• Registrarse
  • Iniciar sesión


  • Página 2 de 2 PrimeroPrimero 12
    Resultados 11 al 14 de 14

    Virus habre pestañas en Firefox

    Hola de nuevo gracias por la ayuda realice lo que e dices péro sigue igual aqui te dejo el log de ComboFix salu2... ComboFix 12-12-23.01 - JAHZ 23/12/2012 18:13:42.7.2 - x64 Microsoft Windows 7 Home ...

    1. #11
      Usuario Avatar de xploit80
      Registrado
      may 2009
      Ubicación
      MEXICO
      Mensajes
      10

      Re: Virus habre pestañas en Firefox

      Hola de nuevo gracias por la ayuda realice lo que e dices péro sigue igual aqui te dejo el log de ComboFix salu2...


      ComboFix 12-12-23.01 - JAHZ 23/12/2012 18:13:42.7.2 - x64
      Microsoft Windows 7 Home Basic 6.1.7601.1.1252.52.3082.18.4008.1324 [GMT -6:00]
      Running from: c:\users\JAHZ\Desktop\ComboFix.exe
      Command switches used :: c:\users\JAHZ\Desktop\CFScript.txt
      SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-11-24 to 2012-12-24 )))))))))))))))))))))))))))))))
      .
      .
      2012-12-24 00:21 . 2012-12-24 00:21 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
      2012-12-24 00:21 . 2012-12-24 00:21 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-12-23 21:56 . 2012-12-23 21:56 -------- d-----w- c:\users\JAHZ\AppData\Roaming\JDownloaderPackages
      2012-12-23 21:53 . 2012-12-23 21:53 -------- d-----w- c:\users\JAHZ\PSafe
      2012-12-23 21:53 . 2012-12-20 00:16 288688 ----a-r- c:\windows\system32\drivers\360FltOEM.sys
      2012-12-23 21:53 . 2012-12-23 21:53 -------- d-----w- c:\programdata\SweetIM
      2012-12-23 21:53 . 2012-12-23 21:53 -------- d-----w- c:\program files (x86)\SweetIM
      2012-12-23 20:50 . 2012-12-23 20:50 31344 ----a-w- c:\windows\system32\drivers\cnnctfy2.sys
      2012-12-23 20:50 . 2012-12-23 20:50 -------- d-----w- c:\program files (x86)\Connectify
      2012-12-23 20:50 . 2012-12-24 00:24 -------- d-----w- c:\programdata\Connectify
      2012-12-23 20:41 . 2012-12-23 20:41 -------- d-----w- c:\program files (x86)\BitTorrent
      2012-12-23 20:41 . 2012-12-23 21:20 -------- d-----w- c:\users\JAHZ\AppData\Roaming\BitTorrent
      2012-12-21 21:26 . 2012-12-21 21:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2012-12-21 21:26 . 2012-09-30 01:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-12-21 21:23 . 2012-12-21 21:23 -------- d-----w- c:\users\JAHZ\AppData\Roaming\GlarySoft
      2012-12-21 21:21 . 2012-12-21 21:21 -------- d-----w- c:\program files (x86)\Glary Utilities
      2012-12-21 06:34 . 2012-12-21 06:35 -------- d-----w- C:\Lop SD
      2012-12-21 06:06 . 2012-12-21 20:11 -------- d-----w- C:\_AT-Destroyer
      2012-12-21 04:16 . 2012-12-21 05:15 -------- d-----w- c:\programdata\PC Tools
      2012-12-21 03:14 . 2012-12-21 03:14 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
      2012-12-18 19:06 . 2012-12-18 19:06 -------- d-----w- c:\users\JAHZ\AppData\Roaming\Malwarebytes
      2012-12-18 19:05 . 2012-12-18 19:05 -------- d-----w- c:\programdata\Malwarebytes
      2012-12-03 01:42 . 2012-12-23 21:53 -------- d-----w- c:\users\JAHZ\Tracing
      2012-11-30 02:45 . 2012-11-30 02:45 -------- d-----w- c:\users\JAHZ\AppData\Local\Facebook
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-12-14 17:37 . 2012-08-21 15:38 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-12-14 17:37 . 2012-08-21 15:38 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-10-02 09:45 . 2012-10-02 09:45 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2012-10-02 09:45 . 2012-10-02 09:45 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
      2012-10-02 09:45 . 2012-10-02 09:19 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
      2012-07-04 21:03 1310040 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
      "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-07-04 1310040]
      .
      [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
      [HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
      [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
      [HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SugarSync"="c:\program files (x86)\SugarSync\SugarSyncManager.exe" [2012-12-13 11179720]
      "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
      "Facebook Update"="c:\users\JAHZ\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-11-30 138096]
      "BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2012-12-23 979352]
      "Connectify"="c:\program files (x86)\Connectify\Connectify.exe" [2012-10-25 4010856]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-06-01 506712]
      "jmekey"="c:\windows\jmesoft\hotkey.exe" [2011-06-08 118784]
      "jmesoft"="c:\windows\jmesoft\ServiceLoader.exe" [2011-03-16 28672]
      "YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
      "YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
      "CLMLServer"="c:\program files (x86)\Lenovo\Power2Go\CLMLSvc.exe" [2009-12-04 103720]
      "UpdateP2GoShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
      "Lenovo Eye Distance System"="c:\program files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe" [2011-04-16 264704]
      "Lenovo Dynamic Brightness System"="c:\program files\Lenovo\Lenovo Brightness System\RunLDBS.exe" [2011-03-19 1746432]
      "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
      "Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2011-07-14 4351712]
      "Fastboot"="c:\program files (x86)\Lenovo\Rapidboot\FBConsole.exe" [2011-12-16 1260128]
      "RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
      "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
      "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
      "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
      "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
      "SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2012-10-04 115032]
      "Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-16 231768]
      .
      c:\users\JAHZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Registro de Product Epson.lnk - c:\users\JAHZ\AppData\Roaming\Leadertech\PowerRegister\Registro de Product Epson.exe [2011-5-19 2548736]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2011-5-12 1211168]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 0 (0x0)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableLUA"= 0 (0x0)
      "EnableUIADesktopToggle"= 0 (0x0)
