• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 20

    ads.smartadtags.com

    ...

    1. #1
      Usuario Avatar de Comby
      Registrado
      jun 2015
      Ubicación
      Argentina
      Mensajes
      11

      ads.smartadtags.com

      Cuando quiero descargar una peli con blog-peliculas.com me direcciona a esta página http://ads.smartadtags.com y de allí a una de cine y no me deja descargar como habitualmente lo hacía. Como resuelvo esto??

    2. #2
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: ads.smartadtags.com

      Bienvenido a InfoSpyware.com, Comby

      Comenzaremos con un proceso básico de búsqueda, eliminación de malwares y limpieza de tu sistema, para ello es importante que:

      • Descargues a tu escritorio las herramientas mas adelante detalladas.
      • Las ejecutes de a una y en el orden que indicare.
      • Si alguna te pide actualizar lo haces.
      • Si tienes problemas con la ejecución de alguna de estas continuas con la otra.
      • Seguir correctamente las indicaciones es importante, de lo contrario deberás repetir el proceso.


      Ahora realiza estos pasos:

      Paso 1.- Descarga:





      Paso 2.- Ejecuta:

      • AdwCleaner
      • Sigue las Instrucciones del Manual de AdwCleaner usando las Opciones Escanear y luego Limpiar



      • JRT.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Pulsa cualquier tecla para continuar y espera a que termine su proceso.
      • Al finalizar su ejecución, un registro (JRT.txt) se guardará en el escritorio y se abrirá automáticamente.
      • Copia y pega el contenido en tu próxima respuesta



      • CCleaner
      • Usando las opciones:
      • Limpiador: Para eliminar Cookies, temporales de Internet y todos los archivos obsoletos
      • Registro: Para limpiar el Registro de Windows haciendo copia de seguridad.



      • Malwarebytes
      • Si tienes dudas de como actualizar, configurar etc...revisa su manual
      • Realiza un Análisis Completo.
      • Cuando finalice, selecciona "Todos a Cuarentena"
      • Reinicia el sistema.
      • En el apartado "Historial" encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.



      Paso 3.-
      En tu próxima respuesta, necesito los reportes de AdwCleaner, JRT.exe y Malwarebytes y me comentas como va el sistema con respecto al problema planteado en un principio.

      Saludos
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Comby
      Registrado
      jun 2015
      Ubicación
      Argentina
      Mensajes
      11

      Re: ads.smartadtags.com

      Informe Adwcleaner

      # AdwCleaner v4.207 - Registro generado 26/06/2015 en 09:15:40
      # Actualizado 21/06/2015 por Xplode
      # Base de datos : 2015-06-23.1 [Servidor]
      # Sistema operativo : Windows 7 Ultimate Service Pack 1 (x64)
      # Nombre de usuario : Comby Fabian - LABPC01
      # Ejecutado desde : C:\Users\comby fabian\Downloads\adwcleaner_4.207.exe
      # Opción : Limpiar

      ***** [ Servicios ] *****

      [#] Servicio Eliminar : SPDRIVER_1.37.0.1387

      ***** [ Archivos / Carpetas ] *****

      Carpeta Eliminar : C:\Users\Public\Documents\YTAHelper

      ***** [ Tareas programadas... ] *****


      ***** [ Accesos directos ] *****


      ***** [ Registro ] *****

      Llave Eliminar : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
      Llave Eliminar : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
      Llave Eliminar : HKU\.DEFAULT\Software\Goobzo

      ***** [ Navegadores Web ] *****

      -\\ Internet Explorer v11.0.9600.17840


      -\\ Mozilla Firefox v38.0.5 (x86 es-AR)


      *************************

      AdwCleaner[R0].txt - [3678 bytes] - [29/10/2014 11:42:01]
      AdwCleaner[R1].txt - [1297 bytes] - [26/06/2015 09:14:40]
      AdwCleaner[S0].txt - [3190 bytes] - [29/10/2014 11:45:16]
      AdwCleaner[S1].txt - [1213 bytes] - [26/06/2015 09:15:40]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1272 bytes] ##########




      Informe Junkware Removal Tool

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 7.1.6 (06.26.2015:2)
      OS: Windows 7 Ultimate x64
      Ran by Comby Fabian on 26/06/2015 at 9:40:00,17
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      ~~~ Services



