• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 14

    Virus habre pestañas en Firefox

    Hola espero puedan ayudarme tengo win 7 y desde hace unos dias el Firefox se me cuelga, cuando le doy en la flecha retroceder pagina me deja en la misma o despues de un rato ...

    1. #1
      Usuario Avatar de xploit80
      Registrado
      may 2009
      Ubicación
      MEXICO
      Mensajes
      10

      Virus habre pestañas en Firefox

      Hola espero puedan ayudarme tengo win 7 y desde hace unos dias el Firefox se me cuelga, cuando le doy en la flecha retroceder pagina me deja en la misma o despues de un rato me direcciona a la anterior pero tyengo que darle varias veces, se me habren pestañas de publicidad aveces al dar clik sobre algun enlace y tambien me aparece seguido un mensaje de error creo que es de java no recuerdo muy bien que dice que por cierto extrañamente hace 1 hora no me ha salido espero me puedan ayudar y de antemano muchas gracias..

    2. #2
      Usuario Avatar de WarlockSama
      Registrado
      dic 2012
      Ubicación
      Banderbill
      Mensajes
      112

      Re: Virus habre pestañas en Firefox

      Hola. Primero que nada ABREN no HABREN. Usa el AT-Destroyer 2.1 (by InfoSpyware) | InfoSpyware
      Cita Originalmente publicado por Raudron Ver Mensaje
      Descarga >> AT-Destroyer 2.0 (Adwares/Toolbars-Destroyer 2.0) by @Infospyware.
      Desactiva temporalmente el Antivirus y/o Antispyware.
      Ejecuta AT-Destroyer. (Si usas Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador.")
      Aparecerá el Disclaimer, si estás de acuerdo, presiona SI para continuar.
      Presiona sobre la opción Buscar y Destruir para comenzar el escaneo.
      AT-Destroyer desconectará el escritorio momentáneamente, esto es normal.
      Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.(También lo puedes encontrar en C:\AT-Destroyer.log)
      Inmediatamente debes Reiniciar el equipo.

    3. #3
      Usuario Avatar de xploit80
      Registrado
      may 2009
      Ubicación
      MEXICO
      Mensajes
      10

      Re: Virus habre pestañas en Firefox

      Hola de nuevo mi firefox funciona igual no noto cambios gracias por la ayuda aqui dejo el resultado del escaneo con el AT-Destroyer:


      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 14:11:24 \\\ 21/12/2012
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Mozilla Firefox:17.0.1.4715
      Google Chrome:23.0.1271.97
      Privilegios: JAHZ - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: JAHZ-PC
      Información del sistema operativo:X64-WIN_7-Service Pack 1
      nombre del usuario:JAHZ
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<



      >>>>>> Archivos <<<<<<



      >>>>>> Registro <<<<<<



      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\SysWOW64\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://www.v9.com/?utm_source=b&utm_medium=opc&from=opc&uid=5VPBQ9Z7_ST31000524AS&ts=1345743439


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\windows\system32\blank.htm
      Search Page==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_search_url==
      Default_Page_URL==


      HKEY_USERS\S-1-5-21-3981333000-1667334546-3030813738-1001\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\windows\system32\blank.htm
      Search Page==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_search_url==
      Default_Page_URL==


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage", "http://google.com");
      user_pref("browser.startup.homepage_override.buildID", "20121128204232");
      user_pref("browser.startup.homepage_override.mstone", "17.0.1");


      >>>>>> Extensiones Firefox <<<<<<


      C:\Program Files (x86)\{972ce4c6-7e08-4474-a285-3208198ce6fd}

      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\2
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiijkjkpomoikopnhmeamcoanolbcfgg
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam

      ======== Listado ===========

      [16/10/2012 01:36 p.m.] [21/08/2012 04:15 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Adobe
      [15/10/2012 04:32 p.m.] [15/10/2012 02:07 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Alien Skin
      [22/09/2012 03:42 p.m.] [22/09/2012 03:42 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Antares
      [16/10/2012 12:11 p.m.] [14/09/2012 06:13 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Apple Computer
      [16/10/2012 12:11 p.m.] [16/10/2012 12:11 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Artisteer
      [14/09/2012 08:58 a.m.] [14/09/2012 08:58 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [21/08/2012 04:13 p.m.] [21/08/2012 04:13 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\com.acrobat.createpdf.CreatePDFDesktop
      [21/08/2012 11:36 a.m.] [21/08/2012 11:36 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [23/08/2012 12:38 p.m.] [21/08/2012 10:03 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\CyberLink
      [20/12/2012 09:17 p.m.] [23/08/2012 12:35 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\DAEMON Tools Lite
      [10/10/2012 05:03 p.m.] [21/08/2012 06:11 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\EPSON
      [09/10/2012 11:06 a.m.] [08/10/2012 12:25 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\FontCreator
      [15/10/2012 11:54 a.m.] [15/10/2012 11:54 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\HDRsoft
      [21/08/2012 04:19 p.m.] [21/08/2012 04:19 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Identities
      [21/08/2012 05:21 p.m.] [21/08/2012 05:21 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\InstallShield
      [21/08/2012 04:19 p.m.] [21/08/2012 04:19 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Leadertech
      [10/09/2012 05:09 p.m.] [10/09/2012 05:09 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Lucis
      [21/08/2012 04:15 p.m.] [21/08/2012 04:15 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Macromedia
      [18/12/2012 01:06 p.m.] [18/12/2012 01:06 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Malwarebytes
      [02/12/2012 07:41 p.m.] [21/08/2012 10:16 p.m.] [SDI] C:\Users\JAHZ\AppData\Roaming\Microsoft
      [21/08/2012 10:01 a.m.] [21/08/2012 10:01 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Mozilla
      [10/09/2012 08:08 p.m.] [22/08/2012 03:29 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Nik Software
      [16/10/2012 10:16 a.m.] [16/10/2012 10:15 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Notepad++
      [22/09/2012 03:48 p.m.] [22/09/2012 03:48 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\PACE Anti-Piracy
      C:\Users\JAHZ\AppData\Roaming\Prefs. de formato PNG de Adobe CS6 [AI] 132 bytes ( )
      [11/09/2012 05:26 a.m.] [11/09/2012 05:26 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Rainmeter
      [11/12/2012 02:52 a.m.] [24/08/2012 06:13 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\SoftGrid Client
      [13/09/2012 08:25 p.m.] [13/09/2012 08:25 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
      [23/08/2012 04:52 p.m.] [23/08/2012 04:52 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Stardock
      [24/08/2012 06:13 a.m.] [24/08/2012 06:12 a.m.] [DI] C:\Users\JAHZ\AppData\Roaming\TP
      [23/08/2012 04:01 p.m.] [23/08/2012 03:56 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\TuneUp Software
      [26/10/2012 05:34 p.m.] [26/10/2012 05:34 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Unity
      [17/10/2012 04:29 p.m.] [17/10/2012 04:29 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\Windows Live Writer
      [21/08/2012 01:08 p.m.] [21/08/2012 01:07 p.m.] [DI] C:\Users\JAHZ\AppData\Roaming\WinRAR
      [16/10/2012 12:32 p.m.] [21/08/2012 11:36 a.m.] [D] C:\Program Files (x86)\Adobe
      [16/10/2012 12:17 p.m.] [16/10/2012 12:17 p.m.] [D] C:\Program Files (x86)\Adobe Download Assistant
      [22/08/2012 06:02 p.m.] [22/08/2012 06:02 p.m.] [D] C:\Program Files (x86)\Adobe Media Player
      [15/10/2012 04:25 p.m.] [15/10/2012 02:05 p.m.] [D] C:\Program Files (x86)\Alien Skin
      [17/05/2012 12:17 p.m.] [17/05/2012 12:17 p.m.] [D] C:\Program Files (x86)\Amazon
      [22/09/2012 04:19 p.m.] [22/09/2012 03:42 p.m.] [D] C:\Program Files (x86)\Antares Audio Technologies
      [13/09/2012 10:07 p.m.] [13/09/2012 10:07 p.m.] [D] C:\Program Files (x86)\Apple Software Update
      [29/10/2012 11:43 p.m.] [29/10/2012 11:43 p.m.] [D] C:\Program Files (x86)\ArdfryImaging
      [07/12/2012 12:56 a.m.] [07/12/2012 12:56 a.m.] [D] C:\Program Files (x86)\caceco
      [17/05/2012 10:57 a.m.] [17/05/2012 10:57 a.m.] [D] C:\Program Files (x86)\Cisco
      [20/12/2012 11:40 p.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Common Files
      [17/05/2012 12:10 p.m.] [17/05/2012 12:10 p.m.] [D] C:\Program Files (x86)\Cyberlink
      [23/08/2012 12:36 p.m.] [23/08/2012 12:36 p.m.] [D] C:\Program Files (x86)\DAEMON Tools Lite
      C:\Program Files (x86)\desktop.ini [HSA] 174 bytes( 0)
      [17/05/2012 10:55 a.m.] [17/05/2012 10:55 a.m.] [D] C:\Program Files (x86)\Dolby Advanced Audio v2
      [21/08/2012 05:54 p.m.] [21/08/2012 05:18 p.m.] [D] C:\Program Files (x86)\epson
      [21/08/2012 05:56 p.m.] [21/08/2012 05:20 p.m.] [D] C:\Program Files (x86)\Epson Software
      [22/08/2012 02:32 a.m.] [17/05/2012 12:15 p.m.] [D] C:\Program Files (x86)\Google
      [12/09/2012 09:53 a.m.] [17/05/2012 10:52 a.m.] [HD] C:\Program Files (x86)\InstallShield Installation Information
      [17/05/2012 10:54 a.m.] [17/05/2012 10:54 a.m.] [D] C:\Program Files (x86)\Intel
      [22/09/2012 03:43 p.m.] [22/09/2012 03:43 p.m.] [D] C:\Program Files (x86)\InterLok
      [13/09/2012 10:08 p.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Internet Explorer
      [17/05/2012 10:58 a.m.] [17/05/2012 10:58 a.m.] [D] C:\Program Files (x86)\ITE
      [02/10/2012 04:45 a.m.] [02/10/2012 04:19 a.m.] [D] C:\Program Files (x86)\Java
      [20/12/2012 11:14 p.m.] [21/08/2012 11:17 a.m.] [D] C:\Program Files (x86)\JDownloader
      [17/05/2012 12:20 p.m.] [17/05/2012 10:52 a.m.] [D] C:\Program Files (x86)\Lenovo
      [17/05/2012 12:18 p.m.] [17/05/2012 12:18 p.m.] [D] C:\Program Files (x86)\Lenovo Registration
      [23/08/2012 08:07 a.m.] [17/05/2012 12:06 p.m.] [D] C:\Program Files (x86)\McAfee
      [24/08/2012 06:13 a.m.] [24/08/2012 06:13 a.m.] [D] C:\Program Files (x86)\Microsoft Application Virtualization Client
      [24/08/2012 06:13 a.m.] [17/05/2012 12:05 p.m.] [D] C:\Program Files (x86)\Microsoft Office
      [11/10/2012 05:07 p.m.] [17/05/2012 12:22 p.m.] [D] C:\Program Files (x86)\Microsoft Silverlight
      [17/05/2012 12:25 p.m.] [17/05/2012 12:25 p.m.] [D] C:\Program Files (x86)\Microsoft SQL Server Compact Edition
      [17/05/2012 11:01 a.m.] [17/05/2012 11:01 a.m.] [D] C:\Program Files (x86)\Microsoft.NET
      [20/12/2012 09:14 p.m.] [05/12/2012 08:24 p.m.] [D] C:\Program Files (x86)\Mozilla Firefox
      [20/12/2012 09:14 p.m.] [20/12/2012 09:14 p.m.] [D] C:\Program Files (x86)\Mozilla Maintenance Service
      [14/07/2009 12:32 a.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\MSBuild
      [14/09/2012 08:16 a.m.] [14/09/2012 08:16 a.m.] [D] C:\Program Files (x86)\My Company Name
      [16/10/2012 10:15 a.m.] [16/10/2012 10:15 a.m.] [D] C:\Program Files (x86)\Notepad++
      [13/09/2012 10:08 p.m.] [22/08/2012 05:55 p.m.] [D] C:\Program Files (x86)\QuickTime
      [17/05/2012 10:58 a.m.] [17/05/2012 10:55 a.m.] [D] C:\Program Files (x86)\Realtek
      [17/05/2012 10:57 a.m.] [17/05/2012 10:57 a.m.] [D] C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver
      [18/10/2012 12:52 p.m.] [18/10/2012 12:52 p.m.] [D] C:\Program Files (x86)\Red Sky
      [14/07/2009 12:32 a.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Reference Assemblies
      [07/09/2012 01:01 p.m.] [23/08/2012 06:46 p.m.] [D] C:\Program Files (x86)\RocketDock
      [23/08/2012 08:02 p.m.] [23/08/2012 06:20 p.m.] [D] C:\Program Files (x86)\Stardock
      [21/12/2012 12:11 a.m.] [17/05/2012 12:18 p.m.] [D] C:\Program Files (x86)\SugarSync
