Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears  (Read 23630 times)

0 Members and 1 Guest are viewing this topic.

supah_dan

    Topic Starter


    Greenhorn

    • Experience: Familiar
    • OS: Windows 8
    A command window pops up every certain time and it says C://Windows/system32/ipconfig.exe on it. It slows down my machine and also kicks me out of games, becoming realy anoying. Can anyone help me please?

    I entered a page that asked to turn off my add blocker so i could go in right before this started, that´s why I think it is a malware.

    I attached a photo of the command window

    [attachment deleted by admin to conserve space]

    SuperDave

    • Malware Removal Specialist


    • Genius
    • Thanked: 1020
    • Certifications: List
    • Experience: Expert
    • OS: Windows 10
    Re: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears
    « Reply #1 on: October 31, 2016, 12:34:26 PM »
    Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

    1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
    2. The fixes are specific to your problem and should only be used for this issue on this machine.
    3. If you don't know or understand something, please don't hesitate to ask.
    4. Please DO NOT run any other tools or scans while I am helping you.
    5. It is important that you reply to this thread. Do not start a new topic.
    6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
    7. Absence of symptoms does not mean that everything is clear.

    If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
    *************************************************************************
    Please download MiniToolBox to Desktop and run it.



    Checkmark the following boxes:

      • Flush DNS
      • Report IE Proxy Settings
      • Reset IE Proxy Settings
      • List content of Hosts
      • List IP Configuration
      • Lst Last 10 Event Viewer Errors
      • List Users, Partitions and Memory Size
      • [/b]
      Click Go and copy/paste the log (Result.txt) into your next post.
      **********************************************************
      Download Security Check by screen317 from the following link and save it to your desktop.

      Security Check

      * Double-click Security Check.bat
      * Follow the on-screen instructions inside of the black box.
      * A Notepad document should open automatically called checkup.txt
      * Post the contents of that document in your next reply.

      Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
      Windows 8 and Windows 10 dual boot with two SSD's

      supah_dan

        Topic Starter


        Greenhorn

        • Experience: Familiar
        • OS: Windows 8
        Re: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears
        « Reply #2 on: October 31, 2016, 04:32:00 PM »
        Thank you so much for your reply!

        Here are the logs
        Please, if you need me to translate anything, just ask me to.

        MINITOOLBOX LOG

        MiniToolBox by Farbar  Version: 17-06-2016
        Ran by user (administrator) on 31-10-2016 at 16:26:26
        Running from "C:\Users\user\AppData\Local\Temp\scoped_dir2580_2321"
        Microsoft Windows 8 Pro  (X64)
        Model: HP Pavilion dv4 Notebook PC Manufacturer: Hewlett-Packard
        Boot Mode: Normal
        ***************************************************************************

        ========================= Flush DNS: ===================================

        Configuraci�n IP de Windows

        Se vaci� correctamente la cach� de resoluci�n de DNS.

        ========================= IE Proxy Settings: ==============================

        Proxy is enabled.
        ProxyServer: http=127.0.0.1:8080;https=127.0.0.1:8080

        "Reset IE Proxy Settings": IE Proxy Settings were reset.
        ========================= Hosts content: =================================
        127.0.0.1 localhost
        ========================= IP Configuration: ================================

        Intel(R) Centrino(R) Wireless-N 1030 = Wi-Fi (Connected)
        Controladora Gigabit Ethernet Qualcomm Atheros AR8151 PCI-E (NDIS 6.30) = Ethernet (Media disconnected)
        Dispositivo Bluetooth (Red de área personal) = Conexión de red Bluetooth (Media disconnected)