      ~~~ Tasks

      Successfully deleted: [Task] C:\Windows\system32\tasks\Installer_sense



      ~~~ Registry Values



      ~~~ Registry Keys



      ~~~ Files



      ~~~ Folders

      Successfully deleted: [Folder] C:\Users\comby fabian\appdata\local\crashrpt
      Successfully deleted: [Folder] C:\Users\comby fabian\appdata\local\installer





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 26/06/2015 at 9:41:44,54
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



      Informe Malwarebytes

      Malwarebytes Anti-Malware
      www.malwarebytes.org

      Fecha del Análisis: 26/06/2015
      Tiempo de Análisis: 09:45:35 a.m.
      Archivo de registro: Malwarebytes.txt
      Administrador: Si

      Versión: 2.01.6.1022
      Base de datos de Malwares: v2015.06.26.04
      Base de datos de rootkits: v2015.06.22.01
      Licencia: Gratis
      Protección contra el Malware: Desactivado
      Protección de Webs Maliciosas: Desactivado
      Autoprotección: Desactivado

      SO: Windows 7 Service Pack 1
      CPU: x64
      Archivos del Sistema: NTFS
      Usuario: Comby Fabian

      Tipo de Análisis: Análisis Estándar
      Resultado: Completado
      Objetos Analizados: 429414
      Tiempo Transcurrido: 9 min, 54 seg

      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Activado
      PUM: Activado

      Procesos: 0
      (Sin elementos maliciosos detectados)

      Modulos: 0
      (Sin elementos maliciosos detectados)

      Llaves del Registro: 0
      (Sin elementos maliciosos detectados)

      Valores del Registro: 0
      (Sin elementos maliciosos detectados)

      Datos del Registro: 0
      (Sin elementos maliciosos detectados)

      Carpetas: 0
      (Sin elementos maliciosos detectados)

      Archivo: 0
      (Sin elementos maliciosos detectados)

      Sectores Físicos: 0
      (Sin elementos maliciosos detectados)


      (end)





      Me sigue el problema. Cuando selecciono cualquier pelicula primero me salta a
      xch.smrtgs.com/adserver/iframe.php?s=3735867&w=800&h=1&blank=false&type=2
      y de alli directo a
      Mega-Cine
      donde me pide datos de telefonia para ver las peli.

      Normalmente debería seleccionar una peli, debería ver los servidores de descargas (turbobit, rapidgator, letltbit, etc), descargar y listo.

      Los procedimientos realizados no solucionaron el problema.

    4. #4
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: ads.smartadtags.com

      Realiza lo siguiente:


      ! Es importante ¡ descargar y ejecutar desde tu escritorio: OTL.exe By OldTimer

      Asegúrate de que la siguiente configuración sea la correcta de lo contrario deberás repetir el proceso.

      • Cierra todos programas que tengas abiertos
      • Das doble click en el ícono de OTL para ejecutarlo.
      • Ahora en el menú solo cambias: "Tipo de Análisis" poner Resultado Mínimo.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones, Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copia y Pega el siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:



      netsvcs
      msconfig
      %SYSTEMDRIVE%\*.*
      CREATERESTOREPOINT
      No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presionar el botón
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt.
      • Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de Comby
      Registrado
      jun 2015
      Ubicación
      Argentina
      Mensajes
      11

      Re: ads.smartadtags.com

      OTL logfile created on: 30/06/2015 07:29:03 a.m. - Run 2
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\comby fabian\Downloads
      64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.11.9600.17843)
      Locale: 00002c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

      2,75 Gb Total Physical Memory | 2,10 Gb Available Physical Memory | 76,22% Memory free
      5,50 Gb Paging File | 4,42 Gb Available in Paging File | 80,49% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 180,57 Gb Total Space | 125,39 Gb Free Space | 69,45% Space Free | Partition Type: NTFS
      Drive D: | 29,29 Gb Total Space | 29,09 Gb Free Space | 99,30% Space Free | Partition Type: NTFS
      Drive E: | 45,23 Gb Total Space | 11,42 Gb Free Space | 25,26% Space Free | Partition Type: NTFS
      Drive F: | 285,10 Gb Total Space | 91,58 Gb Free Space | 32,12% Space Free | Partition Type: NTFS

      Computer Name: LABPC01 | User Name: Comby Fabian | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\comby fabian\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Archivos de programa\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
      PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)