      "PromptOnSecureDesktop"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "mixer2"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
      @=""
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      .
      R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
      R3 WSDScan;Compatibilidad con digitalización de WSD a través de UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
      R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
      R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
      S0 Fastboot;Fastboot;c:\windows\System32\DRIVERS\Fastboot.sys [2011-12-16 69216]
      S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
      S0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys [2008-04-08 20832]
      S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [2012-12-23 31344]
      S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-23 279616]
      S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe [2012-10-25 65536]
      S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
      S2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-06-09 555392]
      S2 FastbootService;FastbootService;c:\program files (x86)\Lenovo\Rapidboot\FBService.exe [2011-12-16 199264]
      S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-10-25 164008]
      S2 JME Keyboard;JME Keyboard Driver;c:\windows\jmesoft\Service.exe [2011-03-16 32768]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432]
      S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936]
      S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe [2012-01-31 66560]
      S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
      S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-05-12 437288]
      S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys [2011-05-12 89640]
      S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-05-12 39976]
      S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928]
      S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2010-10-29 326760]
      S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-12-03 874088]
      S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
      S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
      S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
      S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
      S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
      S3 VMC412;Vimicro Camera Service VMC412;c:\windows\system32\Drivers\VMC412.sys [2011-03-28 243456]
      .
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-12-23 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-21 17:37]
      .
      2012-12-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3981333000-1667334546-3030813738-1001Core.job
      - c:\users\JAHZ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-30 02:45]
      .
      2012-12-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3981333000-1667334546-3030813738-1001UA.job
      - c:\users\JAHZ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-30 02:45]
      .
      2012-12-24 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files (x86)\Glary Utilities\initialize.exe [2012-12-21 19:10]
      .
      2012-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-17 17:15]
      .
      2012-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-17 17:15]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
      @="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
      [HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
      2012-12-13 04:34 481480 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
      @="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
      [HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
      2012-12-13 04:34 481480 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
      @="{A759AFF6-5851-457D-A540-F4ECED148351}"
      [HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
      2012-12-13 04:34 481480 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
      @="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
      [HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
      2012-12-13 04:34 481480 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-07-28 167704]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-07-28 392472]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2011-07-28 416024]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]
      "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
      "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
      .
      ------- Supplementary Scan -------
      .
      uStart Page = Google
      uLocal Page = c:\windows\system32\blank.htm
      mDefault_Page_URL = hxxp://www.v9.com/?utm_source=b&utm_medium=opc&from=opc&uid=5VPBQ9Z7_ST31000524AS&ts=1345743439
      mStart Page = Google
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: Enviar imagen al dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
      IE: Enviar página al dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
      IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
      TCP: DhcpNameServer = 192.168.1.254
      FF - ProfilePath - c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\
      FF - prefs.js: browser.search.defaulturl - Google
      FF - prefs.js: browser.search.selectedEngine - Google
      FF - ExtSQL: 2012-12-07 00:56; {cb586b55-d548-c4a6-6556-d53c34ba38cc}; c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\extensions\{cb586b55-d548-c4a6-6556-d53c34ba38cc}
      FF - ExtSQL: 2012-12-23 15:55; {EEE6C361-6118-11DC-9C72-001320C79847}; c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-Locked - (no file)
      .
      .
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
      "ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
      "ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
      c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      c:\program files (x86)\Connectify\ConnectifyD.exe
      c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
      c:\windows\SysWOW64\RunDll32.exe
      .
      **************************************************************************
      .
      Completion time: 2012-12-23 18:28:41 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-12-24 00:28
      ComboFix2.txt 2012-12-22 23:55
      ComboFix3.txt 2012-12-21 23:21
      ComboFix4.txt 2012-12-21 05:44
      .
      Pre-Run: 808,431,509,504 bytes libres
      Post-Run: 808,428,769,280 bytes libres
      .
      - - End Of File - - BE484EF9F0C0FF8819500D0D5A88E48E

