• Registrarse
  • Iniciar sesión


  • Página 2 de 7 PrimeroPrimero 123456 ... ÚltimoÚltimo
    Resultados 11 al 20 de 69

    Publicidad indeseada

    Hola Realiza los pasos de esta guía >> Eliminar Adwares/PUPs solo la parte de los navegadores. Comenta como sigue. Un saludo...

    1. #11
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.351

      Re: Publicidad indeseada

      Hola

      Realiza los pasos de esta guía >> Eliminar Adwares/PUPs solo la parte de los navegadores.

      Comenta como sigue.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    2. #12
      Usuario Avatar de Luis2866
      Registrado
      feb 2014
      Ubicación
      uruguay
      Mensajes
      65

      Re: Publicidad indeseada

      Hola, Daniela. Hice los pasos y sigue igual. Te comento que en el paso de limpiar los accesos directos (internet explorer y google crhome) no hay nada después de las palabras "iexplore.exe" y "chrome.exe"

      Saludos
      Luis

    3. #13
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.351

      Re: Publicidad indeseada

      Hola

      Descarga Zoek by smeenk (zoek.exe) y guárdalo en el escritorio.

      Código:
      ffdefaults;
      emptyclsid;
      torpigcheck;
      emptyfolderscheck;delete
      chrdefaults;
      iedefaults;
      emptyalltemp;
      filesrcm;
      autoclean;
      chromelook;
      firefoxlook;
      startupall;
      shortcutfix;
      resethosts;
      • Clic en Paste from ClipBoard.
        • Clic en Run Script
        • Espere a que termine. Si te solicita reiniciar acepta la instrucción.
      • Terminando se abrirá el reporte zoek-results.log con los resultados.


      Copia y pega el contenido de zoek-results.log en tu siguiente respuesta.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #14
      Usuario Avatar de Luis2866
      Registrado
      feb 2014
      Ubicación
      uruguay
      Mensajes
      65

      Re: Publicidad indeseada

      Hola, seguimos igual, hice los últimos pasos y este es el reporte:

      Zoek.exe v5.0.0.1 Updated 28-09-2015
      Tool run by User on 30/09/2015 at 15:41:21,86.
      Microsoft Windows 8 6.2.9200 x64
      Running in: Normal Mode Internet Access Detected
      Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]

      ==== System Restore Info ======================

      30/09/2015 15:43:21 Zoek.exe System Restore Point Created Successfully.

      ==== Torpig Check ======================

      HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
      HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll


      ==== Reset Hosts File ======================

      # Copyright (c) 1993-2006 Microsoft Corp.
      #
      # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
      #
      # This file contains the mappings of IP addresses to host names. Each
      # entry should be kept on an individual line. The IP address should
      # be placed in the first column followed by the corresponding host name.
      # The IP address and the host name should be separated by at least one
      # space.
      #
      # Additionally, comments (such as these) may be inserted on individual
      # lines or following the machine name denoted by a '#' symbol.
      #
      # For example:
      #
      # 102.54.94.97 rhino.acme.com # source server
      # 38.25.63.10 x.acme.com # x client host

      # localhost name resolution is handled within DNS itself.
      127.0.0.1 localhost
      ::1 localhost

      ==== Empty Folders Check ======================

      C:\PROGRA~2\VS Revo Group deleted successfully
      C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
      C:\Users\Administrator\AppData\Local\Comodo deleted successfully
      C:\Users\Administrator\AppData\Local\Google deleted successfully
      C:\Users\User\AppData\Local\Comodo deleted successfully

      ==== Deleting CLSID Registry Keys ======================


      ==== Deleting CLSID Registry Values ======================


      ==== Deleting Services ======================


      ==== Deleting Files \ Folders ======================

      C:\PROGRA~2\VS Revo Group not found
      C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
      C:\windows\Syswow64\GroupPolicy\Machine deleted
      C:\windows\Syswow64\GroupPolicy\gpt.ini deleted

