• Registrarse
  • Iniciar sesión


  • Resultados 1 al 7 de 7

    Ventana verde rara navegando en Chrome

    Buenas, Estos últimos día me sale de repente una ventana rara verde con un cartel para aceptar. Doy a escape se cierra el cartel y puedo cerrar la ventana. Por ahora no pasa nada más. ...

    1. #1
      Usuario Avatar de Turnman
      Registrado
      feb 2008
      Ubicación
      España
      Mensajes
      17

      Ventana verde rara navegando en Chrome

      Buenas,
      Estos últimos día me sale de repente una ventana rara verde con un cartel para aceptar. Doy a escape se cierra el cartel y puedo cerrar la ventana. Por ahora no pasa nada más.
      En lugar de una dirección web en el navegador pone una ruta con mi perfil y termina en:
      "about.Brontok.A.html"

      ¿Tengo el ordenador en peligro fuerte? No he ejecutado ningún programa raro que yo sepa.

    2. #2
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Ventana verde rara navegando en Chrome

      Hola



      Fijate en los PlugIn de Tu navegador. Toma una captura de pantalla de ellos (Si no entran todos, deberas hacer dos capturas) y luego subì la (las) imagenes en tu Pròxima respuesta. Como subir una imagen al Foro


      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    3. #3
      Usuario Avatar de Turnman
      Registrado
      feb 2008
      Ubicación
      España
      Mensajes
      17

      Re: Ventana verde rara navegando en Chrome

      Gracias por contestar!
      ¿Te refieres a las "extensiones" que tengo?

    4. #4
      Usuario Avatar de Turnman
      Registrado
      feb 2008
      Ubicación
      España
      Mensajes
      17

      Re: Ventana verde rara navegando en Chrome

      Me ha vuelto a pasar:


      Uploaded with ImageShack.us

    5. #5
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Ventana verde rara navegando en Chrome

      Hola




      Descargá la herramienta ComboFix.exe a Tu escritorio.

      • Desactivá temporalmente el Antivirus y/o Antispyware. Cómo deshabilitar temporalmente su Antivirus
      • Cerrá todas las ventanas abiertas.
      • Hacá doble clic en el archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generará un registro en C:\ComboFix.txt.




      Notas Importantes:

      • Mientras CF este trabajando, no debes mover el mouse ya que pararía su proceso.
      • ComboFix Puede Reiniciar automáticamente el PC para completar el proceso de eliminación.
      • Una vez Terminado el Trabajo de ComboFix, podes activar Tu antivirus.
      • No Pongas los Reportes Dentro de Etiquetas Code ni HTML.




      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.


      El reporte generado, se encuentra en C:\ComboFix.txt . Abrilo, seleccionas Todo y lo copias y pegas en Tu próxima respuesta.



      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    6. #6
      Usuario Avatar de Turnman
      Registrado
      feb 2008
      Ubicación
      España
      Mensajes
      17

      Re: Ventana verde rara navegando en Chrome

      Siento el retraso. He tenido que ejecutar el combofix en modo a prueba de errores. En normal se me reiniciaba siempre el ordenador antes de empezar a funcionar.


      Pego:


      ComboFix 12-09-09.02 - Fenix 09/09/2012 10:34:06.1.2 - x64 NETWORK
      Microsoft Windows 7 Home Premium 6.1.7600.0.1252.34.3082.18.4092.3015 [GMT 2:00]
      Running from: c:\users\Fenix\Desktop\ComboFix.exe
      AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
      FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
      SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Created a new restore point
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files (x86)\facemoods.com
      c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
      c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoods.crx
      c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoods.png
      c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsApp.dll
      c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsEng.dll
      c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe
      c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll
      c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\uninstall.exe
      c:\program files (x86)\facemoods.com\sqlite3.dll
      c:\users\Fenix\AppData\Local\Bron.tok-10-1
      c:\users\Fenix\AppData\Local\Bron.tok-10-10
      c:\users\Fenix\AppData\Local\Bron.tok-10-11
      c:\users\Fenix\AppData\Local\Bron.tok-10-12
      c:\users\Fenix\AppData\Local\Bron.tok-10-13
      c:\users\Fenix\AppData\Local\Bron.tok-10-14
      c:\users\Fenix\AppData\Local\Bron.tok-10-15
      c:\users\Fenix\AppData\Local\Bron.tok-10-16
      c:\users\Fenix\AppData\Local\Bron.tok-10-17
      c:\users\Fenix\AppData\Local\Bron.tok-10-18
      c:\users\Fenix\AppData\Local\Bron.tok-10-19
      c:\users\Fenix\AppData\Local\Bron.tok-10-2
      c:\users\Fenix\AppData\Local\Bron.tok-10-20
      c:\users\Fenix\AppData\Local\Bron.tok-10-21
      c:\users\Fenix\AppData\Local\Bron.tok-10-22
      c:\users\Fenix\AppData\Local\Bron.tok-10-23
      c:\users\Fenix\AppData\Local\Bron.tok-10-24
      c:\users\Fenix\AppData\Local\Bron.tok-10-25
      c:\users\Fenix\AppData\Local\Bron.tok-10-26
      c:\users\Fenix\AppData\Local\Bron.tok-10-27
      c:\users\Fenix\AppData\Local\Bron.tok-10-28
      c:\users\Fenix\AppData\Local\Bron.tok-10-29
      c:\users\Fenix\AppData\Local\Bron.tok-10-3
      c:\users\Fenix\AppData\Local\Bron.tok-10-30
      c:\users\Fenix\AppData\Local\Bron.tok-10-31
      c:\users\Fenix\AppData\Local\Bron.tok-10-4
      c:\users\Fenix\AppData\Local\Bron.tok-10-5
      c:\users\Fenix\AppData\Local\Bron.tok-10-6
      c:\users\Fenix\AppData\Local\Bron.tok-10-7
      c:\users\Fenix\AppData\Local\Bron.tok-10-8
      c:\users\Fenix\AppData\Local\Bron.tok-10-9
      c:\users\Fenix\AppData\Local\Bron.tok.A10.em.bin
      c:\users\Fenix\AppData\Local\csrss.exe
      c:\users\Fenix\AppData\Local\inetinfo.exe
      c:\users\Fenix\AppData\Local\Kosong.Bron.Tok.txt
      c:\users\Fenix\AppData\Local\lsass.exe
      c:\users\Fenix\AppData\Local\services.exe
      c:\users\Fenix\AppData\Local\smss.exe
      c:\users\Fenix\AppData\Local\winlogon.exe
      c:\users\Fenix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif
      c:\users\Fenix\AppData\Roaming\Microsoft\Windows\Templates\WowTumpeh.com
      c:\users\Fenix\Documents\~WRL0965.tmp
      c:\users\Fenix\ia_remove.sh1676.tmp
      c:\users\Fenix\ia_remove.sh2785.tmp
      c:\windows\SysWow64\muzapp.exe
      c:\windows\SysWow64\System32\MASetupCleaner.exe
      c:\windows\SysWow64\System32\muzapp.exe
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-08-09 to 2012-09-09 )))))))))))))))))))))))))))))))
      .
      .
      2012-09-09 08:47 . 2012-09-09 08:47 -------- d-----w- c:\users\Invitado\AppData\Local\temp
      2012-09-09 08:47 . 2012-09-09 08:47 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-09-09 08:47 . 2012-09-09 08:47 -------- d-----w- c:\users\Backboy\AppData\Local\temp
      2012-09-03 09:30 . 2012-09-03 09:30 -------- d-----w- c:\users\Fenix\AppData\Roaming\Apple Computer
      2012-09-02 11:32 . 2012-09-02 11:32 -------- d-----w- c:\programdata\Apple Computer
      2012-09-02 11:30 . 2012-09-02 11:30 -------- d-----w- c:\program files (x86)\Common Files\Apple
      2012-09-02 11:30 . 2012-09-02 11:30 -------- d-----w- c:\program files (x86)\Apple Software Update
      2012-09-01 17:36 . 2012-09-01 17:36 -------- d-----w- c:\users\Backboy\AppData\Local\Mozilla
      2012-08-21 18:46 . 2012-08-21 18:46 -------- d-----w- c:\users\Public\Pixologic
      2012-08-21 18:46 . 2012-08-21 18:46 -------- d-----w- c:\program files (x86)\Pixologic
      2012-08-15 11:43 . 2012-08-16 00:03 -------- d-----w- c:\users\Invitado\AppData\Roaming\Audacity
      2012-08-15 11:27 . 2012-08-15 11:27 -------- d-----w- c:\users\Invitado\AppData\Roaming\MusicNet
      2012-08-15 11:27 . 2012-08-15 11:27 -------- d-----w- c:\programdata\1F363
      2012-08-15 11:27 . 2012-08-15 11:27 -------- d-----w- c:\users\Invitado\AppData\Local\iMesh
      2012-08-15 11:23 . 2012-08-15 11:43 -------- d-----w- c:\users\Fenix\AppData\Roaming\Audacity
      2012-08-15 11:23 . 2012-08-15 11:23 -------- d-----w- c:\program files (x86)\Audacity
      2012-08-15 11:19 . 2012-08-15 11:19 -------- d-----w- c:\users\Fenix\AppData\Local\PackageAware
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 94208 ----a-w- c:\users\Fenix\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 94208 ----a-w- c:\users\Fenix\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 94208 ----a-w- c:\users\Fenix\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]
      "HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
      "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104]
      "NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 600936]
      "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 60464]
      "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
      "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
      "amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
      "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      "HideFastUserSwitching"= 0 (0x0)
      .
      [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "mixer"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
      Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
      @="Driver"
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 253088]
      R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
      R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