      [22/08/2012 05:55 p.m.] [22/08/2012 05:55 p.m.] [D] C:\Program Files (x86)\TechSmith
      [17/05/2012 10:55 a.m.] [17/05/2012 10:55 a.m.] [HD] C:\Program Files (x86)\Temp
      [10/09/2012 02:26 p.m.] [10/09/2012 01:34 p.m.] [D] C:\Program Files (x86)\Topaz Labs
      [20/09/2012 10:15 a.m.] [20/09/2012 10:14 a.m.] [D] C:\Program Files (x86)\Total Video Converter
      [13/07/2009 11:57 p.m.] [13/07/2009 11:57 p.m.] [HD] C:\Program Files (x86)\Uninstall Information
      [17/05/2012 10:58 a.m.] [17/05/2012 10:58 a.m.] [D] C:\Program Files (x86)\Vimicro Corporation
      [24/08/2012 04:25 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Defender
      [17/05/2012 12:25 p.m.] [17/05/2012 12:24 p.m.] [D] C:\Program Files (x86)\Windows Live
      [24/08/2012 04:25 p.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Windows Mail
      [24/08/2012 04:25 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Media Player
      [14/07/2009 12:32 a.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Windows NT
      [24/08/2012 04:25 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Photo Viewer
      [20/11/2010 09:31 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Portable Devices
      [24/08/2012 04:25 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Sidebar
      [21/08/2012 01:07 p.m.] [21/08/2012 01:07 p.m.] [D] C:\Program Files (x86)\WinRAR
      [12/09/2012 09:53 a.m.] [12/09/2012 09:53 a.m.] [D] C:\Program Files (x86)\Xara
      [07/09/2012 01:01 p.m.] [23/08/2012 07:11 p.m.] [D] C:\Program Files (x86)\Yahoo!
      [29/11/2012 05:52 p.m.] [21/08/2012 10:35 a.m.] [DI] C:\ProgramData\Adobe
      [15/10/2012 04:25 p.m.] [15/10/2012 02:05 p.m.] [DI] C:\ProgramData\Alien Skin
      [13/09/2012 08:16 p.m.] [13/09/2012 08:16 p.m.] [DI] C:\ProgramData\ALM
      [13/09/2012 10:07 p.m.] [13/09/2012 10:07 p.m.] [DI] C:\ProgramData\Apple
      [13/09/2012 10:11 p.m.] [13/09/2012 10:08 p.m.] [DI] C:\ProgramData\Apple Computer
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Application Data
      [23/08/2012 03:59 p.m.] [23/08/2012 03:59 p.m.] [HD] C:\ProgramData\Common Files
      [21/08/2012 10:26 a.m.] [17/05/2012 12:10 p.m.] [DI] C:\ProgramData\CyberLink
      [23/08/2012 12:35 p.m.] [23/08/2012 12:35 p.m.] [DI] C:\ProgramData\DAEMON Tools Lite
      [21/08/2012 10:16 p.m.] [21/08/2012 10:16 p.m.] [HSDLI] C:\ProgramData\Datos de programa
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Desktop
      [21/08/2012 10:16 p.m.] [21/08/2012 10:16 p.m.] [HSDLI] C:\ProgramData\Documentos
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Documents
      [21/08/2012 05:57 p.m.] [21/08/2012 05:21 p.m.] [DI] C:\ProgramData\EPSON
      [21/08/2012 10:16 p.m.] [21/08/2012 10:16 p.m.] [HSDLI] C:\ProgramData\Escritorio
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Favorites
      [21/08/2012 10:16 p.m.] [21/08/2012 10:16 p.m.] [HSDLI] C:\ProgramData\Favoritos
      C:\ProgramData\flashax10.exe [AI] 1.82 MB 0
      [09/10/2012 11:24 a.m.] [09/10/2012 11:24 a.m.] [DI] C:\ProgramData\GFI Software
      [17/05/2012 12:03 p.m.] [17/05/2012 12:03 p.m.] [DI] C:\ProgramData\Intel
      [07/09/2012 09:32 a.m.] [07/09/2012 09:32 a.m.] [DI] C:\ProgramData\Lavasoft
      [10/09/2012 08:10 a.m.] [21/08/2012 10:03 a.m.] [DI] C:\ProgramData\Lenovo
      [10/09/2012 07:20 p.m.] [10/09/2012 04:57 p.m.] [DI] C:\ProgramData\Lucis
      [18/12/2012 01:05 p.m.] [18/12/2012 01:05 p.m.] [DI] C:\ProgramData\Malwarebytes
      [23/08/2012 08:07 a.m.] [17/05/2012 12:05 p.m.] [DI] C:\ProgramData\McAfee
      [21/08/2012 10:16 p.m.] [21/08/2012 10:16 p.m.] [HSDLI] C:\ProgramData\Menú Inicio
      [10/10/2012 08:31 p.m.] [13/07/2009 10:20 p.m.] [SDAI] C:\ProgramData\Microsoft
      [21/08/2012 10:01 a.m.] [21/08/2012 10:01 a.m.] [DI] C:\ProgramData\Mozilla
      [22/08/2012 01:56 p.m.] [22/08/2012 01:06 p.m.] [DI] C:\ProgramData\Nik Software
      [22/09/2012 03:48 p.m.] [22/09/2012 03:48 p.m.] [DI] C:\ProgramData\PACE Anti-Piracy
      [22/08/2012 02:32 a.m.] [17/05/2012 12:17 p.m.] [DI] C:\ProgramData\Partner
      [20/12/2012 11:15 p.m.] [20/12/2012 10:16 p.m.] [DI] C:\ProgramData\PC Tools
      [21/08/2012 10:16 p.m.] [21/08/2012 10:16 p.m.] [HSDLI] C:\ProgramData\Plantillas
      [16/10/2012 12:34 p.m.] [21/08/2012 12:41 p.m.] [DI] C:\ProgramData\regid.1986-12.com.adobe
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Start Menu
      [02/10/2012 04:27 a.m.] [02/10/2012 04:27 a.m.] [DI] C:\ProgramData\Sun
      [22/08/2012 05:55 p.m.] [22/08/2012 05:55 p.m.] [DI] C:\ProgramData\TechSmith
      [20/12/2012 11:16 p.m.] [17/05/2012 12:08 p.m.] [DAI] C:\ProgramData\Temp
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Templates
      [23/08/2012 03:56 p.m.] [23/08/2012 03:55 p.m.] [DI] C:\ProgramData\TuneUp Software
      [21/08/2012 05:57 p.m.] [21/08/2012 05:57 p.m.] [DI] C:\ProgramData\UDL
      [24/08/2012 09:25 a.m.] [24/08/2012 08:24 a.m.] [DI] C:\ProgramData\VirtualizedApplications
      [07/09/2012 01:35 p.m.] [07/09/2012 01:35 p.m.] [DI] C:\ProgramData\{003FC4B1-B5E2-4EF0-A9B3-CCEB0DDC2E93}
      [10/09/2012 01:38 p.m.] [10/09/2012 01:38 p.m.] [HDC] C:\ProgramData\{0C544878-1DB6-409D-A998-0664599014C4}
      [07/09/2012 01:38 p.m.] [07/09/2012 01:38 p.m.] [DI] C:\ProgramData\{170C1966-15F2-48B8-AB1A-1EAAD775C8BE}
      [23/08/2012 03:55 p.m.] [23/08/2012 03:55 p.m.] [HSD] C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
      [10/09/2012 01:35 p.m.] [10/09/2012 01:35 p.m.] [HDC] C:\ProgramData\{33570351-B6F8-4097-AC41-91625CF5D4EF}
      [10/09/2012 01:38 p.m.] [10/09/2012 01:38 p.m.] [HDC] C:\ProgramData\{36DC9A85-0AC4-4BA0-BEDB-99E0F95BA4F1}
      [10/09/2012 01:48 p.m.] [07/09/2012 01:36 p.m.] [HDC] C:\ProgramData\{3C2CC1BA-EC03-48E5-A0EF-A0B455E1343F}
      [10/09/2012 01:47 p.m.] [10/09/2012 01:47 p.m.] [HDC] C:\ProgramData\{447B4BF8-DCC8-4693-A8CD-A6A63F5BC176}
      [07/09/2012 01:35 p.m.] [07/09/2012 01:35 p.m.] [DI] C:\ProgramData\{54B6D04D-4477-4BDA-9A8C-DEB315E0282D}
      [10/09/2012 01:35 p.m.] [10/09/2012 01:35 p.m.] [HDC] C:\ProgramData\{60E17BBA-9D2D-4E1B-BDCF-1D654329EA31}
      [10/09/2012 01:34 p.m.] [10/09/2012 01:34 p.m.] [HDC] C:\ProgramData\{6B992C6A-E6B0-418F-9B21-FE4BF85AD3BE}
      [10/09/2012 01:34 p.m.] [10/09/2012 01:34 p.m.] [HDC] C:\ProgramData\{774331FE-B8E8-4A4B-AFDF-F018F99FB73A}
      [10/09/2012 01:36 p.m.] [10/09/2012 01:36 p.m.] [HDC] C:\ProgramData\{7B507839-38D8-4587-A29F-FE5A5EC55A03}
      [10/09/2012 01:40 p.m.] [10/09/2012 01:40 p.m.] [HDC] C:\ProgramData\{7CAFEB17-971D-44F2-91C0-1EEC4F54E1DB}
      [10/09/2012 01:47 p.m.] [10/09/2012 01:47 p.m.] [HDC] C:\ProgramData\{8331949C-0661-45E0-BDFD-C71C7F94A6E2}
      [10/09/2012 02:04 p.m.] [10/09/2012 02:04 p.m.] [HDC] C:\ProgramData\{83F14D6A-5ACC-47AC-A05D-06D38D1C2C37}
      [10/09/2012 01:50 p.m.] [10/09/2012 01:50 p.m.] [HDC] C:\ProgramData\{86A7919A-1CA3-4459-8124-76C789A6402B}
      [10/09/2012 01:48 p.m.] [10/09/2012 01:48 p.m.] [HDC] C:\ProgramData\{90230F46-BE74-4EE2-8E60-E2EC40A3EF30}
      [10/09/2012 01:37 p.m.] [10/09/2012 01:37 p.m.] [HDC] C:\ProgramData\{961C7791-DF59-4BC0-9DC6-D2A8D3F2B1B5}
      [10/09/2012 01:40 p.m.] [10/09/2012 01:40 p.m.] [HDC] C:\ProgramData\{A3BF8AE0-D933-4056-88A7-28E0C483C866}
      [10/09/2012 01:48 p.m.] [07/09/2012 01:36 p.m.] [HDC] C:\ProgramData\{AA5C05EA-7FB9-4519-BBE2-03ADD8EF0E5D}
      [10/09/2012 01:50 p.m.] [10/09/2012 01:50 p.m.] [HDC] C:\ProgramData\{B9FD5102-2C48-42CD-B063-6558A71C8AF2}
      [10/09/2012 01:48 p.m.] [10/09/2012 01:48 p.m.] [HDC] C:\ProgramData\{C081E8AB-3AD3-4F73-A2C4-BB04BB77DB08}
      [10/09/2012 01:50 p.m.] [10/09/2012 01:50 p.m.] [HDC] C:\ProgramData\{DC2B71D0-028E-4F23-8225-0389D4C70C90}
      [10/09/2012 01:36 p.m.] [10/09/2012 01:36 p.m.] [HDC] C:\ProgramData\{E176482F-0DEA-4B06-9697-D12D614FECB9}
      [10/09/2012 01:50 p.m.] [10/09/2012 01:50 p.m.] [HDC] C:\ProgramData\{E6FD2223-C904-40C1-A119-7C0A8A7FE045}
      [10/09/2012 01:37 p.m.] [10/09/2012 01:37 p.m.] [HDC] C:\ProgramData\{E7058808-8C97-4A08-99A2-015D24FDC13B}
      [10/09/2012 02:05 p.m.] [10/09/2012 02:05 p.m.] [HDC] C:\ProgramData\{F69F5E29-9B96-4F0C-8279-BF131A4ACF53}

