• Registrarse
  • Iniciar sesión


  • Página 2 de 2 PrimeroPrimero 12
    Resultados 11 al 20 de 20

    ads.smartadtags.com

    Bien, encontré el archivo que me has solicitado originalmente, es el siguiente. Y a continuación de el te paso el de hoy. All processes killed ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set ...

    1. #11
      Usuario Avatar de Comby
      Registrado
      jun 2015
      Ubicación
      Argentina
      Mensajes
      11

      Re: ads.smartadtags.com

      Bien, encontré el archivo que me has solicitado originalmente, es el siguiente. Y a continuación de el te paso el de hoy.

      All processes killed
      ========== OTL ==========
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\| /E : value set successfully!
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
      HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\| /E : value set successfully!
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\Web Components\ deleted successfully.
      C:\Users\comby fabian\AppData\Roaming\mozilla\Extensions folder moved successfully.
      C:\Users\comby fabian\AppData\Roaming\mozilla\Firefox\Profiles\zl250h57.default\extensions folder moved successfully.
      C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
      C:\Program Files (x86)\mozilla firefox\browser\extensions folder moved successfully.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
      File Protocol\Handler\ms-help - No CLSID value found not found.
      64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      ADS C:\ProgramData\TEMP:56E2E879 deleted successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\comby fabian\Downloads\cmd.bat deleted successfully.
      C:\Users\comby fabian\Downloads\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      Adaptador de Ethernet Conexi¢n de *rea local:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      V¡nculo: direcci¢n IPv6 local. . . : fe80::75c4:f94b:2bcd:eb47%11
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.13
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.0.1
      Adaptador de t£nel isatap.{02575713-13CF-4FE6-8D76-1F5423C39971}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Conexi¢n de *rea local*:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      C:\Users\comby fabian\Downloads\cmd.bat deleted successfully.
      C:\Users\comby fabian\Downloads\cmd.txt deleted successfully.
      ========== COMMANDS ==========

      [EMPTYFLASH]

      User: All Users

      User: comby fabian
      ->Flash cache emptied: 6517 bytes

      User: Default

      User: Default User

      User: Public

      User: UpdatusUser

      User: Usuario

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: All Users

      User: comby fabian
      ->Temp folder emptied: 11871 bytes
      ->Temporary Internet Files folder emptied: 6153140 bytes
      ->FireFox cache emptied: 371860621 bytes
      ->Flash cache emptied: 0 bytes

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Public

      User: UpdatusUser
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Usuario
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 5840207 bytes
      ->FireFox cache emptied: 7806300 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 8606 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
      RecycleBin emptied: 27194050 bytes

      Total Files Cleaned = 400,00 mb

      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTL by OldTimer - Version 3.2.69.0 log created on 07012015_074436

      Files\Folders moved on Reboot...
      C:\Users\comby fabian\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
      C:\Users\comby fabian\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...





      El que sigue es el de hoy, el último generado

      All processes killed
      ========== OTL ==========
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\| /E : value set successfully!
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
      HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\| /E : value set successfully!
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\Web Components\ not found.
      C:\Users\comby fabian\AppData\Roaming\mozilla\Extensions folder moved successfully.
      Folder C:\Users\comby fabian\AppData\Roaming\mozilla\Firefox\Profiles\zl250h57.default\extensions\ not found.
      Folder C:\Program Files (x86)\mozilla firefox\browser\extensions\ not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser not found.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ not found.
      File Protocol\Handler\ms-help - No CLSID value found not found.
      64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      Unable to delete ADS C:\ProgramData\TEMP:56E2E879 .
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.
      C:\Users\comby fabian\Desktop\cmd.bat deleted successfully.
      C:\Users\comby fabian\Desktop\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      C:\Users\comby fabian\Desktop\cmd.bat deleted successfully.
      C:\Users\comby fabian\Desktop\cmd.txt deleted successfully.
      ========== COMMANDS ==========

      [EMPTYFLASH]

      User: All Users

      User: comby fabian
      ->Flash cache emptied: 1208 bytes

      User: Default

      User: Default User

      User: Public

      User: UpdatusUser

      User: Usuario

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: All Users

      User: comby fabian
      ->Temp folder emptied: 765 bytes
      ->Temporary Internet Files folder emptied: 4096 bytes
      ->FireFox cache emptied: 29609501 bytes
      ->Flash cache emptied: 0 bytes

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Public

      User: UpdatusUser
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Usuario
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->FireFox cache emptied: 0 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 0 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
      RecycleBin emptied: 291866240 bytes

      Total Files Cleaned = 307,00 mb

      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTL by OldTimer - Version 3.2.69.0 log created on 07032015_151410

      Files\Folders moved on Reboot...
      File move failed. C:\Users\comby fabian\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
      File move failed. C:\Users\comby fabian\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

    2. #12
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: ads.smartadtags.com

      Bien, ahora,..

      Continua el problema planteado?
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de Comby
      Registrado
      jun 2015
      Ubicación
      Argentina
      Mensajes
      11

      Re: ads.smartadtags.com

      Si. El problema continua. Solo que ahora cambio de pagina redireccionada, Al ingresar a blog-peliculas.com cualquier clic que haga sobre esa página es direccionado a http://promo.24hsvideos.com.ar o a Moviplay : la mejor diversión para tu móvil

    4. #14
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: ads.smartadtags.com

      Descarga Farbar Recovery Scan Tool.

      Selecciona la descarga de acuerdo a la arquitectura de tu Sistema Operativo. (32 0 64 bits)
      ¿Cómo saber si mi Windows es de 32 o 64 bits?