      ==== Files Recently Created / Modified ======================

      ====== C:\windows ====
      ====== C:\Users\User\AppData\Local\Temp ====
      ====== Java Cache =====
      ====== C:\windows\SysWOW64 =====
      ====== C:\windows\SysWOW64\drivers =====
      ====== C:\windows\Sysnative =====
      ====== C:\windows\Sysnative\drivers =====
      2015-09-23 14:25:14 F29E7E36F8A8A7BAC112327E842FF0B5 61712 ----a-w- C:\windows\Sysnative\drivers\PSKMAD.sys
      ====== C:\windows\Tasks ======
      2015-09-28 00:11:56 F2E8064341417E1EFE47EAE73358E0F8 3592 ----a-w- C:\windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3336408352-595664262-141580721-500
      2015-09-28 00:11:56 7F7F75CE5A905B90B5E94CF7D9939D1A 2982 ----a-w- C:\windows\Sysnative\Tasks\Synaptics TouchPad Enhancements
      2015-09-28 00:11:55 C1773E22BA5C8AD109F5F14B1C7DBBAD 3596 ----a-w- C:\windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1387540579-245451928-981849752-1001
      2015-09-28 00:11:55 11EA5AEE5C763A2A866AA130BB666C02 3592 ----a-w- C:\windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1387540579-245451928-981849752-500
      2015-09-28 00:11:55 0CAA65A6761BA7D8062FE451709D5957 446 ----a-w- C:\windows\Tasks\PocketScanner.job
      2015-09-05 23:43:08 FA6D4A60E5F1685A639B4321503600D6 3894 ----a-w- C:\windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
      2015-09-05 23:43:06 30CDC7CE7AFC5D94ABC32C8FBD30AA67 3658 ----a-w- C:\windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
      ====== C:\windows\Temp ======
      ======= C:\Program Files =====
      ======= C:\PROGRA~2 =====
      ======= C: =====
      2015-09-22 13:48:56 479F0388B978B029BD3975A05D9A577B 232 ----a-w- C:\DelFix.txt
      ====== C:\Users\User\AppData\Roaming ======
      ====== C:\Users\User ======
      2015-09-28 20:00:18 -------- d-----w- C:\windows\serviceprofiles\Localservice\winhttp
      2015-09-22 13:25:22 E6FA7781D11C3FFDFB91D3B3C78383A3 781312 ----a-w- C:\Users\User\Desktop\delfix_1.011.exe
      2015-09-18 14:59:22 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\Users\User\Desktop\OTL.exe
      2015-09-17 20:25:15 -------- d-----r- C:\Users\User\Searches

      ====== C: exe-files ==
      2015-09-30 18:41:52 FAC17E42199598C0352B9F5DC2EFFC85 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe
      2015-09-30 18:41:52 77352A5A0833B1CA3B771148DA535CB6 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateWebPlugin.exe
      2015-09-30 18:41:52 61A77DDEF5E8D85E8B0955C4E5127B39 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateBroker.exe
      2015-09-30 18:41:50 D9A15F83CB6E5901A63F24CD7D58DBAF 929872 ----a-w- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateSetup.exe
      2015-09-30 18:41:41 E337785DA1958E9AB02DDB2369EF46E8 307016 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
      2015-09-30 18:41:41 BFDCC0375C492C524E78647CEED3F77D 130888 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateComRegisterShell64.exe
      2015-09-30 18:41:40 A72BB48D9014A7D7C05F02F595F52D60 245576 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
      2015-09-30 18:41:40 053EEEE1ABAE53F044F1E386E22AE525 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdate.exe
      2015-09-30 18:41:38 D9A15F83CB6E5901A63F24CD7D58DBAF 929872 ----a-w- C:\Program Files (x86)\Google\Update\Install\{D7F11512-394F-452E-A014-A0AEDFD97E7C}\GoogleUpdateSetup.exe
      2015-09-30 18:41:38 D9A15F83CB6E5901A63F24CD7D58DBAF 929872 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.15\GoogleUpdateSetup.exe
      === C: other files ==

      ==== Startup Registry Enabled ======================

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ToshibaAppPlace"="C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
      "PSUAMain"="C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray"