      R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
      R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
      R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
      R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2011-12-08 127488]
      R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2011-12-08 18944]
      R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2011-12-08 161280]
      R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-25 1255736]
      R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
      S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
      S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]
      S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]
      S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110701.001\BHDrvx64.sys [2011-06-15 1143416]
      S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-26 254528]
      S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110722.031\IDSvia64.sys [2011-07-07 488056]
      S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]
      S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168]
      S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
      S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600]
      S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-05 203264]
      S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
      S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]
      S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
      S2 NMSAccess64;NMSAccess64;c:\windows\SysWOW64\NMSAccess64.exe [2009-01-12 82872]
      S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
      S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
      S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-06-25 136824]
      S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 215040]
      S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-03-09 36408]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - WS2IFSL
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      ezSharedSvc
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
      2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-09-09 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 07:57]
      .
      2012-09-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4048553026-2720575578-2961904856-1000Core.job
      - c:\users\Fenix\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-21 20:46]
      .
      2012-09-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4048553026-2720575578-2961904856-1000UA.job
      - c:\users\Fenix\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-21 20:46]
      .
      2012-09-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4048553026-2720575578-2961904856-1000Core.job
      - c:\users\Fenix\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-24 16:18]
      .
      2012-09-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4048553026-2720575578-2961904856-1000UA.job
      - c:\users\Fenix\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-24 16:18]
      .
      2012-09-03 c:\windows\Tasks\HPCeeScheduleForFenix.job
      - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 97792 ----a-w- c:\users\Fenix\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 97792 ----a-w- c:\users\Fenix\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 97792 ----a-w- c:\users\Fenix\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
      @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 97792 ----a-w- c:\users\Fenix\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]
      "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 610872]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "LoadAppInit_DLLs"=0x0
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = localhost; 127.0.0.1; <local>
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
      TCP: DhcpNameServer = 62.42.230.24 62.42.63.52
      DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} - hxxps://www1.agenciatributaria.gob.es/es13/h/cactivex.cab
      FF - ProfilePath - c:\users\Fenix\AppData\Roaming\Mozilla\Firefox\Profiles\uvf802we.default\
      .
      - - - - ORPHANS REMOVED - - - -
      .
      HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
      AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
      AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\uninstall.exe
      .
      .
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
      "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
      "ImagePath"="c:\windows\system32\GameMon.des -service"
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.10"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker4"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
      "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
      00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates]
      "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
      00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files (x86)\Bonjour\mDNSResponder.exe
      c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
      c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
      c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
      c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
      c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
      .
      **************************************************************************
      .
      Completion time: 2012-09-09 10:57:03 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-09-09 08:57
      .
      Pre-Run: 4.285.792.256 bytes libres
      Post-Run: 6.091.976.704 bytes libres
      .
      - - End Of File - - 8BE09BE4FFB2BA87FB39B291483621DC

    7. #7
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Ventana verde rara navegando en Chrome

      Hola

      Desinstalá CF de la siguiente manera:
      • Ir a Inicio > Ejecutar
      • Escribir lo siguiente: ComboFix /Uninstall como muestra la imagen debajo:

      • Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")



      Si No podes desinstalalrlo asì, Descargá OTC.exe en el escritorio.

      Lo ejecutás y presionás Cleanup para Desinstalar ComboFix y sus carpetas creadas.

      Eso reiniciará tu pc.



      Nos comentas como sigue Todo ahora



      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.