    2. #12
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Virus habre pestañas en Firefox

      Hola

      Desinstalá CF de la siguiente manera:
      • Ir a Inicio > Ejecutar
      • Escribir lo siguiente: ComboFix /Uninstall como muestra la imagen debajo:

      • Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")



      Si No podes desinstalalrlo asì, Descargá OTC.exe en el escritorio.

      Lo ejecutás y presionás Cleanup para Desinstalar ComboFix y sus carpetas creadas.

      Eso reiniciará tu pc.




      Volves a ejecutar AT-Destroyer y volves con Su Reporte.




      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    3. #13
      Usuario Avatar de xploit80
      Registrado
      may 2009
      Ubicación
      MEXICO
      Mensajes
      10

      Re: Virus habre pestañas en Firefox

      Hola de nuevo perdon por la demora aki dejo mi reporte de AT-Destroyer sabes creo que ahora tambien ya me infecto el Internet Explorer gracias por tu ayuda salu2...


      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 23:46:33 \\\ 26/12/2012
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Mozilla Firefox:17.0.1.4715
      Google Chrome:23.0.1271.97
      Privilegios: JAHZ - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: JAHZ-PC
      Información del sistema operativo:X64-WIN_7-Service Pack 1
      nombre del usuario:JAHZ
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<

      C:\ProgramData\SweetIM\Communicator (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Communicator\conf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Communicator\conf\communicator.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Communicator\Logs (W32/PND.SweetIM)
      C:\ProgramData\SweetIM (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Communicator (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Communicator\Microsoft.VC90.CRT (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Communicator\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Communicator\Microsoft.VC90.CRT\msvcm90.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Communicator\Microsoft.VC90.CRT\msvcp90.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Communicator\Microsoft.VC90.CRT\msvcr90.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Communicator\resources (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Communicator\resources\sqlite (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\conf (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\conf\logger.xml (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\default.xml (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\about.html (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\affid.dat (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\basis.xml (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\bing.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dating.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\find.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\games.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\glitter.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\google.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\help.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\highlight.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\locales.xml (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\music.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\news.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\options.html (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\photos.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\shopping.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\video.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-search.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png (W32/PND.SweetIM)
      C:\Program Files (x86)\SweetIM (W32/PND.SweetIM)
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0 86
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\128.png 86
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\16.png 86
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\48.png 86
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\background.html 86
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\fbsim.js 86
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\logger.js 86
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\main.js 86
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\manifest.json 86
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\messagehandler.js 86
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\mgHelperGCFB.dll 86
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\simapp.js 86
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn 86


      >>>>>> Archivos <<<<<<



      >>>>>> Registro <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar ----> {EEE6C35B-6118-11DC-9C72-001320C79847}


      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\SysWOW64\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://www.v9.com/?utm_source=b&utm_medium=opc&from=opc&uid=5VPBQ9Z7_ST31000524AS&ts=1345743439


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\windows\system32\blank.htm
      Search Page==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_search_url==
      Default_Page_URL==


      HKEY_USERS\S-1-5-21-3981333000-1667334546-3030813738-1001\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\windows\system32\blank.htm
      Search Page==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_search_url==
      Default_Page_URL==


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage_override.buildID", "20121128204232");
      user_pref("browser.startup.homepage_override.mstone", "17.0.1");


      >>>>>> Extensiones Firefox <<<<<<


      C:\Program Files (x86)\{972ce4c6-7e08-4474-a285-3208198ce6fd}

      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\1
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam

      ======== Listado ===========

      [16/10/2012 01:36 p.m.] [21/08/2012 04:15 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Adobe
      [15/10/2012 04:32 p.m.] [15/10/2012 02:07 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Alien Skin
      [22/09/2012 03:42 p.m.] [22/09/2012 03:42 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Antares
      [16/10/2012 12:11 p.m.] [14/09/2012 06:13 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Apple Computer
      [16/10/2012 12:11 p.m.] [16/10/2012 12:11 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Artisteer
      [26/12/2012 11:46 p.m.] [23/12/2012 02:41 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\BitTorrent
      [14/09/2012 08:58 a.m.] [14/09/2012 08:58 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [21/08/2012 04:13 p.m.] [21/08/2012 04:13 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\com.acrobat.createpdf.CreatePDFDesktop
      [21/08/2012 11:36 a.m.] [21/08/2012 11:36 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [23/08/2012 12:38 p.m.] [21/08/2012 10:03 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\CyberLink
      [24/12/2012 02:49 p.m.] [23/08/2012 12:35 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\DAEMON Tools Lite
      [10/10/2012 05:03 p.m.] [21/08/2012 06:11 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\EPSON
      [09/10/2012 11:06 a.m.] [08/10/2012 12:25 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\FontCreator
      [21/12/2012 03:23 p.m.] [21/12/2012 03:23 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\GlarySoft
      [15/10/2012 11:54 a.m.] [15/10/2012 11:54 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\HDRsoft
      [21/08/2012 04:19 p.m.] [21/08/2012 04:19 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Identities
      [21/08/2012 05:21 p.m.] [21/08/2012 05:21 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\InstallShield
      [23/12/2012 03:56 p.m.] [23/12/2012 03:56 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\JDownloaderPackages
      [21/08/2012 04:19 p.m.] [21/08/2012 04:19 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Leadertech
      [10/09/2012 05:09 p.m.] [10/09/2012 05:09 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Lucis
      [21/08/2012 04:15 p.m.] [21/08/2012 04:15 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Macromedia
      [18/12/2012 01:06 p.m.] [18/12/2012 01:06 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Malwarebytes
      [02/12/2012 07:41 p.m.] [21/08/2012 10:16 p.m.] [SDI] C:\Users\JAHZ\AppData\Roaming\Microsoft
      [21/08/2012 10:01 a.m.] [21/08/2012 10:01 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Mozilla
      [10/09/2012 08:08 p.m.] [22/08/2012 03:29 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Nik Software
      [16/10/2012 10:16 a.m.] [16/10/2012 10:15 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Notepad++
      [22/09/2012 03:48 p.m.] [22/09/2012 03:48 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\PACE Anti-Piracy
      C:\Users\JAHZ\AppData\Roaming\Prefs. de formato PNG de Adobe CS6 [AI] 132 bytes ( )
      [11/09/2012 05:26 a.m.] [11/09/2012 05:26 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Rainmeter
      [11/12/2012 02:52 a.m.] [24/08/2012 06:13 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\SoftGrid Client
      [13/09/2012 08:25 p.m.] [13/09/2012 08:25 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
      [23/08/2012 04:52 p.m.] [23/08/2012 04:52 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Stardock
