• Registrarse
  • Iniciar sesión


  • Resultados 1 al 10 de 10

    PUP.Adware.Installcore.(Solucionado)

    Resumen del tema: PUP.Adware.Installcore.(Solucionado) - hola buenas amigos.tengo el pc de mi padre infectado.les dejo los reportes..muchas gracias por su ayuda. Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Versión de la Base de Datos: v2012.12.24.03 Windows 7 Service Pack 1 x64 NTFS Internet ...

      
    1. #1
      Usuario Avatar de flacosert
      Registrado
      oct 2012
      Ubicación
      masnou
      Mensajes
      30

      Bien PUP.Adware.Installcore.(Solucionado)

      hola buenas amigos.tengo el pc de mi padre infectado.les dejo los reportes..muchas gracias por su ayuda.
      Malwarebytes Anti-Malware 1.65.1.1000
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.12.24.03

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      JOSE :: JOSE-PC [administrador]

      24/12/2012 10:35:28
      mbam-log-2012-12-24 (10-35-28).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 325614
      Tiempo transcurrido: 31 minuto(s), 50 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 1
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player (PUP.Adware.Installcore) -> En cuarentena y eliminado con éxito.

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 10
      C:\Program Files (x86)\FLVPlayer\Uninstall\Uninstall.exe (PUP.Adware.Installcore) -> En cuarentena y eliminado con éxito.
      C:\Users\JOSE\Downloads\FLVPlayerSetup_MMM (1).exe (PUP.Adware.Installcore) -> En cuarentena y eliminado con éxito.
      C:\Users\JOSE\Downloads\FLVPlayerSetup_MMM (3).exe (PUP.Adware.Installcore) -> En cuarentena y eliminado con éxito.
      C:\Users\JOSE\Downloads\FLVPlayerSetup_MMM (4).exe (PUP.Adware.Installcore) -> En cuarentena y eliminado con éxito.
      C:\Users\JOSE\Downloads\FLVPlayerSetup_MMM (5).exe (PUP.Adware.Installcore) -> En cuarentena y eliminado con éxito.
      C:\Users\JOSE\Downloads\FLVPlayerSetup_MMM (6).exe (PUP.Adware.Installcore) -> En cuarentena y eliminado con éxito.
      C:\Users\JOSE\Downloads\FLVPlayerSetup_MMM (7).exe (PUP.Adware.Installcore) -> En cuarentena y eliminado con éxito.
      C:\Users\JOSE\Downloads\FLVPlayerSetup_MMM (8).exe (PUP.Adware.Installcore) -> En cuarentena y eliminado con éxito.
      C:\Users\JOSE\Downloads\FLVPlayerSetup_MMM.exe (PUP.Adware.Installcore) -> En cuarentena y eliminado con éxito.
      C:\Users\JOSE\Uninstall\Uninstall.exe (PUP.Adware.Installcore) -> En cuarentena y eliminado con éxito.

      fin)
      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 18:46:17 \\\ 24/12/2012
      AT-Destroyer 2.1 By Infospyware ---> www.infospyware.com
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Google Chrome:23.0.1271.97
      Privilegios: JOSE - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: JOSE-PC
      Información del sistema operativo:X64-WIN_7-Service Pack 1
      nombre del usuario:JOSE
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<

      C:\ProgramData\Browser Manager\2.3.765.24 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753} (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.settings (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager (W32/Adware.BrowserCompanion) <--Se eliminará la carpeta y los subdirectorios al reiniciar
      C:\ProgramData\Browser Manager\2.3.765.24 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753} (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.settings (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager (W32/Adware.BrowserCompanion) <--Se eliminará la carpeta y los subdirectorios al reiniciar


      >>>>>> Archivos <<<<<<



      >>>>>> Registro <<<<<<

      HKLM\Software\Microsoft\Internet Explorer\Toolbar ----> {98889811-442D-49dd-99D7-DC866BE87DBC}


      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\SysWOW64\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==http://asus.msn.com


      HKEY_USERS\S-1-5-21-2810923076-2218365081-1314926458-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==http://asus.msn.com


      >>>>>> Extensiones Firefox <<<<<<



      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandasecurity.com/activescan
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\1
      C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

