• Registrarse
  • Iniciar sesión


  • Resultados 1 al 4 de 4

    El cursor salta al redactar en Word de Microsoft office 2007

    Consulta InfoSpyware " Virus que hace saltar las lineas cuando escribo ". El antivirus Bull Guard no detecto infeccion en el dia de hoy, tampoco MalwareBytes. SuperantiSpyware detecto: " Trojan Dropper/win-NV. NVN.Ejecute ESET ONLINE y ...

    1. #1
      Usuario Avatar de sebastian0320
      Registrado
      jul 2012
      Ubicación
      calle Ayacucho N 35, Moron, Estado Carabobo
      Mensajes
      7

      El cursor salta al redactar en Word de Microsoft office 2007

      Consulta InfoSpyware " Virus que hace saltar las lineas cuando escribo ". El antivirus Bull Guard no detecto infeccion en el dia de hoy, tampoco MalwareBytes. SuperantiSpyware detecto: " Trojan Dropper/win-NV. NVN.Ejecute ESET ONLINE y no detecto infeccion.
      Ejecute OTM by OldTimer y me reporto lo siguiente:

      FILES ==========
      File/Folder C:\Rogue.exe not found.
      File/Folder C:\Malware.exe not found.
      File/Folder C:\Documents and settings\Spyware not found.
      File/Folder C:\Troyano.com not found.
      ========== COMMANDS ==========

      OTM by OldTimer - Version 3.1.21.0 log created on 103020_160522

      Ejecute CCLEAR y la falla persiste. Incluso redactando estas lines el cursor me ha borrado lo escrito.

      Que podra originar el problema?
      Debo ejecutar ComboFix
      Tengo instalado Win Seven
      Les agradezco su ayuda.
      gracias

    2. #2
      Usuario Avatar de sebastian0320
      Registrado
      jul 2012
      Ubicación
      calle Ayacucho N 35, Moron, Estado Carabobo
      Mensajes
      7

      Re: El cursor salta al redactar en Word de Microsoft office 2007

      Cita Originalmente publicado por sebastian0320 Ver Mensaje
      Consulta InfoSpyware " Virus que hace saltar las lineas cuando escribo ". El antivirus Bull Guard no detecto infeccion en el dia de hoy, tampoco MalwareBytes. SuperantiSpyware detecto: " Trojan Dropper/win-NV. NVN.Ejecute ESET ONLINE y no detecto infeccion.
      Ejecute OTM by OldTimer y me reporto lo siguiente:

      FILES ==========
      File/Folder C:\Rogue.exe not found.
      File/Folder C:\Malware.exe not found.
      File/Folder C:\Documents and settings\Spyware not found.
      File/Folder C:\Troyano.com not found.
      ========== COMMANDS ==========

      OTM by OldTimer - Version 3.1.21.0 log created on 103020_160522

      Ejecute CCLEAR y la falla persiste. Incluso redactando estas lines el cursor me ha borrado lo escrito.

      Que podra originar el problema?
      Debo ejecutar ComboFix
      Tengo instalado Win Seven
      Les agradezco su ayuda.
      gracias
      Como obtener respuesta el foro?????

    3. #3
      Usuario Avatar de sebastian0320
      Registrado
      jul 2012
      Ubicación
      calle Ayacucho N 35, Moron, Estado Carabobo
      Mensajes
      7

      Re: El cursor salta al redactar en Word de Microsoft office 2007

      All processes killed
      ========== FILES ==========
      File/Folder C:\Program Files\Plus Esencial 2009\Esenciales 2009\AutoPlay\Docs\FlashFXP_3.8__3.7.8_Build_1327_ .rar not found.
      File/Folder C:\Users\Alec\Documents\OEMail\Elementos eliminados.dbx not found.
      File/Folder D:\Downloads\dap81-es.exe not found.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Public

      User: sebastian
      ->Temp folder emptied: 1675855 bytes
      ->Temporary Internet Files folder emptied: 58285 bytes
      ->Java cache emptied: 7504 bytes
      ->FireFox cache emptied: 5946975 bytes
      ->Google Chrome cache emptied: 19733906 bytes
      ->Flash cache emptied: 492 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 29008 bytes
      %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50539 bytes
      RecycleBin emptied: 4873653 bytes

      Total Files Cleaned = 31,00 mb


      [EMPTYFLASH]