      ========== Modules (No Company Name) ==========


      ========== Services (SafeList) ==========

      SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
      SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
      SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (ekrn) -- C:\Archivos de programa\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (ose64) -- C:\Archivos de programa\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
      DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
      DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
      DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
      DRV:64bit: - (EpfwLWF) -- C:\Windows\SysNative\drivers\EpfwLWF.sys (ESET)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
      DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
      DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
      DRV - (SADP_NPF) -- C:\Windows\SysWOW64\drivers\sadp_npf64.sys (CACE Technologies, Inc.)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, =
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search, =
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.countryCode: "AR"
      FF - prefs.js..browser.search.region: "AR"
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.5
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll ()
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@QVision/NetDVR_V3: C:\Program Files\QVision\V3\npnetdvrV3.dll ()
      FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKLM\Software\MozillaPlugins\Web Components: C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll File not found

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

      [2014/10/28 11:44:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\comby fabian\AppData\Roaming\mozilla\Extensions
      [2015/06/26 14:52:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\comby fabian\AppData\Roaming\mozilla\Firefox\Profiles\zl250h57.default\extensions
      [2015/06/26 14:42:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
      [2015/06/26 14:42:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

      O1 HOSTS File: ([2015/01/27 06:53:27 | 000,000,828 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Archivos de programa\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
      O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
      O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Archivos de programa\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
      O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
      O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Security present
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O8:64bit: - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
      O8:64bit: - Extra context menu item: Descargar con Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
      O8 - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
      O8 - Extra context menu item: Descargar con Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
      O9:64bit: - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra Button: Complemento Hacer clic para llamar de Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Archivos de programa\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : Complemento Hacer clic para llamar de Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Archivos de programa\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
      O9:64bit: - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O13 - gopher Prefix: missing
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.42.4.207 200.49.130.44
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = dmiplyc.local
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02575713-13CF-4FE6-8D76-1F5423C39971}: DhcpNameServer = 200.42.4.207 200.49.130.44
      O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Archivos de programa\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2015/06/26 14:42:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
      [2015/06/26 14:42:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [2015/06/26 13:12:26 | 000,862,851 | ---- | C] (Satinfo SL.) -- C:\Users\comby fabian\EliStarA.exe
      [2015/06/26 09:40:02 | 000,000,000 | ---D | C] -- C:\RegBackup
      [2015/06/24 09:28:15 | 000,000,000 | ---D | C] -- C:\Users\comby fabian\AppData\Local\Diagnostics
      [2015/06/22 10:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2015/06/02 07:16:18 | 000,000,000 | -HSD | C] -- C:\Users\comby fabian\AppData\Local\EmieBrowserModeList

      ========== Files - Modified Within 30 Days ==========

      [2015/06/30 07:21:50 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2015/06/30 07:21:50 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2015/06/30 07:19:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2015/06/30 07:11:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2015/06/30 07:11:53 | 2213,982,208 | -HS- | M] () -- C:\hiberfil.sys
      [2015/06/26 14:42:12 | 000,001,143 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2015/06/26 14:39:08 | 000,862,851 | ---- | M] (Satinfo SL.) -- C:\Users\comby fabian\EliStarA.exe
      [2015/06/26 13:13:36 | 000,001,274 | ---- | M] () -- C:\Users\comby fabian\Desktop\EliStarA.exe - Acceso directo.lnk
      [2015/06/26 11:15:20 | 001,676,038 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2015/06/26 11:15:20 | 000,747,186 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2015/06/26 11:15:20 | 000,653,720 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2015/06/26 11:15:20 | 000,158,658 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2015/06/26 11:15:20 | 000,121,592 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2015/06/26 10:05:13 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
      [2015/06/26 09:40:04 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-LABPC01-Windows-7-Ultimate-(64-bit).dat
      [2015/06/22 11:02:33 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2015/06/22 10:55:16 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2015/06/11 06:56:16 | 000,433,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2015/06/02 16:51:34 | 000,595,428 | ---- | M] () -- C:\Users\comby fabian\Desktop\Gonzalo Yeso.jpg
      [2015/06/02 08:40:07 | 000,403,434 | ---- | M] () -- C:\Users\comby fabian\Documents\290515 - red.pdf

