuvid.dll
+ 2012-07-03 06:22 . 2012-05-15 10:482445120 c:\windows\SysWOW64\nvcuvenc.dll
+ 2012-07-03 06:22 . 2012-05-15 10:485982528 c:\windows\SysWOW64\nvcuda.dll
+ 2012-07-03 06:22 . 2012-05-15 10:482368832 c:\windows\SysWOW64\nvapi.dll
+ 2009-07-14 02:34 . 2012-07-04 12:429699328 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2012-06-24 22:109699328 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2012-07-03 06:22 . 2012-05-15 10:482681664 c:\windows\system32\nvcuvid.dll
+ 2012-07-03 06:22 . 2012-05-15 10:482881856 c:\windows\system32\nvcuvenc.dll
+ 2012-07-03 06:22 . 2012-05-15 10:488139072 c:\windows\system32\nvcuda.dll
+ 2012-07-03 06:22 . 2012-05-15 10:482741568 c:\windows\system32\nvapi64.dll
+ 2012-07-03 06:22 . 2012-05-15 12:551468224 c:\windows\system32\DriverStore\FileRepository\nvstusb.inf_amd64_neutral_9040728c38bb13af\nvgenco64.dll
+ 2012-07-03 06:22 . 2012-05-15 10:488105280 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvwgf2um.dll
+ 2012-07-03 06:22 . 2012-05-15 10:481468224 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvgenco64.dll
+ 2012-07-03 06:22 . 2012-05-15 10:481066872 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvdrsdb.bin
+ 2012-07-03 06:22 . 2012-05-15 10:481738048 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvdispco64.dll
+ 2012-07-03 06:22 . 2012-05-15 10:482524992 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvcuvid32.dll
+ 2012-07-03 06:22 . 2012-05-15 10:482681664 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvcuvid.dll
+ 2012-07-03 06:22 . 2012-05-15 10:482881856 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvcuvenc64.dll
+ 2012-07-03 06:22 . 2012-05-15 10:482445120 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvcuvenc.dll
+ 2012-07-03 06:22 . 2012-05-15 10:485982528 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvcuda32.dll
+ 2012-07-03 06:22 . 2012-05-15 10:488139072 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvcuda.dll
+ 2012-07-03 06:22 . 2012-05-15 10:482741568 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvapi64.dll
+ 2012-07-03 06:22 . 2012-05-15 10:482368832 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvapi.dll
+ 2009-07-14 04:45 . 2012-07-02 20:523689324 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2012-06-26 05:413689324 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2012-03-26 17:21 . 2012-03-26 17:217622656 c:\windows\Installer\1655d38.msi
+ 2012-07-03 06:22 . 2012-05-15 10:4819607872 c:\windows\SysWOW64\nvoglv32.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4815322432 c:\windows\SysWOW64\nvd3dum.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4817551680 c:\windows\SysWOW64\nvcompiler.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4810194752 c:\windows\system32\nvwgf2umx.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4825743168 c:\windows\system32\nvoglv64.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4818044224 c:\windows\system32\nvd3dumx.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4825248064 c:\windows\system32\nvcompiler.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4810194752 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvwgf2umx.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4825743168 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvoglv64.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4819607872 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvoglv32.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4814298944 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvlddmkm.sys
+ 2012-07-03 06:22 . 2012-05-15 10:4818044224 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvd3dumx.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4815322432 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvd3dum.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4871931424 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\NvCplSetupInt.exe
+ 2012-07-03 06:22 . 2012-05-15 10:4817551680 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvcompiler32.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4825248064 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_4e3c5699d87cafeb\nvcompiler.dll
+ 2012-07-03 06:22 . 2012-05-15 10:4814298944 c:\windows\system32\drivers\nvlddmkm.sys
- 2011-03-23 09:22 . 2012-07-01 09:4043842358 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-660138542-3048796690-3408885898-1000-8192.dat
+ 2011-03-23 09:22 . 2012-07-04 13:5743842358 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-660138542-3048796690-3408885898-1000-8192.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-09-29 20880]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-06-05 1310720]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"RegistrarUsrDNIeCertStoreDLL"="c:\program files (x86)\DNIe\udcs.exe" [2009-03-02 39424]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-09-29 929680]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-09-29 3508112]
"FileServe Manager Task"="c:\program files (x86)\FileServe Manager\FSStarter.exe" [2011-09-21 954648]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"00PCTFW"="c:\program files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" [2011-04-07 2672600]
.
c:\users\f0kvs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-6-13 1014112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Servicio de Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-28 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 7ByteIo;7ByteIo;c:\program files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 gupdatem;Servicio de Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-28 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis64.sys [2010-07-08 79000]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\RpcAgentSrv.exe [2008-12-12 95896]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2011-11-04 117040]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-06-19 871408]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-21 254528]