      User: All Users

      User: Default

      User: Default User

      User: Public

      User: sebastian
      ->Flash cache emptied: 0 bytes

      Total Flash Files Cleaned = 0,00 mb


      OTM by OldTimer - Version 3.1.21.0 log created on 11012012_204439

    4. #4
      Usuario Avatar de sebastian0320
      Registrado
      jul 2012
      Ubicación
      calle Ayacucho N 35, Moron, Estado Carabobo
      Mensajes
      7

      Re: El cursor salta al redactar en Word de Microsoft office 2007

      ComboFix 12-11-02.02 - sebastian 02/11/2012 10:49:06.3.2 - x86
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.58.3082.18.2013.1214 [GMT -4,5:30]
      Running from: c:\users\sebastian\Downloads\ComboFix.exe
      Command switches used :: /u
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      Infected copy of c:\windows\system32\userinit.exe was found and disinfected
      Restored copy from - c:\windows\erdnt\cache\userinit.exe
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-10-02 to 2012-11-02 )))))))))))))))))))))))))))))))
      .
      .
      2012-11-02 15:24 . 2012-11-02 15:24 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-11-01 03:32 . 2012-11-01 03:32 -------- d-----w- c:\program files\Microsoft Works
      2012-10-31 23:50 . 2012-03-13 03:57 11776 ----a-w- c:\windows\Colous.exe
      2012-10-31 23:50 . 2008-03-25 15:09 69660 ----a-w- c:\windows\Fart.exe
      2012-10-27 15:54 . 2012-10-27 15:54 -------- d-----w- c:\programdata\Babylon
      2012-10-27 04:40 . 2012-10-27 15:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
      2012-10-27 04:40 . 2012-09-30 00:24 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-10-27 03:36 . 2012-10-27 04:19 -------- d-----w- c:\program files\SUPERAntiSpyware
      2012-10-27 02:41 . 2012-10-27 02:41 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
      2012-10-27 02:33 . 2012-10-27 02:33 -------- d-----w- c:\programdata\Malwarebytes
      2012-10-26 22:43 . 2012-10-26 22:43 -------- d-----w- c:\program files\ESET
      2012-10-26 13:20 . 2012-10-26 13:20 -------- d-----w- c:\program files\Common Files\Java
      2012-10-26 13:19 . 2012-10-26 13:19 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
      2012-10-26 13:19 . 2012-10-26 13:19 746984 ----a-w- c:\windows\system32\deployJava1.dll
      2012-10-26 13:19 . 2012-10-26 13:19 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
      2012-10-26 13:19 . 2012-10-26 13:19 -------- d-----w- c:\program files\Java
      2012-10-26 13:14 . 2012-10-26 13:14 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
      2012-10-25 22:17 . 2012-10-25 22:17 -------- d-----w- c:\program files\Microsoft Silverlight
      2012-10-25 12:09 . 2012-10-25 12:09 -------- d-----w- C:\fotos de mama
      2012-10-25 11:15 . 2012-10-25 11:15 -------- d-----w- c:\program files\uTorrent
      2012-10-25 01:31 . 2012-10-25 01:31 -------- d-----w- c:\program files\VS Revo Group
      2012-10-25 01:08 . 2012-10-25 01:08 -------- d-----w- c:\program files\Lavalys
      2012-10-24 20:13 . 2012-10-24 20:13 -------- d-----w- c:\program files\RocketDock
      2012-10-24 15:13 . 2012-10-24 15:13 -------- d-----w- c:\program files\Mozilla Maintenance Service
      2012-10-24 12:29 . 2012-10-24 12:29 -------- d-----w- c:\program files\Microsoft
      2012-10-24 12:29 . 2012-10-24 12:29 -------- d-----w- c:\program files\Windows Live SkyDrive
      2012-10-24 12:29 . 2012-10-24 12:29 -------- d-----w- c:\program files\Windows Live
      2012-10-24 12:28 . 2006-11-29 17:36 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
      2012-10-24 12:28 . 2012-10-24 12:28 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
      2012-10-24 12:22 . 2012-10-24 12:22 -------- d-----w- c:\programdata\WEBREG
      2012-10-24 12:14 . 2012-10-24 12:14 -------- d-----w- c:\programdata\HP Product Assistant
      2012-10-24 12:10 . 2012-10-24 12:10 -------- d-----w- c:\program files\Common Files\HP
      2012-10-24 12:09 . 2012-10-24 12:09 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
      2012-10-24 12:08 . 2008-10-06 20:07 315392 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpfpp083.dll
      2012-10-24 12:08 . 2008-10-29 18:56 271704 ----a-w- c:\windows\system32\hpzids01.dll
      2012-10-24 12:08 . 2008-10-06 20:08 121344 ----a-w- c:\windows\system32\hpf3l083.dll
      2012-10-24 12:08 . 2008-10-29 18:57 974848 ----a-w- c:\windows\system32\hpost_p02b.dll
      2012-10-24 12:08 . 2008-10-29 18:57 737280 ----a-w- c:\windows\system32\hposwia_p02b.dll
      2012-10-24 12:08 . 2008-10-29 18:57 307200 ----a-w- c:\windows\system32\hposc_p02a.dll
      2012-10-24 12:07 . 2012-10-24 12:15 -------- d-----w- c:\program files\HP
      2012-10-24 12:02 . 2012-10-24 12:17 -------- d-----w- c:\programdata\HP