        # ----------------------------------
        # Configuraci¢n de IPv4
        # ----------------------------------
        pushd interface ipv4

        reset
        set global icmpredirects=enabled
        set interface interface="Conexi¢n de  rea local* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
        set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
        set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
        set interface interface="Conexi¢n de red Bluetooth" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
        set interface interface="Conexi¢n de  rea local* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
        set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
        add address name="Ethernet" address=100.0.0.1 mask=255.0.0.0


        popd
        # Fin de la configuraci¢n de IPv4



        Configuraci¢n IP de Windows

           Nombre de host. . . . . . . . . : hp
           Sufijo DNS principal  . . . . . :
           Tipo de nodo. . . . . . . . . . : h¡brido
           Enrutamiento IP habilitado. . . : no
           Proxy WINS habilitado . . . . . : no

        Adaptador de LAN inal mbrica Conexi¢n de  rea local* 12:

           Estado de los medios. . . . . . . . . . . : medios desconectados
           Sufijo DNS espec¡fico para la conexi¢n. . :
           Descripci¢n . . . . . . . . . . . . . . . : Adaptador virtual de red hospedada de Microsoft
           Direcci¢n f¡sica. . . . . . . . . . . . . : AC-72-89-58-CF-10
           DHCP habilitado . . . . . . . . . . . . . : s¡
           Configuraci¢n autom tica habilitada . . . : s¡

        Adaptador de Ethernet Conexi¢n de red Bluetooth:

           Estado de los medios. . . . . . . . . . . : medios desconectados
           Sufijo DNS espec¡fico para la conexi¢n. . :
           Descripci¢n . . . . . . . . . . . . . . . : Dispositivo Bluetooth (Red de  rea personal)
           Direcci¢n f¡sica. . . . . . . . . . . . . : AC-72-89-58-CF-13
           DHCP habilitado . . . . . . . . . . . . . : s¡
           Configuraci¢n autom tica habilitada . . . : s¡

        Adaptador de LAN inal mbrica Wi-Fi:

           Sufijo DNS espec¡fico para la conexi¢n. . :
           Descripci¢n . . . . . . . . . . . . . . . : Intel(R) Centrino(R) Wireless-N 1030
           Direcci¢n f¡sica. . . . . . . . . . . . . : AC-72-89-58-CF-0F
           DHCP habilitado . . . . . . . . . . . . . : s¡
           Configuraci¢n autom tica habilitada . . . : s¡
           V¡nculo: direcci¢n IPv6 local. . . : fe80::e5ef:d278:f419:3ec0%13(Preferido)
           Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.10(Preferido)
           M scara de subred . . . . . . . . . . . . : 255.255.255.0
           Concesi¢n obtenida. . . . . . . . . . . . : lunes, 31 de octubre de 2016 03:25:51 p. m.
           La concesi¢n expira . . . . . . . . . . . : lunes, 31 de octubre de 2016 05:25:51 p. m.
           Puerta de enlace predeterminada . . . . . : 192.168.0.1
           Servidor DHCP . . . . . . . . . . . . . . : 192.168.0.1
           IAID DHCPv6 . . . . . . . . . . . . . . . : 330068617
           DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-1C-B9-00-C8-78-E3-B5-58-E8-33
           Servidores DNS. . . . . . . . . . . . . . : 10.2.9.116
                                               10.3.9.116
           NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado

        Adaptador de Ethernet Ethernet:

           Estado de los medios. . . . . . . . . . . : medios desconectados
           Sufijo DNS espec¡fico para la conexi¢n. . :
           Descripci¢n . . . . . . . . . . . . . . . : Controladora Gigabit Ethernet Qualcomm Atheros AR8151 PCI-E (NDIS 6.30)
           Direcci¢n f¡sica. . . . . . . . . . . . . : 78-E3-B5-58-E8-33
           DHCP habilitado . . . . . . . . . . . . . : no
           Configuraci¢n autom tica habilitada . . . : s¡

        Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

           Estado de los medios. . . . . . . . . . . : medios desconectados
           Sufijo DNS espec¡fico para la conexi¢n. . :
           Descripci¢n . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
           Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
           DHCP habilitado . . . . . . . . . . . . . : no
           Configuraci¢n autom tica habilitada . . . : s¡

        Adaptador de t£nel isatap.{EB8E790F-6F20-4850-87D2-1D129F1DC306}:

           Estado de los medios. . . . . . . . . . . : medios desconectados
           Sufijo DNS espec¡fico para la conexi¢n. . :
           Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft #5
           Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
           DHCP habilitado . . . . . . . . . . . . . : no
           Configuraci¢n autom tica habilitada . . . : s¡
        Servidor:  sevilla.izzi.mx
        Address:  10.2.9.116

        Nombre:  google.com
        Addresses:  2607:f8b0:4000:800::200e
             216.58.218.110


        Haciendo ping a google.com [200.77.168.20] con 32 bytes de datos:
        Respuesta desde 200.77.168.20: bytes=32 tiempo=82ms TTL=56
        Respuesta desde 200.77.168.20: bytes=32 tiempo=22ms TTL=56

        Estad¡sticas de ping para 200.77.168.20:
            Paquetes: enviados = 2, recibidos = 2, perdidos = 0
            (0% perdidos),
        Tiempos aproximados de ida y vuelta en milisegundos:
            M¡nimo = 22ms, M ximo = 82ms, Media = 52ms
        Servidor:  sevilla.izzi.mx
        Address:  10.2.9.116

        Nombre:  yahoo.com
        Addresses:  2001:4998:c:a06::2:4008
             2001:4998:44:204::a7
             2001:4998:58:c02::a9
             98.139.183.24
             98.138.253.109
             206.190.36.45


        Haciendo ping a yahoo.com [206.190.36.45] con 32 bytes de datos:
        Respuesta desde 206.190.36.45: bytes=32 tiempo=92ms TTL=40
        Respuesta desde 206.190.36.45: bytes=32 tiempo=101ms TTL=40

        Estad¡sticas de ping para 206.190.36.45:
            Paquetes: enviados = 2, recibidos = 2, perdidos = 0
            (0% perdidos),
        Tiempos aproximados de ida y vuelta en milisegundos:
            M¡nimo = 92ms, M ximo = 101ms, Media = 96ms

        Haciendo ping a 127.0.0.1 con 32 bytes de datos:
        Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128
        Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128

        Estad¡sticas de ping para 127.0.0.1:
            Paquetes: enviados = 2, recibidos = 2, perdidos = 0
            (0% perdidos),
        Tiempos aproximados de ida y vuelta en milisegundos:
            M¡nimo = 0ms, M ximo = 0ms, Media = 0ms
        ===========================================================================
        ILista de interfaces
         17...ac 72 89 58 cf 10 ......Adaptador virtual de red hospedada de Microsoft
         15...ac 72 89 58 cf 13 ......Dispositivo Bluetooth (Red de  rea personal)
         13...ac 72 89 58 cf 0f ......Intel(R) Centrino(R) Wireless-N 1030
         12...78 e3 b5 58 e8 33 ......Controladora Gigabit Ethernet Qualcomm Atheros AR8151 PCI-E (NDIS 6.30)
          1...........................Software Loopback Interface 1
         19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
         23...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft #5
        ===========================================================================

        IPv4 Tabla de enrutamiento
        ===========================================================================
        Rutas activas:
        Destino de red        M scara de red   Puerta de enlace   Interfaz  M‚trica
                  0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.10     25
                127.0.0.0        255.0.0.0      En v¡nculo         127.0.0.1    306
                127.0.0.1  255.255.255.255      En v¡nculo         127.0.0.1    306
          127.255.255.255  255.255.255.255      En v¡nculo         127.0.0.1    306
              192.168.0.0    255.255.255.0      En v¡nculo      192.168.0.10    281
             192.168.0.10  255.255.255.255      En v¡nculo      192.168.0.10    281
            192.168.0.255  255.255.255.255      En v¡nculo      192.168.0.10    281
                224.0.0.0        240.0.0.0      En v¡nculo         127.0.0.1    306
                224.0.0.0        240.0.0.0      En v¡nculo      192.168.0.10    281
          255.255.255.255  255.255.255.255      En v¡nculo         127.0.0.1    306
          255.255.255.255  255.255.255.255      En v¡nculo      192.168.0.10    281
        ===========================================================================
        Rutas persistentes:
          Ninguno