      ======== Listado ===========

      [05/05/2012 21:01] [05/05/2012 21:01] [DI] C:\Users\JOSE\AppData\Roaming\ASUS WebStorage
      [24/12/2012 16:16] [24/12/2012 16:16] [DI] C:\Users\JOSE\AppData\Roaming\GlarySoft
      [06/05/2012 16:17] [06/05/2012 16:17] [DI] C:\Users\JOSE\AppData\Roaming\Google
      [05/05/2012 20:54] [05/05/2012 20:54] [DI] C:\Users\JOSE\AppData\Roaming\Identities
      [05/05/2012 20:55] [05/05/2012 20:55] [DI] C:\Users\JOSE\AppData\Roaming\Macromedia
      [06/05/2012 16:11] [06/05/2012 16:11] [DI] C:\Users\JOSE\AppData\Roaming\Malwarebytes
      [ 14/07/2009 9:44] [ 05/05/2012 20:53] [DI] C:\Users\JOSE\AppData\Roaming\Media Center Programs
      [10/06/2012 20:30] [05/05/2012 20:53] [SDI] C:\Users\JOSE\AppData\Roaming\Microsoft
      [07/05/2012 16:13] [07/05/2012 16:13] [DI] C:\Users\JOSE\AppData\Roaming\Nero
      [24/12/2012 15:52] [05/10/2012 20:31] [D] C:\Users\JOSE\AppData\Roaming\PerformerSoft
      [24/12/2012 15:30] [05/10/2012 20:33] [DI] C:\Users\JOSE\AppData\Roaming\StreamTorrent
      [06/05/2012 16:35] [06/05/2012 16:35] [DI] C:\Users\JOSE\AppData\Roaming\WinRAR
      [10/05/2012 19:38] [10/05/2012 19:38] [DI] C:\Users\JOSE\AppData\Roaming\Zeon
      [30/03/2012 17:14] [30/03/2012 17:14] [D] C:\Program Files (x86)\ASM104xUSB3
      [24/12/2012 17:21] [19/10/2011 6:25] [D] C:\Program Files (x86)\ASUS
      [07/05/2012 16:03] [14/07/2009 5:20] [D] C:\Program Files (x86)\Common Files
      [30/03/2012 17:24] [30/03/2012 17:23] [D] C:\Program Files (x86)\CyberLink
      C:\Program Files (x86)\desktop.ini [HSA] 174 bytes( 0)
      [07/05/2012 14:19] [07/05/2012 14:19] [D] C:\Program Files (x86)\eMule
      [24/12/2012 17:42] [24/12/2012 17:42] [D] C:\Program Files (x86)\ESET
      [24/12/2012 16:14] [24/12/2012 16:14] [D] C:\Program Files (x86)\Glary Utilities
      [24/12/2012 16:01] [06/05/2012 16:13] [D] C:\Program Files (x86)\Google
      [30/03/2012 17:24] [30/03/2012 17:10] [HD] C:\Program Files (x86)\InstallShield Installation Information
      [30/03/2012 17:12] [30/03/2012 17:07] [D] C:\Program Files (x86)\Intel
      [13/12/2012 0:31] [14/07/2009 5:20] [D] C:\Program Files (x86)\Internet Explorer
      [24/12/2012 10:26] [06/05/2012 16:11] [D] C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [24/12/2012 15:18] [19/10/2011 6:24] [D] C:\Program Files (x86)\Microsoft
      [19/10/2011 6:02] [19/10/2011 6:02] [D] C:\Program Files (x86)\Microsoft Office
      [19/10/2011 6:12] [19/10/2011 6:12] [D] C:\Program Files (x86)\Microsoft Silverlight
      [19/10/2011 6:20] [19/10/2011 6:20] [D] C:\Program Files (x86)\Microsoft SQL Server Compact Edition
      [19/10/2011 6:08] [19/10/2011 6:08] [D] C:\Program Files (x86)\Microsoft.NET
      [05/10/2012 20:32] [05/10/2012 20:32] [D] C:\Program Files (x86)\Mozilla Firefox
      [14/07/2009 7:32] [14/07/2009 7:32] [D] C:\Program Files (x86)\MSBuild
      [13/05/2012 0:16] [13/05/2012 0:16] [D] C:\Program Files (x86)\MSXML 4.0
      [07/05/2012 16:08] [07/05/2012 16:03] [D] C:\Program Files (x86)\Nero
      [24/12/2012 16:56] [24/12/2012 16:56] [D] C:\Program Files (x86)\Panda Security
      [30/03/2012 17:17] [30/03/2012 17:17] [D] C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
      [30/03/2012 17:16] [30/03/2012 17:16] [D] C:\Program Files (x86)\Realtek
      [14/07/2009 7:32] [14/07/2009 7:32] [D] C:\Program Files (x86)\Reference Assemblies
      [06/05/2012 16:09] [06/05/2012 16:06] [D] C:\Program Files (x86)\Spybot - Search & Destroy
      [07/05/2012 13:59] [07/05/2012 13:59] [D] C:\Program Files (x86)\TeamViewer
      [30/03/2012 17:17] [30/03/2012 17:16] [HD] C:\Program Files (x86)\Temp
      [14/07/2009 6:57] [14/07/2009 6:57] [HD] C:\Program Files (x86)\Uninstall Information
      [06/05/2012 19:50] [06/05/2012 19:50] [D] C:\Program Files (x86)\Veetle
      [24/12/2012 15:15] [24/12/2012 15:15] [D] C:\Program Files (x86)\VS Revo Group
      [13/12/2012 0:31] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Defender
      [19/10/2011 6:22] [19/10/2011 6:15] [D] C:\Program Files (x86)\Windows Live
      [13/12/2012 0:31] [14/07/2009 5:20] [D] C:\Program Files (x86)\Windows Mail
      [13/12/2012 0:31] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Media Player
      [14/07/2009 7:32] [14/07/2009 5:20] [D] C:\Program Files (x86)\Windows NT
      [13/12/2012 0:31] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Photo Viewer
      [18/02/2011 21:09] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Portable Devices
      [13/12/2012 0:31] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Sidebar
      [30/03/2012 17:16] [30/03/2012 17:16] [DI] C:\ProgramData\AmUStor
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Application Data
      [24/12/2012 15:26] [19/10/2011 6:34] [DI] C:\ProgramData\Asus
      [19/10/2011 6:25] [19/10/2011 6:25] [DI] C:\ProgramData\ASUS WebStorage
      [12/10/2012 20:49] [12/10/2012 20:49] [DI] C:\ProgramData\Browser Manager
      [05/05/2012 20:56] [19/10/2011 6:34] [DI] C:\ProgramData\ChangeFolderView
      [30/03/2012 17:23] [30/03/2012 17:23] [DI] C:\ProgramData\CyberLink
      [24/12/2012 15:28] [19/10/2011 6:26] [DI] C:\ProgramData\Deadtime Stories
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Desktop
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Documents
      [19/10/2011 6:11] [19/10/2011 6:11] [DI] C:\ProgramData\Downloaded Installations
      [07/05/2012 14:19] [07/05/2012 14:19] [DI] C:\ProgramData\eMule
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Favorites
      [19/10/2011 6:11] [19/10/2011 6:11] [DI] C:\ProgramData\FLEXnet
      [05/05/2012 20:53] [05/05/2012 20:53] [DI] C:\ProgramData\FolderView
      C:\ProgramData\FullRemove.exe [AI] 128 KB 0
      [30/03/2012 17:14] [30/03/2012 17:14] [DI] C:\ProgramData\Intel
      [06/05/2012 16:11] [06/05/2012 16:11] [DI] C:\ProgramData\Malwarebytes
      [24/12/2012 15:18] [14/07/2009 5:20] [SDI] C:\ProgramData\Microsoft
      [07/05/2012 16:06] [07/05/2012 16:03] [DI] C:\ProgramData\Nero
      [30/03/2012 17:19] [30/03/2012 17:19] [DI] C:\ProgramData\P4G
      [05/10/2012 20:31] [05/10/2012 20:31] [DI] C:\ProgramData\PC Performer Manager
      [30/03/2012 17:17] [30/03/2012 17:17] [DI] C:\ProgramData\Qualcomm Atheros
      [30/03/2012 17:17] [30/03/2012 17:17] [DI] C:\ProgramData\SonicFocus
      [24/12/2012 17:16] [06/05/2012 16:06] [DI] C:\ProgramData\Spybot - Search & Destroy
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Start Menu
      [30/03/2012 17:24] [30/03/2012 17:23] [DI] C:\ProgramData\Temp
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Templates
      [06/05/2012 16:38] [19/10/2011 6:36] [DI] C:\ProgramData\Trend Micro
      C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [AI] 109 bytes 0
      C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [AI] 105 bytes 0
      C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [AI] 107 bytes 0

      ==================== EOF ==================
      REPORTE ESSET ONLINE SCANNER:
      C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll probably a variant of Win32/bProtector.A application
      C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe a variant of Win32/bProtector.A application
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll probably a variant of Win32/bProtector.A application
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe a variant of Win32/bProtector.A application
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\Uninstall PC Performer Manager.exe probably a variant of Win32/bProtector.A application
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension\content\bprotector.js Win32/bProtector.C application
      C:\Users\All Users\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll probably a variant of Win32/bProtector.A application
      C:\Users\All Users\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe a variant of Win32/bProtector.A application
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll probably a variant of Win32/bProtector.A application
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe a variant of Win32/bProtector.A application
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\Uninstall PC Performer Manager.exe probably a variant of Win32/bProtector.A application
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension\content\bprotector.js Win32/bProtector.C application
      C:\Users\JOSE\Desktop\pcp_claro.exe a variant of Win32/InstallBrain.H application
      C:\Users\JOSE\Desktop\pcp_claro[1].exe a variant of Win32/InstallBrain.H application
      C:\Users\JOSE\Downloads\SoftonicDownloader_para_stream-torrent.exe a variant of Win32/SoftonicDownloader.E application
      C:\Users\JOSE\Downloads\SoftonicDownloader_para_teamviewer-7.exe a variant of Win32/SoftonicDownloader.E application

      Rkill 2.4.5 by Lawrence Abrams (Grinler)
      http://www.bleepingcomputer.com/
      Copyright 2008-2012 BleepingComputer.com
      More Information about Rkill can be found at this link:
      http://www.bleepingcomputer.com/forums/topic308364.html

      Program started at: 12/24/2012 07:48:13 PM in x64 mode.
      Windows Version: Windows 7 Home Premium Service Pack 1

      Checking for Windows services to stop:

      * No malware services found to stop.

      Checking for processes to terminate:

      * No malware processes found to kill.

      Checking Registry for malware related settings:

      * No issues found in the Registry.

      Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

      Performing miscellaneous checks:

      * No issues found.

      Checking Windows Service Integrity:

      * No issues found.

      Searching for Missing Digital Signatures:

      * No issues found.

      Checking HOSTS File:

      * Cannot edit the HOSTS file.
      * Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingcomputer.com/download/hosts-permbat/

      * HOSTS file entries found:

      127.0.0.1 www.007guard.com
      127.0.0.1 007guard.com
      127.0.0.1 008i.com
      127.0.0.1 www.008k.com
      127.0.0.1 008k.com
      127.0.0.1 www.00hq.com
      127.0.0.1 00hq.com
      127.0.0.1 010402.com
      127.0.0.1 www.032439.com
      127.0.0.1 032439.com
      127.0.0.1 www.0scan.com
      127.0.0.1 0scan.com
      127.0.0.1 1000gratisproben.com
      127.0.0.1 www.1000gratisproben.com
      127.0.0.1 1001namen.com
      127.0.0.1 www.1001namen.com
      127.0.0.1 www.100888290cs.com
      127.0.0.1 100888290cs.com
      127.0.0.1 100sexlinks.com
      127.0.0.1 www.100sexlinks.com

      20 out of 15237 HOSTS entries shown.
      Please review HOSTS file for further entries.

      Program finished at: 12/24/2012 07:48:37 PM
      Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)
      Última edición por flacosert fecha: 24/12/12 a las 13:54:04

    2. #2
      Usuario Habitual Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.532

      re: PUP.Adware.Installcore.(Solucionado)

      Oks estas infectado ! hagamos lo siguiente:

      NOTA: repetiras ciertas herramientas:

      Realiza Los Siguientes Pasos (si no puedes con uno salta al siguiente)

      EN MODO SEGURO CON FUNCIONES DE RED

      Descarga,actualiza y realiza un escaneo completo con el malwarebytes:Manual de Malwarebytes Anti-Malware 2.0

      -Instala el programa con idioma español.
      -Vete a la pestaña actualizar y actualizas a la ultima version
      -Vete a la pestaña Escáner y realizas un Ánalisis completo.
      -Una vez finalizado, pulsa sobre "Mostrar los Resultados " y "Eliminar Seleccionadas" como se demuestra en esta FOTO
      -Todas las amenazas tienen que estar marcadas con un visto ()
      -En el caso de que te pida reiniciar,reinicia.
      -Peganos el reporte del escaneo del malwarebytes despues de reiniciar,esta en la pestaña Registros.


      Descarga Ccleaner:Manual de CCleaner <------------ Este paso es MUY IMPORTANTE

      Ejecutar CCleaner usando primero su opción de "Limpiador" para borrar cookies y temporales de Internet
      Usa su opción de "Registro" para limpiar todo el registro de Windows creando antes una copia de seguridad

      Realiza un análisis completo con Eset Nod32 online ----------> Version Descargable E Instalable: Eset Smart Installer Y mas aca su manual ---------->MANUAL DE ESET ONLINE

      1- Lo ejecutas.

      2-Marcas las casillas de Eliminar las amenazas detectadas y analizar archivos.

      3- Haces clic en Configuración adicional y ahi marcas las casillas:

      - Analizar en busca de aplicaciones potencialmente indeseables.

      - Analizar en busca de aplicaciones potencialmente peligrosas.

      - Activar la tecnolgía Anti-Stealth.



      4- Pulsas en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.

      Cuando acabe haz clic en Finalizar

      5- Localizar el reporte en C:\Archivos de programa\ESET\ESET Online Scanner\log
      • Descarga AT-Destroyer (Adwares/Toolbars-Destroyer) by @Infospyware.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta AT-Destroyer como administrador.
      • Elige la Opcion #1 (Buscar y Destruir)
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • En caso de estar infectado, AT-Destroyer lo indicará con lineas rojas donde se haya encontrado la infección, sino, serán lineas verdes.
      • Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.
      • Si algún programa no inicia, reiniciar la PC.
      º El reporte del Malwarebytes, que se encuentra en su pestaña REGISTROS
      º El reporte del Eset Nod32
      º El reporte de at destroyer
      º Nos cuentas como funciona tu pc ahora

      *Si tienes alguna duda,te puedes imprimir las instrucciones para hacer un mejor seguimiento.

      #BarcelonaS.C <3 #TrueHistory! By:Martyn :''D

    3. #3
      Usuario Avatar de flacosert
      Registrado
      oct 2012
      Ubicación
      masnou
      Mensajes
      30

      re: PUP.Adware.Installcore.(Solucionado)

      hola muy buenas ,gracias por contestar ..aqui tienes los reportes.



      Malwarebytes Anti-Malware 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.12.26.13

      Windows 7 Service Pack 1 x64 NTFS (Modo Seguro/Red)
      Internet Explorer 9.0.8112.16421
      JOSE :: JOSE-PC [administrador]

      27/12/2012 0:02:57
      mbam-log-2012-12-27 (00-02-57).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 315939
      Tiempo transcurrido: 26 minuto(s), 20 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)





