• Registrarse
  • Iniciar sesión


  • Resultados 1 al 5 de 5

    Combofix

    he usado combofix este es el reporte.... ComboFix 12-09-15.02 - Lucia 17/09/2012 17:15:56.1.4 - x64 Microsoft Windows 7 Home Basic 6.1.7601.1.1252.51.3082.18.6088.4199 [GMT -5:00] Running from: c:\users\Lucia\Downloads\ComboFix.exe AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Enabled/Updated* ...

    1. #1
      Usuario Avatar de selenecity
      Registrado
      sep 2012
      Ubicación
      peru
      Mensajes
      3

      Combofix

      he usado combofix este es el reporte....

      ComboFix 12-09-15.02 - Lucia 17/09/2012 17:15:56.1.4 - x64
      Microsoft Windows 7 Home Basic 6.1.7601.1.1252.51.3082.18.6088.4199 [GMT -5:00]
      Running from: c:\users\Lucia\Downloads\ComboFix.exe
      AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
      SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\programdata\FullRemove.exe
      c:\users\Lucia\AppData\Local\Temp\{0CC774A3-CEDF-4742-A227-74C17BDE96D1}\fpb.tmp
      c:\windows\s.bat
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-08-17 to 2012-09-17 )))))))))))))))))))))))))))))))
      .
      .
      2012-09-17 22:21 . 2012-09-17 22:21 -------- d-----w- c:\users\Invitado\AppData\Local\temp
      2012-09-17 22:21 . 2012-09-17 22:21 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-09-17 22:12 . 2012-09-17 22:12 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6262B44E-6244-47F4-B741-B5B9789A5130}\offreg.dll
      2012-09-17 20:59 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6262B44E-6244-47F4-B741-B5B9789A5130}\mpengine.dll
      2012-09-12 03:41 . 2012-09-12 03:41 -------- d-----w- C:\found.000
      2012-09-10 23:19 . 2012-09-10 23:19 -------- d-----w- c:\users\Lucia\AppData\Local\AskToolbar
      2012-09-10 23:04 . 2012-09-13 02:36 -------- d-----w- c:\program files (x86)\Ask.com
      2012-09-10 23:04 . 2012-09-10 23:04 -------- d-----w- C:\Firefox
      2012-09-10 20:12 . 2012-09-10 20:12 -------- d-----w- c:\users\Lucia\AppData\Roaming\Avira
      2012-09-10 20:10 . 2012-02-03 20:25 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
      2012-09-10 20:10 . 2012-02-03 20:25 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
      2012-09-10 20:10 . 2012-02-03 20:25 132320 ----a-w- c:\windows\system32\drivers\avipbb.sys
      2012-09-10 20:10 . 2012-09-10 23:04 -------- d-----w- c:\programdata\Avira
      2012-09-10 20:10 . 2012-09-10 20:10 -------- d-----w- c:\program files (x86)\Avira
      2012-09-10 03:12 . 2012-07-03 16:21 285328 ----a-w- c:\windows\system32\aswBoot.exe
      2012-09-08 23:48 . 2012-09-08 23:48 -------- d-----w- c:\users\Invitado\AppData\Local\Diagnostics
      2012-09-02 17:17 . 2012-09-02 17:17 -------- d-----w- c:\windows\java
      2012-09-02 17:17 . 2012-09-02 17:17 -------- d-----w- c:\program files (x86)\Rational
      2012-09-02 01:24 . 2012-09-02 01:49 -------- d-----w- c:\windows\SHELLNEW
      2012-09-02 01:14 . 2012-09-02 01:14 -------- d-----w- c:\program files\Microsoft Synchronization Services
      2012-09-02 01:14 . 2012-09-02 01:14 -------- d-----w- c:\program files\Common Files\DESIGNER
      2012-09-02 01:14 . 2012-09-02 01:14 -------- d-----w- c:\windows\PCHEALTH
      2012-09-02 01:14 . 2012-09-02 01:14 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
      2012-09-02 01:12 . 2012-09-02 01:49 -------- d-----w- c:\program files\Microsoft Office
      2012-08-31 22:36 . 2012-08-31 22:36 -------- d-----w- c:\users\Lucia\AppData\Roaming\Rational
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
      .
      2012-08-15 16:22 . 2012-07-11 18:18 62134624 ----a-w- c:\windows\system32\MRT.exe
      2012-08-04 16:29 . 2012-08-04 16:29 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-08-04 16:29 . 2012-07-11 15:37 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-07-18 18:15 . 2012-08-15 02:49 3148800 ----a-w- c:\windows\system32\win32k.sys
      2012-07-11 06:22 . 2010-06-24 11:33 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\pp crlconfig600.dll
      2012-07-06 20:07 . 2012-08-15 16:26 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
      2012-07-04 22:16 . 2012-08-15 02:50 73216 ----a-w- c:\windows\system32\netapi32.dll
      2012-07-04 22:13 . 2012-08-15 02:50 59392 ----a-w- c:\windows\system32\browcli.dll
      2012-07-04 22:13 . 2012-08-15 02:50 136704 ----a-w- c:\windows\system32\browser.dll
      2012-07-04 21:14 . 2012-08-15 02:50 41984 ----a-w- c:\windows\SysWow64\browcli.dll
      2012-06-29 04:55 . 2012-08-15 16:25 17809920 ----a-w- c:\windows\system32\mshtml.dll
      2012-06-29 04:09 . 2012-08-15 16:25 10925568 ----a-w- c:\windows\system32\ieframe.dll
      2012-06-29 03:56 . 2012-08-15 16:25 2312704 ----a-w- c:\windows\system32\jscript9.dll
      2012-06-29 03:49 . 2012-08-15 16:25 1346048 ----a-w- c:\windows\system32\urlmon.dll
      2012-06-29 03:49 . 2012-08-15 16:25 1392128 ----a-w- c:\windows\system32\wininet.dll
      2012-06-29 03:48 . 2012-08-15 16:25 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
      2012-06-29 03:47 . 2012-08-15 16:25 237056 ----a-w- c:\windows\system32\url.dll
      2012-06-29 03:45 . 2012-08-15 16:25 85504 ----a-w- c:\windows\system32\jsproxy.dll
      2012-06-29 03:44 . 2012-08-15 16:25 816640 ----a-w- c:\windows\system32\jscript.dll
      2012-06-29 03:43 . 2012-08-15 16:25 173056 ----a-w- c:\windows\system32\ieUnatt.exe
      2012-06-29 03:42 . 2012-08-15 16:25 2144768 ----a-w- c:\windows\system32\iertutil.dll
      2012-06-29 03:40 . 2012-08-15 16:25 96768 ----a-w- c:\windows\system32\mshtmled.dll
      2012-06-29 03:39 . 2012-08-15 16:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
      2012-06-29 03:35 . 2012-08-15 16:25 248320 ----a-w- c:\windows\system32\ieui.dll
      2012-06-29 00:16 . 2012-08-15 16:25 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
      2012-06-29 00:09 . 2012-08-15 16:25 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
      2012-06-29 00:08 . 2012-08-15 16:25 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
      2012-06-29 00:04 . 2012-08-15 16:25 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
      2012-06-29 00:00 . 2012-08-15 16:25 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
      2012-06-20 18:18 1519824 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Internet Explorer\Toolbar]
      "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-20 1519824]
      .
      [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
      [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
      [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
      [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