      ==== Startup Registry Enabled x64 ======================

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "IgfxTray"="C:\windows\system32\igfxtray.exe"
      "HotKeysCmds"="C:\windows\system32\hkcmd.exe"
      "Persistence"="C:\windows\system32\igfxpers.exe"
      "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
      "TODDMain"="C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe"
      "TecoResident"="C:\Program Files\TOSHIBA\Teco\TecoResident.exe"
      "TCrdMain"="%ProgramFiles%\TOSHIBA\Hotkey\TCrdMain_Win8.exe "

      ==== Task Scheduler Jobs ======================

      C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/09/2015 20:42]
      C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/09/2015 20:42]
      C:\windows\tasks\PocketScanner.job --a-------- C:\programdata\76e2b171-ac47-3836-76e2-2b171ac4c5c6\sopa de ganso cine clasico dvdrip espanol los hermanos marx.exe []

      ==== Other Scheduled Tasks ======================

      "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
      "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
      "C:\windows\SysNative\tasks\Synaptics TouchPad Enhancements" [\Program Files\Synaptics\SynTP\SynTPEnh.exe]
      "C:\windows\SysNative\tasks\Norton Anti-Theft\Norton Error Analyzer" [C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe]
      "C:\windows\SysNative\tasks\Norton Anti-Theft\Norton Error Processor" [C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe]
      "C:\windows\SysNative\tasks\TOSHIBA\Service Station" ["C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe"]

      ==== Folders in C:\PROGRA~3 0-6 Months Old ======================

      No folders found aged 0-6 months

      ==== Chromium Look ======================

      Google Chrome Version: 45.0.2454.93


      Google Drive - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
      YouTube - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      Google Search - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      Google Sheets - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
      Gmail - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

      ==== Chromium Fix ======================

      C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
      C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
      C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully
      C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully

      ==== Set IE to Default ======================

      Old Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://toshiba13.msn.com"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

      New Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://toshiba13.msn.com"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

      ==== All HKCU SearchScopes ======================

      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
      {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
      {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

      ==== Reset Google Chrome ======================

      C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
      C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
      C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
      C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

      ==== shortcuts on Users Desktops ======================

      C:\Users\User\Desktop\Mis documentos.lnk - C:\Users\User\Documents

      ==== shortcuts on All Users Desktop ======================

      C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk - C:\Program Files (x86)\OpenOffice 4\program\soffice.exe

      ==== shortcuts in All Users Start Menu ======================

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

      ==== shortcuts in Quick Launch ======================

      C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
      C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
      C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
      C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
      C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
      C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
      C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
      C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Apagar.lnk - C:\Windows\System32\shutdown.exe /s /t 0
      C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk - C:\windows\system32\calc.exe
      C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CCleaner64.exe.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
      C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Escritorio Movistar Latam.lnk - C:\Program Files (x86)\Movistar\Escritorio Movistar Latam\EMMSN.exe
      C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\User\AppData\Roaming\Microsoft\Windows\Libraries
      C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Iexplore.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
      C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Panda Cloud Antivirus.lnk - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe

      ==== Empty IE Cache ======================

      C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
      C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

      ==== Empty FireFox Cache ======================

      No FireFox Profiles found

      ==== Empty Chrome Cache ======================

      C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

      ==== Empty All Flash Cache ======================

      Flash Cache Emptied Successfully

      ==== Empty All Java Cache ======================

      No Java Cache Found

      ==== C:\zoek_backup content ======================

      C:\zoek_backup (files=7 folders=3 34980 bytes)

      ==== Empty Temp Folders ======================

      C:\Users\Administrator\AppData\Local\Temp emptied successfully
      C:\Users\Default\AppData\Local\Temp emptied successfully
      C:\Users\Default User\AppData\Local\Temp emptied successfully
      C:\Users\User\AppData\Local\Temp will be emptied at reboot
      C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
      C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
      C:\windows\Temp will be emptied at reboot

      ==== After Reboot ======================

      ==== Empty Temp Folders ======================

      C:\windows\Temp successfully emptied
      C:\Users\User\AppData\Local\Temp successfully emptied

