• Registrarse
  • Iniciar sesión


  • Resultados 1 al 2 de 2

    problema con fbdownloader search

    Hola me ha surgido este problema en el ordenador y he seguido vuestras instrucciones y por desgracia, el problema empeoró. os adjunto los archivos de los programas: #################################################### A/T-Destroyer by InfoSpyware ############ A/T-Destroyer 1.0.7 By ...

    1. #1
      Usuario Avatar de jane85
      Registrado
      mar 2010
      Ubicación
      valladolid
      Mensajes
      17

      problema con fbdownloader search

      Hola

      me ha surgido este problema en el ordenador y he seguido vuestras instrucciones y por desgracia, el problema empeoró.

      os adjunto los archivos de los programas:

      #################################################### A/T-Destroyer by InfoSpyware ############

      A/T-Destroyer 1.0.7 By Infospyware
      www.infospyware.com
      Fecha iniciada en el analisis 25/10/2012
      Hora iniciada en el analisis 19:48:32,23
      Usuario Actual : [C:\Users\Vito]
      Sistema Operativo: Windows 7 Home Premium
      Arquitectura: Sistema operativo de 64 bits
      Versión Internet Explorer: 9.0.8112.16421
      Modo Actual: Modo Normal.
      Privilegios: [Vito-Administrador]
      Versión Google Chrome:
      Versión Mozilla Firefox:

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======


      HKEY_LOCAL_MACHINE\SOFTWARE\Iminent
      HKEY_LOCAL_MACHINE\SOFTWARE\Iminent
      HKEY_CURRENT_USER\SOFTWARE\Iminent
      HKEY_CURRENT_USER\SOFTWARE\Iminent


      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======


      C:\Users\Vito\AppData\Roaming\Babylon\log_file.txt
      "C:\Users\Vito\AppData\Roaming\Babylon"
      "C:\ProgramData\Babylon"
      C:\Users\Vito\Appdata\Local\GDIPFONTCACHEV1.DAT


      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\windows\system32\blank.htm
      Default_Page_URL == http://search.fbdownloader.com/?channel=sfsp202fbdgy12

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\Windows\SysWOW64\blank.htm
      Default_Search_URL == http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL == http://go.microsoft.com/fwlink/?LinkId=69157


      "HKEY_USERS\S-1-5-21-2045739800-1638997731-2564366352-1000\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\windows\system32\blank.htm
      Default_Page_URL == http://search.fbdownloader.com/?channel=sfsp202fbdgy12








      ======= EOF =======


      Lo siento. no encuentro el texto del segundo programa gladius.