      "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2012-02-18 39408]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows\CurrentVersion\Run]
      "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160]
      "332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2010-01-19 536576]
      "UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe " [2010-07-26 222504]
      "RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
      "YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
      "YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
      "VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-02-18 329056]
      "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
      "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-02-03 258512]
      "ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-06-20 1568976]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows nt\currentversion\drivers32]
      "aux"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
      Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\MCODS]
      @=""
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 gupdate;Servicio de Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18 136176]
      R3 gupdatem;Servicio de Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18 136176]
      R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
      R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-09-30 299520]
      R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsus bflt.sys [2010-11-21 59392]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
      R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
      R4 MSSQLServerADHelper100;Servicio auxiliar de SQL Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 61976]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
      S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.s ys [2012-02-18 57952]
      S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.s ys [2012-02-18 39008]
      S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.s ys [2012-02-03 27760]
      S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDr v.sys [2012-02-18 13408]
      S1 RsFx0102;RsFx0102 Driver;c:\windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 314904]
      S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
      S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
      S2 AntiVirSchedulerService;Avira Programador;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-02-03 86224]
      S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-02-03 463824]
      S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
      S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [2012-06-15 103472]
      S2 MsDtsServer100;SQL Server Integration Services 10.0;c:\program files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2008-07-10 214040]
      S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService .exe [2008-07-10 2045464]
      S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
      S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-02-18 29792]
      S3 bmusbser;Network Connect USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\bmusbser .sys [2011-08-12 119552]
      S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-28 31088]
      S3 IntcDAud;Sonido Intel(R) para pantallas;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
      S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sy s [2010-10-21 76912]
      S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
      S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.e xe [2008-07-10 34840]
      S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2010-01-10 4925184]
      S3 vm2uvcflt;Vimicro USB Camera Filter 2;c:\windows\system32\Drivers\vm2uvcflt.sys [2010-09-21 15056]
      S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys [2010-12-10 234960]
      .
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18 07:16]
      .
      2012-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18 07:16]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Ve riFace Enc]
      @="{771C7324-DA80-49D3-8017-753B0AF60951}"
      [HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
      2012-02-18 07:08 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
      "Persistence"="c:\windows\system32\igfxpers.ex e" [2011-03-29 418840]
      "Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-02-18 114688]
      "Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-02-18 9753024]
      "EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-02-18 5908928]
      "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "LoadAppInit_DLLs"=0x0
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.com.pe/
      uLocal Page = c:\windows\system32\blank.htm
      mStart Page = hxxp://home.myplaycity.com/
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uSearchAssistant = hxxp://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
      LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
      TCP: Interfaces\{7AF72409-0962-4FAC-8293-062CC09A5C85}: NameServer = 200.108.96.214 200.108.96.218
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-Locked - (no file)
      Toolbar-Locked - (no file)
      WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
      WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
      HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
      HKLM-Run-IMBooster - (no file)
      HKLM-Run-Iminent.Notifier - (no file)
      HKLM-Run-BabylonToolbar - (no file)
      HKLM-Run-facemoods - (no file)
      HKLM-Run-SweetIM - (no file)
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\windows\\SysWOW64\\Macrome d\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUt il32_11_3_300_270_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_3_300_270.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_3_300_270.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_3_300_270.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_3_300_270.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker4"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
      "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00 ,69,00,73,00,74,00,72,00,79,
      00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00 ,5c,00,53,00,6f,00,66,00,\
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ***\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2012-09-17 17:24:23
      ComboFix-quarantined-files.txt 2012-09-17 22:24
      .
      Pre-Run: 347,766,333,440 bytes libres
      Post-Run: 351,331,024,896 bytes libres
      .
      - - End Of File - - 8F6AB33100DB38501B16B17879A0E772