      ==== Empty Recycle Bin ======================

      C:\$RECYCLE.BIN successfully emptied

      ==== EOF on 30/09/2015 at 16:05:28,33 ======================

      Saludos
      Luis

    5. #15
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.351

      Re: Publicidad indeseada

      Hola

      Realiza los siguientes pasos:

      1) Descarga HitmanPRO su manual de uso

      • Ejecuta HitmanPRO, (en Windows 7 u 8 ejecutar como "Administrador")
      • Presiona el botón: "Siguiente" en las dos pantallas para comenzar.
      • Una vez finalizado el escaneo HitmanPRO incluye 30 días gratuitos para la eliminación de los posibles malwares detectados.
      • En todo caso se puede con su reporte encontrar la ruta especifica de lo detectado y eliminar manualmente.
      • El reporte se genera presionando "Guardar Registro" en donde queramos, para luego abrirlo y copiarnos el contenido en este mismo tema.


      2) Realiza un escaneo en linea ESET Online Scanner

      • Desactiva el Antivirus
      • Después de realizar el escaneo, vuelves a activar el Antivirus
      • Descarga y ejecuta ESET Online (Ver Manual)
      • Marca las casillas de Eliminar las amenazas detectadas y analizar archivos.
      • Haz clic en Configuración adicional y tilda las casillas:
        - Analizar en busca de aplicaciones potencialmente indeseables,
        - Analizar en busca de aplicaciones potencialmente peligrosas
        - Activar la tecnología Anti-Stealth.
      • Pulsa en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.
      • Cuando acabe haz clic en Finalizar
      • Localiza el reporte en C:\Archivos de programa\ESET\ESET Online Scanner\log y nos lo adjuntas en tu próxima respuesta.


      Pega los reportes y comenta como sigue.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #16
      Usuario Avatar de Luis2866
      Registrado
      feb 2014
      Ubicación
      uruguay
      Mensajes
      65

      Re: Publicidad indeseada

      Hola, este es el reporte de hitmanpro:

      Código:
      HitmanPro 3.7.9.246
      www.hitmanpro.com
      
         Computer name . . . . : USUARIO
         Windows . . . . . . . : 6.2.0.9200.X64/2
         User name . . . . . . : Usuario\User
         UAC . . . . . . . . . : Enabled
         License . . . . . . . : Free
      
         Scan date . . . . . . : 2015-10-04 12:37:59
         Scan mode . . . . . . : Normal
         Scan duration . . . . : 4m 39s
         Disk access mode  . . : Direct disk access (SRB)
         Cloud . . . . . . . . : Internet
         Reboot  . . . . . . . : No
      
         Threats . . . . . . . : 0
         Traces  . . . . . . . : 29
      
         Objects scanned . . . : 1.490.319
         Files scanned . . . . : 22.661
         Remnants scanned  . . : 322.002 files / 1.145.656 keys
      
      Potential Unwanted Programs _________________________________________________
      
         ask.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data
      
      
      Cookies _____________________________________________________________________
      
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.inventmx.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.stickyadstv.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:adservingml.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertisation.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:chitika.net
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:mm.chitika.net
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:myroitracking.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:prisacom.112.2o7.net
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:survey.g.doubleclick.net
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.etracker.de
         C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com

      La parte que me dices para entrar en configuración adicional, no me salió esa opción.
      El reporte de eset no lo pude encontrar por ningún lado.

      La publicidad sigue saliendo, un poco más aleatoriamente

      Saludos

    7. #17
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.351

      Re: Publicidad indeseada

      Hola

      Vuelve a ejecutar OTL como te indiqué en el post #2 y me traes un nuevo reporte.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #18
      Usuario Avatar de Luis2866
      Registrado
      feb 2014
      Ubicación
      uruguay
      Mensajes
      65

      Re: Publicidad indeseada

      Hola, este es el resultado:

      OTL logfile created on: 05/10/2015 11:30:13 - Run 3
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
      64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
      Internet Explorer (Version = 9.10.9200.17088)
      Locale: 0000380A | Country: Uruguay | Language: ESY | Date Format: dd/MM/yyyy

