• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 15

    Cuando entro a mi correo Yahoo redirecciona a YIM.COM

    Hola, Tengo el siguiente problema, cuando me logeo en mi cuenta de yahoo mail, me redirecciona al siguiente enlace: http://www.yim.com/?redir=frame&uid=www50ad247331de37.97637900 Ya busque hacerca de esto y Yahoo explica que esto no es un problema con ...

    1. #1
      Usuario Avatar de th3r0rn
      Registrado
      mar 2010
      Ubicación
      mexico
      Mensajes
      22

      Cuando entro a mi correo Yahoo redirecciona a YIM.COM

      Hola,
      Tengo el siguiente problema, cuando me logeo en mi cuenta de yahoo mail, me redirecciona al siguiente enlace: http://www.yim.com/?redir=frame&uid=www50ad247331de37.97637900
      Ya busque hacerca de esto y Yahoo explica que esto no es un problema con sus servicios, sino un problema de Malware o virus.
      Otra cosa que me he dado cuenta es que esto solo pasa cuando entro desde firefox, ya que si entro con chrome no tengo este problema.
      Ya elimine todo el historial de navegacion, cookies, sessiones etcetera.
      Tambien scanie con NOD32 y con el antivirus de windows essentials security. Tambien lo hize con Malware Bytes y no encontraon nada.

      Pueden ayudarme?
      Saludos.

    2. #2
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Cuando entro a mi correo Yahoo redirecciona a YIM.COM

      Hola



      Desinstalà completamente Firefox, con Marcadores y Todo.



      Vas a trabajar con 2 herramientas. Intentá hacer todos los pasos que menciono mas abajo. Si alguno NO podes hacer, lo saltas y seguis con los otros.




      PASO 1



      Descargá Glary Utilities a Tu escritorio y lo instalas según Su manual.


      Ejecutá Glary Utilities

      • Presioná el Boton Mantenimiento un Clic
      • Presioná el Boton Ver Resultados y esperá a que termine.
      • Cuando termine, presionas el Boton Reparar Problemas.






      PASO 2



      Descarga la herramienta ComboFix.exe a Tu escritorio.
      • Desactivá temporalmente el Antivirus y/o Antispyware.
      • Cerrá todas las ventanas abiertas.
      • Hacé doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generará un reporte en C:\ComboFix.txt.


      • *Nota* Mientras CF este trabajando no debes mover el mouse ya que pararía su proceso.
      • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      • *Nota* No vuelvas a utilizar ComboFix ni ningun otro programa antivirus hasta que no te de una respuesta.



      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.


      NOTAS IMPORTANTES:

      ° Una vez Terminado el Trabajo de ComboFix, podes activar Tu antivirus.

      ° No Pongas los Reportes Dentro de Etiquetas Code ni HTML.

      ° No vuelvas a ejecutar ningún otro programa antivirus hasta que vuelva con una respuesta.

      ° Si No podes realizar un paso, lo saltas y seguis con el próximo.



      En Tu próxima respuesta, debes poner el reporte de ComboFix, que se encuentra en C:\ComboFix.txt



      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    3. #3
      Usuario Avatar de th3r0rn
      Registrado
      mar 2010
      Ubicación
      mexico
      Mensajes
      22