      quisiera saber que si ya no tengo mas virus ... y si puedo eliminar las carpetas que aparecen....
      gracias de antemano

    2. #2
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Combo Fix

      Hola:


      Por ahora no elimines nada que aun tienes restos.


      Has ejecutado Combofix desde un lugar incorrecto ya que debe ser ejecutado desde el escritorio.


      Elimina el ejecutable de : c:\users\Lucia\Downloads\ComboFix.exe


      Realiza lo siguiente:

      Paso 1.-: Paso 2.-:
      • La ejecuta como Administrador.
      Nota: Si usa Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador."
      • Aparecerá el Disclaimer de la herramienta. Presione Sí.
      • Presione la opción 1 (Buscar y Destruir)
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • En caso de estar infectado, AT-Destroyer lo indicará con lineas rojas donde se haya detectado la infección, sino, serán lineas verdes.
      • Una vez terminado el escaneo, podrá volver a ver el escritorio y se le abrirá un reporte, que deberá copiar en su próxima respuesta comentando cómo funciona el sistema.
      • Si algún programa no inicia, reiniciar la PC.



      Paso 3.: Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware


        Si te pide actualizar "Aceptas".
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.


      Nota Importante: Luego del primer reinicio que realiza el programa Combofix, realiza un reinicio mas.