      ESETSmartInstaller@High as CAB hook log:
      OnlineScanner64.ocx - registred OK
      OnlineScanner.ocx - registred OK
      # version=8
      # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
      # OnlineScanner.ocx=1.0.0.6844
      # api_version=3.0.2
      # EOSSerial=911569ee20fb5747a31945edba567bc4
      # end=stopped
      # remove_checked=false
      # archives_checked=true
      # unwanted_checked=true
      # unsafe_checked=true
      # antistealth_checked=true
      # utc_time=2012-12-24 05:29:45
      # local_time=2012-12-24 06:29:45 (+0100, Hora estándar romance)
      # country="Spain"
      # lang=1033
      # osver=6.1.7601 NT Service Pack 1
      # compatibility_mode=770 16774141 100 97 29181 133083659 0 0
      # compatibility_mode=5893 16776573 100 94 160142 108000035 0 0
      # scanned=58697
      # found=16
      # cleaned=0
      # scan_time=2683
      C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll probably a variant of Win32/bProtector.A application (unable to clean) 401BB42274F15069159A91BD0A1B578E1E141A23 I
      C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe a variant of Win32/bProtector.A application (unable to clean) 3F82367853A7AC5AD44170435BA5E6DA0EC0C315 I
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll probably a variant of Win32/bProtector.A application (unable to clean) 0F19466D3969249C57298A857A4FE2355817CD30 I
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe a variant of Win32/bProtector.A application (unable to clean) 26A54C75AE36ED6B285D7AC8F6C22086A703FBF9 I
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\Uninstall PC Performer Manager.exe probably a variant of Win32/bProtector.A application (unable to clean) 2A0BC61AC4DDA2B8A677BD9F6AD33505678D8FBC I
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension\content\bprotector.js Win32/bProtector.C application (unable to clean) 21A2772AC0026ACA82F7BED3BC770638FF8CEAC4 I
      C:\Users\All Users\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll probably a variant of Win32/bProtector.A application (unable to clean) 401BB42274F15069159A91BD0A1B578E1E141A23 I
      C:\Users\All Users\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe a variant of Win32/bProtector.A application (unable to clean) 3F82367853A7AC5AD44170435BA5E6DA0EC0C315 I
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll probably a variant of Win32/bProtector.A application (unable to clean) 0F19466D3969249C57298A857A4FE2355817CD30 I
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe a variant of Win32/bProtector.A application (unable to clean) 26A54C75AE36ED6B285D7AC8F6C22086A703FBF9 I
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\Uninstall PC Performer Manager.exe probably a variant of Win32/bProtector.A application (unable to clean) 2A0BC61AC4DDA2B8A677BD9F6AD33505678D8FBC I
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension\content\bprotector.js Win32/bProtector.C application (unable to clean) 21A2772AC0026ACA82F7BED3BC770638FF8CEAC4 I
      C:\Users\JOSE\Desktop\pcp_claro.exe a variant of Win32/InstallBrain.H application (unable to clean) 90DC6C00BBEEF6766996D56A1834761E8E1CA172 I
      C:\Users\JOSE\Desktop\pcp_claro[1].exe a variant of Win32/InstallBrain.H application (unable to clean) 90DC6C00BBEEF6766996D56A1834761E8E1CA172 I
      C:\Users\JOSE\Downloads\SoftonicDownloader_para_stream-torrent.exe a variant of Win32/SoftonicDownloader.E application (unable to clean) 9472FD49FEA1AE7C75824D9E3398F801161E11A4 I
      C:\Users\JOSE\Downloads\SoftonicDownloader_para_teamviewer-7.exe a variant of Win32/SoftonicDownloader.E application (unable to clean) 01CFDC4594E46369FD79502D7591CEB2C8F5ADB5 I
      ESETSmartInstaller@High as downloader log:
      all ok
      ESETSmartInstaller@High as downloader log:
      all ok
      ESETSmartInstaller@High as downloader log:
      all ok
      # version=8
      # OnlineScannerApp.exe=1.0.0.1
      # OnlineScanner.ocx=1.0.0.6844
      # api_version=3.0.2
      # EOSSerial=911569ee20fb5747a31945edba567bc4
      # end=finished
      # remove_checked=true
      # archives_checked=true
      # unwanted_checked=true
      # unsafe_checked=true
      # antistealth_checked=true
      # utc_time=2012-12-27 01:00:19
      # local_time=2012-12-27 02:00:19 (+0100, Hora estándar romance)
      # country="Spain"
      # lang=3082
      # osver=6.1.7601 NT Service Pack 1
      # compatibility_mode=770 16774142 100 97 229015 133283493 0 0
      # compatibility_mode=5893 16776573 100 94 202624 108199869 0 0
      # scanned=122150
      # found=13
      # cleaned=9
      # scan_time=3714
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll probablemente una variante de Win32/bProtector.A aplicación (no es posible su desinfección) 0F19466D3969249C57298A857A4FE2355817CD30 I
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe una variante de Win32/bProtector.A aplicación (no es posible su desinfección) 26A54C75AE36ED6B285D7AC8F6C22086A703FBF9 I
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\Uninstall PC Performer Manager.exe probablemente una variante de Win32/bProtector.A aplicación (no es posible su desinfección) 2A0BC61AC4DDA2B8A677BD9F6AD33505678D8FBC I
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension\content\bprotector.js Win32/bProtector.C aplicación (no es posible su desinfección) 21A2772AC0026ACA82F7BED3BC770638FF8CEAC4 I
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll probablemente una variante de Win32/bProtector.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 0F19466D3969249C57298A857A4FE2355817CD30 C
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe una variante de Win32/bProtector.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 26A54C75AE36ED6B285D7AC8F6C22086A703FBF9 C
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\Uninstall PC Performer Manager.exe probablemente una variante de Win32/bProtector.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 2A0BC61AC4DDA2B8A677BD9F6AD33505678D8FBC C
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension\content\bprotector.js Win32/bProtector.C aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 21A2772AC0026ACA82F7BED3BC770638FF8CEAC4 C
      C:\Users\JOSE\Desktop\pcp_claro.exe una variante de Win32/InstallBrain.H aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 90DC6C00BBEEF6766996D56A1834761E8E1CA172 C
      C:\Users\JOSE\Desktop\pcp_claro[1].exe una variante de Win32/InstallBrain.H aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 90DC6C00BBEEF6766996D56A1834761E8E1CA172 C
      C:\Users\JOSE\Downloads\SoftonicDownloader_para_stream-torrent.exe una variante de Win32/SoftonicDownloader.E aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 9472FD49FEA1AE7C75824D9E3398F801161E11A4 C
      C:\Users\JOSE\Downloads\SoftonicDownloader_para_teamviewer-7.exe una variante de Win32/SoftonicDownloader.E aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 01CFDC4594E46369FD79502D7591CEB2C8F5ADB5 C
      C:\_AT-Destroyer\AT-Cuarentena\C\Users\JOSE\FLVPlayer.exe.vir una variante de Win32/InstallCore.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 9B65A06B630598916A1574E7A16201AAF04B430D C






      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 02:05:03 \\\ 27/12/2012
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Google Chrome:23.0.1271.97
      Privilegios: JOSE - Administrador
      Modo Actual: Modo Seguro.
      Nombre del pc: JOSE-PC
      Información del sistema operativo:X64-WIN_7-Service Pack 1
      nombre del usuario:JOSE
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<



      >>>>>> Archivos <<<<<<



      >>>>>> Registro <<<<<<



      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\SysWOW64\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==http://asus.msn.com


      HKEY_USERS\S-1-5-21-2810923076-2218365081-1314926458-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==http://asus.msn.com


      >>>>>> Extensiones Firefox <<<<<<



      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandasecurity.com/activescan
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\1
      C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