      ComboFix 12-10-17.05 - Vito 25/10/2012 20:07:21.1.4 - x64
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.34.3082.18.6125.4409 [GMT 2:00]
      Running from: c:\users\Vito\Downloads\ComboFix.exe
      AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
      AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
      FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
      SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
      SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\users\Vito\AppData\Roaming\.#
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      -------\Service_nvsvc
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-09-25 to 2012-10-25 )))))))))))))))))))))))))))))))
      .
      .
      2012-10-25 18:12 . 2012-10-25 18:12 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-10-25 17:48 . 2012-06-29 11:55 22528 ----a-w- c:\windows\AT-Uninstall.exe
      2012-10-25 17:48 . 2012-03-12 21:27 11776 ----a-w- c:\windows\Colous.exe
      2012-10-25 17:48 . 2008-03-25 08:39 69660 ----a-w- c:\windows\Fart.exe
      2012-10-25 17:32 . 2012-10-25 17:32 -------- d-----w- c:\users\Vito\AppData\Roaming\GlarySoft
      2012-10-25 17:22 . 2012-10-25 17:59 -------- d-----w- c:\program files (x86)\Glary Utilities
      2012-10-25 17:15 . 2012-10-25 17:15 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
      2012-10-24 19:22 . 2012-10-24 19:22 -------- d-----w- c:\users\Vito\AppData\Roaming\AVG2013
      2012-10-24 19:20 . 2012-10-24 19:20 -------- d-----w- c:\users\Vito\AppData\Roaming\TuneUp Software
      2012-10-24 19:19 . 2012-10-24 19:21 -------- d-----w- c:\programdata\AVG2013
      2012-10-24 19:19 . 2012-10-24 19:19 -------- d-----w- C:\$AVG
      2012-10-24 19:19 . 2012-10-24 19:19 -------- d-----w- c:\program files (x86)\AVG
      2012-10-24 19:00 . 2012-10-25 17:16 -------- d-----w- c:\programdata\MFAData
      2012-10-24 19:00 . 2012-10-24 23:21 -------- d-----w- c:\users\Vito\AppData\Local\Avg2013
      2012-10-24 19:00 . 2012-10-24 19:00 -------- d-----w- c:\users\Vito\AppData\Local\MFAData
      2012-10-24 18:50 . 2012-10-17 00:31 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2894DF3E-FF6B-4A78-B497-8D408D2D3F54}\mpengine.dll
      2012-10-24 18:08 . 2012-09-27 22:18 65309168 ----a-w- c:\windows\system32\MRT.exe
      2012-10-20 00:45 . 2012-10-20 00:45 -------- d-----w- c:\users\Vito\AppData\Roaming\SDIV 2.0
      2012-10-20 00:45 . 2012-10-20 00:45 -------- d-----w- c:\users\Vito\AppData\Roaming\HMN
      2012-10-20 00:45 . 2012-10-20 00:45 -------- d-----w- c:\users\Vito\AppData\Roaming\DataMgr
      2012-10-10 12:28 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
      2012-10-10 12:28 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
      2012-10-10 12:28 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
      2012-10-10 12:28 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
      2012-10-10 12:28 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
      2012-10-10 12:28 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
      2012-10-06 12:59 . 2012-10-25 17:08 -------- d-----r- c:\users\Vito\Dropbox
      2012-10-06 12:58 . 2012-10-25 17:09 -------- d-----w- c:\users\Vito\AppData\Roaming\Dropbox
      2012-10-05 01:26 . 2012-10-05 01:26 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
      2012-10-02 01:30 . 2012-10-02 01:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys
      2012-10-01 02:03 . 2012-10-01 02:03 -------- d-----w- c:\programdata\Hewlett-Packard
      2012-10-01 02:03 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
      2012-09-30 00:36 . 2012-09-30 00:36 -------- d-----w- c:\users\Vito\Tracing
      2012-09-30 00:34 . 2012-10-20 00:45 -------- d-----w- c:\users\Vito\AppData\Roaming\AnvSoft
      2012-09-30 00:33 . 2012-09-30 00:33 31080 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
      2012-09-30 00:33 . 2012-09-30 00:34 -------- d-----w- c:\program files (x86)\AVG Secure Search
      2012-09-30 00:33 . 2012-09-30 00:33 -------- d--h--w- c:\programdata\Common Files
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-09-28 19:32 . 2012-09-08 19:14 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-09-28 19:32 . 2011-12-08 17:53 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-09-21 01:46 . 2012-09-21 01:46 200032 ----a-w- c:\windows\system32\drivers\avgtdia.sys
      2012-09-21 01:46 . 2012-09-21 01:46 225120 ----a-w- c:\windows\system32\drivers\avgloga.sys
      2012-09-21 01:45 . 2012-09-21 01:45 61792 ----a-w- c:\windows\system32\drivers\avgidsha.sys
      2012-09-19 08:02 . 2012-09-19 08:02 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
      2012-09-14 01:05 . 2012-09-14 01:05 40800 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
      2012-09-13 01:11 . 2012-09-13 01:11 151904 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
      2012-09-04 08:39 . 2012-09-04 08:39 50296 ----a-w- c:\windows\system32\drivers\avgfwd6a.sys
      2012-08-24 11:15 . 2012-09-21 21:18 17810944 ----a-w- c:\windows\system32\mshtml.dll
      2012-08-24 10:39 . 2012-09-21 21:18 10925568 ----a-w- c:\windows\system32\ieframe.dll
      2012-08-24 10:31 . 2012-09-21 21:18 2312704 ----a-w- c:\windows\system32\jscript9.dll
      2012-08-24 10:22 . 2012-09-21 21:18 1346048 ----a-w- c:\windows\system32\urlmon.dll
      2012-08-24 10:21 . 2012-09-21 21:18 1392128 ----a-w- c:\windows\system32\wininet.dll
      2012-08-24 10:20 . 2012-09-21 21:18 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
      2012-08-24 10:18 . 2012-09-21 21:18 237056 ----a-w- c:\windows\system32\url.dll
      2012-08-24 10:17 . 2012-09-21 21:18 85504 ----a-w- c:\windows\system32\jsproxy.dll
      2012-08-24 10:14 . 2012-09-21 21:18 173056 ----a-w- c:\windows\system32\ieUnatt.exe
      2012-08-24 10:14 . 2012-09-21 21:18 816640 ----a-w- c:\windows\system32\jscript.dll
      2012-08-24 10:13 . 2012-09-21 21:18 599040 ----a-w- c:\windows\system32\vbscript.dll
      2012-08-24 10:12 . 2012-09-21 21:18 2144768 ----a-w- c:\windows\system32\iertutil.dll
      2012-08-24 10:11 . 2012-09-21 21:18 729088 ----a-w- c:\windows\system32\msfeeds.dll
      2012-08-24 10:10 . 2012-09-21 21:18 96768 ----a-w- c:\windows\system32\mshtmled.dll
      2012-08-24 10:09 . 2012-09-21 21:18 2382848 ----a-w- c:\windows\system32\mshtml.tlb
      2012-08-24 10:04 . 2012-09-21 21:18 248320 ----a-w- c:\windows\system32\ieui.dll
      2012-08-24 06:59 . 2012-09-21 21:18 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
      2012-08-24 06:51 . 2012-09-21 21:18 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
      2012-08-24 06:51 . 2012-09-21 21:18 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
      2012-08-24 06:47 . 2012-09-21 21:18 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
      2012-08-24 06:47 . 2012-09-21 21:18 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
      2012-08-24 06:43 . 2012-09-21 21:18 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
      2012-08-22 18:12 . 2012-09-20 23:48 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2012-08-22 18:12 . 2012-09-20 23:49 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
      2012-08-22 18:12 . 2012-09-20 23:48 376688 ----a-w- c:\windows\system32\drivers\netio.sys
      2012-08-22 18:12 . 2012-09-20 23:48 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      2012-08-21 21:01 . 2012-09-25 17:31 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
      2012-08-20 17:38 . 2012-10-10 12:29 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2012-08-15 23:48 . 2011-03-29 02:36 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
      2012-08-02 17:58 . 2012-09-20 23:48 574464 ----a-w- c:\windows\system32\d3d10level9.dll
      2012-08-02 16:57 . 2012-09-20 23:48 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
      2012-07-30 11:32 . 2012-07-30 11:32 102240 ----a-w- c:\windows\system32\drivers\ssudbus.sys
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
      2012-09-30 00:33 1734240 ----a-w- c:\program files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
      "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll" [2012-09-30 1734240]
      .