      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de selenecity
      Registrado
      sep 2012
      Ubicación
      peru
      Mensajes
      3

      Re: Combo Fix

      este lo boto el at destroyer

      #################################################### A/T-Destroyer by InfoSpyware ############

      A/T-Destroyer 1.0.7 By Infospyware
      www.infospyware.com
      Fecha iniciada en el analisis 19/09/2012
      Hora iniciada en el analisis 16:37:59.26
      Usuario Actual : [C:\Users\Lucia]
      Sistema Operativo: Windows 7 Home Basic
      Arquitectura: Sistema operativo de 64 bits
      Versión Internet Explorer: 9.0.8112.16421
      Modo Actual: Modo Normal.
      Privilegios: [Lucia-Administrador]
      Versión Google Chrome:
      Versión Mozilla Firefox:

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======


      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | ( ApnUpdater )
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | ( {D4027C7F-154A-4066-A1AD-4243D8127440} )
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
      HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}
      HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}\InprocServer32
      HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}\Programmable
      HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}
      HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1
      HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1\CLSID
      HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1
      HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd
      HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd\CLSID
      HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd\CurVer
      HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd
      HKEY_LOCAL_MACHINE\SOFTWARE\Iminent
      HKEY_LOCAL_MACHINE\SOFTWARE\Iminent
      HKEY_CURRENT_USER\SOFTWARE\Iminent\SearchTheWeb
      HKEY_CURRENT_USER\SOFTWARE\Iminent


      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======


      C:\Program Files (x86)\Ask.com\assets
      C:\Program Files (x86)\Ask.com\AviraBrowserSecurity.exe
      C:\Program Files (x86)\Ask.com\cobrand.ico
      C:\Program Files (x86)\Ask.com\config.xml
      C:\Program Files (x86)\Ask.com\favicon.ico
      C:\Program Files (x86)\Ask.com\fv_1f1e.ico
      C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
      C:\Program Files (x86)\Ask.com\mupcfg.xml
      C:\Program Files (x86)\Ask.com\precache.exe
      C:\Program Files (x86)\Ask.com\SaUpdate.exe
      C:\Program Files (x86)\Ask.com\Updater
      C:\Program Files (x86)\Ask.com\UpdateTask.exe
      C:\Program Files (x86)\Ask.com\assets\oobe
      C:\Program Files (x86)\Ask.com\assets\oobe\b.png
      C:\Program Files (x86)\Ask.com\assets\oobe\bl.png
      C:\Program Files (x86)\Ask.com\assets\oobe\br.png
      C:\Program Files (x86)\Ask.com\assets\oobe\l.png
      C:\Program Files (x86)\Ask.com\assets\oobe\pointer.png
      C:\Program Files (x86)\Ask.com\assets\oobe\r.png
      C:\Program Files (x86)\Ask.com\assets\oobe\t.png
      C:\Program Files (x86)\Ask.com\assets\oobe\tl.png
      C:\Program Files (x86)\Ask.com\assets\oobe\tr.png
      C:\Program Files (x86)\Ask.com\Updater\config.xml
      C:\Program Files (x86)\Ask.com\Updater\Updater.exe
      "C:\Program Files (x86)\Ask.com"
      C:\Users\Lucia\Appdata\Local\GDIPFONTCACHEV1.DAT


      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Local Page == C:\windows\system32\blank.htm

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\Windows\SysWOW64\blank.htm
      Default_Search_URL == http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL == http://go.microsoft.com/fwlink/?LinkId=69157


      "HKEY_USERS\S-1-5-21-67484778-1030500449-1518008317-1000\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Local Page == C:\windows\system32\blank.htm


      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,
      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,






      ======= EOF =======

      de antemano gracias por ayuda

    4. #4
      Usuario Avatar de selenecity
      Registrado
      sep 2012
      Ubicación
      peru
      Mensajes
      3

      Re: Combo Fix

      este es el informe del combofix...