      ======== Listado ===========

      [05/05/2012 21:01] [05/05/2012 21:01] [DI] C:\Users\JOSE\AppData\Roaming\ASUS WebStorage
      [24/12/2012 16:16] [24/12/2012 16:16] [DI] C:\Users\JOSE\AppData\Roaming\GlarySoft
      [06/05/2012 16:17] [06/05/2012 16:17] [DI] C:\Users\JOSE\AppData\Roaming\Google
      [05/05/2012 20:54] [05/05/2012 20:54] [DI] C:\Users\JOSE\AppData\Roaming\Identities
      [05/05/2012 20:55] [05/05/2012 20:55] [DI] C:\Users\JOSE\AppData\Roaming\Macromedia
      [06/05/2012 16:11] [06/05/2012 16:11] [DI] C:\Users\JOSE\AppData\Roaming\Malwarebytes
      [ 14/07/2009 9:44] [ 05/05/2012 20:53] [DI] C:\Users\JOSE\AppData\Roaming\Media Center Programs
      [10/06/2012 20:30] [05/05/2012 20:53] [SDI] C:\Users\JOSE\AppData\Roaming\Microsoft
      [07/05/2012 16:13] [07/05/2012 16:13] [DI] C:\Users\JOSE\AppData\Roaming\Nero
      [24/12/2012 15:52] [05/10/2012 20:31] [D] C:\Users\JOSE\AppData\Roaming\PerformerSoft
      [24/12/2012 15:30] [05/10/2012 20:33] [DI] C:\Users\JOSE\AppData\Roaming\StreamTorrent
      [06/05/2012 16:35] [06/05/2012 16:35] [DI] C:\Users\JOSE\AppData\Roaming\WinRAR
      [10/05/2012 19:38] [10/05/2012 19:38] [DI] C:\Users\JOSE\AppData\Roaming\Zeon
      [30/03/2012 17:14] [30/03/2012 17:14] [D] C:\Program Files (x86)\ASM104xUSB3
      [24/12/2012 17:21] [19/10/2011 6:25] [D] C:\Program Files (x86)\ASUS
      [07/05/2012 16:03] [14/07/2009 5:20] [D] C:\Program Files (x86)\Common Files
      [30/03/2012 17:24] [30/03/2012 17:23] [D] C:\Program Files (x86)\CyberLink
      C:\Program Files (x86)\desktop.ini [HSA] 174 bytes( 0)
      [07/05/2012 14:19] [07/05/2012 14:19] [D] C:\Program Files (x86)\eMule
      [24/12/2012 17:42] [24/12/2012 17:42] [D] C:\Program Files (x86)\ESET
      [24/12/2012 16:14] [24/12/2012 16:14] [D] C:\Program Files (x86)\Glary Utilities
      [24/12/2012 16:01] [06/05/2012 16:13] [D] C:\Program Files (x86)\Google
      [30/03/2012 17:24] [30/03/2012 17:10] [HD] C:\Program Files (x86)\InstallShield Installation Information
      [30/03/2012 17:12] [30/03/2012 17:07] [D] C:\Program Files (x86)\Intel
      [13/12/2012 0:31] [14/07/2009 5:20] [D] C:\Program Files (x86)\Internet Explorer
      [24/12/2012 10:26] [06/05/2012 16:11] [D] C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [24/12/2012 15:18] [19/10/2011 6:24] [D] C:\Program Files (x86)\Microsoft
      [19/10/2011 6:02] [19/10/2011 6:02] [D] C:\Program Files (x86)\Microsoft Office
      [19/10/2011 6:12] [19/10/2011 6:12] [D] C:\Program Files (x86)\Microsoft Silverlight
      [19/10/2011 6:20] [19/10/2011 6:20] [D] C:\Program Files (x86)\Microsoft SQL Server Compact Edition
      [19/10/2011 6:08] [19/10/2011 6:08] [D] C:\Program Files (x86)\Microsoft.NET
      [05/10/2012 20:32] [05/10/2012 20:32] [D] C:\Program Files (x86)\Mozilla Firefox
      [14/07/2009 7:32] [14/07/2009 7:32] [D] C:\Program Files (x86)\MSBuild
      [13/05/2012 0:16] [13/05/2012 0:16] [D] C:\Program Files (x86)\MSXML 4.0
      [07/05/2012 16:08] [07/05/2012 16:03] [D] C:\Program Files (x86)\Nero
      [24/12/2012 16:56] [24/12/2012 16:56] [D] C:\Program Files (x86)\Panda Security
      [30/03/2012 17:17] [30/03/2012 17:17] [D] C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
      [30/03/2012 17:16] [30/03/2012 17:16] [D] C:\Program Files (x86)\Realtek
      [14/07/2009 7:32] [14/07/2009 7:32] [D] C:\Program Files (x86)\Reference Assemblies
      [06/05/2012 16:09] [06/05/2012 16:06] [D] C:\Program Files (x86)\Spybot - Search & Destroy
      [07/05/2012 13:59] [07/05/2012 13:59] [D] C:\Program Files (x86)\TeamViewer
      [30/03/2012 17:17] [30/03/2012 17:16] [HD] C:\Program Files (x86)\Temp
      [14/07/2009 6:57] [14/07/2009 6:57] [HD] C:\Program Files (x86)\Uninstall Information
      [06/05/2012 19:50] [06/05/2012 19:50] [D] C:\Program Files (x86)\Veetle
      [24/12/2012 15:15] [24/12/2012 15:15] [D] C:\Program Files (x86)\VS Revo Group
      [13/12/2012 0:31] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Defender
      [19/10/2011 6:22] [19/10/2011 6:15] [D] C:\Program Files (x86)\Windows Live
      [13/12/2012 0:31] [14/07/2009 5:20] [D] C:\Program Files (x86)\Windows Mail
      [13/12/2012 0:31] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Media Player
      [14/07/2009 7:32] [14/07/2009 5:20] [D] C:\Program Files (x86)\Windows NT
      [13/12/2012 0:31] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Photo Viewer
      [18/02/2011 21:09] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Portable Devices
      [13/12/2012 0:31] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Sidebar
      [30/03/2012 17:16] [30/03/2012 17:16] [DI] C:\ProgramData\AmUStor
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Application Data
      [24/12/2012 15:26] [19/10/2011 6:34] [DI] C:\ProgramData\Asus
      [19/10/2011 6:25] [19/10/2011 6:25] [DI] C:\ProgramData\ASUS WebStorage
      [05/05/2012 20:56] [19/10/2011 6:34] [DI] C:\ProgramData\ChangeFolderView
      [30/03/2012 17:23] [30/03/2012 17:23] [DI] C:\ProgramData\CyberLink
      [24/12/2012 15:28] [19/10/2011 6:26] [DI] C:\ProgramData\Deadtime Stories
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Desktop
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Documents
      [19/10/2011 6:11] [19/10/2011 6:11] [DI] C:\ProgramData\Downloaded Installations
      [07/05/2012 14:19] [07/05/2012 14:19] [DI] C:\ProgramData\eMule
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Favorites
      [19/10/2011 6:11] [19/10/2011 6:11] [DI] C:\ProgramData\FLEXnet
      [05/05/2012 20:53] [05/05/2012 20:53] [DI] C:\ProgramData\FolderView
      C:\ProgramData\FullRemove.exe [AI] 128 KB 0
      [30/03/2012 17:14] [30/03/2012 17:14] [DI] C:\ProgramData\Intel
      [06/05/2012 16:11] [06/05/2012 16:11] [DI] C:\ProgramData\Malwarebytes
      [24/12/2012 15:18] [14/07/2009 5:20] [SDI] C:\ProgramData\Microsoft
      [07/05/2012 16:06] [07/05/2012 16:03] [DI] C:\ProgramData\Nero
      [30/03/2012 17:19] [30/03/2012 17:19] [DI] C:\ProgramData\P4G
      [05/10/2012 20:31] [05/10/2012 20:31] [DI] C:\ProgramData\PC Performer Manager
      [30/03/2012 17:17] [30/03/2012 17:17] [DI] C:\ProgramData\Qualcomm Atheros
      [30/03/2012 17:17] [30/03/2012 17:17] [DI] C:\ProgramData\SonicFocus
      [24/12/2012 20:00] [06/05/2012 16:06] [DI] C:\ProgramData\Spybot - Search & Destroy
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Start Menu
      [30/03/2012 17:24] [30/03/2012 17:23] [DI] C:\ProgramData\Temp
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Templates
      [06/05/2012 16:38] [19/10/2011 6:36] [DI] C:\ProgramData\Trend Micro
      C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [AI] 109 bytes 0
      C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [AI] 105 bytes 0
      C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [AI] 107 bytes 0

      ==================== EOF ==================



      Eso es todo..espero tus instrucciones..gracias

    4. #4
      Usuario Habitual Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.532

      re: PUP.Adware.Installcore.(Solucionado)

      Corristes el ESET en modo seguro? Marcastes las opciones indicadas tenemos ciertas amenazas rebeldes correlo en modo seguro de la manera que te indique y traes reporte!
      #BarcelonaS.C <3 #TrueHistory! By:Martyn :''D

    5. #5
      Usuario Avatar de flacosert
      Registrado
      oct 2012
      Ubicación
      masnou
      Mensajes
      30

      re: PUP.Adware.Installcore.(Solucionado)

      si sii lo hice tal como me dijistes.