S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [2011-01-17 334976]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 224048]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 130864]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-02-20 140672]
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-01 169624]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 KinectManagement;Kinect Management;c:\program files\Microsoft Research KinectSDK\Service\KinectManagementService.exe [2011-07-20 125440]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-06-19 3048136]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [2012-05-05 51496]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2012-03-28 1148632]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter64.sys [2011-01-12 119688]
S3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis64.sys [2010-07-08 79000]
S3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw64.sys [2011-01-17 179976]
S3 rt61x64;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr6164.sys [2009-06-02 438784]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 146736]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 165680]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - pctESPInject
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 16:13]
.
2012-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-28 01:43]
.
2012-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-28 01:43]
.
2012-06-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-660138542-3048796690-3408885898-1000Core.job
- c:\users\f0kvs\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-03 18:51]
.
2012-07-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-660138542-3048796690-3408885898-1000UA.job
- c:\users\f0kvs\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-03 18:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.es/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local;*.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Download with FileServe Manager - c:\program files (x86)\FileServe Manager\GetUrl.htm
IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{CC0FC7CF-E588-4b33-B148-C657708AB9C4} - c:\program files (x86)\PokerStars.ES\PokerStarsUpdate.exe
TCP: DhcpNameServer = 62.42.230.24 62.42.63.52
TCP: Interfaces\{23689CC1-B044-4CD3-9CAB-C88E91900707}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{97EE9867-4FC1-4790-9271-0743B82E467B}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\f0kvs\AppData\Roaming\Mozilla\Firefox\Profiles\p056etsd.default\
FF - prefs.js: browser.startup.homepage - www.google.es
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SysWOW64\brsvc01a.exe
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\PC Tools Firewall Plus\FWService.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\SysWOW64\brss01a.exe
.
**************************************************************************
.
Completion time: 2012-07-04 16:05:31 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-04 14:05
.
Pre-Run: 18.767.835.136 bytes libres
Post-Run: 20.498.407.424 bytes libres
.
- - End Of File - - 257F82387A75378A1A7ED26DF50BEF6F
======================================================================================================================================================================================
SystemLook 30.07.11 by jpshortstuff
Log created at 14:36 on 04/07/2012 by f0kvs
Administrator - Elevation successful
========== filefind ==========
Searching for "qmgr.*"
C:\Windows\System32\es-ES\qmgr.dll.mui--a---- 58880 bytes[09:29 14/07/2009][09:29 14/07/2009] 60BAA3E77A5D5E07E0D1E4612F57C8EF
C:\Windows\System32\wbem\qmgr.mof--a---- 2302 bytes[22:49 13/07/2009][20:53 10/06/2009] D51680128310DDDEC98B918418887C96
C:\Windows\SysWOW64\es-ES\qmgr.dll.mui--a---- 58880 bytes[09:29 14/07/2009][09:29 14/07/2009] E3E597266EE605DE4944059E79B6659E
C:\Windows\SysWOW64\wbem\qmgr.mof--a---- 2302 bytes[22:05 13/07/2009][21:34 10/06/2009] D51680128310DDDEC98B918418887C96
C:\Windows\winsxs\amd64_microsoft-windows-bits-client.resources_31bf3856ad364e35_6.1.7600.16385_es-es_edebec3a845baf5d\qmgr.dll.mui--a---- 58880 bytes[09:29 14/07/2009][09:29 14/07/2009] 60BAA3E77A5D5E07E0D1E4612F57C8EF
C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll--a---- 848384 bytes[23:46 13/07/2009][01:41 14/07/2009] 488637971582135BB5A7C7313A4C151B
C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.mof--a---- 2302 bytes[22:49 13/07/2009][20:53 10/06/2009] D51680128310DDDEC98B918418887C96
C:\Windows\winsxs\wow64_microsoft-windows-bits-client.resources_31bf3856ad364e35_6.1.7600.16385_es-es_f840968cb8bc7158\qmgr.dll.mui--a---- 58880 bytes[09:29 14/07/2009][09:29 14/07/2009] E3E597266EE605DE4944059E79B6659E
C:\Windows\winsxs\wow64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_89da60e64783d42e\qmgr.mof--a---- 2302 bytes[22:05 13/07/2009][21:34 10/06/2009] D51680128310DDDEC98B918418887C96
-= EOF =-
I know I must not check anything to avoid installing toolbars and so, I am not asking for eliminating malware but if someone can tell me if my card has died of pure old or of a strange worst thing. But, I must emphasize that I appreciate your help, attention and knowdledge. Sorry about the spanish texts, if you need it, I can translate them.