      ComboFix 12-09-18.07 - Lucia 19/09/2012 17:02:40.3.4 - x64
      Microsoft Windows 7 Home Basic 6.1.7601.1.1252.51.3082.18.6088.4121 [GMT -5:00]
      Running from: c:\users\Lucia\Desktop\ComboFix.exe
      AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
      SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-08-19 to 2012-09-19 )))))))))))))))))))))))))))))))
      .
      .
      2012-09-19 22:08 . 2012-09-19 22:08 -------- d-----w- c:\users\Invitado\AppData\Local\temp
      2012-09-19 22:08 . 2012-09-19 22:08 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-09-19 21:11 . 2012-06-29 18:55 22528 ----a-w- c:\windows\AT-Uninstall.exe
      2012-09-19 21:11 . 2012-03-13 04:27 11776 ----a-w- c:\windows\Colous.exe
      2012-09-19 21:11 . 2008-03-25 15:39 69660 ----a-w- c:\windows\Fart.exe
      2012-09-18 00:09 . 2012-09-18 00:09 -------- d-----w- c:\users\Lucia\AppData\Roaming\Malwarebytes
      2012-09-18 00:09 . 2012-09-18 00:09 -------- d-----w- c:\programdata\Malwarebytes
      2012-09-18 00:09 . 2012-09-18 00:09 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2012-09-18 00:09 . 2012-09-07 22:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-09-17 20:59 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6262B44E-6244-47F4-B741-B5B9789A5130}\mpengine.dll
      2012-09-12 03:41 . 2012-09-12 03:41 -------- d-----w- C:\found.000
      2012-09-10 23:19 . 2012-09-10 23:19 -------- d-----w- c:\users\Lucia\AppData\Local\AskToolbar
      2012-09-10 23:04 . 2012-09-10 23:04 -------- d-----w- C:\Firefox
      2012-09-10 20:12 . 2012-09-10 20:12 -------- d-----w- c:\users\Lucia\AppData\Roaming\Avira
      2012-09-10 20:10 . 2012-02-03 20:25 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
      2012-09-10 20:10 . 2012-02-03 20:25 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
      2012-09-10 20:10 . 2012-02-03 20:25 132320 ----a-w- c:\windows\system32\drivers\avipbb.sys
      2012-09-10 20:10 . 2012-09-10 23:04 -------- d-----w- c:\programdata\Avira
      2012-09-10 20:10 . 2012-09-10 20:10 -------- d-----w- c:\program files (x86)\Avira
      2012-09-10 03:12 . 2012-07-03 16:21 285328 ----a-w- c:\windows\system32\aswBoot.exe
      2012-09-08 23:48 . 2012-09-08 23:48 -------- d-----w- c:\users\Invitado\AppData\Local\Diagnostics
      2012-09-02 17:17 . 2012-09-02 17:17 -------- d-----w- c:\windows\java
      2012-09-02 17:17 . 2012-09-02 17:17 -------- d-----w- c:\program files (x86)\Rational
      2012-09-02 01:24 . 2012-09-02 01:49 -------- d-----w- c:\windows\SHELLNEW
      2012-09-02 01:14 . 2012-09-02 01:14 -------- d-----w- c:\program files\Microsoft Synchronization Services
      2012-09-02 01:14 . 2012-09-02 01:14 -------- d-----w- c:\program files\Common Files\DESIGNER
      2012-09-02 01:14 . 2012-09-02 01:14 -------- d-----w- c:\windows\PCHEALTH
      2012-09-02 01:14 . 2012-09-02 01:14 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
      2012-09-02 01:12 . 2012-09-02 01:49 -------- d-----w- c:\program files\Microsoft Office
      2012-08-31 22:36 . 2012-08-31 22:36 -------- d-----w- c:\users\Lucia\AppData\Roaming\Rational
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-08-15 16:22 . 2012-07-11 18:18 62134624 ----a-w- c:\windows\system32\MRT.exe
      2012-08-04 16:29 . 2012-08-04 16:29 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-08-04 16:29 . 2012-07-11 15:37 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-07-18 18:15 . 2012-08-15 02:49 3148800 ----a-w- c:\windows\system32\win32k.sys
      2012-07-11 06:22 . 2010-06-24 11:33 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
      2012-07-06 20:07 . 2012-08-15 16:26 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
      2012-07-04 22:16 . 2012-08-15 02:50 73216 ----a-w- c:\windows\system32\netapi32.dll
      2012-07-04 22:13 . 2012-08-15 02:50 59392 ----a-w- c:\windows\system32\browcli.dll
      2012-07-04 22:13 . 2012-08-15 02:50 136704 ----a-w- c:\windows\system32\browser.dll
      2012-07-04 21:14 . 2012-08-15 02:50 41984 ----a-w- c:\windows\SysWow64\browcli.dll
      2012-06-29 04:55 . 2012-08-15 16:25 17809920 ----a-w- c:\windows\system32\mshtml.dll
      2012-06-29 04:09 . 2012-08-15 16:25 10925568 ----a-w- c:\windows\system32\ieframe.dll
      2012-06-29 03:56 . 2012-08-15 16:25 2312704 ----a-w- c:\windows\system32\jscript9.dll
      2012-06-29 03:49 . 2012-08-15 16:25 1346048 ----a-w- c:\windows\system32\urlmon.dll
      2012-06-29 03:49 . 2012-08-15 16:25 1392128 ----a-w- c:\windows\system32\wininet.dll
      2012-06-29 03:48 . 2012-08-15 16:25 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
      2012-06-29 03:47 . 2012-08-15 16:25 237056 ----a-w- c:\windows\system32\url.dll
      2012-06-29 03:45 . 2012-08-15 16:25 85504 ----a-w- c:\windows\system32\jsproxy.dll
      2012-06-29 03:44 . 2012-08-15 16:25 816640 ----a-w- c:\windows\system32\jscript.dll
      2012-06-29 03:43 . 2012-08-15 16:25 173056 ----a-w- c:\windows\system32\ieUnatt.exe
      2012-06-29 03:42 . 2012-08-15 16:25 2144768 ----a-w- c:\windows\system32\iertutil.dll
      2012-06-29 03:40 . 2012-08-15 16:25 96768 ----a-w- c:\windows\system32\mshtmled.dll
      2012-06-29 03:39 . 2012-08-15 16:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