      ==================== EOF ==================

    4. #4
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Virus habre pestañas en Firefox

      Hola





      Por favor, realizá el siguiente procedimiento:



      PASO 1

      Descargá estas herramientas a Tu escritorio:


      º Glary Utilities y lo instalas según Su manual.

      º Malwarebytes. Lo instalas y actualizas según su manual, Pero NO ejecutes aún. Si ya lo tenes, Solo debes actualizarlo.

      º Hijackthis 2.0.4 by Trend Micro™


      PASO 2

      Ejecutá las herramientas en este órden y de esta manera:


      Glary Utilities
      • Presioná el Boton Mantenimiento un Clic
      • Presioná el Boton Ver Resultados y esperá a que termine.
      • Cuando termine, presionas el Boton Reparar Problemas.




      Malwarebytes.
      • Hacé un "Escaneo Completo".
      • Una vez finalizado, si detecta algo, elegis "Quitar lo seleccionado" como lo indica Esta Imagen
      • Si te pide reiniciar, lo haces.



      Hijackthis 2.0.4

      º Lo instalás y ejecutás desde el escritorio (que el ícono de ejecución NO este dentro de una carpeta)

      º Pulsas el Boton "Scan" y esperas a que Hijackthis escanee el sistema.

      º Al terminar, pulsas el Boton "Save Log".

      º Elegis la hubicación mas fácil de encontrar para Vos (El escritorio) y le das clic a "Guardar".


      Ya tenés el log guardado en el archivo Hijackthis.txt.


      º Cerrás el hijackthis, abris ese archivo, copias su contenido y lo pegas en tu próxima respuesta.



      NOTA: En lo posible, NO realizes ninguna otra acción con herramientas antimalwares para no interferir en las acciones a tomar.





      En tu próxima respuesta, debes poner lo siguiente:

      º El reporte de Malwarebytes, que se encuentra en su pestaña REGISTROS
      º El log de Hijackthis 2.0.4
      º Como funciona tu pc ahora


      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    5. #5
      Usuario Avatar de xploit80
      Registrado
      may 2009
      Ubicación
      MEXICO
      Mensajes
      10

      Re: Virus habre pestañas en Firefox

      Hola mi pc sigue igual gracias por la ayuda este es el mensaje ke me sale aveces de java: "Error: testElementParent is null" aki dejo los logs de Malware y de Hackthis.....