 

[f0kvs]

Oh, BTW, forgot to say that I had C1E and Speedstep enabled. There has not been any overclocking. Maybe that errors came from mere overheat?

 

[Bobbye]

We're getting caught up in semantics here:

FYI:

SpeedStep is a trademark for a series of dynamic frequency scaling technologies (codenamed Geyserville[1] and including SpeedStep, SpeedStep II, and SpeedStep III) built into some Intel microprocessors that allow the clock speed of the processor to be dynamically changed (to different P-states) by software. This allows the processor to meet the instantaneous performance needs of the operation being performed, while minimizing power draw and heat dissipation.

From Wiki.

Whatever it is you are trying to do with this isn't working!
==============================================
If you have a heat problem, you should attempt to carefully clean the inside of the computer.
But you can check the health of the drivers:>>The first thing to check is the Device Manger:
Control Panel> System> Hardware tab> Device Manager> Click on the + sign to expand 'Sound, Video & Game Controller> Do you see anything like this Error icon>

 

[f0kvs]

Hehe. Must be semantics, yep. I have told you that I have not done nothing with my card, and my cpu, neither I have changed my bios from default. Just one day, my videocard began to freeze at startup. So I wanted to know if I was hacked, if it can be known. In my device manager its all ok, but with another card, because I cant start with the old card that freezes, neither in safe mode.

 

[Bobbye]

Note to Audio & Video Forum: Please see if you can assist this member with the video card problem.
==============================
I'm going to have your thread moved to the Audio & Video Forum to work on your card.

I think some of the things you are doing may be causing a conflict that is affecting the card.
----------------------------------------------------------------
Please also note the following. You deny overclocking, but your system is full of processes to help you do just that:

Not overclocking????
1. c:\program files (x86)\MSI Afterburner> "Overclocking out of the box..."
2. c:\program files (x86)\MSI Kombustor> "ultimate graphics card burner utility,"
3. c:\program files (x86)\Motherboard Monitor 5> "This is a great invention if you want to overclock. Example to see how well cooled your computer runs over a time. Full load or idle time."
Please visit http://event.msi.com/vga/afterburnerto get more information about the product.
4. Also using Speed Step
SpeedStep is a trademark for a series of dynamic frequency scaling technologies (codenamed Geyserville[1] and including SpeedStep, SpeedStep II, and SpeedStep III) built into some Intel microprocessors that allow the clock speed of the processor to be dynamically changed (to different P-states) by software. This allows the processor to meet the instantaneous performance needs of the operation being performed, while minimizing power draw and heat dissipation.
=====================================
Multiple Errors in the Event Viewer:

06 30, 2012 16: 58: 17, Error: Microsoft-Windows - Kernel-Processor-Power [35] - disabled features of power management on State performance in the processor 3 of group 0 due to a problem with the firmware. Consult the computer manufacturer if there is updated firmware.

The time span showing is 6/30-7/2, but note that only a week of Errors show in this log. Errors also include to processor 0, processor 1, processor 2, processor 3

This is out of my area of expertise, but it appears that this could occur in a deliberate attempt to overclock.

NOTE:
There are 2 uninstallers running: Revo, Windows Installer Cleanup Utility
There are 2 printers running.

 

[f0kvs]

Here we go again.

I have not done ever overclocking, neither changed my BIOS from default.

If someone want to help me, must do on this basis, especially because I am the first one interested in solve the problem, and if it was an overclock problem, simply I would stop doing it, and problem solved, and I wouldnt be here replying this. But, again:

I have not done ever overclocking, neither changed my BIOS from default.

So, that said, I must tell:

1. I installed MSI Afterburner AFTER having freezing problems with my videocard, and I suspected overheating, and MSI Afterburner, amongst other things, can monitor the temp of the GPU. So this was the reason why I installed it.
2. MSI Kombustor came with MSI Afterburner.
3. The same reason applies to MotherBoard Monitor, but with the motherboard. I need to know if is really my card what is failing, OR maybe is my mobo, OR maybe is the PSU, so I wanted to monitor the TEMP of my mobo. This is why I installed all that software, including Hot CPU, to check if it is another component that is failing.
4. Again: I have not changed my BIOS from default. It means, that SpeedStep came enabled from DEFAULT.

And, talking of semantics, what you said in another reply was:

Re:What does "Kernel-processor-power" error mean?
Means you have speedsetp and/or CxE disabled in the bios.
Doesn't hurt anything, lot of folks prefer to have them disabled, but will result in that error message you see in event viewer.

If Im not wrong, it means that the error messages shows up when the speedsetp is disabled, and mine is enabled, from default.

And again, what I wanted to know, knowing the fact that I have not done overclocking, if that error messages can be due to a remote attack that overclocked my cpu, because I dont know if it is possible, or simply overheating from a failing component.

Thank you.

 

[Cobalt006]

I don't really know how to help you. But I can say if it were me. I would wipe out my os. Then start fresh and make sure I used different soft ware to check on my systems temps. Plus I would install a good fire wall plus put my Pc behind a router. Cause all your files you have download are pointing to overclocking. Which maybe the cause of your problems now. You say your not, But if you are being hack . Who ever is doing this is haveing a blast, Why not put a end to it.

 

[f0kvs]

But I would like to be sure of that. Because if it is true, I know who has been.

Only a single question: can someone please tell me if those error messages shows up ONLY because of overclocking?