      Re: Cuando entro a mi correo Yahoo redirecciona a YIM.COM

      ComboFix 12-11-20.02 - franco.lr 11/22/2012 13:44:14.1.2 - x86
      Microsoft Windows 7 Enterprise 6.1.7601.1.1252.52.1033.18.2021.865 [GMT -6:00]
      Running from: c:\users\franco.lr\Downloads\ComboFix.exe
      AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
      FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
      SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
      SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Created a new restore point
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      C:\install.exe
      c:\users\franco.lr\AppData\Local\assembly\tmp
      c:\windows\system32\html
      c:\windows\system32\html\calendar.html
      c:\windows\system32\html\calendarbottom.html
      c:\windows\system32\html\calendartop.html
      c:\windows\system32\html\crystalexportdialog.htm
      c:\windows\system32\html\crystalprinthost.html
      c:\windows\system32\images
      c:\windows\system32\images\toolbar\calendar.gif
      c:\windows\system32\images\toolbar\crlogo.gif
      c:\windows\system32\images\toolbar\export.gif
      c:\windows\system32\images\toolbar\export_over.gif
      c:\windows\system32\images\toolbar\exportd.gif
      c:\windows\system32\images\toolbar\First.gif
      c:\windows\system32\images\toolbar\first_over.gif
      c:\windows\system32\images\toolbar\Firstd.gif
      c:\windows\system32\images\toolbar\gotopage.gif
      c:\windows\system32\images\toolbar\gotopage_over.gif
      c:\windows\system32\images\toolbar\gotopaged.gif
      c:\windows\system32\images\toolbar\grouptree.gif
      c:\windows\system32\images\toolbar\grouptree_over.gif
      c:\windows\system32\images\toolbar\grouptreed.gif
      c:\windows\system32\images\toolbar\grouptreepressed.gif
      c:\windows\system32\images\toolbar\Last.gif
      c:\windows\system32\images\toolbar\last_over.gif
      c:\windows\system32\images\toolbar\Lastd.gif
      c:\windows\system32\images\toolbar\Next.gif
      c:\windows\system32\images\toolbar\next_over.gif
      c:\windows\system32\images\toolbar\Nextd.gif
      c:\windows\system32\images\toolbar\Prev.gif
      c:\windows\system32\images\toolbar\prev_over.gif
      c:\windows\system32\images\toolbar\Prevd.gif
      c:\windows\system32\images\toolbar\print.gif
      c:\windows\system32\images\toolbar\print_over.gif
      c:\windows\system32\images\toolbar\printd.gif
      c:\windows\system32\images\toolbar\Refresh.gif
      c:\windows\system32\images\toolbar\refresh_over.gif
      c:\windows\system32\images\toolbar\refreshd.gif
      c:\windows\system32\images\toolbar\Search.gif
      c:\windows\system32\images\toolbar\search_over.gif
      c:\windows\system32\images\toolbar\searchd.gif
      c:\windows\system32\images\toolbar\up.gif
      c:\windows\system32\images\toolbar\up_over.gif
      c:\windows\system32\images\toolbar\upd.gif
      c:\windows\system32\images\tree\begindots.gif
      c:\windows\system32\images\tree\beginminus.gif
      c:\windows\system32\images\tree\beginplus.gif
      c:\windows\system32\images\tree\blank.gif
      c:\windows\system32\images\tree\blankdots.gif
      c:\windows\system32\images\tree\dots.gif
      c:\windows\system32\images\tree\lastdots.gif
      c:\windows\system32\images\tree\lastminus.gif
      c:\windows\system32\images\tree\lastplus.gif
      c:\windows\system32\images\tree\Magnify.gif
      c:\windows\system32\images\tree\minus.gif
      c:\windows\system32\images\tree\minusbox.gif
      c:\windows\system32\images\tree\plus.gif
      c:\windows\system32\images\tree\plusbox.gif
      c:\windows\system32\images\tree\singleminus.gif
      c:\windows\system32\images\tree\singleplus.gif
      c:\windows\system32\spool\prtprocs\w32x86\x5pp.dll
      c:\windows\system32\TuneUp\TuneUp.exe
      .
      ----- File Replicators -----
      .
      c:\program files\Marimba\.marimba\workspace\ch.10\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.10\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.10\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.11\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.11\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.11\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.118\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.118\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.118\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.119\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.119\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.119\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.12\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.12\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.12\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.126\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.126\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.126\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.127\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.127\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.127\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.13\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.13\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.13\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.130\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.130\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.130\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.14\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.14\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.14\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.15\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.15\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.15\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.154\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.154\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.154\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.158\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.158\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.158\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.159\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.159\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.159\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.16\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.16\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.16\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.160\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.160\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.160\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.161\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.161\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.161\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.164\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.164\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.164\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.17\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.17\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.17\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.18\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.18\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.18\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.19\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.19\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.20\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.20\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.20\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.21\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.21\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.21\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.22\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.22\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.22\