      • La guardas en el Escritorio >> Esto es muy importante..
      • Con todos los programas /ventanas cerrados, doble clic para ejecutar Frst.exe/Frst64.exe según el caso.
      • En la ventana del Disclaimer, presiona Yes.
      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.
      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta.
      • Utiliza dos mensajes si te dice que es muy largo.




      Esperamos esos reportes.
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #15
      Usuario Avatar de Comby
      Registrado
      jun 2015
      Ubicación
      Argentina
      Mensajes
      11

      Re: ads.smartadtags.com

      Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
      Ran by Comby Fabian at 2015-07-06 13:52:53
      Running from C:\Users\comby fabian\Desktop
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-1647695059-906126037-2759328499-500 - Administrator - Disabled)
      Invitado (S-1-5-21-1647695059-906126037-2759328499-501 - Limited - Disabled)
      UpdatusUser (S-1-5-21-1647695059-906126037-2759328499-1001 - Limited - Enabled) => C:\Users\UpdatusUser
      Usuario (S-1-5-21-1647695059-906126037-2759328499-1000 - Administrator - Enabled) => C:\Users\Usuario

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
      AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
      FW: Firewall personal de ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

      ==================== Installed Programs ======================

      (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      Actualización de NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
      Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
      Adobe Reader XI (11.0.11) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
      aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
      CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
      Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
      Eines de correcció del Microsoft Office 2013: català (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
      ESET Smart Security (HKLM\...\{413E5248-BDE5-47D0-917B-D509AAF3F16A}) (Version: 8.0.304.1 - ESET, spol s r. o.)
      Ferramentas de verificación de Microsoft Office 2013 - Galego (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
      Hikvision Tools (HKLM-x32\...\{9B5AA48E-8104-47FA-A8D8-F35DAADC7CC8}) (Version: 1.00.000 - company)
      K-Lite Mega Codec Pack 4.5.3 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 4.5.3 - )
      Malwarebytes Anti-Malware versión 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
      Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
      Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
      MiPony 2.2.1 (HKLM-x32\...\MiPony) (Version: 2.2.1 - )
      Mozilla Firefox 38.0.5 (x86 es-AR) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 es-AR)) (Version: 38.0.5 - Mozilla)
      Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
      NetDVR_V3 (HKLM-x32\...\NetDVR_V3) (Version: - )
      NVIDIA Controlador de gráficos 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
      NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
      Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
      Panel de control de NVIDIA 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
      Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
      Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
      Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
      Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
      Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
      Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{DAFCD7DE-1531-4483-9F53-170766074E85}) (Version: - Microsoft)
      Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
      Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
      Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
      Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: - )

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== Restore Points =========================

      19-06-2015 09:05:32 Windows Update
      23-06-2015 07:04:40 Windows Update
      25-06-2015 11:46:38 Revo Uninstaller's restore point - Web Components
      25-06-2015 13:03:53 OTL Restore Point - 25/06/2015 01:03:51 p.m.
      26-06-2015 14:30:35 Revo Uninstaller's restore point - Mozilla Firefox 38.0.5 (x86 es-AR)
      29-06-2015 07:03:19 Windows Update
      30-06-2015 07:29:46 OTL Restore Point - 30/06/2015 07:29:44 a.m.
      03-07-2015 09:45:45 Windows Update

      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2015-01-27 06:53 - 2015-07-03 15:14 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
      127.0.0.1 localhost
      ::1 localhost

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {46A3165C-987F-41D0-972A-F841430C029E} - \SPBIW_UpdateTask_Time_323234383335393635322d4a555b6c5a5a785745413734 No Task File <==== ATTENTION
      Task: {664F0A58-ACB9-42A1-9745-AB0AEEE3B06E} - System32\Tasks\{E2A96EBB-4F80-4549-8006-FBA82C781466} => pcalua.exe -a "C:\Users\comby fabian\AppData\Roaming\mystartsearch\UninstallManager.exe" -c -ptid=smt
      Task: {6D3768A6-6053-409D-A7E6-94FC858473F9} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-10-28] ()
      Task: {927579F2-059A-498D-8764-3C517298167B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
      Task: {9B026069-0568-42B2-BC8E-C761EDD26685} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
      Task: {B1DE09F4-EBFE-4485-B9D8-5D0A4B88C0BD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
      Task: {E25536A2-D35B-4FF4-BE09-9353E7F16F40} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
      Task: {F4F26E94-386F-475D-B980-91C9F1D053D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
      Task: {F8CB4667-0D33-448A-9734-0633B920989E} - \Installer_iwebar No Task File <==== ATTENTION
      Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

      ==================== Loaded Modules (Whitelisted) ==============

      2014-10-27 13:19 - 2013-01-31 06:25 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
      2014-10-28 10:41 - 2009-12-12 15:12 - 00052224 _____ () C:\Program Files (x86)\WinRar\rarext64.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


      ==================== EXE Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-211125766-478257193-664501915-2241\Control Panel\Desktop\\Wallpaper ->
      DNS Servers: 200.42.4.207 - 200.49.130.44

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      (Currently there is no automatic fix for this section.)