      2012-06-29 03:35 . 2012-08-15 16:25 248320 ----a-w- c:\windows\system32\ieui.dll
      2012-06-29 00:16 . 2012-08-15 16:25 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
      2012-06-29 00:09 . 2012-08-15 16:25 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
      2012-06-29 00:08 . 2012-08-15 16:25 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
      2012-06-29 00:04 . 2012-08-15 16:25 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
      2012-06-29 00:00 . 2012-08-15 16:25 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
      .
      .
      ((((((((((((((((((((((((((((( [email protected]_22.21.52 )))))))))))))))))))))))))))))))))))))))))
      .
      + 2010-11-21 03:09 . 2012-09-19 21:48 47754 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
      + 2009-07-14 05:10 . 2012-09-19 21:48 41602 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
      + 2012-07-09 02:13 . 2012-09-19 21:48 13262 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-67484778-1030500449-1518008317-1000_UserData.bin
      - 2012-07-08 22:04 . 2012-09-17 15:07 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
      + 2012-07-08 22:04 . 2012-09-19 21:07 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
      - 2012-07-08 22:04 . 2012-09-17 15:07 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
      + 2012-07-08 22:04 . 2012-09-19 21:07 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
      + 2009-07-14 04:54 . 2012-09-19 21:07 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
      - 2009-07-14 04:54 . 2012-09-17 15:07 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
      + 2009-07-14 04:46 . 2012-09-19 20:41 80472 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
      - 2012-09-17 14:45 . 2012-09-17 14:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
      + 2012-09-19 21:45 . 2012-09-19 21:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
      - 2012-09-17 14:45 . 2012-09-17 14:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
      + 2012-09-19 21:45 . 2012-09-19 21:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
      + 2012-07-15 20:20 . 2012-09-19 02:12 235486 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
      + 2012-07-09 19:28 . 2012-09-19 01:19 259706 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
      - 2012-02-17 22:15 . 2012-09-17 21:27 817064 c:\windows\system32\perfh00A.dat
      + 2012-02-17 22:15 . 2012-09-19 21:52 817064 c:\windows\system32\perfh00A.dat
      - 2009-07-14 02:36 . 2012-09-17 21:27 721382 c:\windows\system32\perfh009.dat
      + 2009-07-14 02:36 . 2012-09-19 21:52 721382 c:\windows\system32\perfh009.dat
      - 2012-02-17 22:15 . 2012-09-17 21:27 184320 c:\windows\system32\perfc00A.dat
      + 2012-02-17 22:15 . 2012-09-19 21:52 184320 c:\windows\system32\perfc00A.dat
      + 2009-07-14 02:36 . 2012-09-19 21:52 148438 c:\windows\system32\perfc009.dat
      - 2009-07-14 02:36 . 2012-09-17 21:27 148438 c:\windows\system32\perfc009.dat
      + 2012-07-09 23:05 . 2012-09-18 00:27 522768 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
      - 2012-07-09 23:05 . 2012-09-09 05:43 522768 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
      + 2009-07-14 05:01 . 2012-09-19 21:44 412384 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
      - 2009-07-14 05:01 . 2012-09-17 04:58 412384 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
      + 2012-07-08 22:11 . 2012-09-19 21:44 15627476 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-67484778-1030500449-1518008317-1000-8192.dat
      + 2012-07-08 22:11 . 2012-09-19 04:11 26022608 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-67484778-1030500449-1518008317-1000-4096.dat
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-02-18 39408]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160]
      "332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2010-01-19 536576]
      "UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
      "RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
      "YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
      "YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
      "VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-02-18 329056]
      "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
      "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-02-03 258512]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "aux"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
      Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
      @=""
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 gupdate;Servicio de Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18 136176]
      R3 bmusbser;Network Connect USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\bmusbser.sys [2011-08-12 119552]
      R3 gupdatem;Servicio de Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18 136176]
      R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
      R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
      R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-09-30 299520]
      R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
      R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