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.23\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.23\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.23\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.24\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.24\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.24\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.25\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.25\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.25\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.28\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.28\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.28\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.3\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.3\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.3\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.30\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.30\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.30\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.35\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.35\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.35\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.36\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.36\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.36\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.5\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.5\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.5\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.6\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.6\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.68\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.68\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.68\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.69\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.69\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.69\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.8\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.8\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.8\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.86\data\regsvrw.exe
      c:\program files\Marimba\.marimba\workspace\ch.86\data\RenameLk.exe
      c:\program files\Marimba\.marimba\workspace\ch.86\data\thinreg.exe
      c:\program files\Marimba\.marimba\workspace\ch.9\data\RenameLk.exe
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-10-22 to 2012-11-22 )))))))))))))))))))))))))))))))
      .
      .
      2012-11-22 19:57 . 2012-11-22 19:57 -------- d-----w- c:\users\password\AppData\Local\temp
      2012-11-22 19:57 . 2012-11-22 19:57 -------- d-----w- c:\users\luis\AppData\Local\temp
      2012-11-22 19:57 . 2012-11-22 19:57 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-11-22 19:57 . 2012-11-22 19:57 -------- d-----w- c:\users\correa.c.7\AppData\Local\temp
      2012-11-22 19:57 . 2012-11-22 19:57 -------- d-----w- c:\users\Administrator\AppData\Local\temp
      2012-11-22 19:37 . 2012-11-22 19:37 -------- d-----w- c:\users\franco.lr\AppData\Roaming\GlarySoft
      2012-11-22 19:18 . 2012-11-22 19:18 -------- d-----w- c:\program files\Glary Utilities
      2012-11-21 19:56 . 2012-11-21 19:56 -------- d-----w- c:\program files\ESET
      2012-11-16 21:59 . 2012-06-29 15:57 379904 ----a-w- c:\windows\system32\XRXCWWJT_localspl.dll
      2012-11-16 21:59 . 2012-06-29 15:56 395776 ----a-w- c:\windows\system32\XRXCWWJT_usbmon.dll
      2012-11-15 17:07 . 2012-11-15 17:07 -------- d-----w- c:\program files\CCleaner
      2012-11-15 14:19 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
      2012-11-15 14:19 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
      2012-11-15 14:10 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll
      2012-11-01 21:07 . 2012-11-01 21:01 96601 ----a-w- c:\windows\net.exe
      2012-10-26 17:39 . 2012-10-26 17:39 -------- d-----w- c:\program files\NuGet 1.2
      2012-10-25 20:07 . 2012-10-25 20:07 -------- d-----w- c:\programdata\VS
      2012-10-25 19:57 . 2012-10-25 19:57 -------- d-----w- c:\program files\Microsoft
      2012-10-25 17:56 . 2012-10-25 17:56 -------- d-----w- c:\users\franco.lr\AppData\Local\Xerox
      2012-10-25 17:51 . 2012-10-25 17:51 -------- d-----w- c:\program files\Common Files\Xerox
      2012-10-25 17:51 . 2012-06-29 15:57 379904 ----a-w- c:\windows\system32\XRXCWWJT_tcpmon.dll
      2012-10-25 17:51 . 2012-10-25 17:51 -------- d-----w- c:\program files\Common Files\Xerox Logging
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-11-22 17:19 . 2011-11-01 18:37 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
      2012-11-01 18:51 . 2012-04-09 15:10 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
      2012-11-01 18:51 . 2011-11-01 19:04 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
      2012-10-26 17:39 . 2011-11-08 20:33 2556608 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\3082\ResourceCache.dll
      2012-09-30 01:54 . 2012-01-20 20:24 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
      @="{C5994560-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
      @="{C5994561-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
      @="{C5994562-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
      @="{C5994563-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
      @="{C5994564-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
      @="{C5994565-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
      @="{C5994566-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
      @="{C5994567-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
      @="{C5994568-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-21 719672]
      "Facebook Update"="c:\users\franco.lr\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
      "googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
      "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2011-09-16 63048]
      "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
      "Communicator"="c:\program files\Microsoft Lync\communicator.exe" [2012-02-28 12071200]
      "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
      "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 3080264]
      .
      c:\users\franco.lr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      "EnableLinkedConnections"= 1 (0x1)
      .
      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
      "DisallowCpl"= 1 (0x1)
      .
      [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
      "HideSCAHealth"= 1 (0x1)
      "DisallowCpl"= 1 (0x1)
      HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
      2012-07-31 11:20 38872 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
      2011-09-01 22:47 90448 ----a-w- c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
      2012-01-17 16:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
      .
      R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
      R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
      R2 MsDtsServer100;SQL Server Integration Services 10.0;c:\program files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [x]
      R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [x]
      R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
      R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys [x]
      R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
      R3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [x]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
      R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
      R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\DRIVERS\terminpt.sys [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\DRIVERS\TsUsbGD.sys [x]
      R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
      R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
      R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [x]