      3,88 Gb Total Physical Memory | 2,95 Gb Available Physical Memory | 75,90% Memory free
      4,57 Gb Paging File | 3,34 Gb Available in Paging File | 73,09% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 453,84 Gb Total Space | 403,19 Gb Free Space | 88,84% Space Free | Partition Type: NTFS

      Computer Name: USUARIO | User Name: User | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\User\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security, S.L.)
      PRC - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (Panda Security, S.L.)
      PRC - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security, S.L.)
      PRC - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (Panda Security, S.L.)
      PRC - C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe (Symantec Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Movistar\Escritorio Movistar Latam\ImpWiFiSvc.exe (Telefónica)


      ========== Modules (No Company Name) ==========


      ========== Services (SafeList) ==========

      SRV:64bit: - (HitmanProScheduler) -- C:\Program Files\HitmanPro\hmpsched.exe (SurfRight B.V.)
      SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
      SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
      SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
      SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
      SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
      SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
      SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
      SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
      SRV:64bit: - (THAccelSvc) -- C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe (TOSHIBA CORPORATION)
      SRV:64bit: - (TMachInfo) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
      SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\Teco\TecoService.exe (Toshiba Corporation)
      SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
      SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
      SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
      SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
      SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
      SRV:64bit: - (OfficeSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Microsoft Corporation)
      SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
      SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
      SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
      SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
      SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
      SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
      SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
      SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
      SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
      SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
      SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
      SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
      SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
      SRV - (PSUAService) -- C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (Panda Security, S.L.)
      SRV - (NanoServiceMain) -- C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security, S.L.)
      SRV - (PandaAgent) -- C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (Panda Security, S.L.)
      SRV - (NAT) -- C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe (Symantec Corporation)
      SRV - (dts_apo_service) -- C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe ()
      SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
      SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
      SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
      SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
      SRV - (TGCM_ImportWiFiSvc) -- C:\Program Files (x86)\Movistar\Escritorio Movistar Latam\ImpWiFiSvc.exe (Telefónica)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (PSINReg) -- C:\Windows\SysNative\Drivers\PSINReg.sys (Panda Security, S.L.)
      DRV:64bit: - (PSINKNC) -- C:\Windows\SysNative\Drivers\PSINKNC.sys (Panda Security, S.L.)
      DRV:64bit: - (PSINProt) -- C:\Windows\SysNative\Drivers\PSINProt.sys (Panda Security, S.L.)
      DRV:64bit: - (PSINProc) -- C:\Windows\SysNative\Drivers\PSINProc.sys (Panda Security, S.L.)
      DRV:64bit: - (PSINAflt) -- C:\Windows\SysNative\Drivers\PSINAflt.sys (Panda Security, S.L.)
      DRV:64bit: - (PSINFile) -- C:\Windows\SysNative\Drivers\PSINFile.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSTLSC) -- C:\Windows\SysNative\Drivers\NNStlsc.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSSTRM) -- C:\Windows\SysNative\Drivers\NNSStrm.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSSMTP) -- C:\Windows\SysNative\Drivers\NNSSmtp.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSPROT) -- C:\Windows\SysNative\Drivers\NNSProt.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSPRV) -- C:\Windows\SysNative\Drivers\NNSPrv.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSPOP3) -- C:\Windows\SysNative\Drivers\NNSPop3.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSPIHSW) -- C:\Windows\SysNative\Drivers\NNSPihsw.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSPICC) -- C:\Windows\SysNative\Drivers\NNSpicc.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSHTTP) -- C:\Windows\SysNative\Drivers\NNSHttp.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSIDS) -- C:\Windows\SysNative\Drivers\NNSIds.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSHTTPS) -- C:\Windows\SysNative\Drivers\NNSHttps.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSALPC) -- C:\Windows\SysNative\Drivers\NNSAlpc.sys (Panda Security, S.L.)