      ========== Files Created - No Company Name ==========

      [2015/06/26 14:42:12 | 000,001,143 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2015/06/26 14:42:11 | 000,001,155 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [2015/06/26 13:13:36 | 000,001,274 | ---- | C] () -- C:\Users\comby fabian\Desktop\EliStarA.exe - Acceso directo.lnk
      [2015/06/26 09:40:04 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-LABPC01-Windows-7-Ultimate-(64-bit).dat
      [2015/06/22 10:55:16 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2015/06/03 07:14:22 | 000,595,428 | ---- | C] () -- C:\Users\comby fabian\Desktop\Gonzalo Yeso.jpg
      [2015/06/02 08:40:06 | 000,403,434 | ---- | C] () -- C:\Users\comby fabian\Documents\290515 - red.pdf
      [2015/01/29 12:23:10 | 000,034,728 | ---- | C] () -- C:\Windows\SysWow64\drivers\InstallSadpNpfApp.exe
      [2015/01/29 12:23:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\DeleteNpf.exe
      [2014/10/28 11:40:13 | 000,000,830 | RHS- | C] () -- C:\Users\comby fabian\ntuser.pol
      [2014/10/28 11:39:31 | 000,002,412 | RHS- | C] () -- C:\ProgramData\ntuser.pol
      [2014/10/27 14:16:07 | 001,649,808 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2014/10/27 12:54:32 | 000,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
      [2014/10/27 12:54:31 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
      [2014/10/27 12:54:31 | 000,795,648 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
      [2014/10/27 12:54:31 | 000,130,048 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
      [2014/10/27 12:54:30 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

      ========== ZeroAccess Check ==========

      [2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 02:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 02:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2014/10/28 11:40:44 | 000,000,000 | ---D | M] -- C:\Users\comby fabian\AppData\Roaming\ESET
      [2015/06/26 14:34:25 | 000,000,000 | ---D | M] -- C:\Users\comby fabian\AppData\Roaming\Mipony

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2015/06/30 07:11:53 | 2213,982,208 | -HS- | M] () -- C:\hiberfil.sys
      [2015/06/26 13:42:21 | 000,003,310 | ---- | M] () -- C:\InfoSat.txt
      [2015/06/30 07:11:54 | 2951,979,008 | -HS- | M] () -- C:\pagefile.sys
      [2012/07/25 12:23:48 | 020,507,951 | ---- | M] ( ) -- C:\Windows Media Player Classic.exe

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:56E2E879

      < End of report >

    6. #6
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: ads.smartadtags.com

      Antes de realizar e siguiente proceso de eliminación es !importante¡ realizar una copia de seguridad del registro.

      Para hacerlo descarga en tu escritorio: DelFix
      • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Marca unicamente la casilla "Create registry backup".
      • Pulsar en Run.




      Ahora, Inicia Windows en 'Modo seguro a prueba de fallos' y desde hay ejecuta nuevamente OTL.exe

      Copia y Pega el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación.



      Código:
      :OTL
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, = 
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search, = 
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll File not found
      FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
      FF - HKLM\Software\MozillaPlugins\Web Components: C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll File not found
      [2014/10/28 11:44:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\comby fabian\AppData\Roaming\mozilla\Extensions
      [2015/06/26 14:52:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\comby fabian\AppData\Roaming\mozilla\Firefox\Profiles\zl250h57.default\extensions
      [2015/06/26 14:42:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O13 - gopher Prefix: missing
      O18 - Protocol\Handler\ms-help - No CLSID value found
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:56E2E879
      
      
      
      :Files
      ipconfig /flushdns /c
      ipconfig /renew /c
      :Commands
      [PURITY]
      [EMPTYFLASH]
      [EMPTYTEMP]
      [RESETHOSTS]



      • Presiona el Botón Reparar para lanzar la eliminación. Después presionas en OK.
      • OTL va a Reiniciar el ordenador para completar la eliminación.
      • Guardas el nuevo reporte generado, y lo copias y pegas en tu próxima respuesta.
      • Comenta como sigue el problema.
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de Comby
      Registrado
      jun 2015
      Ubicación
      Argentina
      Mensajes
      11

      Re: ads.smartadtags.com

      Agradezco que me ayudes a solucionar mi inconveniente con ésta página.
      Ejecuté OTL con los parámetros que me has pasado.
      El problema en esa página continúa. La pagina puntual es blog-peliculas.com .Cualquir "clic" que haga en ella me tira a megacine.
      ëste es el reporte que dejó OTL

      OTL logfile created on: 30/06/2015 07:29:03 a.m. - Run 2
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\comby fabian\Downloads
      64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.11.9600.17843)
      Locale: 00002c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