      ESETSmartInstaller@High as CAB hook log:
      OnlineScanner64.ocx - registred OK
      OnlineScanner.ocx - registred OK
      # version=8
      # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
      # OnlineScanner.ocx=1.0.0.6844
      # api_version=3.0.2
      # EOSSerial=911569ee20fb5747a31945edba567bc4
      # end=stopped
      # remove_checked=false
      # archives_checked=true
      # unwanted_checked=true
      # unsafe_checked=true
      # antistealth_checked=true
      # utc_time=2012-12-24 05:29:45
      # local_time=2012-12-24 06:29:45 (+0100, Hora estándar romance)
      # country="Spain"
      # lang=1033
      # osver=6.1.7601 NT Service Pack 1
      # compatibility_mode=770 16774141 100 97 29181 133083659 0 0
      # compatibility_mode=5893 16776573 100 94 160142 108000035 0 0
      # scanned=58697
      # found=16
      # cleaned=0
      # scan_time=2683
      C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll probably a variant of Win32/bProtector.A application (unable to clean) 401BB42274F15069159A91BD0A1B578E1E141A23 I
      C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe a variant of Win32/bProtector.A application (unable to clean) 3F82367853A7AC5AD44170435BA5E6DA0EC0C315 I
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll probably a variant of Win32/bProtector.A application (unable to clean) 0F19466D3969249C57298A857A4FE2355817CD30 I
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe a variant of Win32/bProtector.A application (unable to clean) 26A54C75AE36ED6B285D7AC8F6C22086A703FBF9 I
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\Uninstall PC Performer Manager.exe probably a variant of Win32/bProtector.A application (unable to clean) 2A0BC61AC4DDA2B8A677BD9F6AD33505678D8FBC I
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension\content\bprotector.js Win32/bProtector.C application (unable to clean) 21A2772AC0026ACA82F7BED3BC770638FF8CEAC4 I
      C:\Users\All Users\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll probably a variant of Win32/bProtector.A application (unable to clean) 401BB42274F15069159A91BD0A1B578E1E141A23 I
      C:\Users\All Users\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe a variant of Win32/bProtector.A application (unable to clean) 3F82367853A7AC5AD44170435BA5E6DA0EC0C315 I
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll probably a variant of Win32/bProtector.A application (unable to clean) 0F19466D3969249C57298A857A4FE2355817CD30 I
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe a variant of Win32/bProtector.A application (unable to clean) 26A54C75AE36ED6B285D7AC8F6C22086A703FBF9 I
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\Uninstall PC Performer Manager.exe probably a variant of Win32/bProtector.A application (unable to clean) 2A0BC61AC4DDA2B8A677BD9F6AD33505678D8FBC I
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension\content\bprotector.js Win32/bProtector.C application (unable to clean) 21A2772AC0026ACA82F7BED3BC770638FF8CEAC4 I
      C:\Users\JOSE\Desktop\pcp_claro.exe a variant of Win32/InstallBrain.H application (unable to clean) 90DC6C00BBEEF6766996D56A1834761E8E1CA172 I
      C:\Users\JOSE\Desktop\pcp_claro[1].exe a variant of Win32/InstallBrain.H application (unable to clean) 90DC6C00BBEEF6766996D56A1834761E8E1CA172 I
      C:\Users\JOSE\Downloads\SoftonicDownloader_para_stream-torrent.exe a variant of Win32/SoftonicDownloader.E application (unable to clean) 9472FD49FEA1AE7C75824D9E3398F801161E11A4 I
      C:\Users\JOSE\Downloads\SoftonicDownloader_para_teamviewer-7.exe a variant of Win32/SoftonicDownloader.E application (unable to clean) 01CFDC4594E46369FD79502D7591CEB2C8F5ADB5 I
      ESETSmartInstaller@High as downloader log:
      all ok
      ESETSmartInstaller@High as downloader log:
      all ok
      ESETSmartInstaller@High as downloader log:
      all ok
      # version=8
      # OnlineScannerApp.exe=1.0.0.1
      # OnlineScanner.ocx=1.0.0.6844
      # api_version=3.0.2
      # EOSSerial=911569ee20fb5747a31945edba567bc4
      # end=finished
      # remove_checked=true
      # archives_checked=true
      # unwanted_checked=true
      # unsafe_checked=true
      # antistealth_checked=true
      # utc_time=2012-12-27 01:00:19
      # local_time=2012-12-27 02:00:19 (+0100, Hora estándar romance)
      # country="Spain"
      # lang=3082
      # osver=6.1.7601 NT Service Pack 1
      # compatibility_mode=770 16774142 100 97 229015 133283493 0 0
      # compatibility_mode=5893 16776573 100 94 202624 108199869 0 0
      # scanned=122150
      # found=13
      # cleaned=9
      # scan_time=3714
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll probablemente una variante de Win32/bProtector.A aplicación (no es posible su desinfección) 0F19466D3969249C57298A857A4FE2355817CD30 I
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe una variante de Win32/bProtector.A aplicación (no es posible su desinfección) 26A54C75AE36ED6B285D7AC8F6C22086A703FBF9 I
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\Uninstall PC Performer Manager.exe probablemente una variante de Win32/bProtector.A aplicación (no es posible su desinfección) 2A0BC61AC4DDA2B8A677BD9F6AD33505678D8FBC I
      C:\Users\All Users\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension\content\bprotector.js Win32/bProtector.C aplicación (no es posible su desinfección) 21A2772AC0026ACA82F7BED3BC770638FF8CEAC4 I
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll probablemente una variante de Win32/bProtector.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 0F19466D3969249C57298A857A4FE2355817CD30 C
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe una variante de Win32/bProtector.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 26A54C75AE36ED6B285D7AC8F6C22086A703FBF9 C
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\Uninstall PC Performer Manager.exe probablemente una variante de Win32/bProtector.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 2A0BC61AC4DDA2B8A677BD9F6AD33505678D8FBC C
      C:\ProgramData\PC Performer Manager\2.2.587.187\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension\content\bprotector.js Win32/bProtector.C aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 21A2772AC0026ACA82F7BED3BC770638FF8CEAC4 C
      C:\Users\JOSE\Desktop\pcp_claro.exe una variante de Win32/InstallBrain.H aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 90DC6C00BBEEF6766996D56A1834761E8E1CA172 C
      C:\Users\JOSE\Desktop\pcp_claro[1].exe una variante de Win32/InstallBrain.H aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 90DC6C00BBEEF6766996D56A1834761E8E1CA172 C
      C:\Users\JOSE\Downloads\SoftonicDownloader_para_stream-torrent.exe una variante de Win32/SoftonicDownloader.E aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 9472FD49FEA1AE7C75824D9E3398F801161E11A4 C
      C:\Users\JOSE\Downloads\SoftonicDownloader_para_teamviewer-7.exe una variante de Win32/SoftonicDownloader.E aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 01CFDC4594E46369FD79502D7591CEB2C8F5ADB5 C
      C:\_AT-Destroyer\AT-Cuarentena\C\Users\JOSE\FLVPlayer.exe.vir una variante de Win32/InstallCore.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 9B65A06B630598916A1574E7A16201AAF04B430D C
      ESETSmartInstaller@High as downloader log:
      all ok
      esets_scanner_update returned -1 esets_gle=53251
      # version=8
      # OnlineScannerApp.exe=1.0.0.1
      # OnlineScanner.ocx=1.0.0.6844
      # api_version=3.0.2
      # EOSSerial=911569ee20fb5747a31945edba567bc4
      # end=finished
      # remove_checked=false
      # archives_checked=true
      # unwanted_checked=true
      # unsafe_checked=true
      # antistealth_checked=true
      # utc_time=2012-12-27 09:39:07
      # local_time=2012-12-27 10:39:07 (+0100, Hora estándar romance)
      # country="Spain"
      # lang=3082
      # osver=6.1.7601 NT Service Pack 1
      # compatibility_mode=770 16774142 100 97 260143 133314621 0 0
      # compatibility_mode=5893 16776574 100 94 0 108230997 0 0
      # scanned=122473
      # found=0
      # cleaned=0
      # scan_time=3581





      ese es el reporte de anoche..pero es que esta mañanna lo he escaneado otra vez y no me ha encontrado nada¿.que cosa mas rara no?