      DRV:64bit: - (PSKMAD) -- C:\Windows\SysNative\Drivers\PSKMAD.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSNAHSL) -- C:\Windows\SysNative\Drivers\NNSNAHSL.sys (Panda Security, S.L.)
      DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
      DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
      DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
      DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
      DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
      DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
      DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
      DRV:64bit: - (ccSet_NAT) -- C:\Windows\SysNative\Drivers\NATx64\010A000.009\ccSetx64.sys (Symantec Corporation)
      DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
      DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
      DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
      DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
      DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
      DRV:64bit: - (L1C) -- C:\Windows\SysNative\Drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.)
      DRV:64bit: - (THAccel) -- C:\Windows\SysNative\Drivers\THAccel.sys (TOSHIBA Corporation)
      DRV:64bit: - (RTWlanE) -- C:\Windows\SysNative\Drivers\rtwlane.sys (Realtek Semiconductor Corporation )
      DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
      DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
      DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
      DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\Drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
      DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
      DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
      DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (Thotkey) -- C:\Windows\SysNative\Drivers\Thotkey.sys (Windows (R) Win 7 DDK provider)
      DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
      DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
      DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
      DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
      DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
      DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
      DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
      DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
      DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
      DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
      DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
      DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
      DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
      DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
      DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
      DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
      DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
      DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
      DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
      DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
      DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
      DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
      DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
      DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
      DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
      DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
      DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\Drivers\TVALZ_O.SYS (TOSHIBA Corporation)
      DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\Drivers\tdcmdpst.sys (TOSHIBA Corporation.)
      DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (FwLnk) -- C:\Windows\SysNative\Drivers\FwLnk.sys (TOSHIBA Corporation)
      DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\Drivers\tos_sps64.sys (TOSHIBA Corporation)
      DRV:64bit: - (ZTEusbwwan) -- C:\Windows\SysNative\Drivers\ZTEusbwwan.sys (ZTE Incorporated)
      DRV:64bit: - (massfilter) -- C:\Windows\SysNative\Drivers\massfilter.sys (MBB Incorporated)
      DRV:64bit: - (zte_massejct) -- C:\Windows\SysNative\Drivers\zte_massejct.sys (ZTE Corporation)
      DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\Drivers\ZTEusbser6k.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\Drivers\ZTEusbnmea.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\Drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbMB) -- C:\Windows\SysNative\Drivers\ZTEusbnmeaext2.sys (ZTE Incorporated)
      DRV:64bit: - (USBZTECCID) -- C:\Windows\SysNative\Drivers\ZTEusbccid.sys (ZTE)
      DRV:64bit: - (massfilter_hs) -- C:\Windows\SysNative\Drivers\massfilter_hs.sys (ZTE Incorporated)