      2012-10-24 11:35 . 2011-11-15 08:27 30528 ----a-w- c:\windows\system32\TURegOpt.exe
      2012-10-24 11:34 . 2011-11-15 08:24 21312 ----a-w- c:\windows\system32\authuitu.dll
      2012-10-24 11:34 . 2011-11-15 08:23 30016 ----a-w- c:\windows\system32\uxtuneup.dll
      2012-10-24 11:34 . 2012-10-24 11:37 -------- d-----w- c:\program files\TuneUp Utilities 2010
      2012-10-24 11:34 . 2012-10-24 11:34 -------- d-----w- c:\programdata\TuneUp Software
      2012-10-24 11:33 . 2012-10-24 11:33 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
      2012-10-24 04:48 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll
      2012-10-24 04:48 . 2012-10-24 04:48 -------- d-----w- c:\program files\K-Lite Codec Pack
      2012-10-24 04:48 . 2012-10-24 04:48 -------- d-----w- c:\program files\Open Freely
      2012-10-24 04:04 . 2012-11-01 03:55 -------- d-----w- c:\program files\MSECache
      2012-10-24 04:00 . 2006-10-27 00:26 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
      2012-10-24 04:00 . 2006-10-27 00:26 32592 ----a-w- c:\windows\system32\msonpmon.dll
      2012-10-24 03:58 . 2012-10-24 03:58 -------- d-----w- c:\windows\PCHEALTH
      2012-10-24 03:56 . 2012-11-01 03:28 -------- d-----w- c:\program files\Microsoft Visual Studio 8
      2012-10-24 03:56 . 2012-11-01 03:34 -------- d-----w- c:\programdata\Microsoft Help
      2012-10-24 02:20 . 2012-10-28 02:52 -------- d-----w- c:\program files\Unlocker
      2012-10-24 00:40 . 2012-10-24 00:40 -------- d-----w- c:\program files\IMinent Toolbar
      2012-10-23 23:07 . 2012-10-23 23:07 -------- d-----w- c:\program files\Defraggler
      2012-10-23 23:01 . 2012-10-25 00:42 -------- d-----w- c:\program files\Speccy
      2012-10-23 23:00 . 2012-10-30 02:08 -------- d-----w- c:\program files\Recuva
      2012-10-23 22:45 . 2012-10-24 02:28 -------- d-----w- c:\program files\CCleaner
      2012-10-23 20:19 . 2012-10-23 20:19 -------- d-----w- C:\Effects
      2012-10-23 19:59 . 2012-10-23 20:00 -------- d-----w- c:\program files\Paint.NET
      2012-10-23 19:42 . 2012-10-23 19:42 -------- d-----w- c:\program files\Common Files\Windows Live
      2012-10-23 19:36 . 2012-10-23 19:36 -------- d-----w- c:\program files\SearchYa!
      2012-10-23 19:21 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
      2012-10-23 19:21 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
      2012-10-23 19:21 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
      2012-10-23 19:21 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
      2012-10-23 19:21 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
      2012-10-23 19:21 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
      2012-10-23 19:21 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
      2012-10-23 19:20 . 2012-06-02 19:49 171904 ----a-w- c:\windows\system32\wuwebv.dll
      2012-10-23 19:20 . 2012-06-02 19:42 33792 ----a-w- c:\windows\system32\wuapp.exe
      2012-10-23 19:06 . 2012-10-23 19:06 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
      2012-10-23 19:06 . 2012-10-23 19:06 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
      2012-10-23 19:03 . 2012-10-23 19:03 -------- d-----w- c:\windows\system32\Macromed
      2012-10-23 19:00 . 2012-10-23 19:05 -------- d-----w- c:\programdata\Google Updater
      2012-10-23 18:29 . 2012-10-23 19:00 -------- d-----w- c:\program files\Google
      2012-10-23 18:15 . 2012-10-23 18:15 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
      2012-10-23 14:09 . 2012-11-01 03:55 -------- d-sh--w- c:\windows\Installer
      2012-10-23 13:46 . 2012-10-17 07:02 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4ACACC10-2A4E-4368-BB19-EC84B5A65314}\mpengine.dll
      2012-10-23 13:46 . 2012-05-31 16:55 237072 ------w- c:\windows\system32\MpSigStub.exe
      2012-10-23 13:30 . 2009-07-14 01:15 319488 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpfppw73.dll
      2012-10-23 12:36 . 2012-10-23 12:36 -------- d-----w- C:\$UPGRADE.~OS
      2012-10-23 07:54 . 2012-10-27 13:44 -------- d-----w- c:\windows\Panther
      2012-10-23 07:39 . 2012-10-23 07:39 -------- d-----w- C:\Windows.old
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-10-11 01:05 . 2012-10-24 15:13 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-08-21 495616]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
      "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "aux1"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
      @=""
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
      2006-10-27 05:17 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
      2012-10-16 17:07 4762496 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
      2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
      "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