      R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
      R4 RsFx0102;RsFx0102 Driver;c:\windows\system32\DRIVERS\RsFx0102.sys [x]
      R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
      R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
      S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
      S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
      S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
      S2 Apache2.2;Apache2.2;c:\appserv\Apache2.2\bin\httpd.exe [x]
      S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
      S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
      S2 iReport;iReport;c:\program files\iReport\iReport Client\iReport.exe [x]
      S2 JobTrigger;JobTrigger;c:\windows\system32\JobTrigger.exe [x]
      S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [x]
      S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]
      S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
      S2 workspace;workspace;c:\program files\Marimba\Castanet Tuner\Tuner.exe [x]
      S2 XrxXgsPrintAgent;Xerox Print Agent;c:\program files\Xerox\Xerox Print Agent\PlatformFiles\AgentService.exe [x]
      S3 Mandiant_Tools;Mandiant_Tools;c:\programdata\Application Data\iReport\mktools.sys [x]
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-11-22 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 18:51]
      .
      2012-11-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1573535808-330910908-1264475144-88728Core.job
      - c:\users\franco.lr\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-07 22:57]
      .
      2012-11-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1573535808-330910908-1264475144-88728UA.job
      - c:\users\franco.lr\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-07 22:57]
      .
      2012-11-22 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files\Glary Utilities\initialize.exe [2012-11-22 18:45]
      .
      2012-11-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1573535808-330910908-1264475144-88728Core.job
      - c:\users\franco.lr\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-01 18:45]
      .
      2012-11-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1573535808-330910908-1264475144-88728UA.job
      - c:\users\franco.lr\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-01 18:45]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://valp-page.la.pg.com/reportes_sys/asp/index1.asp?tipo=maple
      uInternet Settings,ProxyServer = autoproxy.pg.com:8080
      IE: &Enviar a OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
      IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
      Trusted Zone: archer-tech.com
      Trusted Zone: bechtle.com
      Trusted Zone: benefitsweb.com
      Trusted Zone: box.com
      Trusted Zone: box.net
      Trusted Zone: boxcloud.com
      Trusted Zone: buckandhickman.com
      Trusted Zone: cexp.com
      Trusted Zone: conrad.de
      Trusted Zone: corporateexpress.co.uk
      Trusted Zone: corporateexpress.fr
      Trusted Zone: dataswetsconnect.com
      Trusted Zone: editorialcontentexchange.com
      Trusted Zone: egencia.ca
      Trusted Zone: egencia.com
      Trusted Zone: ehowe.com
      Trusted Zone: elateral.com
      Trusted Zone: electrocomponents.com
      Trusted Zone: erelief.to
      Trusted Zone: eway.ca
      Trusted Zone: festo.com
      Trusted Zone: fieldglass.net
      Trusted Zone: gaerner.de
      Trusted Zone: globoforce.com
      Trusted Zone: globoforce.net
      Trusted Zone: grainger.com
      Trusted Zone: greenham.com
      Trusted Zone: hoffmann-group.com
      Trusted Zone: hubspan.net
      Trusted Zone: iesa.co.uk
      Trusted Zone: imes.be
      Trusted Zone: inxpo.com
      Trusted Zone: joneslanglasalle.com
      Trusted Zone: kroschke.com
      Trusted Zone: lyreco.com
      Trusted Zone: merck.de
      Trusted Zone: motionmro.com
      Trusted Zone: mymro.com
      Trusted Zone: net-library.de
      Trusted Zone: nielsen.com
      Trusted Zone: officedepot.co.uk
      Trusted Zone: overtoom.nl
      Trusted Zone: pg.com\esupport
      Trusted Zone: pomeroy.com
      Trusted Zone: quickbase.com\pg
      Trusted Zone: routeco.com
      Trusted Zone: sap-ag.de
      Trusted Zone: schweitzer-online.de
      Trusted Zone: sigmaaldrich.com
      Trusted Zone: smartforce.com
      Trusted Zone: smartforce.com\www
      Trusted Zone: spigit.com\pg
      Trusted Zone: staplesadvantage.fr
      Trusted Zone: swets.nl
      Trusted Zone: symphonyplm.com
      Trusted Zone: tanomail.com
      Trusted Zone: thepsc.com\pg
      Trusted Zone: totalinformation.com
      Trusted Zone: vwr.com
      Trusted Zone: vwrsp.com
      Trusted Zone: webex.com
      Trusted Zone: webexeu.com
      Trusted Zone: archer-tech.com
      Trusted Zone: bechtle.com
      Trusted Zone: benefitsweb.com
      Trusted Zone: box.com
      Trusted Zone: box.net
      Trusted Zone: boxcloud.com
      Trusted Zone: buckandhickman.com
      Trusted Zone: cexp.com
      Trusted Zone: conrad.de
      Trusted Zone: corporateexpress.co.uk
      Trusted Zone: corporateexpress.fr
      Trusted Zone: dataswetsconnect.com
      Trusted Zone: editorialcontentexchange.com
      Trusted Zone: egencia.ca
      Trusted Zone: egencia.com
      Trusted Zone: ehowe.com
      Trusted Zone: elateral.com
      Trusted Zone: electrocomponents.com
      Trusted Zone: erelief.to
      Trusted Zone: eway.ca
      Trusted Zone: festo.com
      Trusted Zone: fieldglass.net
      Trusted Zone: gaerner.de
      Trusted Zone: globoforce.com
      Trusted Zone: globoforce.net
      Trusted Zone: grainger.com
      Trusted Zone: greenham.com
      Trusted Zone: hoffmann-group.com
      Trusted Zone: hubspan.net
      Trusted Zone: iesa.co.uk
      Trusted Zone: imes.be
      Trusted Zone: inxpo.com
      Trusted Zone: joneslanglasalle.com
      Trusted Zone: kroschke.com
      Trusted Zone: lyreco.com
      Trusted Zone: merck.de
      Trusted Zone: motionmro.com
      Trusted Zone: mymro.com
      Trusted Zone: net-library.de
      Trusted Zone: nielsen.com
      Trusted Zone: officedepot.co.uk
      Trusted Zone: overtoom.nl
      Trusted Zone: pg.com\esupport
      Trusted Zone: pomeroy.com
      Trusted Zone: quickbase.com\pg
      Trusted Zone: routeco.com
      Trusted Zone: sap-ag.de
      Trusted Zone: schweitzer-online.de
      Trusted Zone: sigmaaldrich.com
      Trusted Zone: smartforce.com
      Trusted Zone: spigit.com\pg
      Trusted Zone: staplesadvantage.fr
      Trusted Zone: swets.nl
      Trusted Zone: symphonyplm.com
      Trusted Zone: tanomail.com
      Trusted Zone: thepsc.com\pg
      Trusted Zone: totalinformation.com
      Trusted Zone: vwr.com
      Trusted Zone: vwrsp.com
      Trusted Zone: webex.com
      Trusted Zone: webexeu.com
      TCP: DhcpNameServer = 192.44.120.10 143.26.128.29 192.44.212.206
      DPF: iLO 2 Remote Console Applet - hxxps://155.127.71.110/dvc.cab
      DPF: {C3CBFE35-9BE8-11D1-B31B-006008948294} - hxxp://www.timevision.com/codebase30/OrgPubX.cab
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-Locked - (no file)
      HKCU-Run-TuneUp - c:\windows\system32\TuneUp\TuneUp.exe
      HKLM-Run-TuneUp - c:\windows\system32\TuneUp\TuneUp.exe
      HKU-Default-Run-TuneUp - c:\windows\system32\TuneUp\TuneUp.exe
      MSConfigStartUp-AdobeCS5ServiceManager - c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
      MSConfigStartUp-TuneUp - c:\windows\system32\TuneUp\TuneUp.exe
      .
      .
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mysql]
      "ImagePath"="c:\appserv\MySQL\bin\mysqld-nt --defaults-file=c:\appserv\MySQL\my.ini mysql"
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2012-11-22 14:00:05
      ComboFix-quarantined-files.txt 2012-11-22 20:00
      .
      Pre-Run: 88,099,467,264 bytes free
      Post-Run: 88,000,946,176 bytes free
      .
      - - End Of File - - 9C5F1740D711BE97CD61E4E53F5E4577