      [24/08/2012 06:13 a.m.] [24/08/2012 06:12 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\TP
      [23/08/2012 04:01 p.m.] [23/08/2012 03:56 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\TuneUp Software
      [26/10/2012 05:34 p.m.] [26/10/2012 05:34 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Unity
      [17/10/2012 04:29 p.m.] [17/10/2012 04:29 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Windows Live Writer
      [21/08/2012 01:08 p.m.] [21/08/2012 01:07 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\WinRAR
      [16/10/2012 12:32 p.m.] [21/08/2012 11:36 a.m.] [D] C:\Program Files (x86)\Adobe
      [16/10/2012 12:17 p.m.] [16/10/2012 12:17 p.m.] [D] C:\Program Files (x86)\Adobe Download Assistant
      [22/08/2012 06:02 p.m.] [22/08/2012 06:02 p.m.] [D] C:\Program Files (x86)\Adobe Media Player
      [15/10/2012 04:25 p.m.] [15/10/2012 02:05 p.m.] [D] C:\Program Files (x86)\Alien Skin
      [17/05/2012 12:17 p.m.] [17/05/2012 12:17 p.m.] [D] C:\Program Files (x86)\Amazon
      [22/09/2012 04:19 p.m.] [22/09/2012 03:42 p.m.] [D] C:\Program Files (x86)\Antares Audio Technologies
      [13/09/2012 10:07 p.m.] [13/09/2012 10:07 p.m.] [D] C:\Program Files (x86)\Apple Software Update
      [29/10/2012 11:43 p.m.] [29/10/2012 11:43 p.m.] [D] C:\Program Files (x86)\ArdfryImaging
      [23/12/2012 02:41 p.m.] [23/12/2012 02:41 p.m.] [D] C:\Program Files (x86)\BitTorrent
      [17/05/2012 10:57 a.m.] [17/05/2012 10:57 a.m.] [D] C:\Program Files (x86)\Cisco
      [26/12/2012 10:26 p.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Common Files
      [23/12/2012 02:50 p.m.] [23/12/2012 02:50 p.m.] [D] C:\Program Files (x86)\Connectify
      [17/05/2012 12:10 p.m.] [17/05/2012 12:10 p.m.] [D] C:\Program Files (x86)\Cyberlink
      [23/08/2012 12:36 p.m.] [23/08/2012 12:36 p.m.] [D] C:\Program Files (x86)\DAEMON Tools Lite
      C:\Program Files (x86)\desktop.ini [HSA] 174 bytes( 0)
      [17/05/2012 10:55 a.m.] [17/05/2012 10:55 a.m.] [D] C:\Program Files (x86)\Dolby Advanced Audio v2
      [21/08/2012 05:54 p.m.] [21/08/2012 05:18 p.m.] [D] C:\Program Files (x86)\epson
      [21/08/2012 05:56 p.m.] [21/08/2012 05:20 p.m.] [D] C:\Program Files (x86)\Epson Software
      [21/12/2012 03:21 p.m.] [21/12/2012 03:21 p.m.] [D] C:\Program Files (x86)\Glary Utilities
      [22/08/2012 02:32 a.m.] [17/05/2012 12:15 p.m.] [D] C:\Program Files (x86)\Google
      [12/09/2012 09:53 a.m.] [17/05/2012 10:52 a.m.] [HD] C:\Program Files (x86)\InstallShield Installation Information
      [17/05/2012 10:54 a.m.] [17/05/2012 10:54 a.m.] [D] C:\Program Files (x86)\Intel
      [22/09/2012 03:43 p.m.] [22/09/2012 03:43 p.m.] [D] C:\Program Files (x86)\InterLok
      [13/09/2012 10:08 p.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Internet Explorer
      [17/05/2012 10:58 a.m.] [17/05/2012 10:58 a.m.] [D] C:\Program Files (x86)\ITE
      [02/10/2012 04:45 a.m.] [02/10/2012 04:19 a.m.] [D] C:\Program Files (x86)\Java
      [25/12/2012 08:18 p.m.] [21/08/2012 11:17 a.m.] [D] C:\Program Files (x86)\JDownloader
      [17/05/2012 12:20 p.m.] [17/05/2012 10:52 a.m.] [D] C:\Program Files (x86)\Lenovo
      [17/05/2012 12:18 p.m.] [17/05/2012 12:18 p.m.] [D] C:\Program Files (x86)\Lenovo Registration
      [21/12/2012 03:26 p.m.] [21/12/2012 03:26 p.m.] [D] C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [23/08/2012 08:07 a.m.] [17/05/2012 12:06 p.m.] [D] C:\Program Files (x86)\McAfee
      [24/08/2012 06:13 a.m.] [24/08/2012 06:13 a.m.] [D] C:\Program Files (x86)\Microsoft Application Virtualization Client