      Malware:


      21/12/2012 03:27:30 p.m.
      mbam-log-2012-12-21 (15-27-30).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|E:\|F:\|Q:\|W:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 555255
      Tiempo transcurrido: 1 hora(s), 1 minuto(s), 37 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 24
      C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Program Files (x86)\Adobe\Adobe Audition CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\Desktop\Adobe\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Desktop\PROGRAMAS\amtlib By RafaelTalero\amtlib By RafaelTalero\amtlib By Rafael Talero\Program Files\Adobe\Adobe After Effects CS6\Support Files\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Desktop\PROGRAMAS\amtlib By RafaelTalero\amtlib By RafaelTalero\amtlib By Rafael Talero\Program Files\Adobe\Adobe Encore CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Desktop\PROGRAMAS\amtlib By RafaelTalero\amtlib By RafaelTalero\amtlib By Rafael Talero\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Desktop\PROGRAMAS\amtlib By RafaelTalero\amtlib By RafaelTalero\amtlib By Rafael Talero\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Desktop\PROGRAMAS\amtlib By RafaelTalero\amtlib By RafaelTalero\amtlib By Rafael Talero\Program Files\Adobe\Adobe Premiere Pro CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Desktop\PROGRAMAS\amtlib By RafaelTalero\amtlib By RafaelTalero\amtlib By Rafael Talero\Program Files\Adobe\Validar Otros\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Desktop\PROGRAMAS\amtlib By RafaelTalero\amtlib By RafaelTalero\amtlib By Rafael Talero\Program Files (x86)\Adobe\Adobe Flash CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Desktop\PROGRAMAS\amtlib By RafaelTalero\amtlib By RafaelTalero\amtlib By Rafael Talero\Program Files (x86)\Adobe\Adobe Illustrator CS6\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Desktop\PROGRAMAS\amtlib By RafaelTalero\amtlib By RafaelTalero\amtlib By Rafael Talero\Program Files (x86)\Adobe\Adobe InDesign CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Desktop\PROGRAMAS\amtlib By RafaelTalero\amtlib By RafaelTalero\amtlib By Rafael Talero\Program Files (x86)\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Desktop\PROGRAMAS\amtlib By RafaelTalero\amtlib By RafaelTalero\amtlib By Rafael Talero\Program Files (x86)\Adobe\Adobe Prelude CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Desktop\PROGRAMAS\Cracks-Photoshop CS6 Full + Traducion\Cracks\32-bit\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Desktop\PROGRAMAS\Cracks-Photoshop CS6 Full + Traducion\Cracks\64-bit\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Downloads\amtlibcrack.CS6\32-bit\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Downloads\amtlibcrack.CS6\64-bit\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Downloads\Licencia Photoshopcs6\Licencia Photoshopcs6\32-bit\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.
      C:\Users\JAHZ\Downloads\Licencia Photoshopcs6\Licencia Photoshopcs6\64-bit\amtlib.dll (PUP.RiskwareTool.CK) -> No se tomaron medidas.

      fin)

      Hackthis:


      Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 04:34:14 p.m., on 21/12/2012
      Platform: Windows 7 SP1 (WinNT 6.00.3505)
      MSIE: Internet Explorer v9.00 (9.00.8112.16448)
      Boot mode: Normal

      Running processes:
      C:\Program Files (x86)\SugarSync\SugarSyncManager.exe
      C:\Windows\jmesoft\hotkey.exe
      C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
      C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
      C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
      C:\Program Files (x86)\Lenovo\Rapidboot\FBConsole.exe
      C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
      C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\windows\SysWOW64\RunDll32.exe
      C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
      C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
      C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
      C:\Program Files (x86)\Internet Explorer\iexplore.exe
      C:\Program Files (x86)\Internet Explorer\iexplore.exe
      C:\Program Files (x86)\Internet Explorer\iexplore.exe
      C:\Users\JAHZ\Desktop\HijackThis.exe
      C:\windows\SysWOW64\NOTEPAD.EXE
      C:\windows\SysWOW64\DllHost.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = V9 Portal Site
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
      O2 - BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
      O4 - HKLM\..\Run: [jmekey] C:\windows\jmesoft\hotkey.exe
      O4 - HKLM\..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
      O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
      O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
      O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
      O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
      O4 - HKLM\..\Run: [Lenovo Eye Distance System] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe 1
      O4 - HKLM\..\Run: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\RunLDBS.exe 1
      O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
      O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
      O4 - HKLM\..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\Rapidboot\FBConsole.exe
      O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
      O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
      O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
      O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
      O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
      O4 - HKCU\..\Run: [SugarSync] "C:\Program Files (x86)\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true
      O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
      O4 - HKCU\..\Run: [Facebook Update] "C:\Users\JAHZ\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
      O4 - Startup: Registro de Product Epson.lnk = JAHZ\AppData\Roaming\Leadertech\PowerRegister\Registro de Product Epson.exe
      O4 - Global Startup: Bluetooth.lnk = ?
      O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Enviar página al dispositivo &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
      O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
      O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Enviar a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
      O9 - Extra 'Tools' menuitem: Enviar a &Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
      O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
      O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
      O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
      O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
      O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
      O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: FastbootService - 1206 Lab - C:\Program Files (x86)\Lenovo\Rapidboot\FBService.exe
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: Servicio Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\windows\system32\IProsetMonitor.exe (file missing)
      O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: JME Keyboard Driver (JME Keyboard) - Unknown owner - C:\Windows\jmesoft\Service.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
      O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\windows\system32\msiexec.exe
      O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\nlssrv32.exe
      O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\windows\SysWow64\perfhost.exe
      O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
      O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\windows\servicing\TrustedInstaller.exe
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\windows\system32\SearchIndexer.exe
      O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\windows\system32\svchost.exe

      --
      End of file - 24606 bytes

    6. #6
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Virus habre pestañas en Firefox

      Hola




      Descargá la herramienta ComboFix.exe a Tu escritorio.

      • Desactivá temporalmente el Antivirus y/o Antispyware. Cómo deshabilitar temporalmente su Antivirus
      • Cerrá todas las ventanas abiertas.
      • Hacá doble clic en el archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generará un registro en C:\ComboFix.txt.




      Notas Importantes:

      • Mientras CF este trabajando, no debes mover el mouse ya que pararía su proceso.
      • ComboFix Puede Reiniciar automáticamente el PC para completar el proceso de eliminación.
      • Una vez Terminado el Trabajo de ComboFix, podes activar Tu antivirus.
      • No Pongas los Reportes Dentro de Etiquetas Code ni HTML.




      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.