        IPv6 Tabla de enrutamiento
        ===========================================================================
        Rutas activas:
         Cuando destino de red m‚trica      Puerta de enlace
          1    306 ::1/128                  En v¡nculo
         13    281 fe80::/64                En v¡nculo
         13    281 fe80::e5ef:d278:f419:3ec0/128
                                            En v¡nculo
          1    306 ff00::/8                 En v¡nculo
         13    281 ff00::/8                 En v¡nculo
        ===========================================================================
        Rutas persistentes:
          Ninguno

        ========================= Event log errors: ===============================

        Application errors:
        ==================
        Error: (10/31/2016 03:26:24 PM) (Source: Software Protection Platform Service) (User: )
        Description: Error de la activación de licencia (slui.exe) con el siguiente código:
        hr=0xC004F074
        Argumentos de línea de comandos:
        RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

        Error: (10/31/2016 03:25:49 PM) (Source: Bonjour Service) (User: )
        Description: Task Scheduling Error: m->NextScheduledSPRetry 1172

        Error: (10/31/2016 03:25:49 PM) (Source: Bonjour Service) (User: )
        Description: Task Scheduling Error: m->NextScheduledEvent 1172

        Error: (10/31/2016 01:03:52 AM) (Source: Bonjour Service) (User: )
        Description: Task Scheduling Error: Continuously busy for more than a second

        Error: (10/30/2016 09:27:40 AM) (Source: Software Protection Platform Service) (User: )
        Description: Error de la activación de licencia (slui.exe) con el siguiente código:
        hr=0xC004F074
        Argumentos de línea de comandos:
        RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

        Error: (10/30/2016 09:27:26 AM) (Source: ESENT) (User: )
        Description: taskhostex (1564) Al intentar abrir el archivo "C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" para acceso de sólo lectura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).

        Error: (10/30/2016 08:11:54 AM) (Source: Software Protection Platform Service) (User: )
        Description: Error de la activación de licencia (slui.exe) con el siguiente código:
        hr=0xC004F074
        Argumentos de línea de comandos:
        RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

        Error: (10/30/2016 08:11:40 AM) (Source: ESENT) (User: )
        Description: taskhostex (1428) Al intentar abrir el archivo "C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" para acceso de sólo lectura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).

        Error: (10/30/2016 07:00:53 AM) (Source: Software Protection Platform Service) (User: )
        Description: Error de la activación de licencia (slui.exe) con el siguiente código:
        hr=0xC004F074
        Argumentos de línea de comandos:
        RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

        Error: (10/29/2016 10:25:45 PM) (Source: Software Protection Platform Service) (User: )
        Description: Error de la activación de licencia (slui.exe) con el siguiente código:
        hr=0xC004F074
        Argumentos de línea de comandos:
        RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable


        System errors:
        =============
        Error: (10/31/2016 03:26:15 PM) (Source: Schannel) (User: hp)
        Description: El certificado recibido del servidor remoto no se validó correctamente. El código de error es 0x80092012. Error en la solicitud de conexión SSL. Los datos adjuntos contienen el certificado del servidor.

        Error: (10/31/2016 03:26:15 PM) (Source: Schannel) (User: hp)
        Description: Se generó una alerta irrecuperable y se envió al extremo remoto. Esto puede provocar la finalización de la conexión. El código de error irrecuperable definido del protocolo TLS es 43. El estado del error SChannel de Windows es 552.

        Error: (10/31/2016 03:26:07 PM) (Source: Schannel) (User: hp)
        Description: El certificado recibido del servidor remoto no se validó correctamente. El código de error es 0x80092012. Error en la solicitud de conexión SSL. Los datos adjuntos contienen el certificado del servidor.