      [24/08/2012 06:13 a.m.] [17/05/2012 12:05 p.m.] [D] C:\Program Files (x86)\Microsoft Office
      [26/12/2012 05:12 p.m.] [26/12/2012 05:12 p.m.] [D] C:\Program Files (x86)\Microsoft Silverlight
      [17/05/2012 12:25 p.m.] [17/05/2012 12:25 p.m.] [D] C:\Program Files (x86)\Microsoft SQL Server Compact Edition
      [17/05/2012 11:01 a.m.] [17/05/2012 11:01 a.m.] [D] C:\Program Files (x86)\Microsoft.NET
      [20/12/2012 09:14 p.m.] [05/12/2012 08:24 p.m.] [D] C:\Program Files (x86)\Mozilla Firefox
      [20/12/2012 09:14 p.m.] [20/12/2012 09:14 p.m.] [D] C:\Program Files (x86)\Mozilla Maintenance Service
      [14/07/2009 12:32 a.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\MSBuild
      [14/09/2012 08:16 a.m.] [14/09/2012 08:16 a.m.] [D] C:\Program Files (x86)\My Company Name
      [16/10/2012 10:15 a.m.] [16/10/2012 10:15 a.m.] [D] C:\Program Files (x86)\Notepad++
      [13/09/2012 10:08 p.m.] [22/08/2012 05:55 p.m.] [D] C:\Program Files (x86)\QuickTime
      [17/05/2012 10:58 a.m.] [17/05/2012 10:55 a.m.] [D] C:\Program Files (x86)\Realtek
      [17/05/2012 10:57 a.m.] [17/05/2012 10:57 a.m.] [D] C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver
      [18/10/2012 12:52 p.m.] [18/10/2012 12:52 p.m.] [D] C:\Program Files (x86)\Red Sky
      [14/07/2009 12:32 a.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Reference Assemblies
      [07/09/2012 01:01 p.m.] [23/08/2012 06:46 p.m.] [D] C:\Program Files (x86)\RocketDock
      [23/08/2012 08:02 p.m.] [23/08/2012 06:20 p.m.] [D] C:\Program Files (x86)\Stardock
      [21/12/2012 12:11 a.m.] [17/05/2012 12:18 p.m.] [D] C:\Program Files (x86)\SugarSync
      [22/08/2012 05:55 p.m.] [22/08/2012 05:55 p.m.] [D] C:\Program Files (x86)\TechSmith
      [17/05/2012 10:55 a.m.] [17/05/2012 10:55 a.m.] [HD] C:\Program Files (x86)\Temp
      [10/09/2012 02:26 p.m.] [10/09/2012 01:34 p.m.] [D] C:\Program Files (x86)\Topaz Labs
      [20/09/2012 10:15 a.m.] [20/09/2012 10:14 a.m.] [D] C:\Program Files (x86)\Total Video Converter
      [13/07/2009 11:57 p.m.] [13/07/2009 11:57 p.m.] [HD] C:\Program Files (x86)\Uninstall Information
      [17/05/2012 10:58 a.m.] [17/05/2012 10:58 a.m.] [D] C:\Program Files (x86)\Vimicro Corporation
      [24/08/2012 04:25 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Defender
      [17/05/2012 12:25 p.m.] [17/05/2012 12:24 p.m.] [D] C:\Program Files (x86)\Windows Live
      [24/08/2012 04:25 p.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Windows Mail
      [24/08/2012 04:25 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Media Player
      [14/07/2009 12:32 a.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Windows NT
      [24/08/2012 04:25 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Photo Viewer
      [20/11/2010 09:31 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Portable Devices
      [24/08/2012 04:25 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Sidebar
      [21/08/2012 01:07 p.m.] [21/08/2012 01:07 p.m.] [D] C:\Program Files (x86)\WinRAR
      [12/09/2012 09:53 a.m.] [12/09/2012 09:53 a.m.] [D] C:\Program Files (x86)\Xara
      [07/09/2012 01:01 p.m.] [23/08/2012 07:11 p.m.] [D] C:\Program Files (x86)\Yahoo!
      [29/11/2012 05:52 p.m.] [21/08/2012 10:35 a.m.] [DI] C:\ProgramData\Adobe
      [15/10/2012 04:25 p.m.] [15/10/2012 02:05 p.m.] [DI] C:\ProgramData\Alien Skin
      [13/09/2012 08:16 p.m.] [13/09/2012 08:16 p.m.] [DI] C:\ProgramData\ALM
      [13/09/2012 10:07 p.m.] [13/09/2012 10:07 p.m.] [DI] C:\ProgramData\Apple
      [13/09/2012 10:11 p.m.] [13/09/2012 10:08 p.m.] [DI] C:\ProgramData\Apple Computer