      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{5A5687BA-C6EC-44A2-B8AB-3C652777E321}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      FirewallRules: [{87C9C94C-6974-47F5-B6C6-4D2FB6449E8E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      FirewallRules: [{B9005C47-9DBA-414E-B5E6-BB253725874E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
      FirewallRules: [{EAD59D57-4BF6-4646-B8CB-FAE7F1092E33}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
      FirewallRules: [{5CD47A13-2CF6-4741-A853-F0AC93E9142E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
      FirewallRules: [{2C1D9532-3A05-4C04-8A1B-4B5BCC1F9570}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
      FirewallRules: [TCP Query User{DDB0412A-669C-4BF9-9999-074C073C6E6F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
      FirewallRules: [UDP Query User{82BB0670-C6BA-4116-8DEF-5553DA45F002}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
      FirewallRules: [{CDCBDBA7-C9DF-4F91-BCC3-5F86E1CA3ECB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
      FirewallRules: [{0BB0196E-CA04-4E42-BE8A-9DB9E12D8536}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
      FirewallRules: [{10BB14C6-E412-4F67-B1EB-6EF47BB72BA8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
      FirewallRules: [{6E393328-83C2-4B69-A42E-E68E855DF1FD}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
      FirewallRules: [{869581A4-4CB4-482A-8541-B644510944F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{C99348D9-CF40-4C69-A0D0-D47BD1EA53CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (07/06/2015 07:08:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/03/2015 03:36:31 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
      Description: Failed to schedule Software Protection service for re-start at 2015-07-10T18:21:31Z. Error Code: 0x80071A90.

      Error: (07/03/2015 03:23:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/03/2015 03:16:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/03/2015 03:09:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/03/2015 09:37:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/02/2015 07:02:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/01/2015 07:50:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/01/2015 07:47:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/01/2015 07:43:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


      System errors:
      =============
      Error: (07/06/2015 11:06:58 AM) (Source: NETLOGON) (EventID: 5719) (User: )
      Description: Este equipo no pudo establecer una sesión segura con un controlador de
      dominio en el dominio DMIPLYC debido a lo siguiente:
      %%1311

      Esto puede derivar en problemas de autenticación. Asegúrese de que el
      equipo esté conectado a la red. Si el problema persiste,
      póngase en contacto con el administrador de dominio.



      INFORMACIÓN ADICIONAL

      Si este equipo es un controlador de dominio para el dominio especificado,
      establece la sesión segura con el emulador del controlador de dominio primario en el dominio
      especificado. De lo contrario, este equipo establece la sesión segura con cualquier controlador de dominio
      en el dominio especificado.

      Error: (07/06/2015 07:19:42 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: DMIPLYC)
      Description: No se puede procesar la directiva de grupo debido a que no se puede conectar a un controlador de dominio a través de la red. Esta condición puede ser temporal. Se podría generar un mensaje de operación correcta una vez que el equipo se conecte al controlador de dominio y la directiva de grupo se procese correctamente. Póngase en contacto con el administrador si no ve un mensaje de operación correcta en un algún par de horas.

      Error: (07/06/2015 07:07:08 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
      Description: No se puede procesar la directiva de grupo debido a que no se puede conectar a un controlador de dominio a través de la red. Esta condición puede ser temporal. Se podría generar un mensaje de operación correcta una vez que el equipo se conecte al controlador de dominio y la directiva de grupo se procese correctamente. Póngase en contacto con el administrador si no ve un mensaje de operación correcta en un algún par de horas.

      Error: (07/06/2015 07:06:39 AM) (Source: NETLOGON) (EventID: 5719) (User: )
      Description: Este equipo no pudo establecer una sesión segura con un controlador de
      dominio en el dominio DMIPLYC debido a lo siguiente:
      %%1311

      Esto puede derivar en problemas de autenticación. Asegúrese de que el
      equipo esté conectado a la red. Si el problema persiste,
      póngase en contacto con el administrador de dominio.



      INFORMACIÓN ADICIONAL

      Si este equipo es un controlador de dominio para el dominio especificado,
      establece la sesión segura con el emulador del controlador de dominio primario en el dominio
      especificado. De lo contrario, este equipo establece la sesión segura con cualquier controlador de dominio
      en el dominio especificado.

      Error: (07/03/2015 03:21:58 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: DMIPLYC)
      Description: No se puede procesar la directiva de grupo debido a que no se puede conectar a un controlador de dominio a través de la red. Esta condición puede ser temporal. Se podría generar un mensaje de operación correcta una vez que el equipo se conecte al controlador de dominio y la directiva de grupo se procese correctamente. Póngase en contacto con el administrador si no ve un mensaje de operación correcta en un algún par de horas.

      Error: (07/03/2015 03:21:57 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
      Description: No se puede procesar la directiva de grupo debido a que no se puede conectar a un controlador de dominio a través de la red. Esta condición puede ser temporal. Se podría generar un mensaje de operación correcta una vez que el equipo se conecte al controlador de dominio y la directiva de grupo se procese correctamente. Póngase en contacto con el administrador si no ve un mensaje de operación correcta en un algún par de horas.

      Error: (07/03/2015 03:21:28 PM) (Source: NETLOGON) (EventID: 5719) (User: )
      Description: Este equipo no pudo establecer una sesión segura con un controlador de
      dominio en el dominio DMIPLYC debido a lo siguiente:
      %%1311

      Esto puede derivar en problemas de autenticación. Asegúrese de que el
      equipo esté conectado a la red. Si el problema persiste,
      póngase en contacto con el administrador de dominio.



      INFORMACIÓN ADICIONAL

      Si este equipo es un controlador de dominio para el dominio especificado,
      establece la sesión segura con el emulador del controlador de dominio primario en el dominio
      especificado. De lo contrario, este equipo establece la sesión segura con cualquier controlador de dominio
      en el dominio especificado.