      pues nada dime que hacemos entonces..un saludo

    6. #6
      Usuario Habitual Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.532

      re: PUP.Adware.Installcore.(Solucionado)

      Maldita infeccion! xD haz lo siguiente y se vien el OTM

      • Descarga AT-Destroyer (Adwares/Toolbars-Destroyer) by @Infospyware.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta AT-Destroyer como administrador.
      • Elige la Opcion #1 (Buscar y Destruir)
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • En caso de estar infectado, AT-Destroyer lo indicará con lineas rojas donde se haya encontrado la infección, sino, serán lineas verdes.
      • Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.
      • Si algún programa no inicia, reiniciar la PC.
      #BarcelonaS.C <3 #TrueHistory! By:Martyn :''D

    7. #7
      Usuario Avatar de flacosert
      Registrado
      oct 2012
      Ubicación
      masnou
      Mensajes
      30

      re: PUP.Adware.Installcore.(Solucionado)

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 23:05:36 \\\ 27/12/2012
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Google Chrome:23.0.1271.97
      Privilegios: JOSE - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: JOSE-PC
      Información del sistema operativo:X64-WIN_7-Service Pack 1
      nombre del usuario:JOSE
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<



      >>>>>> Archivos <<<<<<



      >>>>>> Registro <<<<<<



      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\SysWOW64\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==http://asus.msn.com


      HKEY_USERS\S-1-5-21-2810923076-2218365081-1314926458-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==http://asus.msn.com


      >>>>>> Extensiones Firefox <<<<<<



      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandasecurity.com/activescan
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\1
      C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

      ======== Listado ===========

      [05/05/2012 21:01] [05/05/2012 21:01] [DI] C:\Users\JOSE\AppData\Roaming\ASUS WebStorage
      [24/12/2012 16:16] [24/12/2012 16:16] [DI] C:\Users\JOSE\AppData\Roaming\GlarySoft
      [06/05/2012 16:17] [06/05/2012 16:17] [DI] C:\Users\JOSE\AppData\Roaming\Google
      [05/05/2012 20:54] [05/05/2012 20:54] [DI] C:\Users\JOSE\AppData\Roaming\Identities
      [05/05/2012 20:55] [05/05/2012 20:55] [DI] C:\Users\JOSE\AppData\Roaming\Macromedia
      [06/05/2012 16:11] [06/05/2012 16:11] [DI] C:\Users\JOSE\AppData\Roaming\Malwarebytes
      [ 14/07/2009 9:44] [ 05/05/2012 20:53] [DI] C:\Users\JOSE\AppData\Roaming\Media Center Programs
      [10/06/2012 20:30] [05/05/2012 20:53] [SDI] C:\Users\JOSE\AppData\Roaming\Microsoft
      [27/12/2012 11:22] [27/12/2012 11:22] [DI] C:\Users\JOSE\AppData\Roaming\Mozilla
      [07/05/2012 16:13] [07/05/2012 16:13] [DI] C:\Users\JOSE\AppData\Roaming\Nero
      [24/12/2012 15:52] [05/10/2012 20:31] [D] C:\Users\JOSE\AppData\Roaming\PerformerSoft
      [24/12/2012 15:30] [05/10/2012 20:33] [DI] C:\Users\JOSE\AppData\Roaming\StreamTorrent
      [27/12/2012 11:43] [27/12/2012 11:21] [DI] C:\Users\JOSE\AppData\Roaming\uTorrent
      [06/05/2012 16:35] [06/05/2012 16:35] [DI] C:\Users\JOSE\AppData\Roaming\WinRAR
      [10/05/2012 19:38] [10/05/2012 19:38] [DI] C:\Users\JOSE\AppData\Roaming\Zeon
      [30/03/2012 17:14] [30/03/2012 17:14] [D] C:\Program Files (x86)\ASM104xUSB3
      [24/12/2012 17:21] [19/10/2011 6:25] [D] C:\Program Files (x86)\ASUS
      [07/05/2012 16:03] [14/07/2009 5:20] [D] C:\Program Files (x86)\Common Files
      [30/03/2012 17:24] [30/03/2012 17:23] [D] C:\Program Files (x86)\CyberLink
      C:\Program Files (x86)\desktop.ini [HSA] 174 bytes( 0)
      [07/05/2012 14:19] [07/05/2012 14:19] [D] C:\Program Files (x86)\eMule
      [24/12/2012 17:42] [24/12/2012 17:42] [D] C:\Program Files (x86)\ESET
      [24/12/2012 16:14] [24/12/2012 16:14] [D] C:\Program Files (x86)\Glary Utilities
      [24/12/2012 16:01] [06/05/2012 16:13] [D] C:\Program Files (x86)\Google
      [30/03/2012 17:24] [30/03/2012 17:10] [HD] C:\Program Files (x86)\InstallShield Installation Information
      [30/03/2012 17:12] [30/03/2012 17:07] [D] C:\Program Files (x86)\Intel
      [13/12/2012 0:31] [14/07/2009 5:20] [D] C:\Program Files (x86)\Internet Explorer
      [24/12/2012 10:26] [06/05/2012 16:11] [D] C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [24/12/2012 15:18] [19/10/2011 6:24] [D] C:\Program Files (x86)\Microsoft
      [19/10/2011 6:02] [19/10/2011 6:02] [D] C:\Program Files (x86)\Microsoft Office
      [19/10/2011 6:12] [19/10/2011 6:12] [D] C:\Program Files (x86)\Microsoft Silverlight
      [19/10/2011 6:20] [19/10/2011 6:20] [D] C:\Program Files (x86)\Microsoft SQL Server Compact Edition
      [19/10/2011 6:08] [19/10/2011 6:08] [D] C:\Program Files (x86)\Microsoft.NET
      [05/10/2012 20:32] [05/10/2012 20:32] [D] C:\Program Files (x86)\Mozilla Firefox
      [14/07/2009 7:32] [14/07/2009 7:32] [D] C:\Program Files (x86)\MSBuild
      [13/05/2012 0:16] [13/05/2012 0:16] [D] C:\Program Files (x86)\MSXML 4.0
      [07/05/2012 16:08] [07/05/2012 16:03] [D] C:\Program Files (x86)\Nero
      [24/12/2012 16:56] [24/12/2012 16:56] [D] C:\Program Files (x86)\Panda Security
      [30/03/2012 17:17] [30/03/2012 17:17] [D] C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
      [30/03/2012 17:16] [30/03/2012 17:16] [D] C:\Program Files (x86)\Realtek
      [14/07/2009 7:32] [14/07/2009 7:32] [D] C:\Program Files (x86)\Reference Assemblies
      [06/05/2012 16:09] [06/05/2012 16:06] [D] C:\Program Files (x86)\Spybot - Search & Destroy
      [07/05/2012 13:59] [07/05/2012 13:59] [D] C:\Program Files (x86)\TeamViewer
      [30/03/2012 17:17] [30/03/2012 17:16] [HD] C:\Program Files (x86)\Temp
      [14/07/2009 6:57] [14/07/2009 6:57] [HD] C:\Program Files (x86)\Uninstall Information
      [27/12/2012 11:22] [27/12/2012 11:22] [D] C:\Program Files (x86)\uTorrent
      [27/12/2012 11:22] [27/12/2012 11:22] [D] C:\Program Files (x86)\uTorrentControl_v2
      [06/05/2012 19:50] [06/05/2012 19:50] [D] C:\Program Files (x86)\Veetle
      [24/12/2012 15:15] [24/12/2012 15:15] [D] C:\Program Files (x86)\VS Revo Group
      [13/12/2012 0:31] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Defender
      [19/10/2011 6:22] [19/10/2011 6:15] [D] C:\Program Files (x86)\Windows Live
      [13/12/2012 0:31] [14/07/2009 5:20] [D] C:\Program Files (x86)\Windows Mail
      [13/12/2012 0:31] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Media Player
      [14/07/2009 7:32] [14/07/2009 5:20] [D] C:\Program Files (x86)\Windows NT
      [13/12/2012 0:31] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Photo Viewer
      [18/02/2011 21:09] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Portable Devices
      [13/12/2012 0:31] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Sidebar
      [30/03/2012 17:16] [30/03/2012 17:16] [DI] C:\ProgramData\AmUStor
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Application Data
      [24/12/2012 15:26] [19/10/2011 6:34] [DI] C:\ProgramData\Asus
      [19/10/2011 6:25] [19/10/2011 6:25] [DI] C:\ProgramData\ASUS WebStorage
      [05/05/2012 20:56] [19/10/2011 6:34] [DI] C:\ProgramData\ChangeFolderView
      [30/03/2012 17:23] [30/03/2012 17:23] [DI] C:\ProgramData\CyberLink
      [24/12/2012 15:28] [19/10/2011 6:26] [DI] C:\ProgramData\Deadtime Stories
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Desktop
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Documents
      [19/10/2011 6:11] [19/10/2011 6:11] [DI] C:\ProgramData\Downloaded Installations
      [07/05/2012 14:19] [07/05/2012 14:19] [DI] C:\ProgramData\eMule
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Favorites
      [19/10/2011 6:11] [19/10/2011 6:11] [DI] C:\ProgramData\FLEXnet
      [05/05/2012 20:53] [05/05/2012 20:53] [DI] C:\ProgramData\FolderView
      C:\ProgramData\FullRemove.exe [AI] 128 KB 0
      [30/03/2012 17:14] [30/03/2012 17:14] [DI] C:\ProgramData\Intel
      [06/05/2012 16:11] [06/05/2012 16:11] [DI] C:\ProgramData\Malwarebytes
      [24/12/2012 15:18] [14/07/2009 5:20] [SDI] C:\ProgramData\Microsoft
      [07/05/2012 16:06] [07/05/2012 16:03] [DI] C:\ProgramData\Nero
      [30/03/2012 17:19] [30/03/2012 17:19] [DI] C:\ProgramData\P4G
      [05/10/2012 20:31] [05/10/2012 20:31] [DI] C:\ProgramData\PC Performer Manager
      [30/03/2012 17:17] [30/03/2012 17:17] [DI] C:\ProgramData\Qualcomm Atheros
      [30/03/2012 17:17] [30/03/2012 17:17] [DI] C:\ProgramData\SonicFocus
      [24/12/2012 20:00] [06/05/2012 16:06] [DI] C:\ProgramData\Spybot - Search & Destroy
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Start Menu
      [30/03/2012 17:24] [30/03/2012 17:23] [DI] C:\ProgramData\Temp
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Templates
      [06/05/2012 16:38] [19/10/2011 6:36] [DI] C:\ProgramData\Trend Micro
      C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [AI] 109 bytes 0
      C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [AI] 105 bytes 0
      C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [AI] 107 bytes 0