      R4 MSSQLServerADHelper100;Servicio auxiliar de SQL Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 61976]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
      S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [2012-02-18 57952]
      S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-02-18 39008]
      S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-02-03 27760]
      S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [2012-02-18 13408]
      S1 RsFx0102;RsFx0102 Driver;c:\windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 314904]
      S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
      S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
      S2 AntiVirSchedulerService;Avira Programador;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-02-03 86224]
      S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-02-03 463824]
      S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
      S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
      S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [2012-06-15 103472]
      S2 MsDtsServer100;SQL Server Integration Services 10.0;c:\program files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2008-07-10 214040]
      S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2008-07-10 2045464]
      S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
      S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-02-18 29792]
      S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-28 31088]
      S3 IntcDAud;Sonido Intel(R) para pantallas;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
      S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-10-21 76912]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
      S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
      S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2008-07-10 34840]
      S3 vm2uvcflt;Vimicro USB Camera Filter 2;c:\windows\system32\Drivers\vm2uvcflt.sys [2010-09-21 15056]
      S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys [2010-12-10 234960]
      .
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18 07:16]
      .
      2012-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18 07:16]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
      @="{771C7324-DA80-49D3-8017-753B0AF60951}"
      [HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
      2012-02-18 07:08 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418840]
      "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
      "Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-02-18 114688]
      "Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-02-18 9753024]
      "EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-02-18 5908928]
      "IMBooster"="" [BU]
      "Iminent.Notifier"="" [BU]
      "BabylonToolbar"="" [BU]
      "facemoods"="" [BU]
      "SweetIM"="" [BU]
      "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.com
      uLocal Page = c:\windows\system32\blank.htm
      mStart Page = hxxp://www.google.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uSearchAssistant = hxxp://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
      LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-Locked - (no file)
      WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
      WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker4"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
      "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
      00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2012-09-19 1743
      ComboFix-quarantined-files.txt 2012-09-19 22:10
      ComboFix2.txt 2012-09-19 21:28
      ComboFix3.txt 2012-09-17 22:24
      .
      Pre-Run: 351,173,480,448 bytes libres
      Post-Run: 350,869,999,616 bytes libres
      .
      - - End Of File - - EF6CFC155EDD4F6E89F31B9A9526A416

      ojala ya este todo bien segun el resultado del at destroyer habia infecciones pero
      en los servicios no habia infeccion....

      en caso de ya no haber problemas explicame como hago para eliminar las carpetas que creo el combofix y me aparece una carpeta found y otra msocache que creo estaban ocultas porque tienen una imagen de candado....

      espero tu pronta respuesta y gracias por la ayuda...
      Última edición por selenecity fecha: 19/09/12 a las 18:33:21

    5. #5
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Combo Fix

      Hola selenecity:




      1.-Abrir el Notepad (Bloc de Notas)
      • Ir a INICIO > EJECUTAR >
      • Y ahí pones notepad.exe y ACEPTAR

      2.-Ahora copia y pega estos archivos dentro del Notepad

      Código:
      KillAll::
      
      ClearJavaCache:: 
      
      Folder::
      c:\users\Lucia\AppData\Local\AskToolbar
      
      Registry::
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "IMBooster"=-
      "Iminent.Notifier"=-
      "BabylonToolbar"=-
      "SweetIM"=-
      3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

      4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

      • Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente?



      Sobre la carpeta Found guarda los archivos cuando se hace un examen al disco-


      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.