      Error: (07/03/2015 03:15:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      %%1068

      Error: (07/03/2015 03:15:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      %%1068

      Error: (07/03/2015 03:15:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      %%1068


      Microsoft Office:
      =========================
      Error: (07/06/2015 07:08:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/03/2015 03:36:31 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
      Description: 0x80071A902015-07-10T18:21:31Z

      Error: (07/03/2015 03:23:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/03/2015 03:16:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/03/2015 03:09:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/03/2015 09:37:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/02/2015 07:02:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/01/2015 07:50:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/01/2015 07:47:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

      Error: (07/01/2015 07:43:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


      CodeIntegrity Errors:
      ===================================
      Date: 2015-07-06 13:12:49.150
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume4\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2015-07-06 07:57:30.674
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume4\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2015-07-06 07:34:52.353
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume4\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2015-07-06 07:19:44.838
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume4\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2015-07-06 07:06:37.925
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume4\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2015-07-03 15:43:59.942
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume4\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2015-07-03 15:21:26.363
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume4\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2015-07-03 11:43:56.348
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume4\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2015-07-03 09:47:36.120
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume4\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2015-07-03 09:35:37.143
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume4\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


      ==================== Memory info ===========================

      Processor: AMD Phenom(tm) II X4 965 Processor
      Percentage of memory in use: 40%
      Total physical RAM: 2815.23 MB
      Available physical RAM: 1671.48 MB
      Total Virtual: 5628.66 MB
      Available Virtual: 4323.27 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:180.57 GB) (Free:123.03 GB) NTFS
      Drive d: () (Fixed) (Total:29.29 GB) (Free:29.09 GB) NTFS
      Drive e: () (Fixed) (Total:45.23 GB) (Free:11.42 GB) NTFS
      Drive f: () (Fixed) (Total:285.1 GB) (Free:91.58 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (Size: 74.5 GB) (Disk ID: 052F052F)
      Partition 1: (Active) - (Size=29.3 GB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=45.2 GB) - (Type=OF Extended)

      ========================================================
      Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C1B96DF7)
      Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=180.6 GB) - (Type=07 NTFS)
      Partition 3: (Not Active) - (Size=285.1 GB) - (Type=07 NTFS)

      ==================== End of log ============================

    6. #16
      Usuario Avatar de Comby
      Registrado
      jun 2015
      Ubicación
      Argentina
      Mensajes
      11

      Re: ads.smartadtags.com

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
      Ran by Comby Fabian (administrator) on LABPC01 on 06-07-2015 13:52:16
      Running from C:\Users\comby fabian\Desktop
      Loaded Profiles: UpdatusUser & Comby Fabian (Available Profiles: Usuario & UpdatusUser & Comby Fabian)
      Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: FF)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
      (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
      (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe


      ==================== Registry (Whitelisted) ==================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET)
      HKU\S-1-5-21-211125766-478257193-664501915-2241\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      HKU\S-1-5-21-211125766-478257193-664501915-2241\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
      HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = Google
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
      HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
      HKU\S-1-5-21-211125766-478257193-664501915-2241\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
      SearchScopes: HKLM -> DefaultScope value is missing
      SearchScopes: HKLM-x32 -> DefaultScope value is missing
      SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
      BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
      BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
      BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
      Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
      Tcpip\Parameters: [DhcpNameServer] 200.42.4.207 200.49.130.44
      Tcpip\..\Interfaces\{02575713-13CF-4FE6-8D76-1F5423C39971}: [DhcpNameServer] 200.42.4.207 200.49.130.44

      FireFox:
      ========
      FF ProfilePath: C:\Users\comby fabian\AppData\Roaming\Mozilla\Firefox\Profiles\zl250h57.default
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-24] ()
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
      FF Plugin-x32: @QVision/NetDVR_V3 -> C:\Program Files\QVision\V3\npnetdvrV3.dll [2012-12-05] ()
      FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.)
      FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
      FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\creativecommons.xml [2015-05-26]
      FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolibre-ar.xml [2015-05-26]

      ==================== Services (Whitelisted) =================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET)
      S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
      R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