      El reporte generado, se encuentra en C:\ComboFix.txt . Abrilo, seleccionas Todo y lo copias y pegas en Tu próxima respuesta.



      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    7. #7
      Usuario Avatar de xploit80
      Registrado
      may 2009
      Ubicación
      MEXICO
      Mensajes
      10

      Re: Virus habre pestañas en Firefox

      Hola de nuevo aqui el log de ComboFix:


      ComboFix 12-12-20.02 - JAHZ 21/12/2012 17:14:45.4.2 - x64
      Microsoft Windows 7 Home Basic 6.1.7601.1.1252.52.3082.18.4008.1718 [GMT -6:00]
      Running from: c:\users\JAHZ\Desktop\ComboFix.exe
      SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-11-21 to 2012-12-21 )))))))))))))))))))))))))))))))
      .
      .
      2012-12-21 23:19 . 2012-12-21 23:19 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
      2012-12-21 23:19 . 2012-12-21 23:19 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-12-21 21:26 . 2012-12-21 21:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2012-12-21 21:26 . 2012-09-30 01:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-12-21 21:23 . 2012-12-21 21:23 -------- d-----w- c:\users\JAHZ\AppData\Roaming\GlarySoft
      2012-12-21 21:21 . 2012-12-21 21:21 -------- d-----w- c:\program files (x86)\Glary Utilities
      2012-12-21 20:34 . 2012-12-21 20:34 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{49257AAD-C9BE-4091-87B9-8201702143D9}\offreg.dll
      2012-12-21 06:34 . 2012-12-21 06:35 -------- d-----w- C:\Lop SD
      2012-12-21 06:06 . 2012-12-21 20:11 -------- d-----w- C:\_AT-Destroyer
      2012-12-21 04:16 . 2012-12-21 05:15 -------- d-----w- c:\programdata\PC Tools
      2012-12-21 03:14 . 2012-12-21 03:14 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
      2012-12-18 19:06 . 2012-12-18 19:06 -------- d-----w- c:\users\JAHZ\AppData\Roaming\Malwarebytes
      2012-12-18 19:05 . 2012-12-18 19:05 -------- d-----w- c:\programdata\Malwarebytes
      2012-12-07 06:56 . 2012-12-07 06:56 -------- d-----w- c:\program files (x86)\caceco
      2012-12-03 01:42 . 2012-12-21 05:22 -------- d-----w- c:\users\JAHZ\Tracing
      2012-11-30 02:45 . 2012-11-30 02:45 -------- d-----w- c:\users\JAHZ\AppData\Local\Facebook
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-12-14 17:37 . 2012-08-21 15:38 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-12-14 17:37 . 2012-08-21 15:38 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-10-02 09:45 . 2012-10-02 09:45 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2012-10-02 09:45 . 2012-10-02 09:45 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
      2012-10-02 09:45 . 2012-10-02 09:19 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SugarSync"="c:\program files (x86)\SugarSync\SugarSyncManager.exe" [2012-12-13 11179720]
      "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
      "Facebook Update"="c:\users\JAHZ\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-11-30 138096]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-06-01 506712]
      "jmekey"="c:\windows\jmesoft\hotkey.exe" [2011-06-08 118784]
      "jmesoft"="c:\windows\jmesoft\ServiceLoader.exe" [2011-03-16 28672]
      "YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
      "YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
      "CLMLServer"="c:\program files (x86)\Lenovo\Power2Go\CLMLSvc.exe" [2009-12-04 103720]
      "UpdateP2GoShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
      "Lenovo Eye Distance System"="c:\program files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe" [2011-04-16 264704]
      "Lenovo Dynamic Brightness System"="c:\program files\Lenovo\Lenovo Brightness System\RunLDBS.exe" [2011-03-19 1746432]
      "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
      "Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2011-07-14 4351712]
      "Fastboot"="c:\program files (x86)\Lenovo\Rapidboot\FBConsole.exe" [2011-12-16 1260128]
      "RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
      "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
      "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
      "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
      "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
      .
      c:\users\JAHZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Registro de Product Epson.lnk - c:\users\JAHZ\AppData\Roaming\Leadertech\PowerRegister\Registro de Product Epson.exe [2011-5-19 2548736]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2011-5-12 1211168]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 0 (0x0)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableLUA"= 0 (0x0)
      "EnableUIADesktopToggle"= 0 (0x0)
      "PromptOnSecureDesktop"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "mixer2"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
      @=""
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      .
      S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-05-12 437288]
      S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys [2011-05-12 89640]
      S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-05-12 39976]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - MBAMPROTECTOR
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-12-21 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-21 17:37]
      .
      2012-12-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3981333000-1667334546-3030813738-1001Core.job
      - c:\users\JAHZ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-30 02:45]
      .
      2012-12-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3981333000-1667334546-3030813738-1001UA.job
      - c:\users\JAHZ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-30 02:45]
      .
      2012-12-21 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files (x86)\Glary Utilities\initialize.exe [2012-12-21 19:10]
      .
      2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-17 17:15]
      .
      2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-17 17:15]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
      @="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
      [HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
      2012-12-13 04:34 481480 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
      @="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
      [HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
      2012-12-13 04:34 481480 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
      @="{A759AFF6-5851-457D-A540-F4ECED148351}"
      [HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
      2012-12-13 04:34 481480 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
      @="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
      [HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
      2012-12-13 04:34 481480 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-07-28 167704]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-07-28 392472]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2011-07-28 416024]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]
      "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
      "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
      .
      ------- Supplementary Scan -------
      .
      uStart Page = Google
      uLocal Page = c:\windows\system32\blank.htm
      mDefault_Page_URL = hxxp://www.v9.com/?utm_source=b&utm_medium=opc&from=opc&uid=5VPBQ9Z7_ST31000524AS&ts=1345743439
      mStart Page = Google
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: Enviar imagen al dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
      IE: Enviar página al dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
      IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
      TCP: DhcpNameServer = 192.168.1.254
      FF - ProfilePath - c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\
      FF - prefs.js: browser.search.defaulturl - Google
      FF - prefs.js: browser.search.selectedEngine - Google
      FF - prefs.js: browser.startup.homepage - hxxp://google.com
      FF - prefs.js: keyword.URL - hxxps://www.google.com/search?q=
      FF - ExtSQL: 2012-10-24 21:21; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
      FF - ExtSQL: 2012-12-07 00:56; {cb586b55-d548-c4a6-6556-d53c34ba38cc}; c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\extensions\{cb586b55-d548-c4a6-6556-d53c34ba38cc}
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-Locked - (no file)
      .
      .
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
      "ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
      "ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2012-12-21 17:21:13
      ComboFix-quarantined-files.txt 2012-12-21 23:21
      ComboFix2.txt 2012-12-21 05:44
      .
      Pre-Run: 810,325,622,784 bytes libres
      Post-Run: 810,251,235,328 bytes libres
      .
      - - End Of File - - AC4AA2C1D244C15E534F7EB40D22ACE1