      [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
      [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
      [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 94208 ----a-w- c:\users\Vito\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 94208 ----a-w- c:\users\Vito\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 94208 ----a-w- c:\users\Vito\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "DataMgr"="c:\users\Vito\AppData\Roaming\DataMgr\datamgr.exe" [2012-09-25 168264]
      "Protector"="wscript.exe" [2009-07-14 141824]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "RunAIShell"="c:\program files (x86)\ASUS\AI Manager\AsShellApplication.exe" [2009-12-23 232064]
      "ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536]
      "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
      "ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe" [2011-07-05 737104]
      "ASUS Easy Update"="c:\program files (x86)\ASUS\ASUS Easy Update\ALU.exe" [2009-12-31 195200]
      "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-09-30 947808]
      "ROC_ROC_NT"="c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe" [2012-09-30 856160]
      "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-10-10 3116152]
      .
      c:\users\Vito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Dropbox.lnk - c:\users\Vito\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-8-27 26924984]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-12-8 548528]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
      Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
      R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
      R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-26 158976]
      R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
      R3 mv91xx;mv91xx;c:\windows\system32\drivers\mv91xx.sys [2010-07-02 293416]
      R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-12-10 80384]
      R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-12-10 181248]
      R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
      R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2010-01-17 48416]
      R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2010-01-17 29472]
      R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104]
      R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2010-01-17 48416]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
      R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys [2010-01-17 29472]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-04 1255736]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
      S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys [2010-11-08 14464]
      S0 asahci64;asahci64;c:\windows\system32\drivers\asahci64.sys [2011-03-23 36448]
      S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-09-21 61792]
      S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
      S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
      S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
      S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
      S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
      S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-09-13 151904]
      S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
      S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
      S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-09-30 31080]
      S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
      S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
      S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-06-13 922240]
      S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-02 915584]
      S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
      S2 avgfws;Cortafuegos de AVG;c:\program files (x86)\AVG\AVG2013\avgfws.exe [2012-10-02 1314720]
      S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-10-02 5783672]
      S2 avgwd;WatchDog de AVG;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-02 193568]
      S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
      S2 Device Handle Service;Device Handle Service;c:\windows\SysWOW64\AsHookDevice.exe [2009-12-23 203392]
      S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2010-01-17 32544]
      S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
      S2 sprtsvc_Telefonica;SupportSoft Sprocket Service (Telefonica);c:\program files (x86)\Telefonica\bin\sprtsvc.exe [2007-03-08 202280]
      S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-08-17 379496]
      S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
      S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
      S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-09-30 722528]
      S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [2011-09-14 129000]
      S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [2011-09-14 394216]
      S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-10-20 56344]
      S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-11-11 155752]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
      S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
      S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
      S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
      S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
      S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - WS2IFSL
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
      Hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-10-25 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files (x86)\Glary Utilities\initialize.exe [2012-10-25 10:45]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
      @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
      [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
      2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSShellExt64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
      @="{64174815-8D98-4CE6-8646-4C039977D808}"
      [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
      2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSShellExt64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 97792 ----a-w- c:\users\Vito\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 97792 ----a-w- c:\users\Vito\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 97792 ----a-w- c:\users\Vito\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
      @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 97792 ----a-w- c:\users\Vito\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-20 168216]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-20 392472]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-20 416024]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-20 11613288]
      "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-08 1111568]
      "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 197152]
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      uStart Page = hxxp://www.google.com
      mStart Page = hxxp://www.google.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      TCP: DhcpNameServer = 80.58.61.250 80.58.61.254
      Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
      .
      - - - - ORPHANS REMOVED - - - -
      .
      BHO-{553318DA-D010-469E-84B1-496563CAE1BF} - (no file)
      Toolbar-Locked - (no file)
      Wow6432Node-HKLM-Run-CtrlMod20 - c:\users\Vito\AppData\Local\Temp\ctrlAT20.exe
      Toolbar-Locked - (no file)
      WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
      c:\program files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
      c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
      c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
      c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      .
      **************************************************************************
      .
      Completion time: 2012-10-25 20:17:06 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-10-25 18:17
      .
      Pre-Run: 131.743.293.440 bytes libres
      Post-Run: 130.922.471.424 bytes libres
      .
      - - End Of File - - 5FB73FA900A32946E46AF3E54F366AC0