    4. #4
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Cuando entro a mi correo Yahoo redirecciona a YIM.COM

      Hola


      Descargá a Tu escritorio la herramienta TZ-Kill

      Ejecuta TZ-Kill
      Descomprimis el archivo en el escritorio y Hacè doble click sobre el archivo "TZ-Kill 2.0.2.exe" y presionas el boton Ejecutar (automáticamente eliminarà las entradas "015 - Trusted Zone")


      Luego, ejecutas nuevamente ComboFix, tal cual lo hiciste antes.


      Esperamos ese reporte.



      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    5. #5
      Usuario Avatar de th3r0rn
      Registrado
      mar 2010
      Ubicación
      mexico
      Mensajes
      22

      Re: Cuando entro a mi correo Yahoo redirecciona a YIM.COM

      ComboFix 12-11-20.02 - franco.lr 11/22/2012 14:29:03.2.2 - x86
      Microsoft Windows 7 Enterprise 6.1.7601.1.1252.52.1033.18.2021.1087 [GMT -6:00]
      Running from: c:\users\franco.lr\Downloads\ComboFix.exe
      AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
      FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
      SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
      SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Created a new restore point
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-10-22 to 2012-11-22 )))))))))))))))))))))))))))))))
      .
      .
      2012-11-22 20:41 . 2012-11-22 20:41 -------- d-----w- c:\users\password\AppData\Local\temp
      2012-11-22 20:41 . 2012-11-22 20:41 -------- d-----w- c:\users\luis\AppData\Local\temp
      2012-11-22 20:41 . 2012-11-22 20:41 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-11-22 20:41 . 2012-11-22 20:41 -------- d-----w- c:\users\correa.c.7\AppData\Local\temp
      2012-11-22 20:41 . 2012-11-22 20:41 -------- d-----w- c:\users\Administrator\AppData\Local\temp
      2012-11-22 19:37 . 2012-11-22 19:37 -------- d-----w- c:\users\franco.lr\AppData\Roaming\GlarySoft
      2012-11-22 19:18 . 2012-11-22 19:18 -------- d-----w- c:\program files\Glary Utilities
      2012-11-21 19:56 . 2012-11-21 19:56 -------- d-----w- c:\program files\ESET
      2012-11-16 21:59 . 2012-06-29 15:57 379904 ----a-w- c:\windows\system32\XRXCWWJT_localspl.dll
      2012-11-16 21:59 . 2012-06-29 15:56 395776 ----a-w- c:\windows\system32\XRXCWWJT_usbmon.dll
      2012-11-15 17:07 . 2012-11-15 17:07 -------- d-----w- c:\program files\CCleaner
      2012-11-15 14:19 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
      2012-11-15 14:19 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
      2012-11-15 14:10 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll
      2012-11-01 21:07 . 2012-11-01 21:01 96601 ----a-w- c:\windows\net.exe
      2012-10-26 17:39 . 2012-10-26 17:39 -------- d-----w- c:\program files\NuGet 1.2
      2012-10-25 20:07 . 2012-10-25 20:07 -------- d-----w- c:\programdata\VS
      2012-10-25 19:57 . 2012-10-25 19:57 -------- d-----w- c:\program files\Microsoft
      2012-10-25 17:56 . 2012-10-25 17:56 -------- d-----w- c:\users\franco.lr\AppData\Local\Xerox
      2012-10-25 17:51 . 2012-10-25 17:51 -------- d-----w- c:\program files\Common Files\Xerox
      2012-10-25 17:51 . 2012-06-29 15:57 379904 ----a-w- c:\windows\system32\XRXCWWJT_tcpmon.dll
      2012-10-25 17:51 . 2012-10-25 17:51 -------- d-----w- c:\program files\Common Files\Xerox Logging
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-11-22 17:19 . 2011-11-01 18:37 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
      2012-11-01 18:51 . 2012-04-09 15:10 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
      2012-11-01 18:51 . 2011-11-01 19:04 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
      2012-10-26 17:39 . 2011-11-08 20:33 2556608 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\3082\ResourceCache.dll
      2012-09-30 01:54 . 2012-01-20 20:24 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
      @="{C5994560-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
      @="{C5994561-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
      @="{C5994562-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
      @="{C5994563-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
      @="{C5994564-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
      @="{C5994565-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
      @="{C5994566-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
      @="{C5994567-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
      @="{C5994568-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-21 719672]
      "Facebook Update"="c:\users\franco.lr\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
      "googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
      "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2011-09-16 63048]
      "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
      "Communicator"="c:\program files\Microsoft Lync\communicator.exe" [2012-02-28 12071200]
      "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
      "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 3080264]
      .
      c:\users\franco.lr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      "EnableLinkedConnections"= 1 (0x1)
      .
      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
      "DisallowCpl"= 1 (0x1)
      .
      [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
      "HideSCAHealth"= 1 (0x1)
      "DisallowCpl"= 1 (0x1)
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
      2012-07-31 11:20 38872 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
      2011-09-01 22:47 90448 ----a-w- c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
      2012-01-17 16:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
      .
      R2 JobTrigger;JobTrigger;c:\windows\system32\JobTrigger.exe [x]
      R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
      R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
      R2 MsDtsServer100;SQL Server Integration Services 10.0;c:\program files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [x]
      R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [x]
      R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
      R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys [x]
      R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
      R3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [x]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
      R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
      R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\DRIVERS\terminpt.sys [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\DRIVERS\TsUsbGD.sys [x]
      R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
      R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
      R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [x]
      R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
      R4 RsFx0102;RsFx0102 Driver;c:\windows\system32\DRIVERS\RsFx0102.sys [x]
      R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
      R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
      S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
      S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
      S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
      S2 Apache2.2;Apache2.2;c:\appserv\Apache2.2\bin\httpd.exe [x]
      S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
      S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
      S2 iReport;iReport;c:\program files\iReport\iReport Client\iReport.exe [x]
      S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [x]
      S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]
      S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
      S2 workspace;workspace;c:\program files\Marimba\Castanet Tuner\Tuner.exe [x]
      S2 XrxXgsPrintAgent;Xerox Print Agent;c:\program files\Xerox\Xerox Print Agent\PlatformFiles\AgentService.exe [x]
      S3 Mandiant_Tools;Mandiant_Tools;c:\programdata\Application Data\iReport\mktools.sys [x]
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-11-22 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 18:51]
      .
      2012-11-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1573535808-330910908-1264475144-88728Core.job
      - c:\users\franco.lr\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-07 22:57]
      .
      2012-11-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1573535808-330910908-1264475144-88728UA.job
      - c:\users\franco.lr\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-07 22:57]
      .
      2012-11-22 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files\Glary Utilities\initialize.exe [2012-11-22 18:45]
      .
      2012-11-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1573535808-330910908-1264475144-88728Core.job
      - c:\users\franco.lr\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-01 18:45]
      .
      2012-11-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1573535808-330910908-1264475144-88728UA.job
      - c:\users\franco.lr\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-01 18:45]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://valp-page.la.pg.com/reportes_sys/asp/index1.asp?tipo=maple
      uInternet Settings,ProxyServer = autoproxy.pg.com:8080
      IE: &Enviar a OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
      IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
      Trusted Zone: archer-tech.com
      Trusted Zone: bechtle.com
      Trusted Zone: benefitsweb.com
      Trusted Zone: box.com
      Trusted Zone: box.net
      Trusted Zone: boxcloud.com
      Trusted Zone: buckandhickman.com
      Trusted Zone: cexp.com
      Trusted Zone: conrad.de
      Trusted Zone: corporateexpress.co.uk
      Trusted Zone: corporateexpress.fr
      Trusted Zone: dataswetsconnect.com
      Trusted Zone: editorialcontentexchange.com
      Trusted Zone: egencia.ca
      Trusted Zone: egencia.com
      Trusted Zone: ehowe.com
      Trusted Zone: elateral.com
      Trusted Zone: electrocomponents.com
      Trusted Zone: erelief.to
      Trusted Zone: eway.ca
      Trusted Zone: festo.com
      Trusted Zone: fieldglass.net
      Trusted Zone: gaerner.de
      Trusted Zone: globoforce.com
      Trusted Zone: globoforce.net
      Trusted Zone: grainger.com
      Trusted Zone: greenham.com
      Trusted Zone: hoffmann-group.com
      Trusted Zone: hubspan.net
      Trusted Zone: iesa.co.uk
      Trusted Zone: imes.be
      Trusted Zone: inxpo.com
      Trusted Zone: joneslanglasalle.com
      Trusted Zone: kroschke.com
      Trusted Zone: lyreco.com
      Trusted Zone: merck.de
      Trusted Zone: motionmro.com
      Trusted Zone: mymro.com
      Trusted Zone: net-library.de
      Trusted Zone: nielsen.com
      Trusted Zone: officedepot.co.uk
      Trusted Zone: overtoom.nl
      Trusted Zone: pg.com\esupport
      Trusted Zone: pomeroy.com
      Trusted Zone: quickbase.com\pg
      Trusted Zone: routeco.com
      Trusted Zone: sap-ag.de
      Trusted Zone: schweitzer-online.de
      Trusted Zone: sigmaaldrich.com
      Trusted Zone: smartforce.com
      Trusted Zone: smartforce.com\www
      Trusted Zone: spigit.com\pg
      Trusted Zone: staplesadvantage.fr
      Trusted Zone: swets.nl
      Trusted Zone: symphonyplm.com
      Trusted Zone: tanomail.com
      Trusted Zone: thepsc.com\pg
      Trusted Zone: totalinformation.com
      Trusted Zone: vwr.com
      Trusted Zone: vwrsp.com
      Trusted Zone: webex.com
      Trusted Zone: webexeu.com
      Trusted Zone: archer-tech.com
      Trusted Zone: bechtle.com
      Trusted Zone: benefitsweb.com
      Trusted Zone: box.com
      Trusted Zone: box.net
      Trusted Zone: boxcloud.com
      Trusted Zone: buckandhickman.com
      Trusted Zone: cexp.com
      Trusted Zone: conrad.de
      Trusted Zone: corporateexpress.co.uk
      Trusted Zone: corporateexpress.fr
      Trusted Zone: dataswetsconnect.com
      Trusted Zone: editorialcontentexchange.com
      Trusted Zone: egencia.ca
      Trusted Zone: egencia.com
      Trusted Zone: ehowe.com
      Trusted Zone: elateral.com
      Trusted Zone: electrocomponents.com
      Trusted Zone: erelief.to
      Trusted Zone: eway.ca
      Trusted Zone: festo.com
      Trusted Zone: fieldglass.net
      Trusted Zone: gaerner.de
      Trusted Zone: globoforce.com
      Trusted Zone: globoforce.net
      Trusted Zone: grainger.com
      Trusted Zone: greenham.com
      Trusted Zone: hoffmann-group.com
      Trusted Zone: hubspan.net
      Trusted Zone: iesa.co.uk
      Trusted Zone: imes.be
      Trusted Zone: inxpo.com
      Trusted Zone: joneslanglasalle.com
      Trusted Zone: kroschke.com
      Trusted Zone: lyreco.com
      Trusted Zone: merck.de
      Trusted Zone: motionmro.com
      Trusted Zone: mymro.com
      Trusted Zone: net-library.de
      Trusted Zone: nielsen.com
      Trusted Zone: officedepot.co.uk
      Trusted Zone: overtoom.nl
      Trusted Zone: pg.com\esupport
      Trusted Zone: pomeroy.com
      Trusted Zone: quickbase.com\pg
      Trusted Zone: routeco.com
      Trusted Zone: sap-ag.de
      Trusted Zone: schweitzer-online.de
      Trusted Zone: sigmaaldrich.com
      Trusted Zone: smartforce.com
      Trusted Zone: spigit.com\pg
      Trusted Zone: staplesadvantage.fr
      Trusted Zone: swets.nl
      Trusted Zone: symphonyplm.com
      Trusted Zone: tanomail.com
      Trusted Zone: thepsc.com\pg
      Trusted Zone: totalinformation.com
      Trusted Zone: vwr.com
      Trusted Zone: vwrsp.com
      Trusted Zone: webex.com
      Trusted Zone: webexeu.com
      TCP: DhcpNameServer = 192.44.120.10 143.26.128.29 192.44.212.206
      DPF: iLO 2 Remote Console Applet - hxxps://155.127.71.110/dvc.cab
      DPF: {C3CBFE35-9BE8-11D1-B31B-006008948294} - hxxp://www.timevision.com/codebase30/OrgPubX.cab
      .
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mysql]
      "ImagePath"="c:\appserv\MySQL\bin\mysqld-nt --defaults-file=c:\appserv\MySQL\my.ini mysql"
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2012-11-22 14:43:26
      ComboFix-quarantined-files.txt 2012-11-22 20:43
      ComboFix2.txt 2012-11-22 20:00
      .
      Pre-Run: 88,039,440,384 bytes free
      Post-Run: 87,977,242,624 bytes free
      .
      - - End Of File - - 1BC06439ED3AAB774549806545432942

    6. #6
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Cuando entro a mi correo Yahoo redirecciona a YIM.COM

      Hola

      Algo No anda bien compañero ...

      Conoces estas Direcciones IP que aparecen en Tu reporte ??? Son de USA

      192.44.120.10

      143.26.128.29

      192.44.212.206



      Descargá OTL By OldTimer





      >>> Ejecutá OTL
      • Cerrá todos programas que tengas abiertos y Hacé doble click en el ícono de OTL para ejecutarlo.
      • Dejalo correr sin interrumpirlo asta que termine el Análisis.
      • Cuando la interfaz aparesca, solo debes cambiar Abajo de: "Tipo de Análisis" poniendo Resultado Minimo.
      • Marcá las opciones: Buscar LOP y Buscar Purity.
      • Marcá las Opciones Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
      • Pegá el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:

        NOTA: No copiar la palabra Cita.
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presioná el boton .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos aparecerán grabados en el mismo lugar OTL.exe fue descargado.
      • Copiá y pegá el contenido del archivo OTL.txt en tu próxima respuesta.




      Saludos
      Última edición por @Leosolari fecha: 22/11/12 a las 17:15:33
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    7. #7
      Usuario Avatar de th3r0rn
      Registrado
      mar 2010
      Ubicación
      mexico
      Mensajes
      22

      Re: Cuando entro a mi correo Yahoo redirecciona a YIM.COM

      Este es el OTL.TXT
      OTL.TXT - Pastebin.com
      Este es el Extras.txt
      Extras.txt - Pastebin.com

      Lo puse en paste porque no me deja el foro ponerlo

    8. #8
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Cuando entro a mi correo Yahoo redirecciona a YIM.COM

      Hola de Nuevo


      Pasá por este Link y hacé exactamente lo que ahi se te indica con la Herramienta N-Repair.exe by @Infospyware



      Esto va a Reiniciar Tu Ordenador.





      Ejecutá OTL.exe


      Copiá y Pegá el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación



      :OTL
      DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
      DRV - (mbr) -- C:\ComboFix\mbr.sys File not found
      DRV - (catchme) -- C:\Users\franco.lr\AppData\Local\Temp\catchme.sys File not found
      O4 - HKCU..\Run: [Facebook Update] C:\Users\franco.lr\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O15 - HKLM\..Trusted Domains: archer-tech.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: archer-tech.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: bechtle.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: bechtle.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: benefitsweb.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: benefitsweb.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: box.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: box.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: box.net ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: box.net ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: boxcloud.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: boxcloud.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: buckandhickman.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: buckandhickman.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: cexp.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: cexp.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: conrad.de ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: conrad.de ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: corporateexpress.co.uk ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: corporateexpress.co.uk ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: corporateexpress.fr ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: corporateexpress.fr ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: dataswetsconnect.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: dataswetsconnect.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: editorialcontentexchange.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: editorialcontentexchange.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: egencia.ca ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: egencia.ca ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: egencia.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: egencia.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: ehowe.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: ehowe.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: elateral.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: elateral.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: electrocomponents.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: electrocomponents.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: erelief.to ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: erelief.to ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: eway.ca ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: eway.ca ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: festo.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: festo.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: fieldglass.net ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: fieldglass.net ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: gaerner.de ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: gaerner.de ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: gillette.com ([]* in Local intranet)
      O15 - HKLM\..Trusted Domains: globoforce.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: globoforce.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: globoforce.net ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: globoforce.net ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: grainger.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: grainger.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: greenham.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: greenham.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: hoffmann-group.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: hoffmann-group.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: hubspan.net ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: hubspan.net ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: iesa.co.uk ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: iesa.co.uk ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: imes.be ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: imes.be ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: inxpo.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: inxpo.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: joneslanglasalle.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: joneslanglasalle.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: kroschke.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: kroschke.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: lyreco.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: lyreco.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: merck.de ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: merck.de ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: motionmro.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: motionmro.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: mymro.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: mymro.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: net-library.de ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: net-library.de ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: nielsen.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: nielsen.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: officedepot.co.uk ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: officedepot.co.uk ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: overtoom.nl ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: overtoom.nl ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: pg.com ([]* in Local intranet)
      O15 - HKLM\..Trusted Domains: pg.com ([esupport] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: pg.com ([esupport] https in Trusted sites)
      O15 - HKLM\..Trusted Domains: pomeroy.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: pomeroy.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: quickbase.com ([pg] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: quickbase.com ([pg] https in Trusted sites)
      O15 - HKLM\..Trusted Domains: routeco.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: routeco.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: sap-ag.de ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: sap-ag.de ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: schweitzer-online.de ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: schweitzer-online.de ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: sigmaaldrich.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: sigmaaldrich.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: smartforce.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: smartforce.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: spigit.com ([pg] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: spigit.com ([pg] https in Trusted sites)
      O15 - HKLM\..Trusted Domains: staplesadvantage.fr ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: staplesadvantage.fr ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: swets.nl ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: swets.nl ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: symphonyplm.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: symphonyplm.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: tanomail.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: tanomail.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: thepsc.com ([pg] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: thepsc.com ([pg] https in Trusted sites)
      O15 - HKLM\..Trusted Domains: totalinformation.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: totalinformation.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: vwr.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: vwr.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: vwrsp.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: vwrsp.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: webex.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: webex.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: webexeu.com ([]http in Trusted sites)
      O15 - HKLM\..Trusted Domains: webexeu.com ([]https in Trusted sites)
      O15 - HKLM\..Trusted Domains: wella.com ([]* in Local intranet)
      O15 - HKCU\..Trusted Domains: archer-tech.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: archer-tech.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: bechtle.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: bechtle.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: benefitsweb.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: benefitsweb.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: box.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: box.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: box.net ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: box.net ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: boxcloud.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: boxcloud.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: buckandhickman.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: buckandhickman.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: cexp.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: cexp.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: conrad.de ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: conrad.de ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: corporateexpress.co.uk ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: corporateexpress.co.uk ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: corporateexpress.fr ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: corporateexpress.fr ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: dataswetsconnect.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: dataswetsconnect.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: editorialcontentexchange.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: editorialcontentexchange.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: egencia.ca ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: egencia.ca ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: egencia.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: egencia.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: ehowe.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: ehowe.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: elateral.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: elateral.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: electrocomponents.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: electrocomponents.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: erelief.to ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: erelief.to ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: eway.ca ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: eway.ca ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: festo.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: festo.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: fieldglass.net ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: fieldglass.net ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: gaerner.de ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: gaerner.de ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: gillette.com ([]* in Local intranet)
      O15 - HKCU\..Trusted Domains: globoforce.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: globoforce.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: globoforce.net ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: globoforce.net ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: grainger.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: grainger.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: greenham.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: greenham.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: hoffmann-group.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: hoffmann-group.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: hubspan.net ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: hubspan.net ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: iesa.co.uk ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: iesa.co.uk ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: imes.be ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: imes.be ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: inxpo.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: inxpo.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: joneslanglasalle.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: joneslanglasalle.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: kroschke.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: kroschke.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: lyreco.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: lyreco.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: merck.de ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: merck.de ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: motionmro.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: motionmro.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: mymro.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: mymro.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: net-library.de ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: net-library.de ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: nielsen.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: nielsen.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: officedepot.co.uk ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: officedepot.co.uk ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: overtoom.nl ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: overtoom.nl ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: pg.com ([]* in Local intranet)
      O15 - HKCU\..Trusted Domains: pg.com ([esupport] http in Trusted sites)
      O15 - HKCU\..Trusted Domains: pg.com ([esupport] https in Trusted sites)
      O15 - HKCU\..Trusted Domains: pomeroy.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: pomeroy.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: quickbase.com ([pg] http in Trusted sites)
      O15 - HKCU\..Trusted Domains: quickbase.com ([pg] https in Trusted sites)
      O15 - HKCU\..Trusted Domains: routeco.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: routeco.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: sap-ag.de ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: sap-ag.de ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: schweitzer-online.de ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: schweitzer-online.de ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: sigmaaldrich.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: sigmaaldrich.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: smartforce.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: smartforce.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: smartforce.com ([www] http in Trusted sites)
      O15 - HKCU\..Trusted Domains: spigit.com ([pg] http in Trusted sites)
      O15 - HKCU\..Trusted Domains: spigit.com ([pg] https in Trusted sites)
      O15 - HKCU\..Trusted Domains: staplesadvantage.fr ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: staplesadvantage.fr ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: swets.nl ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: swets.nl ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: symphonyplm.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: symphonyplm.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: tanomail.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: tanomail.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: thepsc.com ([pg] http in Trusted sites)
      O15 - HKCU\..Trusted Domains: thepsc.com ([pg] https in Trusted sites)
      O15 - HKCU\..Trusted Domains: totalinformation.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: totalinformation.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: vwr.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: vwr.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: vwrsp.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: vwrsp.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: webex.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: webex.com ([]https in Trusted sites)
      O15 - HKCU\..Trusted Domains: webexeu.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: webexeu.com ([]https in Trusted sites)
      [2011/11/16 09:50:14 | 000,000,000 | ---D | M] -- C:\Users\franco.lr\AppData\Roaming\pdfforge
      @Alternate Data Stream - 254 bytes -> C:\ProgramData\TEMP:8927A071
      :Files
      ipconfig /flushdns /c
      :Commands
      [PURITY]
      [EMPTYTEMP]
      [EMPTYFLASH]
      [RESETHOSTS]

      Presioná el Boton Reparar para lanzar la eliminación. Presionas OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.


      Guardas el nuevo reporte generado. Lo copias y pegas en Tu próxima respuesta y nos comentas como sigue el ordenador ahora.





      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    9. #9
      Usuario Avatar de th3r0rn
      Registrado
      mar 2010
      Ubicación
      mexico
      Mensajes
      22

      Re: Cuando entro a mi correo Yahoo redirecciona a YIM.COM

      Hola,
      Aqui el reporte, y sobre las ips que me preguntaste creo que una era mi ip antes de reiniciar, Yo estoy en Mexico pero estoy conectado en una intranet de CINCINATI USA y el windows que uso es un windows modificado que se manda hacer con microsoft, incluye varias cosas que otros no, entre ella debe de haber software que manda informacion a los servidores de usa u otras cosas, de hecho puedo instalar aplicaciones de escritorio desde una web de la empresa en la que buscas la aplicacion, le das instalar y aparece como por arte de magia en la maquina D: asi como office u otras
      #################################N-Repair By Infospyware

      Información del sistema operativo: WIN_7 - X86 - Service Pack 1
      Hora del sistema: 17:13:57 \\\ 22/11/2012
      Privilegios: franco.lr - (ADMINISTRADOR)


      ============================================ VALORES ANTES DE LA RESTAURACIÓN ===============================

      AeLookupSvc
      CertPropSvc
      SCPolicySvc
      lanmanserver
      gpsvc
      IKEEXT
      AudioSrv
      FastUserSwitchingCompatibility
      Ias
      Irmon
      Nla
      Ntmssvc
      NWCWorkstation
      Nwsapagent
      Rasauto
      Rasman
      Remoteaccess
      SENS
      Sharedaccess
      SRService
      Tapisrv
      Wmi
      WmdmPmSp
      TermService
      wuauserv
      BITS
      ShellHWDetection
      LogonHours
      PCAudit
      helpsvc
      uploadmgr
      iphlpsvc
      seclogon
      AppInfo
      msiscsi
      MMCSS
      wercplsupport
      EapHost
      ProfSvc
      schedule
      hkmsvc
      SessionEnv
      winmgmt
      browser
      Themes
      BDESVC
      AppMgmt

      ============================================ VALORES DESPUÉS DE LA RESTAURACIÓN ===============================

      AeLookupSvc
      AppMgmt
      AppInfo
      AudioSrv
      BDESVC
      BITS
      Browser
      CertPropSvc
      EapHost
      FastUserSwitchingCompatibility
      gpsvc
      helpsvc
      hkmsvc
      Ias
      IKEEXT
      iphlpsvc
      Irmon
      lanmanserver
      LogonHours
      MMCSS
      msiscsi
      Nla
      Ntmssvc
      NWCWorkstation
      Nwsapagent
      PCAudit
      ProfSvc
      Rasauto
      Rasman
      Remoteaccess
      schedule
      SCPolicySvc
      Seclogon
      SENS
      SessionEnv
      Sharedaccess
      ShellHWDetection
      SRService
      Tapisrv
      TermService
      Themes
      uploadmgr
      wercplsupport
      winmgmt
      WmdmPmSp
      Wmi
      wuauserv

    10. #10
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Cuando entro a mi correo Yahoo redirecciona a YIM.COM

      Hola


      Necesito ver el reporte de OTL luego de haber hecho la reparación solicitada en Mi anterior respuesta.


      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    Página 1 de 2 12 ÚltimoÚltimo