    8. #8
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Virus habre pestañas en Firefox

      Hola de nuevo


      Realiza lo siguiente :

      • Clic en INICIO > EJECUTAR >
        • Y ahí pones notepad.exe y ACEPTAR
        • Ahora copia y pega el texto del cuadro de mas abajo dentro del Notepad


      Código:
      KillAll::
      ClearJavaCache::
      Folder::
      C:\Program Files (x86)\{972ce4c6-7e08-4474-a285-3208198ce6fd}
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiijkjkpomoikopnhmeamcoanolbcfgg
      C:\Users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
      c:\program files (x86)\caceco
      Firefox::
      FF - ProfilePath - c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\
      FF - ExtSQL: 2012-10-24 21:21; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
      FF - ExtSQL: 2012-12-07 00:56; {cb586b55-d548-c4a6-6556-d53c34ba38cc}; c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\extensions\{cb586b55-d548-c4a6-6556-d53c34ba38cc}


      • Guarda este archivo con el nombre CFScript.txt
      • Arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra el screenshot de abajo.



      • ComboFix comenzará otra vez a ejecutarse. Cuando termine generara un nuevo reporte que tendras que pegar en este mismo tema.




      Después de reiniciar, comprobas en funcionamiento y nos comentás.



      saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    9. #9
      Usuario Avatar de xploit80
      Registrado
      may 2009
      Ubicación
      MEXICO
      Mensajes
      10

      Re: Virus habre pestañas en Firefox

      Hola de nuevo gracias por tu ayuda y pues comento que sigue igual esto solo e pasa en firefox esta es una de las direcciones que me habre en las pestañas: http://mx.teebik.com/partc/new/hdb.php?subid=793985393 y aki te dejo el reporte de ComboFix con las instrucciones que me diste salu2....

      ComboFix:

      ComboFix 12-12-22.02 - JAHZ 22/12/2012 17:44:25.5.2 - x64
      Microsoft Windows 7 Home Basic 6.1.7601.1.1252.52.3082.18.4008.2317 [GMT -6:00]
      Running from: c:\users\JAHZ\Desktop\ComboFix.exe
      Command switches used :: c:\users\JAHZ\Desktop\CFScript.txt
      SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files (x86)\caceco
      c:\program files (x86)\caceco\data.bin\a60b9f216f885du.zip
      c:\program files (x86)\caceco\data.bin\d0057e63831ae2a.zip
      c:\program files (x86)\caceco\data.bin\oex\__MACOSX\._config.xml
      c:\program files (x86)\caceco\data.bin\oex\__MACOSX\._icon128.png
      c:\program files (x86)\caceco\data.bin\oex\__MACOSX\._icon16.png
      c:\program files (x86)\caceco\data.bin\oex\__MACOSX\._icon48.png
      c:\program files (x86)\caceco\data.bin\oex\__MACOSX\._includes
      c:\program files (x86)\caceco\data.bin\oex\__MACOSX\includes\._go.js
      c:\program files (x86)\caceco\data.bin\oex\config.xml
      c:\program files (x86)\caceco\data.bin\oex\icon128.png
      c:\program files (x86)\caceco\data.bin\oex\icon16.png
      c:\program files (x86)\caceco\data.bin\oex\icon48.png
      c:\program files (x86)\caceco\data.bin\oex\includes\go.js
      c:\program files (x86)\caceco\data.bin\oex\index.html
      c:\program files (x86)\caceco\Setup.exe
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiijkjkpomoikopnhmeamcoanolbcfgg
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiijkjkpomoikopnhmeamcoanolbcfgg\2.3.0_0\gox.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiijkjkpomoikopnhmeamcoanolbcfgg\2.3.0_0\icon128.png
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiijkjkpomoikopnhmeamcoanolbcfgg\2.3.0_0\icon16.png
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiijkjkpomoikopnhmeamcoanolbcfgg\2.3.0_0\icon48.png
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiijkjkpomoikopnhmeamcoanolbcfgg\2.3.0_0\manifest.json
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\_locales\de\messages.json
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\_locales\en\messages.json
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\_locales\es\messages.json
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\_locales\fr\messages.json
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\_locales\it\messages.json
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\_locales\ja\messages.json
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\_locales\zh_CN\messages.json
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\background.html
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\images\a_smile.png
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\images\ABA.png
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\images\amazon_logo.png
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\images\asmile_128.png
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\images\asmile_16.png
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\images\asmile_19.png
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\images\asmile_48.png
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\images\btns.png
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\images\button.png
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\images\gold-button.png
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\images\grey_gradient.gif
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\images\pricecompare.gif
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\images\wheat-button.png
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\alexa\base64.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\alexa\content\dc.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\alexa\content\results.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\alexa\helper.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\alexa\md5.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\alexa\messages.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\alexa\overlay.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\alexa\popup.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\alexa\results.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\assist_c.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\background.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\bootstrap.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\enabler.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\options.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\options_init.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\sentinel.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\tou.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\tou_init.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\turn_c.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\util.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\util_c.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\whoami.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\js\whoami_c.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\lib\jquery-1.7.1.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\lib\jsuri-1.1.1.js
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\manifest.json
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\options.html
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\styles\options.css
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\styles\style.css
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\tou.html
      c:\users\JAHZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\2.2.2012.275_0\xml\default.xml
      c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-11-22 to 2012-12-22 )))))))))))))))))))))))))))))))
      .
      .
      2012-12-22 23:50 . 2012-12-22 23:50 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
      2012-12-22 23:50 . 2012-12-22 23:50 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-12-21 21:26 . 2012-12-21 21:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2012-12-21 21:26 . 2012-09-30 01:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-12-21 21:23 . 2012-12-21 21:23 -------- d-----w- c:\users\JAHZ\AppData\Roaming\GlarySoft
      2012-12-21 21:21 . 2012-12-21 21:21 -------- d-----w- c:\program files (x86)\Glary Utilities
      2012-12-21 06:34 . 2012-12-21 06:35 -------- d-----w- C:\Lop SD
      2012-12-21 06:06 . 2012-12-21 20:11 -------- d-----w- C:\_AT-Destroyer
      2012-12-21 04:16 . 2012-12-21 05:15 -------- d-----w- c:\programdata\PC Tools
      2012-12-21 03:14 . 2012-12-21 03:14 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
      2012-12-18 19:06 . 2012-12-18 19:06 -------- d-----w- c:\users\JAHZ\AppData\Roaming\Malwarebytes
      2012-12-18 19:05 . 2012-12-18 19:05 -------- d-----w- c:\programdata\Malwarebytes
      2012-12-03 01:42 . 2012-12-21 05:22 -------- d-----w- c:\users\JAHZ\Tracing
      2012-11-30 02:45 . 2012-11-30 02:45 -------- d-----w- c:\users\JAHZ\AppData\Local\Facebook
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-12-14 17:37 . 2012-08-21 15:38 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-12-14 17:37 . 2012-08-21 15:38 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-10-02 09:45 . 2012-10-02 09:45 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2012-10-02 09:45 . 2012-10-02 09:45 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
      2012-10-02 09:45 . 2012-10-02 09:19 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SugarSync"="c:\program files (x86)\SugarSync\SugarSyncManager.exe" [2012-12-13 11179720]
      "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
      "Facebook Update"="c:\users\JAHZ\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-11-30 138096]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-06-01 506712]
      "jmekey"="c:\windows\jmesoft\hotkey.exe" [2011-06-08 118784]
      "jmesoft"="c:\windows\jmesoft\ServiceLoader.exe" [2011-03-16 28672]
      "YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
      "YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
      "CLMLServer"="c:\program files (x86)\Lenovo\Power2Go\CLMLSvc.exe" [2009-12-04 103720]
      "UpdateP2GoShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
      "Lenovo Eye Distance System"="c:\program files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe" [2011-04-16 264704]
      "Lenovo Dynamic Brightness System"="c:\program files\Lenovo\Lenovo Brightness System\RunLDBS.exe" [2011-03-19 1746432]
      "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
      "Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2011-07-14 4351712]
      "Fastboot"="c:\program files (x86)\Lenovo\Rapidboot\FBConsole.exe" [2011-12-16 1260128]
      "RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
      "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
      "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
      "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
      "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
      .
      c:\users\JAHZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Registro de Product Epson.lnk - c:\users\JAHZ\AppData\Roaming\Leadertech\PowerRegister\Registro de Product Epson.exe [2011-5-19 2548736]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2011-5-12 1211168]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 0 (0x0)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableLUA"= 0 (0x0)
      "EnableUIADesktopToggle"= 0 (0x0)
      "PromptOnSecureDesktop"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "mixer2"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
      @=""
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      .
      R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
      R3 WSDScan;Compatibilidad con digitalización de WSD a través de UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
      R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
      R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
      S0 Fastboot;Fastboot;c:\windows\System32\DRIVERS\Fastboot.sys [2011-12-16 69216]
      S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
      S0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys [2008-04-08 20832]
      S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-23 279616]
      S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
      S2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-06-09 555392]
      S2 FastbootService;FastbootService;c:\program files (x86)\Lenovo\Rapidboot\FBService.exe [2011-12-16 199264]
      S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-10-25 164008]
      S2 JME Keyboard;JME Keyboard Driver;c:\windows\jmesoft\Service.exe [2011-03-16 32768]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432]
      S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936]
      S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe [2012-01-31 66560]
      S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
      S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-05-12 437288]
      S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys [2011-05-12 89640]
      S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-05-12 39976]
      S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928]
      S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2010-10-29 326760]
      S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-12-03 874088]
      S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
      S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
      S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
      S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
      S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
      S3 VMC412;Vimicro Camera Service VMC412;c:\windows\system32\Drivers\VMC412.sys [2011-03-28 243456]
      .
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-12-22 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-21 17:37]
      .
      2012-12-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3981333000-1667334546-3030813738-1001Core.job
      - c:\users\JAHZ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-30 02:45]
      .
      2012-12-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3981333000-1667334546-3030813738-1001UA.job
      - c:\users\JAHZ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-30 02:45]
      .
      2012-12-22 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files (x86)\Glary Utilities\initialize.exe [2012-12-21 19:10]
      .
      2012-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-17 17:15]
      .
      2012-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-17 17:15]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
      @="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
      [HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
      2012-12-13 04:34 481480 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
      @="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
      [HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
      2012-12-13 04:34 481480 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
      @="{A759AFF6-5851-457D-A540-F4ECED148351}"
      [HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
      2012-12-13 04:34 481480 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
      @="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
      [HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
      2012-12-13 04:34 481480 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-07-28 167704]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-07-28 392472]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2011-07-28 416024]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]
      "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
      "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
      .
      ------- Supplementary Scan -------
      .
      uStart Page = Google
      uLocal Page = c:\windows\system32\blank.htm
      mDefault_Page_URL = hxxp://www.v9.com/?utm_source=b&utm_medium=opc&from=opc&uid=5VPBQ9Z7_ST31000524AS&ts=1345743439
      mStart Page = Google
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: Enviar imagen al dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
      IE: Enviar página al dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
      IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
      TCP: DhcpNameServer = 192.168.1.254
      FF - ProfilePath - c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\
      FF - prefs.js: browser.search.defaulturl - Google
      FF - prefs.js: browser.search.selectedEngine - Google
      FF - prefs.js: browser.startup.homepage - hxxp://google.com
      FF - prefs.js: keyword.URL - hxxps://www.google.com/search?q=
      FF - ExtSQL: 2012-10-24 21:21; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
      FF - ExtSQL: 2012-12-07 00:56; {cb586b55-d548-c4a6-6556-d53c34ba38cc}; c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\extensions\{cb586b55-d548-c4a6-6556-d53c34ba38cc}
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-Locked - (no file)
      .
      .
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
      "ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
      "ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
      c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
      c:\windows\SysWOW64\RunDll32.exe
      .
      **************************************************************************
      .
      Completion time: 2012-12-22 17:55:56 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-12-22 23:55
      ComboFix2.txt 2012-12-21 23:21
      ComboFix3.txt 2012-12-21 05:44
      .
      Pre-Run: 810,129,031,168 bytes libres
      Post-Run: 810,177,323,008 bytes libres
      .
      - - End Of File - - CC88A17F1027B0082B7647CD97162EFE

    10. #10
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Virus habre pestañas en Firefox

      Hola de nuevo


      Realiza lo siguiente :

      • Clic en INICIO > EJECUTAR >
        • Y ahí pones notepad.exe y ACEPTAR
        • Ahora copia y pega el texto del cuadro de mas abajo dentro del Notepad


      Código:
      KillAll::
      ClearJavaCache::
      Firefox::
      FF - ProfilePath - c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\
      FF - prefs.js: browser.startup.homepage - hxxp://google.com
      FF - prefs.js: keyword.URL - hxxps://www.google.com/search?q=
      FF - ExtSQL: 2012-10-24 21:21; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
      FF - ExtSQL: 2012-12-07 00:56; {cb586b55-d548-c4a6-6556-d53c34ba38cc}; c:\users\JAHZ\AppData\Roaming\Mozilla\Firefox\Profiles\evqsdftj.default\extensions\{cb586b55-d548-c4a6-6556-d53c34ba38cc}


      • Guarda este archivo con el nombre CFScript.txt
      • Arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra el screenshot de abajo.



      • ComboFix comenzará otra vez a ejecutarse. Cuando termine generara un nuevo reporte que tendras que pegar en este mismo tema.




      Después de reiniciar, comprobas en funcionamiento y nos comentás.



      saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    Página 1 de 2 12 ÚltimoÚltimo