      cuando el ordenador se me reinició, no me dejaba entrar en nada. me aparecía la frase
      intento de operacion ilegal en una clave del registro que estaba marcada para su eliminación.


      después de esto, me he asustado y he restaurado el sistema a un punto que establecí ayer y el ordenador volvia a estar como antes. fastidiandome ese fbdownloader.

      agradeceria cualquier comentario.

      gracias

    2. #2
      Ex-Colaborador Avatar de RevesdeLiberte
      Registrado
      feb 2010
      Ubicación
      México
      Mensajes
      7.976

      Re: problema con fbdownloader search

      Hola jane85
      Bienvenido al Foro de InfoSpyware.






      Puesto que restauraste sistema a un punto anterior, los reportes y pasos que has echo no sirven de nada. Ademas, lo que te sucedió tras usar ComboFix es normal, solamente tenias que reiniciar el sistema para que regresara todo a la normalidad, por eso es que esta herramienta no se debe usar sin que alguien del Staff de Infospyware te la solicite directamente.

      ¡Atención! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.



      Realiza lo siguiente:


      • Vas Inicio > Panel de control > Programas > Programas y características
      • Selecciona uno a uno los siguientes programas y has clic en el botón Desinstalar:
        • AVG Internet Security 2013
        • Trend Micro Titanium Internet Security


      Posteriormente, descarga OTC.exe en el escritorio. Lo ejecutas y presionas CleanUp!, luego Yes dos veces. Terminando la limpieza de aplicaciones harás un par de pasos mas:





      Se abrirá un bloc de notas con el reporte, copia y pega todo su contenido en la siguiente respuesta para revisarlo, comentando si persiste el problema inicial.
      La paciencia es un árbol de raíces amargas, pero de frutos dulces.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.