      2,75 Gb Total Physical Memory | 2,10 Gb Available Physical Memory | 76,22% Memory free
      5,50 Gb Paging File | 4,42 Gb Available in Paging File | 80,49% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 180,57 Gb Total Space | 125,39 Gb Free Space | 69,45% Space Free | Partition Type: NTFS
      Drive D: | 29,29 Gb Total Space | 29,09 Gb Free Space | 99,30% Space Free | Partition Type: NTFS
      Drive E: | 45,23 Gb Total Space | 11,42 Gb Free Space | 25,26% Space Free | Partition Type: NTFS
      Drive F: | 285,10 Gb Total Space | 91,58 Gb Free Space | 32,12% Space Free | Partition Type: NTFS

      Computer Name: LABPC01 | User Name: Comby Fabian | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\comby fabian\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Archivos de programa\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
      PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)


      ========== Modules (No Company Name) ==========


      ========== Services (SafeList) ==========

      SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
      SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
      SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (ekrn) -- C:\Archivos de programa\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (ose64) -- C:\Archivos de programa\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
      DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
      DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
      DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
      DRV:64bit: - (EpfwLWF) -- C:\Windows\SysNative\drivers\EpfwLWF.sys (ESET)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
      DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
      DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
      DRV - (SADP_NPF) -- C:\Windows\SysWOW64\drivers\sadp_npf64.sys (CACE Technologies, Inc.)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, =
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search, =
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.countryCode: "AR"
      FF - prefs.js..browser.search.region: "AR"
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.5
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll ()
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@QVision/NetDVR_V3: C:\Program Files\QVision\V3\npnetdvrV3.dll ()
      FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKLM\Software\MozillaPlugins\Web Components: C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll File not found

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

      [2014/10/28 11:44:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\comby fabian\AppData\Roaming\mozilla\Extensions
      [2015/06/26 14:52:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\comby fabian\AppData\Roaming\mozilla\Firefox\Profiles\zl250h57.default\extensions
      [2015/06/26 14:42:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
      [2015/06/26 14:42:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

      O1 HOSTS File: ([2015/01/27 06:53:27 | 000,000,828 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Archivos de programa\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
      O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
      O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Archivos de programa\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
      O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
      O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Security present
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O8:64bit: - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
      O8:64bit: - Extra context menu item: Descargar con Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
      O8 - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
      O8 - Extra context menu item: Descargar con Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
      O9:64bit: - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra Button: Complemento Hacer clic para llamar de Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Archivos de programa\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : Complemento Hacer clic para llamar de Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Archivos de programa\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
      O9:64bit: - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O13 - gopher Prefix: missing
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.42.4.207 200.49.130.44
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = dmiplyc.local
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02575713-13CF-4FE6-8D76-1F5423C39971}: DhcpNameServer = 200.42.4.207 200.49.130.44
      O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Archivos de programa\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2015/06/26 14:42:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
      [2015/06/26 14:42:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [2015/06/26 13:12:26 | 000,862,851 | ---- | C] (Satinfo SL.) -- C:\Users\comby fabian\EliStarA.exe
      [2015/06/26 09:40:02 | 000,000,000 | ---D | C] -- C:\RegBackup
      [2015/06/24 09:28:15 | 000,000,000 | ---D | C] -- C:\Users\comby fabian\AppData\Local\Diagnostics
      [2015/06/22 10:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2015/06/02 07:16:18 | 000,000,000 | -HSD | C] -- C:\Users\comby fabian\AppData\Local\EmieBrowserModeList

      ========== Files - Modified Within 30 Days ==========

      [2015/06/30 07:21:50 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2015/06/30 07:21:50 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2015/06/30 07:19:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2015/06/30 07:11:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2015/06/30 07:11:53 | 2213,982,208 | -HS- | M] () -- C:\hiberfil.sys
      [2015/06/26 14:42:12 | 000,001,143 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2015/06/26 14:39:08 | 000,862,851 | ---- | M] (Satinfo SL.) -- C:\Users\comby fabian\EliStarA.exe
      [2015/06/26 13:13:36 | 000,001,274 | ---- | M] () -- C:\Users\comby fabian\Desktop\EliStarA.exe - Acceso directo.lnk
      [2015/06/26 11:15:20 | 001,676,038 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2015/06/26 11:15:20 | 000,747,186 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2015/06/26 11:15:20 | 000,653,720 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2015/06/26 11:15:20 | 000,158,658 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2015/06/26 11:15:20 | 000,121,592 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2015/06/26 10:05:13 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
      [2015/06/26 09:40:04 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-LABPC01-Windows-7-Ultimate-(64-bit).dat
      [2015/06/22 11:02:33 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2015/06/22 10:55:16 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2015/06/11 06:56:16 | 000,433,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2015/06/02 16:51:34 | 000,595,428 | ---- | M] () -- C:\Users\comby fabian\Desktop\Gonzalo Yeso.jpg
      [2015/06/02 08:40:07 | 000,403,434 | ---- | M] () -- C:\Users\comby fabian\Documents\290515 - red.pdf