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Application Data
      [23/08/2012 03:59 p.m.] [23/08/2012 03:59 p.m.] [HD] C:\ProgramData\Common Files
      [23/12/2012 06:24 p.m.] [23/12/2012 02:50 p.m.] [DI] C:\ProgramData\Connectify
      [21/08/2012 10:26 a.m.] [17/05/2012 12:10 p.m.] [DI] C:\ProgramData\CyberLink
      [23/08/2012 12:35 p.m.] [23/08/2012 12:35 p.m.] [DI] C:\ProgramData\DAEMON Tools Lite
      [21/08/2012 10:16 p.m.] [21/08/2012 10:16 p.m.] [HSDLI] C:\ProgramData\Datos de programa
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Desktop
      [21/08/2012 10:16 p.m.] [21/08/2012 10:16 p.m.] [HSDLI] C:\ProgramData\Documentos
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Documents
      [21/08/2012 05:57 p.m.] [21/08/2012 05:21 p.m.] [DI] C:\ProgramData\EPSON
      [21/08/2012 10:16 p.m.] [21/08/2012 10:16 p.m.] [HSDLI] C:\ProgramData\Escritorio
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Favorites
      [21/08/2012 10:16 p.m.] [21/08/2012 10:16 p.m.] [HSDLI] C:\ProgramData\Favoritos
      C:\ProgramData\flashax10.exe [AI] 1.82 MB 0
      [09/10/2012 11:24 a.m.] [09/10/2012 11:24 a.m.] [DI] C:\ProgramData\GFI Software
      [17/05/2012 12:03 p.m.] [17/05/2012 12:03 p.m.] [DI] C:\ProgramData\Intel
      [07/09/2012 09:32 a.m.] [07/09/2012 09:32 a.m.] [DI] C:\ProgramData\Lavasoft
      [10/09/2012 08:10 a.m.] [21/08/2012 10:03 a.m.] [DI] C:\ProgramData\Lenovo
      [10/09/2012 07:20 p.m.] [10/09/2012 04:57 p.m.] [DI] C:\ProgramData\Lucis
      [18/12/2012 01:05 p.m.] [18/12/2012 01:05 p.m.] [DI] C:\ProgramData\Malwarebytes
      [23/08/2012 08:07 a.m.] [17/05/2012 12:05 p.m.] [DI] C:\ProgramData\McAfee
      [21/08/2012 10:16 p.m.] [21/08/2012 10:16 p.m.] [HSDLI] C:\ProgramData\Menú Inicio
      [10/10/2012 08:31 p.m.] [13/07/2009 10:20 p.m.] [SDAI] C:\ProgramData\Microsoft
      [21/08/2012 10:01 a.m.] [21/08/2012 10:01 a.m.] [DI] C:\ProgramData\Mozilla
      [22/08/2012 01:56 p.m.] [22/08/2012 01:06 p.m.] [DI] C:\ProgramData\Nik Software
      [22/09/2012 03:48 p.m.] [22/09/2012 03:48 p.m.] [DI] C:\ProgramData\PACE Anti-Piracy
      [22/08/2012 02:32 a.m.] [17/05/2012 12:17 p.m.] [DI] C:\ProgramData\Partner
      [20/12/2012 11:15 p.m.] [20/12/2012 10:16 p.m.] [DI] C:\ProgramData\PC Tools
      [21/08/2012 10:16 p.m.] [21/08/2012 10:16 p.m.] [HSDLI] C:\ProgramData\Plantillas
      [16/10/2012 12:34 p.m.] [21/08/2012 12:41 p.m.] [DI] C:\ProgramData\regid.1986-12.com.adobe
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Start Menu
      [02/10/2012 04:27 a.m.] [02/10/2012 04:27 a.m.] [DI] C:\ProgramData\Sun
      [22/08/2012 05:55 p.m.] [22/08/2012 05:55 p.m.] [DI] C:\ProgramData\TechSmith
      [20/12/2012 11:16 p.m.] [17/05/2012 12:08 p.m.] [DAI] C:\ProgramData\Temp
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Templates
      [23/08/2012 03:56 p.m.] [23/08/2012 03:55 p.m.] [DI] C:\ProgramData\TuneUp Software
      [21/08/2012 05:57 p.m.] [21/08/2012 05:57 p.m.] [DI] C:\ProgramData\UDL
      [24/08/2012 09:25 a.m.] [24/08/2012 08:24 a.m.] [DI] C:\ProgramData\VirtualizedApplications
      [07/09/2012 01:35 p.m.] [07/09/2012 01:35 p.m.] [DI] C:\ProgramData\{003FC4B1-B5E2-4EF0-A9B3-CCEB0DDC2E93}
      [10/09/2012 01:38 p.m.] [10/09/2012 01:38 p.m.] [HDC] C:\ProgramData\{0C544878-1DB6-409D-A998-0664599014C4}
      [07/09/2012 01:38 p.m.] [07/09/2012 01:38 p.m.] [DI] C:\ProgramData\{170C1966-15F2-48B8-AB1A-1EAAD775C8BE}
      [23/08/2012 03:55 p.m.] [23/08/2012 03:55 p.m.] [HSD] C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