      ==================== EOF ==================

    8. #8
      Usuario Habitual Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.532

      re: PUP.Adware.Installcore.(Solucionado)

      Esta limpio haremos mas escaneos solo para ver si esta limpia luegole damos una optimizadita y listo! quedara como nueva

      Descarga

      Rkill (Disfrazado de Winlogon)

      1. Ejecuta Rkill (de usar windows vista o 7 ejecútalo como administrador) de preferencia colocandolo en el escriotrio primero .
        ICONO----> .

      2. Aparecera una ventana negra (si tienes que esperar hazlo) que indicara que la herramienta se ha ejecutado con exito. Si no sucede vuelve a ejecutarlo hasta que se ejecute correctamente (de ser necesario insiste, este paso es importante)

      3. Traes el reporte de Rkill (c:\rkill.log)
      Descarga Ccleaner:Manual de CCleaner <------------ Este paso es MUY IMPORTANTE

      Ejecutar CCleaner usando primero su opción de "Limpiador" para borrar cookies y temporales de Internet
      Usa su opción de "Registro" para limpiar todo el registro de Windows creando antes una copia de seguridad

      Realiza un análisis completo con Eset Nod32 online ----------> Version Descargable E Instalable: Eset Smart Installer Y mas aca su manual ---------->MANUAL DE ESET ONLINE

      1- Lo ejecutas.

      2-Marcas las casillas de Eliminar las amenazas detectadas y analizar archivos.

      3- Haces clic en Configuración adicional y ahi marcas las casillas:

      - Analizar en busca de aplicaciones potencialmente indeseables.

      - Analizar en busca de aplicaciones potencialmente peligrosas.

      - Activar la tecnolgía Anti-Stealth.



      4- Pulsas en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.

      Cuando acabe haz clic en Finalizar

      5- Localizar el reporte en C:\Archivos de programa\ESET\ESET Online Scanner\log
      Descarga DrWeb Cureit:

      Dr.Web CureIt! 6 | InfoSpyware Manual de Dr.Web CureIt!

      Ejecuta Drweb según su manual y con estas especificaciones:
      • Cuando inicie el programa ejecutalo en su modo de proteccion mejorada preferentemente.
      • Al iniciarlo siguiendo el manual, comenzara un Escaneo rápido por defecto, espera a que termine:
      • Eliges la opción Escaneo completo y pulsas el botón de Play para iniciar.



      • Curas, Mueves y Eliminas, lo que encuentre según te de la opción y con ese orden de preferencia.
      • Si te detecta el archivo Hosts modificado pulsa en Si para restaurarlo.
      • Guarda un reporte al finalizar como lo indica la imagen

      Nos traerias el reporte de DrWeb ( de no poder guardarlo como se indica, un reporte se genera sobre %userprofile%\DoctorWeb\CureIt.log, del cual deberas traer solo la seccion del final de estadisticas) y nos comentarias el estado del sistema.

      Saludos
      saludos!
      #BarcelonaS.C <3 #TrueHistory! By:Martyn :''D

    9. #9
      Usuario Avatar de flacosert
      Registrado
      oct 2012
      Ubicación
      masnou
      Mensajes
      30

      re: PUP.Adware.Installcore.(Solucionado)

      amigo corre perfecto el pc de nuevo..damos por solucionado el tema s quieres..un saludo y muchisimas gracias de verdad..os deseo a todo el equipo una feliz salida y entrada de añooo..

    10. #10
      Usuario Habitual Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.532

      re: PUP.Adware.Installcore.(Solucionado)

      ***Tema Solucionado***
      #BarcelonaS.C <3 #TrueHistory! By:Martyn :''D