      "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
      .
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
      S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]
      S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
      S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
      S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
      S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
      S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [x]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
      S3 RTL8167;Controlador NT de Realtek 8167;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
      S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
      S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
      S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
      S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [x]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - WS2IFSL
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
      hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
      BullGuard_Backup REG_MULTI_SZ BsBackup BsBackup BsBackup
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      UxTuneUp
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-11-02 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-23 19:06]
      .
      2012-11-02 c:\windows\Tasks\Google Software Updater.job
      - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-23 19:00]
      .
      2012-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2012-10-23 18:29]
      .
      2012-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2012-10-23 18:29]
      .
      2012-11-01 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 068a874e-3878-4c14-be32-4d690ca99c2a.job
      - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
      .
      2012-10-28 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 0c69c803-dbbd-4933-89c7-d39b9e1163de.job
      - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://bing.com/
      mStart Page = hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc-100&cd=2XzuyEtN2Y1L1QzutDtDtByCtCzztC0B0BtByEtB0C0A0A0BtN0D0Tzu0StBzyyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=580897593
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 200.44.32.12 200.11.248.12
      FF - ProfilePath - c:\users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\c9t0k3lw.default\
      FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
      FF - prefs.js: browser.startup.homepage - about:home
      FF - ExtSQL: 2012-10-24 07:45; [email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
      FF - ExtSQL: 2012-10-28 10:35; [email protected]; c:\program files\BullGuard Ltd\BullGuard\Antiphishing\FF\[email protected]
      FF - ExtSQL: !HIDDEN! 2012-10-24 07:45; [email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
      FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=7605caab0000000000000026181bb242&q=
      FF - user.js: extensions.BabylonToolbar.id - 7605caab0000000000000026181bb242
      FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
      FF - user.js: extensions.BabylonToolbar.instlDay - 15640
      FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8
      FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8
      FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.811:25
      FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
      FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
      FF - user.js: extensions.BabylonToolbar.aflt - babsst
      FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
      FF - user.js: extensions.BabylonToolbar.tlbrId - base
      FF - user.js: extensions.BabylonToolbar.instlRef - sst
      FF - user.js: extensions.BabylonToolbar.dfltLng - en
      FF - user.js: extensions.BabylonToolbar.excTlbr - false
      FF - user.js: extensions.BabylonToolbar.admin - false
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------
      .
      - - - - - - - > 'Explorer.exe'(2668)
      c:\windows\System32\ieframe.dll
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\windows\system32\taskhost.exe
      c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
      c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
      c:\windows\system32\conhost.exe
      c:\windows\system32\sppsvc.exe
      c:\program files\Windows Media Player\wmpnetwk.exe
      .
      **************************************************************************
      .
      Completion time: 2012-11-02 10:58:38 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-11-02 15:28
      ComboFix2.txt 2012-11-02 15:13
      ComboFix3.txt 2012-11-02 14:52
      .
      Pre-Run: 62.723.784.704 bytes libres
      Post-Run: 62.673.088.512 bytes libres
      .
      - - End Of File - - 79A00A0C97B8D3D6091FF8C7DCE756B2