      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Google
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Google
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


      IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

      IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

      IE - HKU\S-1-5-21-1387540579-245451928-981849752-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
      IE - HKU\S-1-5-21-1387540579-245451928-981849752-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Home - Welcome to Toshiba [binary data]
      IE - HKU\S-1-5-21-1387540579-245451928-981849752-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
      IE - HKU\S-1-5-21-1387540579-245451928-981849752-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.uy/?gws_rd=ssl
      IE - HKU\S-1-5-21-1387540579-245451928-981849752-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKU\S-1-5-21-1387540579-245451928-981849752-1001\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
      IE - HKU\S-1-5-21-1387540579-245451928-981849752-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
      IE - HKU\S-1-5-21-1387540579-245451928-981849752-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


      ========== FireFox ==========

      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



      ========== Chrome ==========

      CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_1\
      CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
      CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\
      CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_1\
      CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\
      CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_1\
      CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_2\
      CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
      CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
      CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\

      O1 HOSTS File: ([2015/09/30 16:44:02 | 000,000,841 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O1 - Hosts: ::1 localhost
      O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
      O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
      O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation)
      O4:64bit: - HKLM..\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation)
      O4:64bit: - HKLM..\Run: [TODDMain] C:\Program Files (x86)\Toshiba\System Setting\TODDMain.exe ()
      O4 - HKLM..\Run: [PSUAMain] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security, S.L.)
      O4 - HKLM..\Run: [ToshibaAppPlace] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe (Toshiba)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 600
      O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
      O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D6EF0CB-9F1D-4664-9BCE-C1925AB8DBF5}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A2FA082-85B0-488D-8282-08575B5025AA}: NameServer = 200.58.157.11 200.58.141.163
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
      O30 - LSA: Security Packages - (livessp) - File not found
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2015/09/17 18:46:48 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
      NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
      NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
      NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2015/10/04 12:54:43 | 002,870,984 | ---- | C] (ESET) -- C:\Users\User\Desktop\esetsmartinstaller_esn.exe
      [2015/10/04 12:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
      [2015/10/04 12:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
      [2015/10/04 12:36:39 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
      [2015/10/04 12:04:08 | 011,350,472 | ---- | C] (SurfRight B.V.) -- C:\Users\User\Desktop\hitmanpro_x64.exe
      [2015/10/03 11:15:02 | 000,061,712 | ---- | C] (Panda Security, S.L.) -- C:\windows\SysNative\drivers\PSKMAD.sys
      [2015/09/30 17:05:42 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [2015/09/30 17:03:22 | 000,000,000 | ---D | C] -- C:\windows\Temp
      [2015/09/30 17:03:22 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Temp
      [2015/09/30 16:41:12 | 000,000,000 | ---D | C] -- C:\zoek_backup
      [2015/09/25 10:57:18 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Cotecna
      [2015/09/23 12:22:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
      [2015/09/22 20:02:08 | 000,000,000 | ---D | C] -- C:\_OTL
      [2015/09/18 12:59:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
      [2015/09/17 18:46:48 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
      [2015/09/17 18:25:15 | 000,000,000 | R--D | C] -- C:\Users\User\Searches
      [2015/09/09 20:43:39 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\silla
      [2015/09/06 21:48:49 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Fotos para imprimir

      ========== Files - Modified Within 30 Days ==========

      [2015/10/05 10:46:49 | 000,000,922 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
      [2015/10/05 09:54:44 | 001,798,556 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
      [2015/10/05 09:54:44 | 000,797,120 | ---- | M] () -- C:\windows\SysNative\perfh00A.dat
      [2015/10/05 09:54:44 | 000,719,418 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
      [2015/10/05 09:54:44 | 000,162,488 | ---- | M] () -- C:\windows\SysNative\perfc00A.dat
      [2015/10/05 09:54:44 | 000,132,748 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
      [2015/10/05 09:52:40 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
      [2015/10/05 09:51:04 | 000,000,918 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
      [2015/10/05 09:50:48 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl
      [2015/10/05 09:50:36 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
      [2015/10/05 09:50:33 | 3334,696,960 | -HS- | M] () -- C:\hiberfil.sys
      [2015/10/04 12:56:07 | 002,870,984 | ---- | M] (ESET) -- C:\Users\User\Desktop\esetsmartinstaller_esn.exe
      [2015/10/04 12:04:33 | 011,350,472 | ---- | M] (SurfRight B.V.) -- C:\Users\User\Desktop\hitmanpro_x64.exe
      [2015/09/30 16:44:02 | 000,000,841 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
      [2015/09/30 16:41:11 | 000,024,064 | ---- | M] () -- C:\windows\zoek-delete.exe
      [2015/09/30 16:12:35 | 001,309,184 | ---- | M] () -- C:\Users\User\Desktop\zoek.exe
      [2015/09/27 22:11:55 | 000,000,446 | ---- | M] () -- C:\windows\tasks\PocketScanner.job
      [2015/09/22 11:25:31 | 000,781,312 | ---- | M] () -- C:\Users\User\Desktop\delfix_1.011.exe
      [2015/09/18 12:59:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
      [2015/09/17 21:46:33 | 000,003,480 | ---- | M] () -- C:\Users\User\Desktop\222222.rtf
      [2015/09/16 21:53:35 | 000,024,016 | ---- | M] () -- C:\Users\User\Documents\Cálculo construcción.ods