      [10/09/2012 01:35 p.m.] [10/09/2012 01:35 p.m.] [HDC] C:\ProgramData\{33570351-B6F8-4097-AC41-91625CF5D4EF}
      [10/09/2012 01:38 p.m.] [10/09/2012 01:38 p.m.] [HDC] C:\ProgramData\{36DC9A85-0AC4-4BA0-BEDB-99E0F95BA4F1}
      [10/09/2012 01:48 p.m.] [07/09/2012 01:36 p.m.] [HDC] C:\ProgramData\{3C2CC1BA-EC03-48E5-A0EF-A0B455E1343F}
      [10/09/2012 01:47 p.m.] [10/09/2012 01:47 p.m.] [HDC] C:\ProgramData\{447B4BF8-DCC8-4693-A8CD-A6A63F5BC176}
      [07/09/2012 01:35 p.m.] [07/09/2012 01:35 p.m.] [DI] C:\ProgramData\{54B6D04D-4477-4BDA-9A8C-DEB315E0282D}
      [10/09/2012 01:35 p.m.] [10/09/2012 01:35 p.m.] [HDC] C:\ProgramData\{60E17BBA-9D2D-4E1B-BDCF-1D654329EA31}
      [10/09/2012 01:34 p.m.] [10/09/2012 01:34 p.m.] [HDC] C:\ProgramData\{6B992C6A-E6B0-418F-9B21-FE4BF85AD3BE}
      [10/09/2012 01:34 p.m.] [10/09/2012 01:34 p.m.] [HDC] C:\ProgramData\{774331FE-B8E8-4A4B-AFDF-F018F99FB73A}
      [10/09/2012 01:36 p.m.] [10/09/2012 01:36 p.m.] [HDC] C:\ProgramData\{7B507839-38D8-4587-A29F-FE5A5EC55A03}
      [10/09/2012 01:40 p.m.] [10/09/2012 01:40 p.m.] [HDC] C:\ProgramData\{7CAFEB17-971D-44F2-91C0-1EEC4F54E1DB}
      [10/09/2012 01:47 p.m.] [10/09/2012 01:47 p.m.] [HDC] C:\ProgramData\{8331949C-0661-45E0-BDFD-C71C7F94A6E2}
      [10/09/2012 02:04 p.m.] [10/09/2012 02:04 p.m.] [HDC] C:\ProgramData\{83F14D6A-5ACC-47AC-A05D-06D38D1C2C37}
      [10/09/2012 01:50 p.m.] [10/09/2012 01:50 p.m.] [HDC] C:\ProgramData\{86A7919A-1CA3-4459-8124-76C789A6402B}
      [10/09/2012 01:48 p.m.] [10/09/2012 01:48 p.m.] [HDC] C:\ProgramData\{90230F46-BE74-4EE2-8E60-E2EC40A3EF30}
      [10/09/2012 01:37 p.m.] [10/09/2012 01:37 p.m.] [HDC] C:\ProgramData\{961C7791-DF59-4BC0-9DC6-D2A8D3F2B1B5}
      [10/09/2012 01:40 p.m.] [10/09/2012 01:40 p.m.] [HDC] C:\ProgramData\{A3BF8AE0-D933-4056-88A7-28E0C483C866}
      [10/09/2012 01:48 p.m.] [07/09/2012 01:36 p.m.] [HDC] C:\ProgramData\{AA5C05EA-7FB9-4519-BBE2-03ADD8EF0E5D}
      [10/09/2012 01:50 p.m.] [10/09/2012 01:50 p.m.] [HDC] C:\ProgramData\{B9FD5102-2C48-42CD-B063-6558A71C8AF2}
      [10/09/2012 01:48 p.m.] [10/09/2012 01:48 p.m.] [HDC] C:\ProgramData\{C081E8AB-3AD3-4F73-A2C4-BB04BB77DB08}
      [10/09/2012 01:50 p.m.] [10/09/2012 01:50 p.m.] [HDC] C:\ProgramData\{DC2B71D0-028E-4F23-8225-0389D4C70C90}
      [10/09/2012 01:36 p.m.] [10/09/2012 01:36 p.m.] [HDC] C:\ProgramData\{E176482F-0DEA-4B06-9697-D12D614FECB9}
      [10/09/2012 01:50 p.m.] [10/09/2012 01:50 p.m.] [HDC] C:\ProgramData\{E6FD2223-C904-40C1-A119-7C0A8A7FE045}
      [10/09/2012 01:37 p.m.] [10/09/2012 01:37 p.m.] [HDC] C:\ProgramData\{E7058808-8C97-4A08-99A2-015D24FDC13B}
      [10/09/2012 02:05 p.m.] [10/09/2012 02:05 p.m.] [HDC] C:\ProgramData\{F69F5E29-9B96-4F0C-8279-BF131A4ACF53}

      ==================== EOF ==================

    4. #14
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Virus habre pestañas en Firefox

      Hola

      Es que seguis infectando Tu ordenador sin Ningun Tipo de escrùpulos.


      Todas estas infecciones eliminadas por AT-Destroyer NO estaban el 1er pasada, y por lo tanto, te las cargaste en este tiempo en que estamo desinfectando Tu ordenador.


      Es muy dificil trabajar asi, si mientras desinfectamos, seguis infectando.


      Responsabilidad en el uso del ordenador es lo que se necesita.




      Descargá la aplicación AdwCleaner desde este link: AdwCleaner Download

      Clic derecho y ejecutala como Administrador.

      Presioná el Boton Supresión. Cuando termine, volves con su reporte y nos comentas como sigue.




      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    Página 2 de 2 PrimeroPrimero 12