        Error: (10/31/2016 03:26:07 PM) (Source: Schannel) (User: hp)
        Description: Se generó una alerta irrecuperable y se envió al extremo remoto. Esto puede provocar la finalización de la conexión. El código de error irrecuperable definido del protocolo TLS es 43. El estado del error SChannel de Windows es 552.

        Error: (10/31/2016 03:26:02 PM) (Source: Schannel) (User: hp)
        Description: El certificado recibido del servidor remoto no se validó correctamente. El código de error es 0x80092012. Error en la solicitud de conexión SSL. Los datos adjuntos contienen el certificado del servidor.

        Error: (10/31/2016 03:26:02 PM) (Source: Schannel) (User: hp)
        Description: Se generó una alerta irrecuperable y se envió al extremo remoto. Esto puede provocar la finalización de la conexión. El código de error irrecuperable definido del protocolo TLS es 43. El estado del error SChannel de Windows es 552.

        Error: (10/31/2016 03:25:59 PM) (Source: Schannel) (User: hp)
        Description: El certificado recibido del servidor remoto no se validó correctamente. El código de error es 0x80092012. Error en la solicitud de conexión SSL. Los datos adjuntos contienen el certificado del servidor.

        Error: (10/31/2016 03:25:59 PM) (Source: Schannel) (User: hp)
        Description: Se generó una alerta irrecuperable y se envió al extremo remoto. Esto puede provocar la finalización de la conexión. El código de error irrecuperable definido del protocolo TLS es 43. El estado del error SChannel de Windows es 552.

        Error: (10/30/2016 07:51:53 PM) (Source: Schannel) (User: hp)
        Description: El certificado recibido del servidor remoto no se validó correctamente. El código de error es 0x80092012. Error en la solicitud de conexión SSL. Los datos adjuntos contienen el certificado del servidor.

        Error: (10/30/2016 07:51:53 PM) (Source: Schannel) (User: hp)
        Description: Se generó una alerta irrecuperable y se envió al extremo remoto. Esto puede provocar la finalización de la conexión. El código de error irrecuperable definido del protocolo TLS es 43. El estado del error SChannel de Windows es 552.


        Microsoft Office Sessions:
        =========================
        Error: (10/31/2016 03:26:24 PM) (Source: Software Protection Platform Service)(User: )
        Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

        Error: (10/31/2016 03:25:49 PM) (Source: Bonjour Service)(User: )
        Description: Task Scheduling Error: m->NextScheduledSPRetry 1172

        Error: (10/31/2016 03:25:49 PM) (Source: Bonjour Service)(User: )
        Description: Task Scheduling Error: m->NextScheduledEvent 1172

        Error: (10/31/2016 01:03:52 AM) (Source: Bonjour Service)(User: )
        Description: Task Scheduling Error: Continuously busy for more than a second

        Error: (10/30/2016 09:27:40 AM) (Source: Software Protection Platform Service)(User: )
        Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

        Error: (10/30/2016 09:27:26 AM) (Source: ESENT)(User: )
        Description: taskhostex1564C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso.

        Error: (10/30/2016 08:11:54 AM) (Source: Software Protection Platform Service)(User: )
        Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

        Error: (10/30/2016 08:11:40 AM) (Source: ESENT)(User: )
        Description: taskhostex1428C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso.

        Error: (10/30/2016 07:00:53 AM) (Source: Software Protection Platform Service)(User: )
        Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

        Error: (10/29/2016 10:25:45 PM) (Source: Software Protection Platform Service)(User: )
        Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable


        ========================= Memory info: ===================================

        Percentage of memory in use: 68%
        Total physical RAM: 4043.86 MB
        Available physical RAM: 1265.61 MB
        Total Virtual: 8651.86 MB
        Available Virtual: 5457.08 MB

        ========================= Partitions: =====================================

        1 Drive c: () (Fixed) (Total:416.59 GB) (Free:43.56 GB) NTFS

        ========================= Users: ========================================

        Cuentas de usuario de \\HP

        30823991A7CF43B2BD33     Administrador            Invitado                 
        user                     
        Se ha completado el comando correctamente.