      ==================== Drivers (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
      U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET)
      R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
      R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2014-10-10] (ESET)
      R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2014-10-10] (ESET)
      R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-10-10] (ESET)
      R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
      S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
      R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
      R2 SADP_NPF; C:\Windows\SysWOW64\drivers\sadp_npf64.sys [35344 2012-09-24] (CACE Technologies, Inc.)
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2015-07-06 13:52 - 2015-07-06 13:52 - 00008084 _____ C:\Users\comby fabian\Desktop\FRST.txt
      2015-07-06 13:52 - 2015-07-06 13:52 - 00000000 ____D C:\FRST
      2015-07-06 13:51 - 2015-07-06 13:50 - 02112512 _____ (Farbar) C:\Users\comby fabian\Desktop\FRST64.exe
      2015-07-06 13:50 - 2015-07-06 13:50 - 02112512 _____ (Farbar) C:\Users\comby fabian\Downloads\FRST64.exe
      2015-07-03 15:21 - 2015-07-06 07:06 - 00000112 _____ C:\Windows\setupact.log
      2015-07-03 15:21 - 2015-07-03 15:21 - 00000000 _____ C:\Windows\setuperr.log
      2015-07-03 15:05 - 2015-06-25 12:58 - 00602112 _____ (OldTimer Tools) C:\Users\comby fabian\Desktop\OTL.exe
      2015-07-01 07:44 - 2015-07-01 07:44 - 00000000 ____D C:\_OTL
      2015-07-01 07:40 - 2015-07-01 07:40 - 00000000 ____D C:\Windows\pss
      2015-07-01 07:27 - 2015-07-01 07:27 - 00002722 _____ C:\Users\comby fabian\Desktop\repara otl.txt
      2015-07-01 07:24 - 2015-07-01 07:24 - 00000263 _____ C:\DelFix.txt
      2015-07-01 07:24 - 2015-07-01 07:23 - 00781312 _____ C:\Users\comby fabian\Desktop\delfix.exe
      2015-07-01 07:23 - 2015-07-01 07:23 - 00781312 _____ C:\Users\comby fabian\Downloads\delfix.exe
      2015-06-30 13:34 - 2015-06-30 13:34 - 01405680 _____ ( ) C:\Users\comby fabian\Downloads\WebComponents(1).exe
      2015-06-26 14:42 - 2015-06-26 14:42 - 00001155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      2015-06-26 14:42 - 2015-06-26 14:42 - 00001143 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
      2015-06-26 14:42 - 2015-06-26 14:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2015-06-26 14:42 - 2015-06-26 14:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2015-06-26 14:39 - 2015-06-26 14:39 - 00243464 _____ C:\Users\comby fabian\Downloads\Firefox Setup Stub 38.0.5.exe
      2015-06-26 13:31 - 2015-06-26 13:42 - 00003310 _____ C:\InfoSat.txt
      2015-06-26 13:13 - 2015-06-26 13:13 - 00001274 _____ C:\Users\comby fabian\Desktop\EliStarA.exe - Acceso directo.lnk
      2015-06-26 13:12 - 2015-06-26 14:39 - 00862851 _____ (Satinfo SL.) C:\Users\comby fabian\EliStarA.exe
      2015-06-26 09:56 - 2015-06-26 09:56 - 00001284 _____ C:\Users\comby fabian\Desktop\Malwarebytes.txt
      2015-06-26 09:41 - 2015-06-26 09:41 - 00000839 _____ C:\Users\comby fabian\Desktop\JRT.txt
      2015-06-26 09:40 - 2015-06-26 09:40 - 00000207 _____ C:\Windows\tweaking.com-regbackup-LABPC01-Windows-7-Ultimate-(64-bit).dat
      2015-06-26 09:40 - 2015-06-26 09:40 - 00000000 ____D C:\RegBackup
      2015-06-26 09:38 - 2015-06-26 09:38 - 02950453 _____ (Malwarebytes Corporation) C:\Users\comby fabian\Downloads\JRT(1).exe
      2015-06-26 09:17 - 2015-06-26 09:17 - 00001352 _____ C:\Users\comby fabian\Desktop\AdwCleaner[S1].txt
      2015-06-26 09:10 - 2015-06-26 09:10 - 02244096 _____ C:\Users\comby fabian\Downloads\adwcleaner_4.207.exe
      2015-06-25 13:13 - 2015-06-30 07:34 - 00048846 _____ C:\Users\comby fabian\Downloads\OTL.Txt
      2015-06-25 13:13 - 2015-06-25 13:13 - 00036996 _____ C:\Users\comby fabian\Downloads\Extras.Txt
      2015-06-25 12:58 - 2015-06-25 12:58 - 00602112 _____ (OldTimer Tools) C:\Users\comby fabian\Downloads\OTL.exe
      2015-06-22 10:55 - 2015-06-22 10:55 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2015-06-22 10:55 - 2015-06-22 10:55 - 00000000 ____D C:\Program Files\CCleaner
      2015-06-22 10:54 - 2015-06-22 10:54 - 06549184 _____ (Piriform Ltd) C:\Users\comby fabian\Downloads\ccsetup506.exe
      2015-06-10 12:55 - 2015-06-10 12:55 - 00010125 _____ C:\Users\comby fabian\Documents\Presupuesto Alfo Cámaras.xlsx
      2015-06-10 08:01 - 2015-05-25 15:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2015-06-10 08:01 - 2015-05-25 15:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
      2015-06-10 08:01 - 2015-05-25 15:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
      2015-06-10 08:01 - 2015-05-25 15:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
      2015-06-10 08:01 - 2015-05-25 15:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
      2015-06-10 08:01 - 2015-05-25 15:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
      2015-06-10 08:01 - 2015-05-25 15:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
      2015-06-10 08:01 - 2015-05-25 15:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
      2015-06-10 08:01 - 2015-05-25 15:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
      2015-06-10 08:01 - 2015-05-25 15:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
      2015-06-10 08:01 - 2015-05-25 15:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
      2015-06-10 08:01 - 2015-05-25 15:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
      2015-06-10 08:01 - 2015-05-25 15:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
      2015-06-10 08:01 - 2015-05-25 15:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
      2015-06-10 08:01 - 2015-05-25 15:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
      2015-06-10 08:01 - 2015-05-25 15:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
      2015-06-10 08:01 - 2015-05-25 15:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
      2015-06-10 08:01 - 2015-05-25 15:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
      2015-06-10 08:01 - 2015-05-25 15:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
      2015-06-10 08:01 - 2015-05-25 15:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 15:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
      2015-06-10 08:01 - 2015-05-25 15:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
      2015-06-10 08:01 - 2015-05-25 15:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
      2015-06-10 08:01 - 2015-05-25 15:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
      2015-06-10 08:01 - 2015-05-25 15:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
      2015-06-10 08:01 - 2015-05-25 15:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
      2015-06-10 08:01 - 2015-05-25 15:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
      2015-06-10 08:01 - 2015-05-25 15:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
      2015-06-10 08:01 - 2015-05-25 15:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
      2015-06-10 08:01 - 2015-05-25 15:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
      2015-06-10 08:01 - 2015-05-25 15:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
      2015-06-10 08:01 - 2015-05-25 15:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
      2015-06-10 08:01 - 2015-05-25 15:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
      2015-06-10 08:01 - 2015-05-25 15:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
      2015-06-10 08:01 - 2015-05-25 15:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
      2015-06-10 08:01 - 2015-05-25 15:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
      2015-06-10 08:01 - 2015-05-25 15:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
      2015-06-10 08:01 - 2015-05-25 15:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
      2015-06-10 08:01 - 2015-05-25 15:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
      2015-06-10 08:01 - 2015-05-25 15:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
      2015-06-10 08:01 - 2015-05-25 15:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
      2015-06-10 08:01 - 2015-05-25 15:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
      2015-06-10 08:01 - 2015-05-25 15:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
      2015-06-10 08:01 - 2015-05-25 14:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
      2015-06-10 08:01 - 2015-05-25 14:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
      2015-06-10 08:01 - 2015-05-25 14:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
      2015-06-10 08:01 - 2015-05-25 14:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
      2015-06-10 08:01 - 2015-05-25 14:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
      2015-06-10 08:01 - 2015-05-25 14:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 14:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
      2015-06-10 08:01 - 2015-05-25 14:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
      2015-06-10 08:01 - 2015-05-25 13:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
      2015-06-10 08:01 - 2015-05-25 13:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
      2015-06-10 08:01 - 2015-05-25 13:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 13:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 13:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-25 13:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
      2015-06-10 08:01 - 2015-05-22 15:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
      2015-06-10 08:01 - 2015-05-22 15:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
      2015-06-10 08:01 - 2015-05-22 15:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
      2015-06-10 08:01 - 2015-05-22 15:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
      2015-06-10 08:01 - 2015-05-22 15:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
      2015-06-10 08:01 - 2015-05-22 15:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
      2015-06-10 08:01 - 2015-05-22 15:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
      2015-06-10 08:01 - 2015-05-21 10:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
      2015-06-10 08:01 - 2015-04-29 15:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
      2015-06-10 08:01 - 2015-04-29 15:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
      2015-06-10 08:01 - 2015-04-29 15:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
      2015-06-10 08:01 - 2015-04-29 15:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
      2015-06-10 08:01 - 2015-04-29 15:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
      2015-06-10 08:01 - 2015-04-29 15:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
      2015-06-10 08:01 - 2015-04-29 15:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
      2015-06-10 08:01 - 2015-04-29 15:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
      2015-06-10 08:01 - 2015-04-29 15:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
      2015-06-10 08:01 - 2015-04-29 15:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
      2015-06-10 08:01 - 2015-04-24 15:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
      2015-06-10 08:01 - 2015-04-24 14:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
      2015-06-10 08:00 - 2015-06-01 16:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
      2015-06-10 08:00 - 2015-06-01 15:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
      2015-06-10 08:00 - 2015-05-27 11:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2015-06-10 08:00 - 2015-05-27 11:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2015-06-10 08:00 - 2015-05-23 00:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
      2015-06-10 08:00 - 2015-05-23 00:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
      2015-06-10 08:00 - 2015-05-23 00:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
      2015-06-10 08:00 - 2015-05-23 00:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
      2015-06-10 08:00 - 2015-05-23 00:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
      2015-06-10 08:00 - 2015-05-23 00:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
      2015-06-10 08:00 - 2015-05-23 00:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
      2015-06-10 08:00 - 2015-05-23 00:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
      2015-06-10 08:00 - 2015-05-23 00:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
      2015-06-10 08:00 - 2015-05-23 00:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
      2015-06-10 08:00 - 2015-05-23 00:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
      2015-06-10 08:00 - 2015-05-23 00:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
      2015-06-10 08:00 - 2015-05-23 00:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
      2015-06-10 08:00 - 2015-05-22 23:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
      2015-06-10 08:00 - 2015-05-22 23:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
      2015-06-10 08:00 - 2015-05-22 23:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
      2015-06-10 08:00 - 2015-05-22 23:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
      2015-06-10 08:00 - 2015-05-22 23:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2015-06-10 08:00 - 2015-05-22 23:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
      2015-06-10 08:00 - 2015-05-22 23:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
      2015-06-10 08:00 - 2015-05-22 23:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
      2015-06-10 08:00 - 2015-05-22 23:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
      2015-06-10 08:00 - 2015-05-22 23:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
      2015-06-10 08:00 - 2015-05-22 23:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
      2015-06-10 08:00 - 2015-05-22 23:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
      2015-06-10 08:00 - 2015-05-22 23:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
      2015-06-10 08:00 - 2015-05-22 16:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
      2015-06-10 08:00 - 2015-05-22 16:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
      2015-06-10 08:00 - 2015-05-22 16:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
      2015-06-10 08:00 - 2015-05-22 16:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
      2015-06-10 08:00 - 2015-05-22 16:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
      2015-06-10 08:00 - 2015-05-22 16:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
      2015-06-10 08:00 - 2015-05-22 16:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
      2015-06-10 08:00 - 2015-05-22 15:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
      2015-06-10 08:00 - 2015-05-22 15:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
      2015-06-10 08:00 - 2015-05-22 15:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2015-06-10 08:00 - 2015-05-22 15:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
      2015-06-10 08:00 - 2015-05-22 15:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
      2015-06-10 08:00 - 2015-05-22 15:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
      2015-06-10 08:00 - 2015-05-22 15:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
      2015-06-10 08:00 - 2015-05-22 15:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
      2015-06-10 08:00 - 2015-05-22 15:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
      2015-06-10 08:00 - 2015-05-22 15:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
      2015-06-10 08:00 - 2015-05-22 15:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
      2015-06-10 08:00 - 2015-05-22 15:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
      2015-06-10 08:00 - 2015-05-22 15:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
      2015-06-10 08:00 - 2015-05-22 15:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
      2015-06-10 08:00 - 2015-05-22 15:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
      2015-06-10 08:00 - 2015-05-22 15:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
      2015-06-10 08:00 - 2015-05-22 15:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
      2015-06-10 08:00 - 2015-05-22 15:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
      2015-06-10 08:00 - 2015-05-22 15:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
      2015-06-10 08:00 - 2015-05-22 14:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2015-06-10 08:00 - 2015-05-22 14:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2015-06-10 08:00 - 2015-05-22 14:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2015-06-10 08:00 - 2015-05-22 14:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
      2015-06-10 08:00 - 2015-04-11 00:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2015-07-06 13:19 - 2014-10-28 11:32 - 00000838 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
      2015-07-06 07:24 - 2009-07-14 01:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2015-07-06 07:24 - 2009-07-14 01:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2015-07-06 07:10 - 2014-10-29 07:44 - 01927917 _____ C:\Windows\WindowsUpdate.log
      2015-07-06 07:06 - 2014-10-28 07:32 - 00003490 _____ C:\Windows\System32\Tasks\AutoKMS
      2015-07-06 07:06 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
      2015-07-03 15:19 - 2014-10-28 11:44 - 00000000 ____D C:\Users\comby fabian\AppData\Roaming\Mozilla
      2015-07-02 13:12 - 2014-10-28 12:53 - 00000000 ____D C:\Users\comby fabian\AppData\Roaming\Mipony
      2015-07-02 08:41 - 2011-01-22 07:56 - 00747186 _____ C:\Windows\system32\perfh00A.dat
      2015-07-02 08:41 - 2011-01-22 07:56 - 00158658 _____ C:\Windows\system32\perfc00A.dat
      2015-07-02 08:41 - 2009-07-14 02:13 - 01676038 _____ C:\Windows\system32\PerfStringBackup.INI
      2015-07-01 09:59 - 2013-06-04 12:50 - 00043520 _____ C:\Users\comby fabian\Documents\Venta revista 04-06-13.xls
      2015-07-01 07:24 - 2014-10-29 11:52 - 00000000 ____D C:\Windows\ERUNT
      2015-06-26 13:12 - 2014-10-28 11:40 - 00000000 ____D C:\Users\comby fabian
      2015-06-26 10:05 - 2014-10-29 07:47 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
      2015-06-26 09:15 - 2014-10-29 11:41 - 00000000 ____D C:\AdwCleaner
      2015-06-25 10:45 - 2014-12-30 07:59 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
      2015-06-25 07:19 - 2014-10-28 11:32 - 00003776 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
      2015-06-24 09:28 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
      2015-06-24 09:19 - 2014-10-28 11:32 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2015-06-24 09:19 - 2014-10-28 11:32 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2015-06-22 11:02 - 2014-10-28 12:42 - 00001098 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      2015-06-22 11:02 - 2014-10-28 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
      2015-06-22 11:02 - 2014-10-28 12:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
      2015-06-18 07:09 - 2009-07-14 02:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
      2015-06-16 14:27 - 2014-10-28 12:57 - 00000000 ____D C:\Users\comby fabian\Documents\Mipony
      2015-06-16 12:47 - 2015-06-02 07:16 - 00000000 __SHD C:\Users\comby fabian\AppData\Local\EmieBrowserModeList
      2015-06-16 12:47 - 2014-10-29 09:41 - 00000000 __SHD C:\Users\comby fabian\AppData\Local\EmieUserList
      2015-06-16 12:47 - 2014-10-29 09:41 - 00000000 __SHD C:\Users\comby fabian\AppData\Local\EmieSiteList
      2015-06-16 12:39 - 2015-02-20 09:55 - 00013836 _____ C:\Users\comby fabian\Documents\Facturacion Kiosko.xlsx
      2015-06-16 07:45 - 2014-10-31 14:56 - 00000000 ____D C:\Users\comby fabian\AppData\Local\Adobe
      2015-06-11 09:29 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
      2015-06-11 07:26 - 2014-10-28 07:20 - 00000000 ____D C:\ProgramData\Microsoft Help
      2015-06-11 07:25 - 2014-10-28 07:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
      2015-06-11 06:56 - 2009-07-14 01:45 - 00433328 _____ C:\Windows\system32\FNTCACHE.DAT
      2015-06-11 06:54 - 2014-12-11 06:57 - 00000000 ____D C:\Windows\system32\appraiser
      2015-06-11 06:54 - 2014-10-28 03:37 - 00000000 ___SD C:\Windows\system32\CompatTel
      2015-06-11 06:54 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\PolicyDefinitions
      2015-06-10 13:58 - 2009-07-13 23:34 - 00000478 _____ C:\Windows\win.ini
      2015-06-10 13:51 - 2014-10-27 12:53 - 00000000 ____D C:\Windows\system32\MRT
      2015-06-10 13:49 - 2014-10-27 12:53 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

      Files to move or delete:
      ====================
      C:\Users\comby fabian\EliStarA.exe


      ==================== Bamital & volsnap Check =================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\System32\winlogon.exe => File is digitally signed
      C:\Windows\System32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\System32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\System32\services.exe => File is digitally signed
      C:\Windows\System32\User32.dll
      [2010-11-21 00:24] - [2014-11-27 12:39] - 1008640 ____A (Microsoft Corporation) 8D0F86272C524052236761CABF6E7AFE

      C:\Windows\SysWOW64\User32.dll
      [2015-01-27 06:53] - [2015-01-27 06:53] - 0833024 ____A (Microsoft Corporation) E01EBE6A0C7B306763667FDC60A0B25A

      C:\Windows\System32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\System32\rpcss.dll => File is digitally signed
      C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


      LastRegBack: 2015-07-03 10:47

      ==================== End of log ============================

    7. #17
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: ads.smartadtags.com

      Vamos a utilizar de nuevo Farbar Recovery Scan Tool.

      • Ve a: Inicio >>> Ejecutar >>>Escribes notepad.exe.
      • Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)




      Código:
      Task: {46A3165C-987F-41D0-972A-F841430C029E} - \SPBIW_UpdateTask_Time_323234383335393635322d4a555b6c5a5a785745413734 No Task File <==== ATTENTION
      Task: {664F0A58-ACB9-42A1-9745-AB0AEEE3B06E} - System32\Tasks\{E2A96EBB-4F80-4549-8006-FBA82C781466} => pcalua.exe -a "C:\Users\comby fabian\AppData\Roaming\mystartsearch\UninstallManager.exe" -c -ptid=smt
      Task: {F8CB4667-0D33-448A-9734-0633B920989E} - \Installer_iwebar No Task File <==== ATTENTION
      HKU\S-1-5-21-211125766-478257193-664501915-2241\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
      SearchScopes: HKLM -> DefaultScope value is missing
      SearchScopes: HKLM-x32 -> DefaultScope value is missing
      SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-24] ()
      FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\creativecommons.xml [2015-05-26]
      FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolibre-ar.xml [2015-05-26]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      C:\Users\comby fabian\EliStarA.exe






      • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.
      • Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.
      • Ejecutas Frst.exe.
      • Presionas el botón Fix y aguardas a que termine.
      • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      • Lo pegas en tu próxima respuesta.
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #18
      Usuario Avatar de Comby
      Registrado
      jun 2015
      Ubicación
      Argentina
      Mensajes
      11

      Re: ads.smartadtags.com

      Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
      Ran by Comby Fabian at 2015-07-07 07:18:49 Run:1
      Running from C:\Users\comby fabian\Desktop
      Loaded Profiles: UpdatusUser & Comby Fabian (Available Profiles: Usuario & UpdatusUser & Comby Fabian)
      Boot Mode: Normal
      ==============================================

      fixlist content:
      *****************
      Task: {46A3165C-987F-41D0-972A-F841430C029E} - \SPBIW_UpdateTask_Time_323234383335393635322d4a555b6c5a5a785745413734 No Task File <==== ATTENTION
      Task: {664F0A58-ACB9-42A1-9745-AB0AEEE3B06E} - System32\Tasks\{E2A96EBB-4F80-4549-8006-FBA82C781466} => pcalua.exe -a "C:\Users\comby fabian\AppData\Roaming\mystartsearch\UninstallManager.exe" -c -ptid=smt
      Task: {F8CB4667-0D33-448A-9734-0633B920989E} - \Installer_iwebar No Task File <==== ATTENTION
      HKU\S-1-5-21-211125766-478257193-664501915-2241\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
      SearchScopes: HKLM -> DefaultScope value is missing
      SearchScopes: HKLM-x32 -> DefaultScope value is missing
      SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-24] ()
      FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\creativecommons.xml [2015-05-26]
      FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolibre-ar.xml [2015-05-26]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      C:\Users\comby fabian\EliStarA.exe
      *****************

      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46A3165C-987F-41D0-972A-F841430C029E}" => key removed successfully
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46A3165C-987F-41D0-972A-F841430C029E}" => key removed successfully
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_323234383335393635322d4a555b6c5a5a785745413734" => key removed successfully
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{664F0A58-ACB9-42A1-9745-AB0AEEE3B06E}" => key removed successfully
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{664F0A58-ACB9-42A1-9745-AB0AEEE3B06E}" => key removed successfully
      C:\Windows\System32\Tasks\{E2A96EBB-4F80-4549-8006-FBA82C781466} => moved successfully.
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E2A96EBB-4F80-4549-8006-FBA82C781466}" => key removed successfully
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F8CB4667-0D33-448A-9734-0633B920989E}" => key removed successfully
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8CB4667-0D33-448A-9734-0633B920989E}" => key removed successfully
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Installer_iwebar" => key removed successfully
      "HKU\S-1-5-21-211125766-478257193-664501915-2241\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
      HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
      HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
      HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
      HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
      HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
      "HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer" => key removed successfully
      C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll => moved successfully.
      C:\Program Files (x86)\mozilla firefox\browser\searchplugins\creativecommons.xml => moved successfully.
      C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolibre-ar.xml => moved successfully.
      VGPU => Service removed successfully
      C:\Users\comby fabian\EliStarA.exe => moved successfully.

      ==== End of Fixlog 07:18:50 ====

    9. #19
      Usuario Avatar de Comby
      Registrado
      jun 2015
      Ubicación
      Argentina
      Mensajes
      11

      Re: ads.smartadtags.com

      Mira, he probado ingresar a blog-peliculas.com desde otras PC y el problema es el mismo. Puede ser que haya alguna infiltación en la página y no en mi PC??

    10. #20
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: ads.smartadtags.com

      Cita Originalmente publicado por Comby Ver Mensaje
      Mira, he probado ingresar a blog-peliculas.com desde otras PC y el problema es el mismo. Puede ser que haya alguna infiltación en la página y no en mi PC??

      Es lo mas probable, la recomendación seria que cambies de sitio ya que si sucede en otro pc...
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 2 de 2 PrimeroPrimero 12