      ========== Files Created - No Company Name ==========

      [2015/09/30 17:03:22 | 000,024,064 | ---- | C] () -- C:\windows\zoek-delete.exe
      [2015/09/30 16:12:26 | 001,309,184 | ---- | C] () -- C:\Users\User\Desktop\zoek.exe
      [2015/09/27 22:11:55 | 000,000,446 | ---- | C] () -- C:\windows\tasks\PocketScanner.job
      [2015/09/22 11:25:22 | 000,781,312 | ---- | C] () -- C:\Users\User\Desktop\delfix_1.011.exe
      [2015/09/06 22:04:00 | 000,024,016 | ---- | C] () -- C:\Users\User\Documents\Cálculo construcción.ods
      [2015/06/09 18:40:14 | 000,000,207 | ---- | C] () -- C:\windows\tweaking.com-regbackup-USUARIO-Windows-8-(64-bit).dat
      [2014/09/09 18:39:58 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll

      ========== ZeroAccess Check ==========


      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2014/03/28 06:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2014/03/28 04:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 01:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 01:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 01:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2013/06/21 08:20:00 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Book Place
      [2013/05/10 03:38:27 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\WinBatch
      [2015/01/30 12:35:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OpenOffice
      [2014/11/18 21:04:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Panda Security
      [2015/01/30 09:15:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Password Solutions
      [2014/07/21 19:20:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Telefónica
      [2014/07/21 19:20:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TGCMLog
      [2014/07/21 21:15:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WildTangent
      [2014/07/09 14:17:28 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WinBatch

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2014/02/22 17:34:10 | 000,000,424 | ---- | M] () -- C:\AVScanner.ini
      [2012/07/26 01:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr
      [2012/06/02 12:30:55 | 000,000,001 | ---- | M] () -- C:\BOOTNXT
      [2015/09/22 11:49:31 | 000,000,232 | ---- | M] () -- C:\DelFix.txt
      [2015/10/05 09:50:33 | 3334,696,960 | -HS- | M] () -- C:\hiberfil.sys
      [2015/10/05 09:50:36 | 738,197,504 | -HS- | M] () -- C:\pagefile.sys
      [2013/09/20 13:43:18 | 000,000,000 | ---- | M] () -- C:\Recovery.txt
      [2014/01/15 22:42:40 | 000,608,032 | ---- | M] (McAfee, Inc.) -- C:\SecurityScanner.dll
      [2015/10/05 09:50:36 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
      [2014/01/31 18:41:15 | 000,002,304 | ---- | M] () -- C:\{76851AFE-98BE-4E7C-883C-C482BA4F24CD}
      [2014/01/27 16:27:51 | 000,002,896 | ---- | M] () -- C:\{82CD680E-1084-4180-9800-C6B274C64373}
      [2014/07/23 21:29:20 | 000,001,944 | ---- | M] () -- C:\{AB70C220-52FF-49E2-B08C-D5E4EFF83EAC}
      [2014/07/23 21:28:08 | 000,001,944 | ---- | M] () -- C:\{AC0B0410-3468-404C-B3CD-68A0B75CA6B6}
      [2014/01/27 21:40:39 | 000,002,416 | ---- | M] () -- C:\{C6161ACF-FE36-457C-9306-64965E6C5678}

      < End of report >

      Saludos

    9. #19
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.351

      Re: Publicidad indeseada

      Hola

      Veo en el reporte esto:

      PRC - C:\Program Files (x86)\Movistar\Escritorio Movistar Latam\ImpWiFiSvc.exe (Telefónica)

      Tienes instalado el Escritorio de Movistar? Mira la configuración a ver si tienes como favorito o algo marcado para que cuando inicies se abra la página de Movistar.

      Si no viene nada, también podríamos desinstalarlo y volverlo a instalar y desmarcar esa opción.

      Compruebalo y me comentas.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #20
      Usuario Avatar de Luis2866
      Registrado
      feb 2014
      Ubicación
      uruguay
      Mensajes
      65

      Re: Publicidad indeseada

      Hola, tengo en la barra de tareas el Escritorio de Movistar, que me brinda internet, siempre estuvo allí. No tengo como favorito arriba en la barra de herrmientas.
      Al principio solo me salía esa publicidad al abrir un página favorito "Mercado libre", pero lo eliminé. Ahora me sale al abrir ese favorito que lo puse nuevamente y al cerrar alguna otra página, pero es medio al azar, no siempre sale la publicidad en la misma página

      Saludos

    Página 2 de 7 PrimeroPrimero 123456 ... ÚltimoÚltimo