        **** End of log ****


        _______________________________________ ______________________________

        SECURITY CHECK LOG

         Results of screen317's Security Check version 1.014 --- 12/23/15 
           x64 (UAC is enabled) 
         Internet Explorer 10 Out of date!
        ``````````````Antivirus/Firewall Check:``````````````[/u]
         Windows Security Center service is not running! This report may not be accurate!
        Windows Defender   
         WMI entry may not exist for antivirus; attempting automatic update.
        `````````Anti-malware/Other Utilities Check:`````````[/u]
        ````````Process Check: objlist.exe by Laurent````````[/u] 
        `````````````````System Health check`````````````````[/u]
         Total Fragmentation on Drive C:  %
        ````````````````````End of Log``````````````````````[/u]

        SuperDave

        • Malware Removal Specialist


        • Genius
        • Thanked: 1020
        • Certifications: List
        • Experience: Expert
        • OS: Windows 10
        Re: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears
        « Reply #3 on: October 31, 2016, 07:01:18 PM »
        Can you determine what the computer is doing when the pop-up occurs?
        Windows 8 and Windows 10 dual boot with two SSD's

        supah_dan

          Topic Starter


          Greenhorn

          • Experience: Familiar
          • OS: Windows 8
          Re: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears
          « Reply #4 on: October 31, 2016, 09:47:56 PM »
          Literally anything. Browsing on the internet, playing a game, writing a document, or whatever, but it pops up every minute. It passes exactly a minute between each pop up of the screen.

          SuperDave

          • Malware Removal Specialist


          • Genius
          • Thanked: 1020
          • Certifications: List
          • Experience: Expert
          • OS: Windows 10
          Re: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears
          « Reply #5 on: November 01, 2016, 10:28:15 AM »
          When did it start doing these pop-ups? Did you make any changes to your computer prior to this?
          Windows 8 and Windows 10 dual boot with two SSD's

          supah_dan

            Topic Starter


            Greenhorn

            • Experience: Familiar
            • OS: Windows 8
            Re: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears
            « Reply #6 on: November 01, 2016, 10:35:22 AM »
            No, it started after i entered a page that asked me to turn off my ad blocker. I did, and at the moment a window opened and closed, the pop-ups started to appear every minute.

            SuperDave

            • Malware Removal Specialist


            • Genius
            • Thanked: 1020
            • Certifications: List
            • Experience: Expert
            • OS: Windows 10
            Re: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears
            « Reply #7 on: November 01, 2016, 02:20:48 PM »
            Ok. Let's run some scans to see what's on that computer.

            Please download AdwCleaner by Xplode onto your Desktop.

            Before starting AdwCleaner, close all open programs and internet browsers, then double-click on the AdwCleaner icon.



            If Windows prompts you as to whether or not you wish to run AdwCleaner, please allow it to run.
            When the AdwCleaner program will open, click on the Scan button as shown below.



            AdwCleaner will now start to search for malicious files that may be installed on your computer.
            To remove the files that were detected in the previous step, please click on the Clean button.



            AdwCleaner will now prompt you to save any open files or data as the program will need to reboot the computer. Please do so and then click on the OK button. AdwCleaner will now delete all detected adware from your computer. When it is done it will display an alert that explains what PUPs (Potentially Unwanted Programs) and Adware are. Please read through this information and then press the OK button. You will now be presented with an alert that states AdwCleaner needs to reboot your computer.
            Please click on the OK button to allow AdwCleaner reboot your computer.A log will be produced. Please copy and paste this log in your next reply.
            *********************************************
            Please download Malwarebytes Anti-Malware from here.
            Double Click mbam-setup.exe to install the application.
            • It should update automatically if the computer is connected to the internet.
            • Click on Threat Scan and click on Scan Now.
            • The scan may take some time to finish,so please be patient.
            • When the scan is complete make sure all the infections have "quarantine" selected in the Action box.
            • Click on "Apply actions" You may be asked to Restart your computer to completely remove the infections.
            • When disinfection is completed you can click on "Copy to Clipboard".
            • Paste the log in you next reply (CTRL+ V)
            *************************************************
            Please download Junkware Removal Tool to your desktop.

            Warning! Once the scan is complete JRT will shut down your browser with NO warning.

            Shut down your protection software now to avoid potential conflicts.

            •Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

            •Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

            •The tool will open and start scanning your system.

            •Please be patient as this can take a while to complete depending on your system's specifications.

            •On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

            •Copy and Paste the JRT.txt log into your next message.
            **********************************************************
            Download Security Check by screen317 from the following link and save it to your desktop.

            Security Check

            * Double-click Security Check.bat
            * Follow the on-screen instructions inside of the black box.
            * A Notepad document should open automatically called checkup.txt
            * Post the contents of that document in your next reply.

            Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
            Windows 8 and Windows 10 dual boot with two SSD's

            supah_dan

              Topic Starter


              Greenhorn

              • Experience: Familiar
              • OS: Windows 8
              Re: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears
              « Reply #8 on: November 04, 2016, 12:46:30 PM »
              Sorry for taking so long to reply.
              The AdWare Cleaner link doesn´t work. Should i keep on with the rest of the tools?

              SuperDave

              • Malware Removal Specialist


              • Genius
              • Thanked: 1020
              • Certifications: List
              • Experience: Expert
              • OS: Windows 10
              Re: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears
              « Reply #9 on: November 05, 2016, 11:48:20 AM »
              Yes, please run the other scans. I'll check out that AdwCleaner link.
              Windows 8 and Windows 10 dual boot with two SSD's

              supah_dan

                Topic Starter


                Greenhorn

                • Experience: Familiar
                • OS: Windows 8
                Re: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears
                « Reply #10 on: November 05, 2016, 03:56:36 PM »
                Ok, Here They are
                Also, it looks like the pop-up window is not appearing anymore :DDDD

                THANK YOU SO MUCH!!

                Still, if anything else is required, please tell me to do so

                MALWARE BYTES

                Malwarebytes Anti-Malware
                www.malwarebytes.org

                Fecha del análisis: 04/11/2016
                Hora del análisis: 01:28 p. m.
                Archivo de registro: antimalwarebytesLog.txt
                Administrador: Sí

                Versión: 0.0.0.0000
                Base de datos de malwares: v2016.11.04.07
                Base de datos de rootkits: v2016.10.31.01
                Licencia: Prueba
                Protección contra el malware: Activado
                Protección contra sitios web maliciosos: Activado
                Autoprotección: Desactivado

                SO: Windows 8
                CPU: x64
                Sistema de archivos: NTFS
                Usuario: user

                Tipo de análisis: Análisis de amenazas
                Resultado: Completado
                Objetos analizados: 371494
                Tiempo transcurrido: 39 min, 36 seg

                Memoria: Activado
                Inicio: Activado
                Sistema de archivos: Activado
                Archivo: Activado
                Rootkits: Desactivado
                Heurística: Activado
                PUP: Activado
                PUM: Activado

                Procesos: 0
                (No hay elementos maliciosos detectados)

                Módulos: 0
                (No hay elementos maliciosos detectados)

                Claves del registro: 0
                (No hay elementos maliciosos detectados)

                Valores del registro: 0
                (No hay elementos maliciosos detectados)

                Datos del registro: 0
                (No hay elementos maliciosos detectados)

                Carpetas: 0
                (No hay elementos maliciosos detectados)

                Archivos: 0
                (No hay elementos maliciosos detectados)

                Sectores físicos: 0
                (No hay elementos maliciosos detectados)


                (end)


                _______________________________________ ____________________________________-


                JRT

                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                Junkware Removal Tool (JRT) by Malwarebytes
                Version: 8.0.9 (09.30.2016)
                Operating System: Windows 8 Pro x64
                Ran by user (Administrator) on 05/11/2016 at 11:57:42.42
                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




                File System: 21

                Successfully deleted: C:\end (File)
                Successfully deleted: C:\ProgramData\Start Menu\Programs\mipony (Folder)
                Successfully deleted: C:\Users\user\AppData\Roaming\elex-tech (Folder)
                Successfully deleted: C:\Users\user\AppData\Roaming\mipony (Folder)
                Successfully deleted: C:\Program Files (x86)\mipony (Folder)
                Successfully deleted: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VPM7T4H (Temporary Internet Files Folder)
                Successfully deleted: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1U9WYG59 (Temporary Internet Files Folder)
                Successfully deleted: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2K8RCV06 (Temporary Internet Files Folder)
                Successfully deleted: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FM2EMZKP (Temporary Internet Files Folder)
                Successfully deleted: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLCUN4E2 (Temporary Internet Files Folder)
                Successfully deleted: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QWVCM0AL (Temporary Internet Files Folder)
                Successfully deleted: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UKTZNWEA (Temporary Internet Files Folder)
                Successfully deleted: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3PR5DQ2 (Temporary Internet Files Folder)
                Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VPM7T4H (Temporary Internet Files Folder)
                Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1U9WYG59 (Temporary Internet Files Folder)
                Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2K8RCV06 (Temporary Internet Files Folder)
                Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FM2EMZKP (Temporary Internet Files Folder)
                Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLCUN4E2 (Temporary Internet Files Folder)
                Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QWVCM0AL (Temporary Internet Files Folder)
                Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UKTZNWEA (Temporary Internet Files Folder)
                Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3PR5DQ2 (Temporary Internet Files Folder)



                Registry: 0





                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                Scan was completed on 05/11/2016 at 12:00:43.43
                End of JRT log
                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


                _______________________________________ _______________________________________ ____________


                SECURITY CHECK


                 Results of screen317's Security Check version 1.014 --- 12/23/15 
                   x64 (UAC is enabled) 
                 Internet Explorer 10 Out of date!
                ``````````````Antivirus/Firewall Check:``````````````[/u]
                 Windows Security Center service is not running! This report may not be accurate!
                Windows Defender   
                 WMI entry may not exist for antivirus; attempting automatic update.
                `````````Anti-malware/Other Utilities Check:`````````[/u]
                ````````Process Check: objlist.exe by Laurent````````[/u] 
                 Malwarebytes Anti-Malware mbamscheduler.exe   
                `````````````````System Health check`````````````````[/u]
                 Total Fragmentation on Drive C:  %
                ````````````````````End of Log``````````````````````[/u]



                SuperDave

                • Malware Removal Specialist


                • Genius
                • Thanked: 1020
                • Certifications: List
                • Experience: Expert
                • OS: Windows 10
                Re: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears
                « Reply #11 on: November 06, 2016, 11:07:11 AM »
                What are you using for your Anti-Virus?
                Windows 8 and Windows 10 dual boot with two SSD's

                supah_dan

                  Topic Starter


                  Greenhorn

                  • Experience: Familiar
                  • OS: Windows 8
                  Re: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears
                  « Reply #12 on: November 06, 2016, 12:29:08 PM »
                  To be honest, nothing  ;D

                  SuperDave

                  • Malware Removal Specialist


                  • Genius
                  • Thanked: 1020
                  • Certifications: List
                  • Experience: Expert
                  • OS: Windows 10
                  Re: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears
                  « Reply #13 on: November 07, 2016, 01:09:24 PM »
                  Quote
                  To be honest, nothing 
                  You should install MSE. MicroSoft Security Essentials   All versions and all languages.

                  You can find AdwCleaner here.
                  Windows 8 and Windows 10 dual boot with two SSD's

                  supah_dan

                    Topic Starter


                    Greenhorn

                    • Experience: Familiar
                    • OS: Windows 8
                    Re: HELP! C://Windows/system32/ipconfig.exe window pops up and dissapears
                    « Reply #14 on: November 09, 2016, 08:30:39 PM »
                    I will, Thank you so so much for your support  :)
                    Just a final question: How much will MSE affect the performance of my computer?