      ========== Files Created - No Company Name ==========

      [2015/06/26 14:42:12 | 000,001,143 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2015/06/26 14:42:11 | 000,001,155 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [2015/06/26 13:13:36 | 000,001,274 | ---- | C] () -- C:\Users\comby fabian\Desktop\EliStarA.exe - Acceso directo.lnk
      [2015/06/26 09:40:04 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-LABPC01-Windows-7-Ultimate-(64-bit).dat
      [2015/06/22 10:55:16 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2015/06/03 07:14:22 | 000,595,428 | ---- | C] () -- C:\Users\comby fabian\Desktop\Gonzalo Yeso.jpg
      [2015/06/02 08:40:06 | 000,403,434 | ---- | C] () -- C:\Users\comby fabian\Documents\290515 - red.pdf
      [2015/01/29 12:23:10 | 000,034,728 | ---- | C] () -- C:\Windows\SysWow64\drivers\InstallSadpNpfApp.exe
      [2015/01/29 12:23:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\DeleteNpf.exe
      [2014/10/28 11:40:13 | 000,000,830 | RHS- | C] () -- C:\Users\comby fabian\ntuser.pol
      [2014/10/28 11:39:31 | 000,002,412 | RHS- | C] () -- C:\ProgramData\ntuser.pol
      [2014/10/27 14:16:07 | 001,649,808 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2014/10/27 12:54:32 | 000,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
      [2014/10/27 12:54:31 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
      [2014/10/27 12:54:31 | 000,795,648 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
      [2014/10/27 12:54:31 | 000,130,048 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
      [2014/10/27 12:54:30 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

      ========== ZeroAccess Check ==========

      [2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 02:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 02:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2014/10/28 11:40:44 | 000,000,000 | ---D | M] -- C:\Users\comby fabian\AppData\Roaming\ESET
      [2015/06/26 14:34:25 | 000,000,000 | ---D | M] -- C:\Users\comby fabian\AppData\Roaming\Mipony

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2015/06/30 07:11:53 | 2213,982,208 | -HS- | M] () -- C:\hiberfil.sys
      [2015/06/26 13:42:21 | 000,003,310 | ---- | M] () -- C:\InfoSat.txt
      [2015/06/30 07:11:54 | 2951,979,008 | -HS- | M] () -- C:\pagefile.sys
      [2012/07/25 12:23:48 | 020,507,951 | ---- | M] ( ) -- C:\Windows Media Player Classic.exe

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:56E2E879

      < End of report >

    8. #8
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: ads.smartadtags.com

      Este o es el reporte que necesito, debe ser el reporte después de ejecutar los pasos indicados en mi anterior respuesta.

      No olvides comentar como sigue todo.
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de Comby
      Registrado
      jun 2015
      Ubicación
      Argentina
      Mensajes
      11

      Re: ads.smartadtags.com

      Tienes razón, es el mismo informe enviado anteriormente, pero es el último que se ha generado. Aparentemente OTL no guardó en último informe. Busque en toda la PC por las duda y los encontrados son anteriores a éste. Que hago ahora?? Corro nuevamente OTL con los parámetros que me has pasado?? Aguardo instrucciones.

    10. #10
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: ads.smartadtags.com

      Cita Originalmente publicado por Comby Ver Mensaje
      Tienes razón, es el mismo informe enviado anteriormente, pero es el último que se ha generado. Aparentemente OTL no guardó en último informe. Busque en toda la PC por las duda y los encontrados son anteriores a éste. Que hago ahora?? Corro nuevamente OTL con los parámetros que me has pasado?? Aguardo instrucciones.

      Si hazlo nuevamente pero mueve OTL al escritorio ya que esta en una carpeta C:\Users\comby fabian\Downloads

      Saludos.
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo